From 12d08620669dd92cc81ecaeb919cdc06c7ca9056 Mon Sep 17 00:00:00 2001 From: Antoine Toulme Date: Tue, 8 Aug 2023 12:00:28 -0700 Subject: [PATCH] Add support for configuring the listening network interface on which the collector receivers will listen --- CHANGELOG.md | 1 + .../config/collector/agent_config.yaml | 30 +++++++++++-------- .../config/collector/gateway_config.yaml | 27 +++++++++-------- .../ansible/molecule/custom_vars/converge.yml | 1 + .../ansible/molecule/custom_vars/verify.yml | 7 +++++ .../molecule/custom_vars/windows-converge.yml | 1 + deployments/ansible/roles/collector/README.md | 3 ++ .../ansible/roles/collector/defaults/main.yml | 1 + .../roles/collector/tasks/otel_win_reg.yml | 8 +++++ .../templates/splunk-otel-collector.conf.j2 | 1 + deployments/chef/README.md | 3 ++ deployments/chef/attributes/default.rb | 1 + .../chef/recipes/collector_win_registry.rb | 1 + .../templates/splunk-otel-collector.conf.erb | 3 ++ deployments/puppet/README.md | 1 + .../manifests/collector_win_registry.pp | 7 +++++ deployments/puppet/manifests/init.pp | 1 + .../templates/splunk-otel-collector.conf.erb | 1 + deployments/salt/README.md | 3 ++ .../collector_config.sls | 3 ++ .../splunk-otel-collector.nuspec | 1 + .../tools/chocolateyinstall.ps1 | 12 ++++++++ .../packaging/installer/install.ps1 | 6 ++++ .../packaging/installer/install.sh | 10 +++++++ internal/settings/settings.go | 7 +++++ internal/settings/settings_test.go | 13 +++++++- tests/general/default_config_test.go | 2 ++ 27 files changed, 129 insertions(+), 26 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index b720b0bcce..ba1a587430 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,6 +1,7 @@ # Changelog ## Unreleased +- Use `SPLUNK_LISTEN_INTERFACE` and associated installer option to configure the network interface used by the collector for default configurations ([#3421](https://github.com/signalfx/splunk-otel-collector/pull/3421)) ### 🛑 Breaking changes 🛑 diff --git a/cmd/otelcol/config/collector/agent_config.yaml b/cmd/otelcol/config/collector/agent_config.yaml index 4c62bfda56..9bbca82f81 100644 --- a/cmd/otelcol/config/collector/agent_config.yaml +++ b/cmd/otelcol/config/collector/agent_config.yaml @@ -9,14 +9,15 @@ # - SPLUNK_HEC_TOKEN: The Splunk HEC authentication token # - SPLUNK_HEC_URL: The Splunk HEC endpoint URL, e.g. https://ingest.us0.signalfx.com/v1/log # - SPLUNK_INGEST_URL: The Splunk ingest URL, e.g. https://ingest.us0.signalfx.com +# - SPLUNK_LISTEN_INTERFACE: The network interface the agent receivers listen on. # - SPLUNK_TRACE_URL: The Splunk trace endpoint URL, e.g. https://ingest.us0.signalfx.com/v2/trace extensions: health_check: - endpoint: 0.0.0.0:13133 + endpoint: "${SPLUNK_LISTEN_INTERFACE}:13133" http_forwarder: ingress: - endpoint: 0.0.0.0:6060 + endpoint: "${SPLUNK_LISTEN_INTERFACE}:6060" egress: endpoint: "${SPLUNK_API_URL}" # Use instead when sending to gateway @@ -26,7 +27,7 @@ extensions: collectd: configDir: "${SPLUNK_COLLECTD_DIR}" zpages: - #endpoint: 0.0.0.0:55679 + #endpoint: "${SPLUNK_LISTEN_INTERFACE}:55679" memory_ballast: # In general, the ballast should be set to 1/3 of the collector's memory, the limit # should be 90% of the collector's memory. @@ -55,19 +56,19 @@ receivers: jaeger: protocols: grpc: - endpoint: 0.0.0.0:14250 + endpoint: "${SPLUNK_LISTEN_INTERFACE}:14250" thrift_binary: - endpoint: 0.0.0.0:6832 + endpoint: "${SPLUNK_LISTEN_INTERFACE}:6832" thrift_compact: - endpoint: 0.0.0.0:6831 + endpoint: "${SPLUNK_LISTEN_INTERFACE}:6831" thrift_http: - endpoint: 0.0.0.0:14268 + endpoint: "${SPLUNK_LISTEN_INTERFACE}:14268" otlp: protocols: grpc: - endpoint: 0.0.0.0:4317 + endpoint: "${SPLUNK_LISTEN_INTERFACE}:4317" http: - endpoint: 0.0.0.0:4318 + endpoint: "${SPLUNK_LISTEN_INTERFACE}:4318" # This section is used to collect the OpenTelemetry Collector metrics # Even if just a Splunk APM customer, these metrics are included prometheus/internal: @@ -76,23 +77,23 @@ receivers: - job_name: 'otel-collector' scrape_interval: 10s static_configs: - - targets: ['0.0.0.0:8888'] + - targets: ["${SPLUNK_LISTEN_INTERFACE}:8888"] metric_relabel_configs: - source_labels: [ __name__ ] regex: '.*grpc_io.*' action: drop smartagent/signalfx-forwarder: type: signalfx-forwarder - listenAddress: 0.0.0.0:9080 + listenAddress: "${SPLUNK_LISTEN_INTERFACE}:9080" smartagent/processlist: type: processlist signalfx: - endpoint: 0.0.0.0:9943 + endpoint: "${SPLUNK_LISTEN_INTERFACE}:9943" # Whether to preserve incoming access token and use instead of exporter token # default = false #access_token_passthrough: true zipkin: - endpoint: 0.0.0.0:9411 + endpoint: "${SPLUNK_LISTEN_INTERFACE}:9411" processors: batch: @@ -160,6 +161,9 @@ exporters: verbosity: detailed service: + telemetry: + metrics: + address: "${SPLUNK_LISTEN_INTERFACE}:8888" extensions: [health_check, http_forwarder, zpages, memory_ballast, smartagent] pipelines: traces: diff --git a/cmd/otelcol/config/collector/gateway_config.yaml b/cmd/otelcol/config/collector/gateway_config.yaml index b0c8ff8383..f21f70bb0b 100644 --- a/cmd/otelcol/config/collector/gateway_config.yaml +++ b/cmd/otelcol/config/collector/gateway_config.yaml @@ -3,14 +3,14 @@ extensions: health_check: - endpoint: 0.0.0.0:13133 + endpoint: "${SPLUNK_LISTEN_INTERFACE}:13133" http_forwarder: ingress: - endpoint: 0.0.0.0:6060 + endpoint: "${SPLUNK_LISTEN_INTERFACE}:6060" egress: endpoint: "https://api.${SPLUNK_REALM}.signalfx.com" zpages: - endpoint: 0.0.0.0:55679 + endpoint: "${SPLUNK_LISTEN_INTERFACE}:55679" memory_ballast: # In general, the ballast should be set to 1/3 of the collector's memory, the limit # should be 90% of the collector's memory. @@ -21,19 +21,19 @@ receivers: jaeger: protocols: grpc: - endpoint: 0.0.0.0:14250 + endpoint: "${SPLUNK_LISTEN_INTERFACE}:14250" thrift_binary: - endpoint: 0.0.0.0:6832 + endpoint: "${SPLUNK_LISTEN_INTERFACE}:6832" thrift_compact: - endpoint: 0.0.0.0:6831 + endpoint: "${SPLUNK_LISTEN_INTERFACE}:6831" thrift_http: - endpoint: 0.0.0.0:14268 + endpoint: "${SPLUNK_LISTEN_INTERFACE}:14268" otlp: protocols: grpc: - endpoint: 0.0.0.0:4317 + endpoint: "${SPLUNK_LISTEN_INTERFACE}:4317" http: - endpoint: 0.0.0.0:4318 + endpoint: "${SPLUNK_LISTEN_INTERFACE}:4318" # This section is used to collect the OpenTelemetry Collector metrics # Even if just a Splunk APM customer, these metrics are included prometheus/internal: @@ -48,17 +48,17 @@ receivers: regex: '.*grpc_io.*' action: drop sapm: - endpoint: 0.0.0.0:7276 + endpoint: "${SPLUNK_LISTEN_INTERFACE}:7276" # Whether to preserve incoming access token and use instead of exporter token # default = false #access_token_passthrough: true signalfx: - endpoint: 0.0.0.0:9943 + endpoint: "${SPLUNK_LISTEN_INTERFACE}:9943" # Whether to preserve incoming access token and use instead of exporter token # default = false #access_token_passthrough: true zipkin: - endpoint: 0.0.0.0:9411 + endpoint: "${SPLUNK_LISTEN_INTERFACE}:9411" processors: batch: @@ -121,6 +121,9 @@ exporters: log_data_enabled: false service: + telemetry: + metrics: + address: "${SPLUNK_LISTEN_INTERFACE}:8888" extensions: [health_check, http_forwarder, zpages, memory_ballast] pipelines: traces: diff --git a/deployments/ansible/molecule/custom_vars/converge.yml b/deployments/ansible/molecule/custom_vars/converge.yml index a8f495944c..cf0ba3d6d6 100644 --- a/deployments/ansible/molecule/custom_vars/converge.yml +++ b/deployments/ansible/molecule/custom_vars/converge.yml @@ -13,6 +13,7 @@ splunk_service_group: custom-group splunk_memory_total_mib: 256 splunk_ballast_size_mib: 100 + splunk_listen_interface: 127.0.0.1 splunk_fluentd_config: /etc/otel/collector/fluentd/custom_fluentd.conf splunk_fluentd_config_source: ./custom_fluentd_config.conf install_fluentd: yes diff --git a/deployments/ansible/molecule/custom_vars/verify.yml b/deployments/ansible/molecule/custom_vars/verify.yml index 48844fb94e..0e3d93ffab 100644 --- a/deployments/ansible/molecule/custom_vars/verify.yml +++ b/deployments/ansible/molecule/custom_vars/verify.yml @@ -93,6 +93,13 @@ state: present check_mode: yes + - name: Assert SPLUNK_LISTEN_INTERFACE env var is set + ansible.builtin.lineinfile: + line: SPLUNK_LISTEN_INTERFACE=127.0.0.1 + dest: /etc/otel/collector/splunk-otel-collector.conf + state: present + check_mode: yes + - name: Look for ballast config in collector service output ansible.builtin.shell: cmd: 'journalctl -u splunk-otel-collector | grep "Set ballast to 100 MiB"' diff --git a/deployments/ansible/molecule/custom_vars/windows-converge.yml b/deployments/ansible/molecule/custom_vars/windows-converge.yml index 26d5d4195c..ea938064af 100644 --- a/deployments/ansible/molecule/custom_vars/windows-converge.yml +++ b/deployments/ansible/molecule/custom_vars/windows-converge.yml @@ -14,6 +14,7 @@ splunk_memory_total_mib: 256 splunk_ballast_size_mib: 100 install_fluentd: yes + splunk_listen_interface: 127.0.0.1 splunk_fluentd_config: '{{ansible_env.ProgramFiles}}\Splunk\OpenTelemetry Collector\fluentd\custom_config.conf' splunk_fluentd_config_source: ./custom_fluentd_config.conf splunk_otel_collector_additional_env_vars: diff --git a/deployments/ansible/roles/collector/README.md b/deployments/ansible/roles/collector/README.md index d42eb47326..26eeaff8fd 100644 --- a/deployments/ansible/roles/collector/README.md +++ b/deployments/ansible/roles/collector/README.md @@ -129,6 +129,9 @@ $> ansible-playbook playbook.yaml -e start_service=false - `splunk_ballast_size_mib`: Memory ballast size in MiB that will be set to the Splunk OTel Collector. (**default:** 1/3 of `splunk_memory_total_mib`) +- `splunk_listen_interface`: The network interface the collector receivers will listen on. + (**default** `0.0.0.0`). + - `splunk_skip_repo` (Linux only): If installing the collector from a custom or self-hosted apt/yum repo, set to `true` to skip the installation of the default repo (**default:** `false`) diff --git a/deployments/ansible/roles/collector/defaults/main.yml b/deployments/ansible/roles/collector/defaults/main.yml index 8ec7527bc6..5b9c8e4fba 100644 --- a/deployments/ansible/roles/collector/defaults/main.yml +++ b/deployments/ansible/roles/collector/defaults/main.yml @@ -31,6 +31,7 @@ splunk_memory_total_mib: 512 # 1/3 of memory_mib by default splunk_ballast_size_mib: "" +splunk_listen_interface: "0.0.0.0" install_fluentd: false # Whether to start the services installed by the role (splunk-otel-collector and td-agent). start_service: true diff --git a/deployments/ansible/roles/collector/tasks/otel_win_reg.yml b/deployments/ansible/roles/collector/tasks/otel_win_reg.yml index f850a6056c..1d78ad0e99 100644 --- a/deployments/ansible/roles/collector/tasks/otel_win_reg.yml +++ b/deployments/ansible/roles/collector/tasks/otel_win_reg.yml @@ -69,6 +69,14 @@ data: "{{splunk_ballast_size_mib}}" type: string +- name: Set registry values + ansible.windows.win_regedit: + path: "{{registry_key}}" + state: present + name: SPLUNK_LISTEN_INTERFACE + data: "{{splunk_listen_interface}}" + type: string + - name: Set registry values ansible.windows.win_regedit: path: "{{registry_key}}" diff --git a/deployments/ansible/roles/collector/templates/splunk-otel-collector.conf.j2 b/deployments/ansible/roles/collector/templates/splunk-otel-collector.conf.j2 index 3d99b4b45d..811586da45 100644 --- a/deployments/ansible/roles/collector/templates/splunk-otel-collector.conf.j2 +++ b/deployments/ansible/roles/collector/templates/splunk-otel-collector.conf.j2 @@ -20,6 +20,7 @@ SPLUNK_HEC_URL={{ "https://ingest." + splunk_realm + ".signalfx.com/v1/log" }} SPLUNK_HEC_TOKEN={{ splunk_access_token }} SPLUNK_MEMORY_TOTAL_MIB={{ splunk_memory_total_mib }} SPLUNK_BALLAST_SIZE_MIB={{ splunk_ballast_size_mib }} +SPLUNK_LISTEN_INTERFACE={{ splunk_listen_interface }} SPLUNK_BUNDLE_DIR={{ splunk_bundle_dir }} SPLUNK_COLLECTD_DIR={{ splunk_collectd_dir }} {% if splunk_otel_collector_additional_env_vars is not none %} diff --git a/deployments/chef/README.md b/deployments/chef/README.md index 0d14cd71ea..384362c2f1 100644 --- a/deployments/chef/README.md +++ b/deployments/chef/README.md @@ -104,6 +104,9 @@ required `splunk_access_token` attribute and some optional attributes: `SPLUNK_BALLAST_SIZE_MIB` environment variable will be set with this value for the Collector service. (**default:** `''`) +- `splunk_listen_interface`: The network interface the collector receivers + will listen on (**default** `0.0.0.0`). + - `splunk_service_user` and `splunk_service_group` (Linux only): Set the user/group ownership for the Collector service. The user/group will be created if they do not exist. (**default:** `splunk-otel-collector`) diff --git a/deployments/chef/attributes/default.rb b/deployments/chef/attributes/default.rb index d68b1e9f92..88a33a5ba9 100644 --- a/deployments/chef/attributes/default.rb +++ b/deployments/chef/attributes/default.rb @@ -21,6 +21,7 @@ default['splunk_otel_collector']['splunk_hec_token'] = "#{node['splunk_otel_collector']['splunk_access_token']}" default['splunk_otel_collector']['splunk_memory_total_mib'] = '512' default['splunk_otel_collector']['splunk_ballast_size_mib'] = '' +default['splunk_otel_collector']['splunk_listen_interface'] = '0.0.0.0' default['splunk_otel_collector']['collector_config'] = {} diff --git a/deployments/chef/recipes/collector_win_registry.rb b/deployments/chef/recipes/collector_win_registry.rb index c5aeb046fa..dfb39895e1 100644 --- a/deployments/chef/recipes/collector_win_registry.rb +++ b/deployments/chef/recipes/collector_win_registry.rb @@ -12,6 +12,7 @@ { name: 'SPLUNK_HEC_TOKEN', type: :string, data: node['splunk_otel_collector']['splunk_hec_token'].to_s }, { name: 'SPLUNK_MEMORY_TOTAL_MIB', type: :string, data: node['splunk_otel_collector']['splunk_memory_total_mib'].to_s }, { name: 'SPLUNK_BALLAST_SIZE_MIB', type: :string, data: node['splunk_otel_collector']['splunk_ballast_size_mib'].to_s }, + { name: 'SPLUNK_LISTEN_INTERFACE', type: :string, data: node['splunk_otel_collector']['splunk_listen_interface'].to_s }, { name: 'SPLUNK_BUNDLE_DIR', type: :string, data: node['splunk_otel_collector']['splunk_bundle_dir'].to_s }, { name: 'SPLUNK_COLLECTD_DIR', type: :string, data: node['splunk_otel_collector']['splunk_collectd_dir'].to_s }, ] diff --git a/deployments/chef/templates/splunk-otel-collector.conf.erb b/deployments/chef/templates/splunk-otel-collector.conf.erb index 8792b4c6f7..8b83cbad38 100644 --- a/deployments/chef/templates/splunk-otel-collector.conf.erb +++ b/deployments/chef/templates/splunk-otel-collector.conf.erb @@ -28,6 +28,9 @@ SPLUNK_HEC_TOKEN=<%= node['splunk_otel_collector']['splunk_hec_token'] %> # the value calculated by `SPLUNK_MEMORY_TOTAL_MIB`. SPLUNK_MEMORY_TOTAL_MIB=<%= node['splunk_otel_collector']['splunk_memory_total_mib'] %> +# The network interface the collector receivers will listen on. +SPLUNK_LISTEN_INTERFACE=<%= node['splunk_otel_collector']['splunk_listen_interface'] %> + # How much memory to allocate to the ballast. This should be set to 1/3 to 1/2 of configured memory. SPLUNK_BALLAST_SIZE_MIB=<%= node['splunk_otel_collector']['splunk_ballast_size_mib'] %> diff --git a/deployments/puppet/README.md b/deployments/puppet/README.md index c84d28cf5d..7a1bcbb186 100644 --- a/deployments/puppet/README.md +++ b/deployments/puppet/README.md @@ -61,6 +61,7 @@ This class accepts the following parameters: | `splunk_collectd_dir` | The path to the collectd config directory for the Smart Agent bundle. The default path is provided by the collector package. If the specified path is changed from the default value, the path should be an existing directory on the node. The `SPLUNK_COLLECTD_DIR` environment variable will be set to this value for the collector service. | Linux: `${splunk_bundle_dir}/run/collectd`
Windows: `${splunk_bundle_dir}\run\collectd` | | `splunk_memory_total_mib` | Total memory in MIB to allocate to the collector; automatically calculates the ballast size. The `SPLUNK_MEMORY_TOTAL_MIB` environment variable will be set with this value for the collector service. | `512` | | `splunk_ballast_size_mib` | Set the ballast size for the collector explicitly instead of the value calculated from the `$splunk_memory_total_mib` parameter. This should be set to 1/3 to 1/2 of configured memory. The `SPLUNK_BALLAST_SIZE_MIB` environment variable will be set with this value for the collector service. | None | +| `splunk_listen_interface` | Set the network interface the collector receivers will listen on. | `0.0.0.0` | | `collector_config_source` | Source path to the collector config YAML file. This file will be copied to the `$collector_config_dest` path on the node. See the [source attribute](https://puppet.com/docs/puppet/latest/types/file.html#file-attribute-source) of the `file` resource for supported value types. The default source file is provided by the collector package. | Linux: `/etc/otel/collector/agent_config.yaml`
Windows: `%PROGRAMFILES\Splunk\OpenTelemetry Collector\agent_config.yaml` | | `collector_config_dest` | Destination path of the collector config file on the node. The `SPLUNK_CONFIG` environment variable will be set with this value for the collector service. | Linux: `/etc/otel/collector/agent_config.yaml`
Windows: `%PROGRAMDATA%\Splunk\OpenTelemetry Collector\agent_config.yaml` | | `service_user` and `$service_group` | **Linux only**: Set the user/group ownership for the collector service. The user/group will be created if they do not exist. | `splunk-otel-collector` | diff --git a/deployments/puppet/manifests/collector_win_registry.pp b/deployments/puppet/manifests/collector_win_registry.pp index 893d0dc089..3464e91445 100644 --- a/deployments/puppet/manifests/collector_win_registry.pp +++ b/deployments/puppet/manifests/collector_win_registry.pp @@ -27,6 +27,13 @@ require => Registry_key[$registry_key], } + registry_value { "${registry_key}\\SPLUNK_LISTEN_INTERFACE": + ensure => 'present', + type => 'string', + data => $splunk_otel_collector::splunk_listen_interface, + require => Registry_key[$registry_key], + } + registry_value { "${registry_key}\\SPLUNK_BUNDLE_DIR": ensure => 'present', type => 'string', diff --git a/deployments/puppet/manifests/init.pp b/deployments/puppet/manifests/init.pp index dffc808fee..00a1b0b806 100644 --- a/deployments/puppet/manifests/init.pp +++ b/deployments/puppet/manifests/init.pp @@ -11,6 +11,7 @@ $splunk_collectd_dir = $splunk_otel_collector::params::splunk_collectd_dir, $splunk_memory_total_mib = '512', $splunk_ballast_size_mib = '', + $splunk_listen_interface = '0.0.0.0', $collector_version = $splunk_otel_collector::params::collector_version, $collector_config_source = $splunk_otel_collector::params::collector_config_source, $collector_config_dest = $splunk_otel_collector::params::collector_config_dest, diff --git a/deployments/puppet/templates/splunk-otel-collector.conf.erb b/deployments/puppet/templates/splunk-otel-collector.conf.erb index 22c78e960c..43bd92bd17 100644 --- a/deployments/puppet/templates/splunk-otel-collector.conf.erb +++ b/deployments/puppet/templates/splunk-otel-collector.conf.erb @@ -8,6 +8,7 @@ SPLUNK_HEC_TOKEN=<%= @splunk_hec_token %> SPLUNK_HEC_URL=<%= @splunk_hec_url %> SPLUNK_INGEST_URL=<%= @splunk_ingest_url %> SPLUNK_MEMORY_TOTAL_MIB=<%= @splunk_memory_total_mib %> +SPLUNK_LISTEN_INTERFACE=<%= @splunk_listen_interface %> SPLUNK_REALM=<%= @splunk_realm %> SPLUNK_TRACE_URL=<%= @splunk_trace_url %> diff --git a/deployments/salt/README.md b/deployments/salt/README.md index 8c79a40994..d640481355 100644 --- a/deployments/salt/README.md +++ b/deployments/salt/README.md @@ -97,6 +97,9 @@ splunk-otel-collector: - `splunk_ballast_size_mib`: Memory ballast size in MiB that will be set to the Splunk OTel Collector. (**default:** 1/3 of `splunk_memory_total_mib`) +- `splunk_listen_interface`: The network interface the collector receivers will listen + on. (**default:** `0.0.0.0`) + - `collector_additional_env_vars`: Dictionary of additional environment variables from the collector configuration file for the collector service (**default:** `{}`). For example, if the collector configuration file diff --git a/deployments/salt/splunk-otel-collector/collector_config.sls b/deployments/salt/splunk-otel-collector/collector_config.sls index e14689571f..15a7981b37 100644 --- a/deployments/salt/splunk-otel-collector/collector_config.sls +++ b/deployments/salt/splunk-otel-collector/collector_config.sls @@ -26,6 +26,8 @@ {% set splunk_ballast_size_mib = salt['pillar.get']('splunk-otel-collector:splunk_ballast_size_mib', '') %} +{% set splunk_listen_interface = salt['pillar.get']('splunk-otel-collector:splunk_listen_interface', '0.0.0.0') %} + {% set collector_additional_env_vars = salt['pillar.get']('splunk-otel-collector:collector_additional_env_vars', {}) %} /etc/otel/collector/splunk-otel-collector.conf: @@ -41,6 +43,7 @@ SPLUNK_HEC_TOKEN={{ splunk_hec_token }} SPLUNK_MEMORY_TOTAL_MIB={{ splunk_memory_total_mib }} SPLUNK_BALLAST_SIZE_MIB={{ splunk_ballast_size_mib }} + SPLUNK_LISTEN_INTERFACE={{ splunk_listen_interface }} SPLUNK_BUNDLE_DIR={{ splunk_bundle_dir }} SPLUNK_COLLECTD_DIR={{ splunk_collectd_dir }} {% for key, value in collector_additional_env_vars.items() %} diff --git a/internal/buildscripts/packaging/choco/splunk-otel-collector/splunk-otel-collector.nuspec b/internal/buildscripts/packaging/choco/splunk-otel-collector/splunk-otel-collector.nuspec index f8ba4bf8b4..328e58c068 100644 --- a/internal/buildscripts/packaging/choco/splunk-otel-collector/splunk-otel-collector.nuspec +++ b/internal/buildscripts/packaging/choco/splunk-otel-collector/splunk-otel-collector.nuspec @@ -18,6 +18,7 @@ The following package parameters are available: * `/SPLUNK_HEC_URL`: URL of the Splunk HEC endpoint (e.g. `https://ingest.us1.signalfx.com/v1/log`). Default value is `https://ingest.$SPLUNK_REALM.signalfx.com/v1/log` * `/SPLUNK_TRACE_URL`: URL of the Splunk trace endpoint (e.g. `https://ingest.us1.signalfx.com/v2/trace`). Default value is `https://ingest.$SPLUNK_REALM.signalfx.com/v2/trace` * `/SPLUNK_BUNDLE_DIR`: The path to the Smart Agent bundle directory for the `smartagent` receiver and extension. The default path is provided by the Collector package. If the specified path is changed from the default value, the path should be an existing directory on the system. Default value is `\Program Files\Splunk\OpenTelemetry Collector\agent-bundle`. + * `/SPLUNK_LISTEN_INTERFACE`: The network interface the collector receivers will listen on. Default value is `0.0.0.0`. * `/MODE`: This parameter is used for setting the Collector configuration file to `\ProgramData\Splunk\OpenTelemetry Collector\agent_config.yaml` or `\ProgramData\Splunk\OpenTelemetry Collector\gateway_config.yaml`. Possible values are `agent` and `gateway`. Default value is `agent`. * `/WITH_FLUENTD`: Whether to download, install, and configure Fluentd to collect and forward log events to the Collector. Possible values are `true` and `false`. If set to `true`, the Fluentd MSI package will be downloaded from `https://packages.treasuredata.com`. Default value is `false`. diff --git a/internal/buildscripts/packaging/choco/splunk-otel-collector/tools/chocolateyinstall.ps1 b/internal/buildscripts/packaging/choco/splunk-otel-collector/tools/chocolateyinstall.ps1 index bf1b29f233..3ff680425b 100644 --- a/internal/buildscripts/packaging/choco/splunk-otel-collector/tools/chocolateyinstall.ps1 +++ b/internal/buildscripts/packaging/choco/splunk-otel-collector/tools/chocolateyinstall.ps1 @@ -17,6 +17,7 @@ $SPLUNK_HEC_TOKEN = $pp['SPLUNK_HEC_TOKEN'] $SPLUNK_HEC_URL = $pp['SPLUNK_HEC_URL'] $SPLUNK_TRACE_URL = $pp['SPLUNK_TRACE_URL'] $SPLUNK_BUNDLE_DIR = $pp['SPLUNK_BUNDLE_DIR'] +$SPLUNK_LISTEN_INTERFACE = $pp['SPLUNK_LISTEN_INTERFACE'] $SPLUNK_REALM = $pp['SPLUNK_REALM'] $SPLUNK_MEMORY_TOTAL_MIB = $pp['SPLUNK_MEMORY_TOTAL_MIB'] @@ -128,6 +129,16 @@ catch { write-host "The SPLUNK_MEMORY_TOTAL_MIB parameter is not specified. Using default configuration." } +try { + if (!$SPLUNK_LISTEN_INTERFACE) { + $SPLUNK_LISTEN_INTERFACE = Get-ItemPropertyValue -PATH "HKLM:\SYSTEM\CurrentControlSet\Control\Session Manager\Environment" -name "SPLUNK_LISTEN_INTERFACE" -ErrorAction SilentlyContinue + } +} +catch { + $SPLUNK_LISTEN_INTERFACE = "0.0.0.0" + write-host "The SPLUNK_LISTEN_INTERFACE parameter is not specified. Using default configuration." +} + try { if (!$SPLUNK_BUNDLE_DIR) { $SPLUNK_BUNDLE_DIR = Get-ItemPropertyValue -PATH "HKLM:\SYSTEM\CurrentControlSet\Control\Session Manager\Environment" -name "SPLUNK_BUNDLE_DIR" -ErrorAction SilentlyContinue @@ -156,6 +167,7 @@ try { update_registry -path "$regkey" -name "SPLUNK_API_URL" -value "$SPLUNK_API_URL" update_registry -path "$regkey" -name "SPLUNK_BUNDLE_DIR" -value "$SPLUNK_BUNDLE_DIR" +update_registry -path "$regkey" -name "SPLUNK_LISTEN_INTERFACE" -value "$SPLUNK_LISTEN_INTERFACE" update_registry -path "$regkey" -name "SPLUNK_HEC_TOKEN" -value "$SPLUNK_HEC_TOKEN" update_registry -path "$regkey" -name "SPLUNK_HEC_URL" -value "$SPLUNK_HEC_URL" update_registry -path "$regkey" -name "SPLUNK_INGEST_URL" -value "$SPLUNK_INGEST_URL" diff --git a/internal/buildscripts/packaging/installer/install.ps1 b/internal/buildscripts/packaging/installer/install.ps1 index f7d02a9df0..9c41301455 100644 --- a/internal/buildscripts/packaging/installer/install.ps1 +++ b/internal/buildscripts/packaging/installer/install.ps1 @@ -40,6 +40,10 @@ (OPTIONAL) Configure the collector service to run in "agent" or "gateway" mode (default: "agent"). .EXAMPLE .\install.ps1 -access_token "ACCESSTOKEN" -mode "gateway" +.PARAMETER network_interface + (OPTIONAL) The network interface the collector receivers listen on. (default: "0.0.0.0") + .EXAMPLE + .\install.ps1 -access_token "ACCESSTOKEN" -network_interface "127.0.0.1" .PARAMETER ingest_url (OPTIONAL) Set the base ingest URL explicitly instead of the URL inferred from the specified realm (default: https://ingest.REALM.signalfx.com). .EXAMPLE @@ -109,6 +113,7 @@ param ( [string]$realm = "us0", [string]$memory = "512", [ValidateSet('agent','gateway')][string]$mode = "agent", + [string]$network_interface = "0.0.0.0", [string]$ingest_url = "", [string]$api_url = "", [string]$trace_url = "", @@ -577,6 +582,7 @@ update_registry -path "$regkey" -name "SPLUNK_HEC_TOKEN" -value "$hec_token" update_registry -path "$regkey" -name "SPLUNK_HEC_URL" -value "$hec_url" update_registry -path "$regkey" -name "SPLUNK_INGEST_URL" -value "$ingest_url" update_registry -path "$regkey" -name "SPLUNK_MEMORY_TOTAL_MIB" -value "$memory" +update_registry -path "$regkey" -name "SPLUNK_LISTEN_INTERFACE" -value "$network_interface" update_registry -path "$regkey" -name "SPLUNK_REALM" -value "$realm" update_registry -path "$regkey" -name "SPLUNK_TRACE_URL" -value "$trace_url" diff --git a/internal/buildscripts/packaging/installer/install.sh b/internal/buildscripts/packaging/installer/install.sh index b94bea2b4b..720c2ecd25 100755 --- a/internal/buildscripts/packaging/installer/install.sh +++ b/internal/buildscripts/packaging/installer/install.sh @@ -90,6 +90,7 @@ td_agent_gpg_key_url="${td_agent_repo_base}/GPG-KEY-td-agent" default_stage="release" default_realm="us0" default_memory_size="512" +default_listen_interface="0.0.0.0" default_collector_version="latest" default_td_agent_version="4.3.2" @@ -654,6 +655,8 @@ Options: (default: "$default_memory_size") --mode Configure the collector service to run in agent or gateway mode. (default: "agent") + --listen-interface network interface the collector receivers listen on. + (default: "$default_listen_interface") --realm The Splunk realm to use. The ingest, api, trace, and HEC endpoint URLs will automatically be inferred by this value. (default: "$default_realm") @@ -840,6 +843,7 @@ parse_args_and_install() { local ingest_url= local insecure= local memory="$default_memory_size" + local listen_interface="$default_listen_interface" local realm="$default_realm" local service_group="$default_service_group" local stage="$default_stage" @@ -913,6 +917,10 @@ parse_args_and_install() { esac shift 1 ;; + --listen-interface) + listen_interface="$2" + shift 1 + ;; --realm) realm="$2" shift 1 @@ -1074,6 +1082,7 @@ parse_args_and_install() { echo "Ballast Size in MIB: $ballast" fi echo "Memory Size in MIB: $memory" + echo "Listen network interface: $listen_interface" echo "Realm: $realm" echo "Ingest Endpoint: $ingest_url" echo "API Endpoint: $api_url" @@ -1146,6 +1155,7 @@ parse_args_and_install() { rm -f "$collector_env_path" fi + configure_env_file "SPLUNK_LISTEN_INTERFACE" "$listen_interface" "$collector_env_path" configure_env_file "SPLUNK_CONFIG" "$collector_config_path" "$collector_env_path" configure_env_file "SPLUNK_ACCESS_TOKEN" "$access_token" "$collector_env_path" configure_env_file "SPLUNK_REALM" "$realm" "$collector_env_path" diff --git a/internal/settings/settings.go b/internal/settings/settings.go index 2d7bf96aa5..3b7631f420 100644 --- a/internal/settings/settings.go +++ b/internal/settings/settings.go @@ -40,6 +40,7 @@ const ( ConfigServerEnabledEnvVar = "SPLUNK_DEBUG_CONFIG_SERVER" ConfigYamlEnvVar = "SPLUNK_CONFIG_YAML" HecLogIngestURLEnvVar = "SPLUNK_HEC_URL" + ListenInterfaceEnvVar = "SPLUNK_LISTEN_INTERFACE" // nolint:gosec HecTokenEnvVar = "SPLUNK_HEC_TOKEN" // this isn't a hardcoded token IngestURLEnvVar = "SPLUNK_INGEST_URL" @@ -56,6 +57,7 @@ const ( DefaultMemoryBallastPercentage = 33 DefaultMemoryLimitPercentage = 90 DefaultMemoryTotalMiB = 512 + DefaultListenInterface = "0.0.0.0" ) var ( @@ -344,6 +346,10 @@ func checkRuntimeParams(settings *Settings) error { if 2*ballastSize > memLimit { return fmt.Errorf("memory limit (%d) is less than 2x ballast (%d). Increase memory limit or decrease ballast size", memLimit, ballastSize) } + if os.Getenv(ListenInterfaceEnvVar) == "" { + os.Setenv(ListenInterfaceEnvVar, DefaultListenInterface) + } + return nil } @@ -358,6 +364,7 @@ func setDefaultEnvVars() error { ev{e: IngestURLEnvVar, v: fmt.Sprintf("https://ingest.%s.signalfx.com", realm)}, ev{e: TraceIngestURLEnvVar, v: fmt.Sprintf("https://ingest.%s.signalfx.com/v2/trace", realm)}, ev{e: HecLogIngestURLEnvVar, v: fmt.Sprintf("https://ingest.%s.signalfx.com/v1/log", realm)}, + ev{e: ListenInterfaceEnvVar, v: "0.0.0.0"}, ) } diff --git a/internal/settings/settings_test.go b/internal/settings/settings_test.go index b17e0e37ac..3b39b74e53 100644 --- a/internal/settings/settings_test.go +++ b/internal/settings/settings_test.go @@ -209,6 +209,7 @@ func TestCheckRuntimeParams_Default(t *testing.T) { require.NotNil(t, settings) require.Equal(t, "168", os.Getenv(BallastEnvVar)) require.Equal(t, "460", os.Getenv(MemLimitMiBEnvVar)) + require.Equal(t, "0.0.0.0", os.Getenv(ListenInterfaceEnvVar)) } func TestCheckRuntimeParams_MemTotalEnv(t *testing.T) { @@ -222,6 +223,15 @@ func TestCheckRuntimeParams_MemTotalEnv(t *testing.T) { require.Equal(t, "900", os.Getenv(MemLimitMiBEnvVar)) } +func TestCheckRuntimeParams_ListenInterface(t *testing.T) { + t.Cleanup(setRequiredEnvVars(t)) + require.NoError(t, os.Setenv(ListenInterfaceEnvVar, "127.0.0.1")) + settings, err := New([]string{}) + require.NoError(t, err) + require.NotNil(t, settings) + require.Equal(t, "127.0.0.1", os.Getenv(ListenInterfaceEnvVar)) +} + func TestCheckRuntimeParams_MemTotalAndBallastEnvs(t *testing.T) { t.Cleanup(setRequiredEnvVars(t)) require.NoError(t, os.Setenv(ConfigEnvVar, localGatewayConfig)) @@ -251,7 +261,7 @@ func TestCheckRuntimeParams_LimitAndBallastEnvs(t *testing.T) { func TestSetDefaultEnvVars(t *testing.T) { t.Cleanup(clearEnv(t)) - testArgs := []string{"SPLUNK_API_URL", "SPLUNK_INGEST_URL", "SPLUNK_TRACE_URL", "SPLUNK_HEC_URL", "SPLUNK_HEC_TOKEN"} + testArgs := []string{"SPLUNK_API_URL", "SPLUNK_INGEST_URL", "SPLUNK_TRACE_URL", "SPLUNK_HEC_URL", "SPLUNK_HEC_TOKEN", "SPLUNK_LISTEN_INTERFACE"} for _, v := range testArgs { setDefaultEnvVars() _, ok := os.LookupEnv(v) @@ -272,6 +282,7 @@ func TestSetDefaultEnvVars(t *testing.T) { {"SPLUNK_TRACE_URL", fmt.Sprintf("https://ingest.%s.signalfx.com/v2/trace", realm)}, {"SPLUNK_HEC_URL", fmt.Sprintf("https://ingest.%s.signalfx.com/v1/log", realm)}, {"SPLUNK_HEC_TOKEN", token}, + {"SPLUNK_LISTEN_INTERFACE", "0.0.0.0"}, } for _, v := range testArgs2 { val, _ := os.LookupEnv(v[0]) diff --git a/tests/general/default_config_test.go b/tests/general/default_config_test.go index aedf89aa5c..9cb194179d 100644 --- a/tests/general/default_config_test.go +++ b/tests/general/default_config_test.go @@ -154,6 +154,7 @@ func TestDefaultGatewayConfig(t *testing.T) { }, }, "service": map[string]any{ + "telemetry": map[string]any{"metrics": map[string]any{"address": "0.0.0.0:8888"}}, "extensions": []any{"health_check", "http_forwarder", "zpages", "memory_ballast"}, "pipelines": map[string]any{ "logs": map[string]any{ @@ -325,6 +326,7 @@ func TestDefaultAgentConfig(t *testing.T) { "zipkin": map[string]any{ "endpoint": "0.0.0.0:9411"}}, "service": map[string]any{ + "telemetry": map[string]any{"metrics": map[string]any{"address": "0.0.0.0:8888"}}, "extensions": []any{"health_check", "http_forwarder", "zpages", "memory_ballast", "smartagent"}, "pipelines": map[string]any{ "logs": map[string]any{