Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[query] Change HTTP and TLS server configurations to use OTEL configurations #6023

Merged
merged 11 commits into from
Sep 28, 2024

Conversation

mahadzaryab1
Copy link
Collaborator

@mahadzaryab1 mahadzaryab1 commented Sep 27, 2024

Which problem is this PR solving?

Description of the changes

  • Removed the custom TLS and HTTP server configurations and replaced them with OTEL's configurations
  • 🛑 Breaking change: the hot-reload of certificates will not happen at reload_intervals rather than immediately on file changes. This makes Jaeger's behavior similar to OTEL Collector's behavior.

How was this change tested?

  • Unit tests / CI

Checklist

Signed-off-by: Mahad Zaryab <mahadzaryab1@gmail.com>
Signed-off-by: Mahad Zaryab <mahadzaryab1@gmail.com>
Signed-off-by: Mahad Zaryab <mahadzaryab1@gmail.com>
Signed-off-by: Mahad Zaryab <mahadzaryab1@gmail.com>
Copy link

codecov bot commented Sep 27, 2024

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 96.90%. Comparing base (3cd1f59) to head (f32737b).
Report is 1 commits behind head on main.

Additional details and impacted files
@@            Coverage Diff             @@
##             main    #6023      +/-   ##
==========================================
+ Coverage   88.60%   96.90%   +8.30%     
==========================================
  Files         349      349              
  Lines       18158    16599    -1559     
==========================================
- Hits        16088    16086       -2     
+ Misses       1888      329    -1559     
- Partials      182      184       +2     
Flag Coverage Δ
badger_v1 7.98% <0.00%> (-0.02%) ⬇️
badger_v2 1.81% <0.00%> (-0.01%) ⬇️
cassandra-4.x-v1 15.75% <0.00%> (-0.04%) ⬇️
cassandra-4.x-v2 1.74% <0.00%> (-0.01%) ⬇️
cassandra-5.x-v1 15.75% <0.00%> (-0.04%) ⬇️
cassandra-5.x-v2 1.74% <0.00%> (-0.01%) ⬇️
elasticsearch-6.x-v1 18.69% <0.00%> (-0.04%) ⬇️
elasticsearch-7.x-v1 18.74% <0.00%> (-0.04%) ⬇️
elasticsearch-8.x-v1 18.94% <0.00%> (-0.04%) ⬇️
elasticsearch-8.x-v2 1.80% <0.00%> (+0.12%) ⬆️
grpc_v1 9.51% <0.00%> (-0.01%) ⬇️
grpc_v2 7.10% <0.00%> (-0.03%) ⬇️
kafka-v1 9.69% <0.00%> (-0.02%) ⬇️
kafka-v2 1.81% <0.00%> (-0.01%) ⬇️
memory_v2 1.81% <0.00%> (-0.01%) ⬇️
opensearch-1.x-v1 18.80% <0.00%> (-0.03%) ⬇️
opensearch-2.x-v1 18.80% <0.00%> (-0.04%) ⬇️
opensearch-2.x-v2 1.80% <0.00%> (-0.02%) ⬇️
tailsampling-processor 0.46% <0.00%> (-0.01%) ⬇️
unittests 95.70% <100.00%> (-0.02%) ⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

Signed-off-by: Mahad Zaryab <mahadzaryab1@gmail.com>
@mahadzaryab1
Copy link
Collaborator Author

@yurishkuro would you be able to re-run the CI? getting some docker failures Error response from daemon: Head "https://registry-1.docker.io/v2/tonistiigi/binfmt/manifests/latest": unauthorized: incorrect username or password

Signed-off-by: Mahad Zaryab <mahadzaryab1@gmail.com>
@@ -142,6 +142,28 @@ func (o *Options) ToOtelClientConfig() configtls.ClientConfig {
}
}

// ToOtelServerConfig provides a mapping between from Options to OTEL's TLS Server Configuration.
func (o *Options) ToOtelServerConfig() configtls.ServerConfig {
cfg := configtls.ServerConfig{
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

what about translating Enabled to Insecure?

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@yurishkuro The Insecure field doesn't actually exist on configtls.ServerConfig, it only exists on configtls.ClientConfig (see https://github.com/open-telemetry/opentelemetry-collector/blob/main/config/configtls/configtls.go#L112-L126). The TLSSetting field in configgrpc.TLSSetting and confighttp.TLSSetting is a pointer type so setting it to nil implies no TLS/ insecure (see https://github.com/open-telemetry/opentelemetry-collector/blob/main/config/configgrpc/configgrpc.go#L168-L171).

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I changed this method to return a pointer and return nil when !o.Enabled.

Signed-off-by: Mahad Zaryab <mahadzaryab1@gmail.com>
@yurishkuro yurishkuro added the changelog:exprimental Change to an experimental part of the code label Sep 28, 2024
@yurishkuro
Copy link
Member

cmd/query/app/flags.go Outdated Show resolved Hide resolved
@mahadzaryab1 mahadzaryab1 marked this pull request as ready for review September 28, 2024 15:35
@mahadzaryab1 mahadzaryab1 requested a review from a team as a code owner September 28, 2024 15:35
Signed-off-by: Mahad Zaryab <mahadzaryab1@gmail.com>
@mahadzaryab1
Copy link
Collaborator Author

Signed-off-by: Mahad Zaryab <mahadzaryab1@gmail.com>
cmd/query/app/server.go Outdated Show resolved Hide resolved
Signed-off-by: Mahad Zaryab <mahadzaryab1@gmail.com>
Signed-off-by: Mahad Zaryab <mahadzaryab1@gmail.com>
@yurishkuro
Copy link
Member

what did we want to update here?

if it's still accurate then nothing, I thought maybe with this refactoring there might be changes

Copy link
Member

@yurishkuro yurishkuro left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🎉

@yurishkuro yurishkuro added changelog:breaking-change Change that is breaking public APIs or established behavior and removed changelog:exprimental Change to an experimental part of the code labels Sep 28, 2024
@mahadzaryab1
Copy link
Collaborator Author

what did we want to update here?

if it's still accurate then nothing, I thought maybe with this refactoring there might be changes

Oh I see. Yeah no changes required here because we didn't touch the CLI interface - just the internals of where the configs were being held.

@yurishkuro
Copy link
Member

I think this might be a breaking change if we are switching from internal TLS management to OTEL's because our internal tlscfg has a hot-reload enabled by watching the file system for changes (and therefore using a goroutine and forcing callers to call tls.Close()), whereas OTEL reloads certs every reload_interval when the servers ask for the certs.

@yurishkuro yurishkuro changed the title [jaeger-v2] Consolidate HTTP and TLS Server Configurations For Query Service To Use OTEL Configurations [query] Change HTTP and TLS server configurations to use OTEL configurations Sep 28, 2024
@yurishkuro yurishkuro enabled auto-merge (squash) September 28, 2024 16:21
@yurishkuro yurishkuro enabled auto-merge (squash) September 28, 2024 16:22
@yurishkuro yurishkuro merged commit 731f50e into jaegertracing:main Sep 28, 2024
51 checks passed
@mahadzaryab1 mahadzaryab1 deleted the consolidate-query-http branch September 28, 2024 16:33
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
area/otel changelog:breaking-change Change that is breaking public APIs or established behavior v2
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants