New Relic K8s Resource Operator

• Overview
• Quick Start
• Helm
• Provisioning Resources
• Development

Overview

Kubernetes operator that facilitates management of New Relic resources from within your K8s configuration. Currently supports:

• Alert Policies
• NRQL Alert Conditions
• Alert Destinations
• Alert Channels
• Alert Workflows

If you are looking for New Relic's Kubernetes operator for managing New Relic's Kubernetes integration, please see newrelic-k8s-operator.

Docker Images are available in DockerHub

Quick Start

Running Locally w/ Kind

1. Install docker, kubectl, kustomize, and kind

brew cask install docker
brew install kubernetes-cli kustomize kind

2. Create a test cluster with kind

kind create cluster --name newrelic-test
kubectl cluster-info

3. Install the operator in the test cluster

kustomize build github.com/newrelic/newrelic-k8s-operator-v2/config/default | kubectl apply -f -

Note: This will install operator on whatever kubernetes cluster kubectl is configured to use.

4. Validate pods are running

kubectl get pods -n newrelic-k8s-operator-v2-system

Using a custom container

Alternatively, you can deploy the operator in a custom container by overriding the image name in a kustomization.yamlfile:

apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
namespace: newrelic-k8s-operator-v2-system
resources:
  - github.com/newrelic/newrelic-k8s-operator-v2/config/default
images:
- name: newrelic/newrelic-k8s-operator-v2:latest
  newName: <CUSTOM_IMAGE>
  newTag: <CUSTOM_TAG>

Then apply the file with:

kustomize build . | kubectl apply -f -

Uninstall

The operator can be removed with the reverse of installation:

kustomize build github.com/newrelic/newrelic-k8s-operator-v2/config/default | kubectl delete -f -

Helm

Helm charts are available via Github Pages

Install

helm repo add newrelic-resource-operator https://newrelic.github.io/newrelic-k8s-operator-v2/
helm repo update

helm install nr-operator-v2 newrelic-resource-operator/nr-operator-v2

Uninstall

helm uninstall nr-operator-v2

Provisioning Resources

Once the operator is successfully deployed to a cluster, resources can be provisioned with NR k8s objects. There are detailed examples provided under the examples section.

Alert Policy Example

Using the policy example provided. Input the fields within the configuration, including a user API key, accountId to create the resource within, and policy specific inputs.

Note: You can also use a Kubernetes secret for providing your API key. We've provided an example secret configuration file in case you want to use this method. You'll need to replace api_key with api_key_secret.

apiVersion: alerts.k8s.newrelic.com/v1
kind: AlertPolicy
metadata:
  labels:
    app.kubernetes.io/name: newrelic-kubernetes-operator-v2
    app.kubernetes.io/managed-by: kustomize
  name: alertpolicy-example
spec:
  apiKey: <api_key>
  # apiKeySecret:
  #   name: nr-api-key
  #   namespace: default
  #   keyName: api-key
  accountId: 1
  region: "US"
  name: test-policy
  incidentPreference: "PER_CONDITION"

The config can then be applied with:

 kubectl apply -f examples/example_policy.yaml

To see configured policies, run the command:

kubectl describe alertpolicies.alerts.k8s.newrelic.com

The operator will then create and update this policy within your New Relic account as needed by applying changes with kubectl apply -f <filename>

This process can be repeated for any of the examples provided. For more detail on all inputs - see Terraform docs for corresponding resources, which contain the same input definitions as this operator:

• Alert Policies
• NRQL Conditions
• Alert Destinations
• Alert Channels
• Alert Workflows

Development

Prerequisites

• Go v1.22.0+
• Docker (with Kubernetes enabled)
• kubectl
• kustomize
• kubebuilder

Getting Started

1. Clone the repo

git clone git@github.com:newrelic/newrelic-k8s-operator-v2.git

2. Install kubebuilder following the instructions for your operating system. This installation will also get etcd and kube-apiserver which are needed for the tests.
   

   Note: Do not install kubebuilder with brew. Homebrew's kubebuilder package will not provide all the necessary dependencies for running the tests.

3. Spin up a test cluster w/ Kind:

kind create cluster --name newrelic
kubectl cluster-info

4. Run make install to install the operator on the local cluster. Confirm your configuration was deployed with:

• Show your namespaces. You should see newrelic-k8s-operator-v2-system in the list of namespaces.

  kubectl get namespaces

• Show the nodes within the newrelic-k8s-operator-v2-system namespace.

  kubectl get nodes -n newrelic-k8s-operator-v2-system

  You should see something similar to the following output:

  NAME                          STATUS   ROLES           AGE    VERSION
  newrelic-test-control-plane   Ready    control-plane   116s   v1.28.7
  

5. Run make run in a separate terminal cd'd into the repo - This allows a live run/logging of the operator.

6. Configure and apply example configurations from provided examples

kubectl apply -f examples/<resource>/<example_resource.yml>

A resource can be deleted as well with:

kubectl delete -f examples/<resource>/<example_resource.yml>

Additional Commands

Make

Below are other useful commands - See Makefile for full list.

# Re-Generate CRDs if any api spec changes occur, alternatively `make` be ran
make manifests

# Run Ginkgo tests
make test

# Undeploy a resource
make undeploy

# Uninstall operator
make uninstall

# Build the manager binary under `bin/`
make build

# Build a docker image
make docker-build

Kubectl

# Get the node being used for the newrelic operator.
kubectl get nodes -n newrelic-k8s-operator-v2-system

# Describe the node being used for the newrelic operator.
kubectl describe node <your-node-name>

# Tail logs of the operator's manager container (useful during development).
# Use the `describe node` command above to locate your manager controller.
kubectl logs -f -n newrelic-k8s-operator-v2-system -c manager newrelic-kubernetes-operator-controller-manager-<hash from>

Contributing

We encourage your contributions to improve the K8s New Relic Resource Operator! Keep in mind that when you submit your pull request, you'll need to sign the CLA via the click-through using CLA-Assistant. You only have to sign the CLA one time per project.

If you have any questions, or to execute our corporate CLA (which is required if your contribution is on behalf of a company), drop us an email at opensource@newrelic.com.

A note about vulnerabilities

As noted in our security policy, New Relic is committed to the privacy and security of our customers and their data. We believe that providing coordinated disclosure by security researchers and engaging with the security community are important means to achieve our security goals.

If you believe you have found a security vulnerability in this project or any of New Relic's products or websites, we welcome and greatly appreciate you reporting it to New Relic through HackerOne.

If you would like to contribute to this project, review these guidelines.

To all contributors, we thank you! Without your contribution, this project would not be what it is today.

License

K8s New Relic Resource Operator is licensed under the Apache 2.0 License.