From b792e28c00695d5c5c7ba81ea231806046c5dbba Mon Sep 17 00:00:00 2001 From: 8naama Date: Tue, 3 Dec 2024 16:01:39 +0200 Subject: [PATCH] split otel operator from the chart --- charts/logzio-apm-collector/Chart.yaml | 6 - charts/logzio-apm-collector/README.md | 113 ++---------------- charts/logzio-apm-collector/VALUES.md | 18 --- .../templates/_helpers.tpl | 6 - .../templates/instrumentation.yaml | 48 -------- charts/logzio-apm-collector/values.yaml | 105 +--------------- 6 files changed, 12 insertions(+), 284 deletions(-) delete mode 100644 charts/logzio-apm-collector/templates/instrumentation.yaml diff --git a/charts/logzio-apm-collector/Chart.yaml b/charts/logzio-apm-collector/Chart.yaml index 85e2dce9..d42dffae 100644 --- a/charts/logzio-apm-collector/Chart.yaml +++ b/charts/logzio-apm-collector/Chart.yaml @@ -4,12 +4,6 @@ version: 1.0.0 description: Kubernetes APM agent for Logz.io based on OpenTelemetry Collector type: application home: https://logz.io/ -dependencies: - - name: opentelemetry-operator - alias: otel-operator - version: ~0.74.2 - repository: https://open-telemetry.github.io/opentelemetry-helm-charts - condition: otel-operator.enabled maintainers: - name: Naama Bendalak email: naama.bendalak@logz.io diff --git a/charts/logzio-apm-collector/README.md b/charts/logzio-apm-collector/README.md index fec69acc..4eb1e9ab 100644 --- a/charts/logzio-apm-collector/README.md +++ b/charts/logzio-apm-collector/README.md @@ -3,7 +3,7 @@ > Kubernetes APM Collection Agent is still In development This Helm chart deploys an agent, which leverages the OpenTelemetry Collector, that collects traces and span metrics from Kubernetes clusters and sends them to Logz.io. -It also allows enabling Service graph metrics and supports adding Auto instrumentation to the cluster applications via Opentelemetry Operator. + ## Prerequisites - Kubernetes 1.24+ @@ -23,7 +23,6 @@ The chart provides options for enabling the following: 1. Traces 2. SPM (Service Performance Monitoring) 3. Service Graph -4. OpenTelemetry Operator (Auto-instrumentation) ```shell @@ -31,7 +30,6 @@ helm install -n monitoring --create-namespace \ --set enabled=true \ --set spm.enabled=true \ --set serviceGraph.enabled=true \ ---set otel-operator.enabled=true \ --set secrets.logzioTracesToken="<>" \ --set secrets.logzioSpmToken="<>" \ --set secrets.logzioRegion="<>" \ @@ -40,7 +38,7 @@ logzio-apm-collector logzio-helm/logzio-apm-collector ``` > [!NOTE] -> To disable either one of SPM, Service Graph or OpenTelemetry Operator, remove the relevant `--set XXX.enabled` line from the above command. +> To disable either one of SPM or Service Graph remove the relevant `--set XXX.enabled` line from the above command. > [!IMPORTANT] > Values of `<>`, `<>` and `<>` can be found in your Logz.io account. @@ -50,109 +48,15 @@ logzio-apm-collector logzio-helm/logzio-apm-collector ## Configuration - [All configuration options](./VALUES.md) -- [Enable Auto-instrumentation](#enable-auto-instrumentation) - - [Multi-container pods](#multi-container-pods) -- [Customize Auto-instrumentation](#customize-auto-instrumentation) - - [Customize Propagator](#customize-propagator) - - [Add a custom Sampler](#add-a-custom-sampler) - - [Distribute namespaces](#distribute-namespaces) - - [TLS certificate Requirements](#tls-certificate-requirements) -- [Manual Instrumentation](#manual-instrumentation) +- [Instrumentation](#instrumentation) - [Custom Trace Sampling rules](#custom-trace-sampling-rules) -## Enable Auto-instrumentation -- **Step 1:** Make sure to enable the OpenTelemetry operator in the chart: -```shell ---set otel-operator.enabled=true \ -``` - -- **Step 2**: Add annotations to your relevant Kubernetes object (Deployment, StatefulSet, Namespace, Daemonset, or Pod) -```yaml -instrumentation.opentelemetry.io/inject-": "monitoring/logzio-apm-collector" -``` - -> [!TIP] -> `` can be one of `apache-httpd`, `dotnet`, `go`, `java`, `nginx`, `nodejs` or `python`. - - -### Multi-container pods -By default, in multi-container pods, instrumentation is performed on the first container available in the pod spec. -To fine tune which containers to instrument, add the below annotations to your pod: -```yaml -instrumentation.opentelemetry.io/inject-": "monitoring/logzio-apm-collector" -instrumentation.opentelemetry.io/-container-names: "myapp,myapp2" -instrumentation.opentelemetry.io/inject-": "monitoring/logzio-apm-collector" -instrumentation.opentelemetry.io/-container-names: "myapp3" -``` - -> [!TIP] -> ``, `` can be one of `apache-httpd`, `dotnet`, `go`, `java`, `nginx`, `nodejs` or `python`. - - -## Customize Auto-instrumentation -Below you can find multiple ways in which you can customize the OpenTelemetry Operator Auto-instrumentation. - -### Customize Propagator -The propagator specifies how context is injected into and extracted from carriers for distributed tracing. -By default, the propagators `tracecontext` (W3C Trace Context) and `baggage` (W3C Correlation Context) are enabled. -You can customize this to include other formats ([full list here](https://opentelemetry.io/docs/languages/sdk-configuration/general/#otel_propagators)) or set it to "none" to disable automatic propagation. -```shell ---set instrumentation.propagator={tracecontext, baggage, b3} -``` - -### Add a custom Sampler -You can specify a sampler to be used by the instrumentor. You'll need to specify the below: -- Sampler used to sample the traces ([available options](https://opentelemetry.io/docs/languages/sdk-configuration/general/#otel_traces_sampler)) -- Sampler arguments ([Sampler type expected input](https://opentelemetry.io/docs/languages/sdk-configuration/general/#otel_traces_sampler_arg)) - -Example: -```shell ---set instrumentation.sampler.type="parentbased_always_on" \ ---set instrumentation.sampler.argument="0.25" -``` - -### Distribute namespaces -For intensive applications, to reduce the performance impact of the operator, you can define multiple namespaces to deploy the instrumentor resource at, which can help distribute the load in larger clusters. -To do so, specify which namespaces to deploy the instrumentor at: -```shell ---set includeNamespaces="ns1,ns2,ns3" -``` - -For resources in the namespaces where you configured the instrumentation, you need to add annotation in this format: -```yaml -instrumentation.opentelemetry.io/inject-": "true" -``` - -> [!TIP] -> `` can be one of `apache-httpd`, `dotnet`, `go`, `java`, `nginx`, `nodejs` or `python`. - -### TLS certificate Requirements -Openteleemtry operator requires a TLS certificate. For more details, refer to [OpenTelemetry documentation](https://github.com/open-telemetry/opentelemetry-helm-charts/tree/main/charts/opentelemetry-operator#tls-certificate-requirement). - -There are 3 TLS certificate options, by default this chart is using option 2. -1. If you have `cert-manager` installed on your cluster, you can set `otel-operator.admissionWebhooks.certManager.enabled` to true and the cert-manager will generate a self-signed certificate for the otel-operator automatically. +## Instrumentation +If you're using manual instrumentation or an instrumentation agent, configure it to export data to the Logz.io APM collector by setting the export/output address as follows: -```shell ---set otel-operator.admissionWebhooks.certManager.enabled=true \ ``` - -2. Helm will automatically create a self-signed cert and secret for you. (Enabled by default by this