Skip to content

Commit

Permalink
Add OTEL Collector configuration to Authorization storage-service (#692)
Browse files Browse the repository at this point in the history
* add metric port to storage-service

* add test

* add new testdata file

* fix test

* check config

* format yaml
  • Loading branch information
atye authored Sep 18, 2024
1 parent b302f11 commit e00ad94
Show file tree
Hide file tree
Showing 11 changed files with 261 additions and 3 deletions.
1 change: 0 additions & 1 deletion .github/workflows/common-workflows.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,6 @@ on:
branches: ["**"]

jobs:

# golang static analysis checks
go-static-analysis:
uses: dell/common-github-actions/.github/workflows/go-static-analysis.yaml@main
Expand Down
4 changes: 4 additions & 0 deletions api/v1/types.go
Original file line number Diff line number Diff line change
Expand Up @@ -355,6 +355,10 @@ type ContainerTemplate struct {
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Leader Election"
LeaderElection bool `json:"leaderElection,omitempty" yaml:"leaderElection,omitempty"`

// OpenTelemetryCollectorAddress is the address of the OTLP receiving endpoint using gRPC
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="OpenTelemetry Collector Address of the OTLP endpoint using gRPC"
OpenTelemetryCollectorAddress string `json:"openTelemetryCollectorAddress,omitempty" yaml:"openTelemetryCollectorAddress,omitempty"`

// The interval which the reconcile of each controller is run
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Controller Reconcile Interval"
ControllerReconcileInterval string `json:"controllerReconcileInterval,omitempty" yaml:"controllerReconcileInterval,omitempty"`
Expand Down
15 changes: 15 additions & 0 deletions config/crd/bases/storage.dell.com_apexconnectivityclients.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -312,6 +312,11 @@ spec:
opaKubeMgmt:
description: OpaKubeMgmt is the image tag for the Container
type: string
openTelemetryCollectorAddress:
description:
OpenTelemetryCollectorAddress is the address
of the OTLP receiving endpoint using gRPC
type: string
privateKey:
description:
PrivateKey is a private key used for a certificate/private-key
Expand Down Expand Up @@ -769,6 +774,11 @@ spec:
opaKubeMgmt:
description: OpaKubeMgmt is the image tag for the Container
type: string
openTelemetryCollectorAddress:
description:
OpenTelemetryCollectorAddress is the address
of the OTLP receiving endpoint using gRPC
type: string
privateKey:
description:
PrivateKey is a private key used for a certificate/private-key
Expand Down Expand Up @@ -1209,6 +1219,11 @@ spec:
opaKubeMgmt:
description: OpaKubeMgmt is the image tag for the Container
type: string
openTelemetryCollectorAddress:
description:
OpenTelemetryCollectorAddress is the address
of the OTLP receiving endpoint using gRPC
type: string
privateKey:
description:
PrivateKey is a private key used for a certificate/private-key
Expand Down
35 changes: 35 additions & 0 deletions config/crd/bases/storage.dell.com_containerstoragemodules.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -317,6 +317,11 @@ spec:
opaKubeMgmt:
description: OpaKubeMgmt is the image tag for the Container
type: string
openTelemetryCollectorAddress:
description:
OpenTelemetryCollectorAddress is the address
of the OTLP receiving endpoint using gRPC
type: string
privateKey:
description:
PrivateKey is a private key used for a certificate/private-key
Expand Down Expand Up @@ -755,6 +760,11 @@ spec:
opaKubeMgmt:
description: OpaKubeMgmt is the image tag for the Container
type: string
openTelemetryCollectorAddress:
description:
OpenTelemetryCollectorAddress is the address
of the OTLP receiving endpoint using gRPC
type: string
privateKey:
description:
PrivateKey is a private key used for a certificate/private-key
Expand Down Expand Up @@ -1220,6 +1230,11 @@ spec:
opaKubeMgmt:
description: OpaKubeMgmt is the image tag for the Container
type: string
openTelemetryCollectorAddress:
description:
OpenTelemetryCollectorAddress is the address
of the OTLP receiving endpoint using gRPC
type: string
privateKey:
description:
PrivateKey is a private key used for a certificate/private-key
Expand Down Expand Up @@ -1654,6 +1669,11 @@ spec:
opaKubeMgmt:
description: OpaKubeMgmt is the image tag for the Container
type: string
openTelemetryCollectorAddress:
description:
OpenTelemetryCollectorAddress is the address
of the OTLP receiving endpoint using gRPC
type: string
privateKey:
description:
PrivateKey is a private key used for a certificate/private-key
Expand Down Expand Up @@ -2097,6 +2117,11 @@ spec:
opaKubeMgmt:
description: OpaKubeMgmt is the image tag for the Container
type: string
openTelemetryCollectorAddress:
description:
OpenTelemetryCollectorAddress is the address
of the OTLP receiving endpoint using gRPC
type: string
privateKey:
description:
PrivateKey is a private key used for a certificate/private-key
Expand Down Expand Up @@ -2568,6 +2593,11 @@ spec:
opaKubeMgmt:
description: OpaKubeMgmt is the image tag for the Container
type: string
openTelemetryCollectorAddress:
description:
OpenTelemetryCollectorAddress is the address
of the OTLP receiving endpoint using gRPC
type: string
privateKey:
description:
PrivateKey is a private key used for a certificate/private-key
Expand Down Expand Up @@ -3028,6 +3058,11 @@ spec:
opaKubeMgmt:
description: OpaKubeMgmt is the image tag for the Container
type: string
openTelemetryCollectorAddress:
description:
OpenTelemetryCollectorAddress is the address
of the OTLP receiving endpoint using gRPC
type: string
privateKey:
description:
PrivateKey is a private key used for a certificate/private-key
Expand Down
30 changes: 30 additions & 0 deletions deploy/crds/storage.dell.com.crds.all.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -251,6 +251,9 @@ spec:
opaKubeMgmt:
description: OpaKubeMgmt is the image tag for the Container
type: string
openTelemetryCollectorAddress:
description: OpenTelemetryCollectorAddress is the address of the OTLP receiving endpoint using gRPC
type: string
privateKey:
description: PrivateKey is a private key used for a certificate/private-key pair
type: string
Expand Down Expand Up @@ -602,6 +605,9 @@ spec:
opaKubeMgmt:
description: OpaKubeMgmt is the image tag for the Container
type: string
openTelemetryCollectorAddress:
description: OpenTelemetryCollectorAddress is the address of the OTLP receiving endpoint using gRPC
type: string
privateKey:
description: PrivateKey is a private key used for a certificate/private-key pair
type: string
Expand Down Expand Up @@ -942,6 +948,9 @@ spec:
opaKubeMgmt:
description: OpaKubeMgmt is the image tag for the Container
type: string
openTelemetryCollectorAddress:
description: OpenTelemetryCollectorAddress is the address of the OTLP receiving endpoint using gRPC
type: string
privateKey:
description: PrivateKey is a private key used for a certificate/private-key pair
type: string
Expand Down Expand Up @@ -1372,6 +1381,9 @@ spec:
opaKubeMgmt:
description: OpaKubeMgmt is the image tag for the Container
type: string
openTelemetryCollectorAddress:
description: OpenTelemetryCollectorAddress is the address of the OTLP receiving endpoint using gRPC
type: string
privateKey:
description: PrivateKey is a private key used for a certificate/private-key pair
type: string
Expand Down Expand Up @@ -1712,6 +1724,9 @@ spec:
opaKubeMgmt:
description: OpaKubeMgmt is the image tag for the Container
type: string
openTelemetryCollectorAddress:
description: OpenTelemetryCollectorAddress is the address of the OTLP receiving endpoint using gRPC
type: string
privateKey:
description: PrivateKey is a private key used for a certificate/private-key pair
type: string
Expand Down Expand Up @@ -2071,6 +2086,9 @@ spec:
opaKubeMgmt:
description: OpaKubeMgmt is the image tag for the Container
type: string
openTelemetryCollectorAddress:
description: OpenTelemetryCollectorAddress is the address of the OTLP receiving endpoint using gRPC
type: string
privateKey:
description: PrivateKey is a private key used for a certificate/private-key pair
type: string
Expand Down Expand Up @@ -2409,6 +2427,9 @@ spec:
opaKubeMgmt:
description: OpaKubeMgmt is the image tag for the Container
type: string
openTelemetryCollectorAddress:
description: OpenTelemetryCollectorAddress is the address of the OTLP receiving endpoint using gRPC
type: string
privateKey:
description: PrivateKey is a private key used for a certificate/private-key pair
type: string
Expand Down Expand Up @@ -2752,6 +2773,9 @@ spec:
opaKubeMgmt:
description: OpaKubeMgmt is the image tag for the Container
type: string
openTelemetryCollectorAddress:
description: OpenTelemetryCollectorAddress is the address of the OTLP receiving endpoint using gRPC
type: string
privateKey:
description: PrivateKey is a private key used for a certificate/private-key pair
type: string
Expand Down Expand Up @@ -3116,6 +3140,9 @@ spec:
opaKubeMgmt:
description: OpaKubeMgmt is the image tag for the Container
type: string
openTelemetryCollectorAddress:
description: OpenTelemetryCollectorAddress is the address of the OTLP receiving endpoint using gRPC
type: string
privateKey:
description: PrivateKey is a private key used for a certificate/private-key pair
type: string
Expand Down Expand Up @@ -3465,6 +3492,9 @@ spec:
opaKubeMgmt:
description: OpaKubeMgmt is the image tag for the Container
type: string
openTelemetryCollectorAddress:
description: OpenTelemetryCollectorAddress is the address of the OTLP receiving endpoint using gRPC
type: string
privateKey:
description: PrivateKey is a private key used for a certificate/private-key pair
type: string
Expand Down
4 changes: 2 additions & 2 deletions deploy/operator.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -1357,7 +1357,7 @@ spec:
- name: RELATED_IMAGE_karavi-authorization-proxy
value: docker.io/dellemc/csm-authorization-sidecar:v1.12.0
- name: RELATED_IMAGE_dell-csi-replicator
value: docker.io/dellemc/dell-csi-replicator:v1.10.0
value: docker.io/dellemc/dell-csi-replicator:v1.12.0
- name: RELATED_IMAGE_dell-replication-controller-manager
value: docker.io/dellemc/dell-replication-controller:v1.10.0
- name: RELATED_IMAGE_topology
Expand Down Expand Up @@ -1392,7 +1392,7 @@ spec:
value: docker.io/dellemc/connectivity-client-docker-k8s:1.19.0
- name: RELATED_IMAGE_cert-persister
value: docker.io/dellemc/connectivity-cert-persister-k8s:0.11.0
image: docker.io/dellemc/dell-csm-operator:v1.7.0
image: amaas-eos-mw1.cec.lab.emc.com:5046/dell-csm-operator:aaron
imagePullPolicy: Always
livenessProbe:
httpGet:
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -329,6 +329,9 @@ spec:
- port: 50051
targetPort: 50051
name: grpc
- port: 2112
targetPort: 2112
name: promhttp
---
apiVersion: cert-manager.io/v1
kind: Issuer
Expand Down
23 changes: 23 additions & 0 deletions pkg/modules/authorization.go
Original file line number Diff line number Diff line change
Expand Up @@ -757,12 +757,14 @@ func authorizationStorageServiceV2(ctx context.Context, isDeleting bool, cr csmv
image := ""
vaults := []csmv1.Vault{}
leaderElection := true
otelCollector := ""
for _, component := range authModule.Components {
switch component.Name {
case AuthProxyServerComponent:
replicas = component.StorageServiceReplicas
image = component.StorageService
leaderElection = component.LeaderElection
otelCollector = component.OpenTelemetryCollectorAddress
case AuthRedisComponent:
var sentinelValues []string
for i := 0; i < component.RedisReplicas; i++ {
Expand Down Expand Up @@ -871,6 +873,11 @@ func authorizationStorageServiceV2(ctx context.Context, isDeleting bool, cr csmv
"--redis-password=$(REDIS_PASSWORD)",
fmt.Sprintf("--leader-election=%t", leaderElection),
}

