From 1a8dc6ed5c03c3fc5be8e53c22efa4501d316103 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jos=C3=A9=20Guilherme=20Vanz?= Date: Tue, 5 Nov 2024 14:29:29 -0300 Subject: [PATCH] feat: extra OPTEL collector configuration. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Adds additional telemetry configuration fields to allow users to add their custom OpenTelemetry collector configuration together with the Kubewarden configuration. Signed-off-by: José Guilherme Vanz --- .../templates/opentelemetry-collector.yaml | 28 ++ .../tests/optel_collector_test.yaml | 286 ++++++++++++++++++ .../kubewarden-controller/values.schema.json | 63 ++++ charts/kubewarden-controller/values.yaml | 52 ++++ 4 files changed, 429 insertions(+) create mode 100644 charts/kubewarden-controller/tests/optel_collector_test.yaml create mode 100644 charts/kubewarden-controller/values.schema.json diff --git a/charts/kubewarden-controller/templates/opentelemetry-collector.yaml b/charts/kubewarden-controller/templates/opentelemetry-collector.yaml index e93bb3f8..ebf20ca5 100644 --- a/charts/kubewarden-controller/templates/opentelemetry-collector.yaml +++ b/charts/kubewarden-controller/templates/opentelemetry-collector.yaml @@ -10,13 +10,31 @@ metadata: {{- include "kubewarden-controller.annotations" . | nindent 4 }} spec: mode: sidecar + {{- if .Values.telemetry.extraOtelConfig.envFrom }} + envFrom: + {{- toYaml .Values.telemetry.extraOtelConfig.envFrom | nindent 4 }} + {{- end }} config: + {{- if .Values.telemetry.extraConfig.extensions }} + extensions: + {{- toYaml .Values.telemetry.extraConfig.extensions | nindent 6}} + {{- end }} + {{- if .Values.telemetry.extraConfig.connectors }} + connectors: + {{- toYaml .Values.telemetry.extraConfig.connectors | nindent 6}} + {{- end }} receivers: otlp: protocols: grpc: {} + {{- if .Values.telemetry.extraConfig.receivers}} + {{- toYaml .Values.telemetry.extraConfig.receivers | nindent 6 }} + {{- end }} processors: batch: {} + {{- if .Values.telemetry.extraConfig.processors }} + {{- toYaml .Values.telemetry.extraConfig.processors | nindent 6 }} + {{- end }} exporters: {{- if and .Values.telemetry.tracing.enabled .Values.telemetry.tracing.jaeger.endpoint }} otlp/jaeger: @@ -32,8 +50,18 @@ spec: prometheus: endpoint: ":{{ .Values.telemetry.metrics.port }}" {{- end }} + {{- if .Values.telemetry.extraConfig.exporters }} + {{ toYaml .Values.telemetry.extraConfig.exporters | nindent 6 }} + {{- end }} service: + {{- if .Values.telemetry.extraConfig.service.extensions }} + extensions: + {{- toYaml .Values.telemetry.extraConfig.service.extensions | nindent 8 }} + {{- end }} pipelines: + {{- if .Values.telemetry.extraConfig.service.pipelines }} + {{- toYaml .Values.telemetry.extraConfig.service.pipelines | nindent 8 }} + {{- end }} {{- if and .Values.telemetry.metrics.enabled .Values.telemetry.metrics.port }} metrics: receivers: [otlp] diff --git a/charts/kubewarden-controller/tests/optel_collector_test.yaml b/charts/kubewarden-controller/tests/optel_collector_test.yaml new file mode 100644 index 00000000..0961f4c2 --- /dev/null +++ b/charts/kubewarden-controller/tests/optel_collector_test.yaml @@ -0,0 +1,286 @@ +suite: OpenTelemetry Collector tests +templates: + - opentelemetry-collector.yaml +tests: + - it: "should not add extra OPTEL collector configuration when not extra value is defined" + documentSelector: + path: metadata.name + value: kubewarden + set: + telemetry: + metrics: + enabled: true + port: 8080 + tracing: + enabled: true + jaeger: + endpoint: "all-in-one-collector.jaeger.svc.cluster.local:4317" + tls: + insecure: true + asserts: + - equal: + path: spec.mode + value: sidecar + - isNull: + path: spec.presets + - isNull: + path: spec.ports + - isNull: + path: spec.envFrom + content: + secretRef: + name: open-telemetry-collector + - equal: + path: spec.config + value: + receivers: + otlp: + protocols: + grpc: {} + processors: + batch: {} + exporters: + otlp/jaeger: + endpoint: "all-in-one-collector.jaeger.svc.cluster.local:4317" + tls: + insecure: true + prometheus: + endpoint: ":8080" + service: + pipelines: + metrics: + receivers: [otlp] + processors: [] + exporters: [prometheus] + traces: + receivers: [otlp] + processors: [batch] + exporters: [otlp/jaeger] + - it: "should add extra OPTEL collector configuration when extra configuration is defined" + documentSelector: + path: metadata.name + value: kubewarden + set: + telemetry: + metrics: + enabled: true + port: 8080 + tracing: + enabled: true + jaeger: + endpoint: "all-in-one-collector.jaeger.svc.cluster.local:4317" + tls: + insecure: true + extraOtelConfig: + envFrom: + - secretRef: + name: open-telemetry-collector + extraConfig: + receivers: + otlp/stackstate: + protocols: + grpc: {} + exporters: + otlp/stackstate: + auth: + authenticator: bearertokenauth + endpoint: ":443" + extensions: + bearertokenauth: + scheme: StackState + token: "${env:API_KEY}" + processors: + tail_sampling: + decision_wait: 10s + policies: + - name: rate-limited-composite + type: composite + composite: + max_total_spans_per_second: 500 + policy_order: [errors, slow-traces, rest] + composite_sub_policy: + - name: errors + type: status_code + status_code: + status_codes: [ ERROR ] + - name: slow-traces + type: latency + latency: + threshold_ms: 1000 + - name: rest + type: always_sample + rate_allocation: + - policy: errors + percent: 33 + - policy: slow-traces + percent: 33 + - policy: rest + percent: 34 + resource: + attributes: + - key: k8s.cluster.name + action: upsert + value: + - key: service.instance.id + from_attribute: k8s.pod.uid + action: insert + filter/dropMissingK8sAttributes: + error_mode: ignore + traces: + span: + - resource.attributes["k8s.node.name"] == nil + - resource.attributes["k8s.pod.uid"] == nil + - resource.attributes["k8s.namespace.name"] == nil + - resource.attributes["k8s.pod.name"] == nil + connectors: + spanmetrics: + metrics_expiration: 5m + namespace: otel_span + routing/traces: + error_mode: ignore + match_once: false + table: + - statement: route() + pipelines: [traces/sampling, traces/spanmetrics] + service: + extensions: + - health_check + - bearertokenauth + pipelines: + ststraces: + receivers: [otlp] + processors: [filter/dropMissingK8sAttributes, memory_limiter, resource] + exporters: [routing/traces] + traces/spanmetrics: + receivers: [routing/traces] + processors: [] + exporters: [spanmetrics] + traces/sampling: + receivers: [routing/traces] + processors: [tail_sampling, batch] + exporters: [debug, otlp/stackstate] + stsmetrics: + receivers: [otlp, spanmetrics, prometheus] + processors: [memory_limiter, resource, batch] + exporters: [debug, otlp/stackstate] + asserts: + - equal: + path: spec.mode + value: sidecar + - isNull: + path: spec.presets + - isNull: + path: spec.ports + - contains: + path: spec.envFrom + content: + secretRef: + name: open-telemetry-collector + - isSubset: + path: spec.config.receivers + content: + otlp/stackstate: + protocols: + grpc: {} + - isSubset: + path: spec.config.connectors + content: + spanmetrics: + metrics_expiration: 5m + namespace: otel_span + routing/traces: + error_mode: ignore + match_once: false + table: + - statement: route() + pipelines: [traces/sampling, traces/spanmetrics] + - equal: + path: spec.config.service.extensions + value: + - health_check + - bearertokenauth + - isSubset: + path: spec.config.service.pipelines + content: + ststraces: + receivers: [otlp] + processors: [filter/dropMissingK8sAttributes, memory_limiter, resource] + exporters: [routing/traces] + traces/spanmetrics: + receivers: [routing/traces] + processors: [] + exporters: [spanmetrics] + traces/sampling: + receivers: [routing/traces] + processors: [tail_sampling, batch] + exporters: [debug, otlp/stackstate] + stsmetrics: + receivers: [otlp, spanmetrics, prometheus] + processors: [memory_limiter, resource, batch] + exporters: [debug, otlp/stackstate] + metrics: + receivers: [otlp] + processors: [] + exporters: [prometheus] + traces: + receivers: [otlp] + processors: [batch] + exporters: [otlp/jaeger] + - isSubset: + path: spec.config.exporters + content: + otlp/stackstate: + auth: + authenticator: bearertokenauth + endpoint: ":443" + - isSubset: + path: spec.config.extensions + content: + bearertokenauth: + scheme: StackState + token: "${env:API_KEY}" + - isSubset: + path: spec.config.processors + content: + tail_sampling: + decision_wait: 10s + policies: + - name: rate-limited-composite + type: composite + composite: + max_total_spans_per_second: 500 + policy_order: [errors, slow-traces, rest] + composite_sub_policy: + - name: errors + type: status_code + status_code: + status_codes: [ ERROR ] + - name: slow-traces + type: latency + latency: + threshold_ms: 1000 + - name: rest + type: always_sample + rate_allocation: + - policy: errors + percent: 33 + - policy: slow-traces + percent: 33 + - policy: rest + percent: 34 + resource: + attributes: + - key: k8s.cluster.name + action: upsert + value: + - key: service.instance.id + from_attribute: k8s.pod.uid + action: insert + filter/dropMissingK8sAttributes: + error_mode: ignore + traces: + span: + - resource.attributes["k8s.node.name"] == nil + - resource.attributes["k8s.pod.uid"] == nil + - resource.attributes["k8s.namespace.name"] == nil + - resource.attributes["k8s.pod.name"] == nil diff --git a/charts/kubewarden-controller/values.schema.json b/charts/kubewarden-controller/values.schema.json new file mode 100644 index 00000000..0df3220e --- /dev/null +++ b/charts/kubewarden-controller/values.schema.json @@ -0,0 +1,63 @@ +{ + "$schema": "https://json-schema.org/draft/2020-12/schema", + "type": "object", + "properties": { + "telemetry": { + "type": "object", + "properties": { + "extraConfig": { + "type": "object", + "properties": { + "exporters": { + "type": "object", + "propertyNames": { + "not": { + "enum": [ + "otlp/jaeger", + "prometheus" + ] + } + } + }, + "processors": { + "type": "object", + "propertyNames": { + "not": { + "enum": [ + "batch" + ] + } + } + }, + "receivers": { + "type": "object", + "propertyNames": { + "not": { + "enum": [ + "otlp" + ] + } + } + }, + "service": { + "type": "object", + "properties": { + "pipelines": { + "type": "object", + "propertyNames": { + "not": { + "enum": [ + "metrics", + "traces" + ] + } + } + } + } + } + } + } + } + } + } +} diff --git a/charts/kubewarden-controller/values.yaml b/charts/kubewarden-controller/values.yaml index e0734083..792bc395 100644 --- a/charts/kubewarden-controller/values.yaml +++ b/charts/kubewarden-controller/values.yaml @@ -146,6 +146,58 @@ telemetry: # endpoint: "all-in-one-collector.jaeger.svc.cluster.local:4317" # tls: # insecure: true + # The following fields are used to configure the OpenTelemetry Collector. + # The configuration defined here will be merged with the default configuration + # used by the Kubewarden stack. This will not override the default configuration + extraOtelConfig: + # envFrom: + # - secretRef: + # name: open-telemetry-collector + envFrom: [] + extraConfig: + # exporters: + # debug: + # verbosity: normal + # otlphttp/stackstate: + # auth: + # authenticator: bearertokenauth + # endpoint: https://otlp-stackstate.oldfield.arch.nue2.suse.org:443 + # tls: + # insecure_skip_verify: true + exporters: {} + receivers: {} + # service: + # extensions: + # - bearertokenauth + # pipelines: + # traces/stackstate: + # receivers: [otlp] + # processors: [resource] + # exporters: [otlphttp/stackstate] + # metrics/stackstate: + # receivers: [otlp] + # processors: [resource] + # exporters: [debug, otlphttp/stackstate] + service: + pipelines: {} + extensions: [] + telemetry: {} + connectors: {} + # extensions: + # bearertokenauth: + # scheme: SUSEObservability + # token: "${env:API_KEY}" + extensions: {} + # processors: + # resource: + # attributes: + # - key: k8s.cluster.name + # action: upsert + # value: k3d-kubewarden + # - key: service.instance.id + # from_attribute: k8s.pod.uid + # action: insert + processors: {} image: # The registry is defined in the global.cattle.systemDefaultRegistry value # controller image to be used