chart) - -3. Use your own self-signed certificate, To enable this option, set `otel-operator.admissionWebhooks.autoGenerateCert.enabled` to `false` and provide the necessary `certFile`, `keyFile` and `caFile`. - -```shell ---set otel-operator.admissionWebhooks.autoGenerateCert.enabled=false \ ---set otel-operator.admissionWebhooks.certFile="<>" \ ---set otel-operator.admissionWebhooks.keyFile="<>" \ ---set otel-operator.admissionWebhooks.caFile="<>" \ -``` - -## Manual Instrumentation -If you're using manual instrumentation or a custom instrumentation agent, configure it to export data to the Logz.io APM collector by setting the export/output address as follows: - -``` -logzio-monitoring-otel-collector.monitoring.svc.cluster.local:<> +logzio-apm-collector.monitoring.svc.cluster.local:<> ``` > [!IMPORTANT] @@ -162,6 +66,11 @@ logzio-monitoring-otel-collector.monitoring.svc.cluster.local:<> > > For a complete list, see `values.yaml` >> `traceConfig` >> `receivers`. +> [!WARNING] +> If you're deploying the chart as a sub chart of the `logzio-monitoring` chart, replace: +> `logzio-apm-collector` >> `logzio-monitoring-otel-collector` + + ## Custom trace sampling rules To customize the Traces Sampling rules in the OpenTelemetry Collector, you can follow the below steps: diff --git a/charts/logzio-apm-collector/VALUES.md b/charts/logzio-apm-collector/VALUES.md index f47f814b..1add0932 100644 --- a/charts/logzio-apm-collector/VALUES.md +++ b/charts/logzio-apm-collector/VALUES.md @@ -6,21 +6,6 @@ Below you can find a complete list of settings in `values.yaml`. | enabled | Toggle for enabling the Helm chart deployment | `false` | | spm.enabled | Toggle for enabling SPM Collection | `false` | | serviceGraph.enabled | Toggle for enabling Service Graph metrics Collection | `false` | -| otel-operator.enabled | Toggle for enabling Auto instrumentation with [OpenTelemetry Operator](https://github.com/open-telemetry/opentelemetry-operator) | `false` | -| otel-operator.admissionWebhooks.certManager.enabled | If you have cert-manager installed on your cluster, set to true and the cert-manager will generate a self-signed certificate for the otel-operator | `false` | -| otel-operator.admissionWebhooks.certManager.issuerRef | Provide the issuer kind and name to do the cert auth job. By default, OpenTelemetry Operator will use self-signer issuer. | `{}` | -| otel-operator.admissionWebhooks.certManager.kind | Provide the issuer kind and name to do the cert auth job. By default, OpenTelemetry Operator will use self-signer issuer. | `""` | -| otel-operator.admissionWebhooks.certManager.name | Provide the issuer kind and name to do the cert auth job. By default, OpenTelemetry Operator will use self-signer issuer. | `""` | -| otel-operator.admissionWebhooks.certManager.certificateAnnotations | Annotations for the certificate if cert-manager is enabled. | `{}` | -| otel-operator.admissionWebhooks.certManager.issuerAnnotations | Annotations for the issuer if cert-manager is enabled. | `{}` | -| otel-operator.admissionWebhooks.certManager.duration | `duration` must be specified by a Go time.Duration. | `""` | -| otel-operator.admissionWebhooks.certManager.renewBefore | `renewBefore` must be specified by a Go time.Duration. | `""` | -| otel-operator.admissionWebhooks.autoGenerateCert.enabled | If you have Helm will automatically create a self-signed certificate and secret for you. | `true` | -| otel-operator.admissionWebhooks.autoGenerateCert.recreate | If set to true, new webhook key/certificate is generated on helm upgrade. | `true` | -| otel-operator.admissionWebhooks.autoGenerateCert.certPeriodDays | Automatically generated certificate period time in days. | `365` | -| otel-operator.admissionWebhooks.certFile | To use your own self-signed certificate, add path to your own PEM-encoded certificate. | `""` | -| otel-operator.admissionWebhooks.keyFile | To use your own self-signed certificate, add path to your own PEM-encoded private key. | `""` | -| otel-operator.admissionWebhooks.caFile | To use your own self-signed certificate, add path to your own CA certificate. | `""` | | nameOverride | Override the default name for the deployment. | `""` | | fullnameOverride | Override the default name for the deployment. | `""` | | namespaceOverride | Override the namespace into which the resources will be deployed. | `""` | @@ -46,9 +31,6 @@ Below you can find a complete list of settings in `values.yaml`. | imagePullSecrets | Specifies image pull secrets. | `[]` | | command.name | OpenTelemetry Collector executable. | `"otelcol-contrib"` | | command.extraArgs | Additional arguments for the command. | `[]` | -| instrumentation.includeNamespaces | Specifies namespaces to deploy the instrumentor resource at. By default, it's created only at the chart's other resources namespace. | `""` | -| instrumentation.propagators | Choose propagator to specify the method of injecting and extracting context from carriers. | `[tracecontext, baggage]` | -| instrumentation.sampler | Specifies the Sampler used to sample traces by the SDK. | `{}` | | configMap.create | Specifies whether a configMap should be created. | `true` | | serviceAccount.create | Specifies whether a service account should be created. | `true` | | serviceAccount.annotations | Specifies annotations for the service account. | `{}` | diff --git a/charts/logzio-apm-collector/templates/_helpers.tpl b/charts/logzio-apm-collector/templates/_helpers.tpl index 606597c3..d46def68 100644 --- a/charts/logzio-apm-collector/templates/_helpers.tpl +++ b/charts/logzio-apm-collector/templates/_helpers.tpl @@ -160,9 +160,3 @@ Get secret value either from the global section (parent chart is running) or the {{- $fallback -}} {{- end -}} {{- end -}} - -{{/* Helm hooks annotations for otel operator */}} -{{- define "apm-collector.otelOpAnnotations" -}} -helm.sh/hook: "post-install, post-upgrade" -helm.sh/hook-delete-policy: "before-hook-creation, hook-succeeded" -{{- end -}} diff --git a/charts/logzio-apm-collector/templates/instrumentation.yaml b/charts/logzio-apm-collector/templates/instrumentation.yaml deleted file mode 100644 index c128385d..00000000 --- a/charts/logzio-apm-collector/templates/instrumentation.yaml +++ /dev/null @@ -1,48 +0,0 @@ -{{ $operatorEnabled := index .Values "otel-operator" "enabled" }} -{{ if and .Values.enabled $operatorEnabled }} -apiVersion: opentelemetry.io/v1alpha1 -kind: Instrumentation -metadata: - name: {{ include "apm-collector.fullname" . }} - namespace: {{ .Values.instrumentation.includeNamespaces | default (include "apm-collector.namespace" .) }} - labels: - {{- include "apm-collector.labels" . | nindent 4 }} - {{- include "apm-collector.component" . | nindent 4 }} - annotations: - {{- include "apm-collector.otelOpAnnotations" . | nindent 4 }} - {{- if .Values.annotations }} - {{- range $key, $value := .Values.annotations }} - {{- printf "%s: %s" $key (tpl $value $ | quote) | nindent 4 }} - {{- end }} - {{- end }} -spec: - exporter: - endpoint: {{ include "apm-collector.serviceAddr" . }}:4317 - propagators: - {{- $defaultPropagators := list "tracecontext" "baggage" }} - {{- range .Values.instrumentation.propagators | default $defaultPropagators }} - - {{ . }} - {{- end }} - {{- with .Values.instrumentation.sampler }} - sampler: - {{- . | toYaml | nindent 4 }} - {{- end }} - # Python, .NET, Go and Java autoinstrumentation uses http/proto by default - # so data must be sent to 4318 