// if the config version is greater than v2.0.0-alpha, add the collector-address arg
if semver.Compare(authModule.ConfigVersion, "v2.0.0-alpha") == 1 {
args = append(args, fmt.Sprintf("--collector-address=%s", otelCollector))
}
args = append(args, vaultArgs...)

for i, c := range deployment.Spec.Template.Spec.Containers {
Expand All @@ -880,6 +887,22 @@ func authorizationStorageServiceV2(ctx context.Context, isDeleting bool, cr csmv
}
}

// if the config version is greater than v2.0.0-alpha, set promhttp container port
if semver.Compare(authModule.ConfigVersion, "v2.0.0-alpha") == 1 {
for i, c := range deployment.Spec.Template.Spec.Containers {
if c.Name == "storage-service" {
deployment.Spec.Template.Spec.Containers[i].Ports = append(deployment.Spec.Template.Spec.Containers[i].Ports,
corev1.ContainerPort{
Name: "promhttp",
Protocol: "TCP",
ContainerPort: 2112,
},
)
break
}
}
}

deploymentBytes, err := json.Marshal(&deployment)
if err != nil {
return fmt.Errorf("marshalling storage-service deployment: %w", err)
Expand Down
43 changes: 43 additions & 0 deletions pkg/modules/authorization_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -777,6 +777,49 @@ func TestAuthorizationKubeMgmtPolicies(t *testing.T) {
}
}

func TestAuthorizationOpenTelemetry(t *testing.T) {
cr, err := getCustomResource("./testdata/cr_auth_proxy_v2.0.0.yaml")
if err != nil {
t.Fatal(err)
}

certmanagerv1.AddToScheme(scheme.Scheme)
sourceClient := ctrlClientFake.NewClientBuilder().WithObjects().Build()

err = AuthorizationServerDeployment(context.TODO(), false, operatorConfig, cr, sourceClient)
if err != nil {
t.Fatal(err)
}

storageService := &appsv1.Deployment{}
err = sourceClient.Get(context.Background(), types.NamespacedName{Name: "storage-service", Namespace: "authorization"}, storageService)
if err != nil {
t.Fatal(err)
}

argFound := false
for _, container := range storageService.Spec.Template.Spec.Containers {
if container.Name == "storage-service" {
for _, arg := range container.Args {
if strings.Contains(arg, "--collector-address") {
argFound = true
if arg != "--collector-address=otel-collector:8889" {
t.Fatalf("expected --collector-address=otel-collector:8889, got %s", arg)
}
break
}
}
}
if argFound {
break
}
}

if !argFound {
t.Fatalf("expected --collector-address=otel-collector:8889, got none")
}
}

func TestAuthorizationStorageServiceVault(t *testing.T) {
vault0Identifier := "vault0"
vault0Arg := "--vault=vault0,https://10.0.0.1:8400,csm-authorization,true"
Expand Down
Loading

0 comments on commit e00ad94

Please sign in to comment.