instead of 4317. - python: - env: - - name: OTEL_EXPORTER_OTLP_ENDPOINT - value: {{ include "apm-collector.serviceAddr" . }}:4318 - dotnet: - env: - - name: OTEL_EXPORTER_OTLP_ENDPOINT - value: {{ include "apm-collector.serviceAddr" . }}:4318 - go: - env: - - name: OTEL_EXPORTER_OTLP_ENDPOINT - value: {{ include "apm-collector.serviceAddr" . }}:4318 - java: - env: - - name: OTEL_EXPORTER_OTLP_ENDPOINT - value: {{ include "apm-collector.serviceAddr" . }}:4318 -{{ end }} diff --git a/charts/logzio-apm-collector/values.yaml b/charts/logzio-apm-collector/values.yaml index 98916b97..6908711b 100644 --- a/charts/logzio-apm-collector/values.yaml +++ b/charts/logzio-apm-collector/values.yaml @@ -13,76 +13,6 @@ spm: serviceGraph: enabled: false -# Enable Auto Instrumentation -# ref: https://github.com/open-telemetry/opentelemetry-helm-charts/tree/main/charts/opentelemetry-operator -otel-operator: - enabled: false - - # Openteleemtry operator requires a TLS certificate. - # ref: https://github.com/open-telemetry/opentelemetry-helm-charts/tree/main/charts/opentelemetry-operator#tls-certificate-requirement - admissionWebhooks: - # TLS certificate Option 1 - # If you have cert-manager installed on your cluster, you can set `certManager.enabled` to true - # and the cert-manager will generate a self-signed certificate for the otel-operator automatically. - certManager: - enabled: false - - # Ensure certificate and issuer are created after the CRDs are installed - certificateAnnotations: - helm.sh/hook: "post-install, post-upgrade" - helm.sh/hook-delete-policy: "before-hook-creation, hook-succeeded" - issuerAnnotations: - helm.sh/hook: "post-install, post-upgrade" - helm.sh/hook-delete-policy: "before-hook-creation, hook-succeeded" - - ## Provide the issuer kind and name to do the cert auth job. - ## By default, OpenTelemetry Operator will use self-signer issuer. - # issuerRef: {} - # kind: - # name: - - ## Annotations for the cert and issuer if cert-manager is enabled. - # certificateAnnotations: {} - # issuerAnnotations: {} - - # duration must be specified by a Go time.Duration (ending in s, m or h) - # duration: "" - - # renewBefore must be specified by a Go time.Duration (ending in s, m or h) - # Take care when setting the renewBefore field to be very close to the duration - # as this can lead to a renewal loop, where the Certificate is always in the renewal period. - # renewBefore: "" - - # TLS certificate Option 2 - # The default option enabled by this chart. Helm will automatically create a self-signed cert and secret for you. - autoGenerateCert: - enabled: true - # If set to true, new webhook key/certificate is generated on helm upgrade. - # recreate: true - - # Cert period time in days. The default is 365 days. - # certPeriodDays: 365 - - ## TLS certificate Option 3 - # Use your own self-signed certificate - # To enable this option, set `autoGenerateCert.enabled` to false and provide the necessary values: - ## Path to your own PEM-encoded certificate. - # certFile: "" - ## Path to your own PEM-encoded private key. - # keyFile: "" - ## Path to the CA cert. - # caFile: "" - - # The OpenTelemetry Operator webhook service may not always be ready in time, causing an error. - # to retry, we set `failurePolicy` to `ignore`. To block the operation if it fails, set to `Fail`. - failurePolicy: Ignore - - # Deploying the collector using the operator is not supported currently. - # The collector image is specified to meet operator subchart requirments. - manager: - collectorImage: - repository: "otel/opentelemetry-collector-contrib" - # Specifies a custom name for the chart's resources nameOverride: "" fullnameOverride: "" @@ -410,40 +340,7 @@ imagePullSecrets: [] # OpenTelemetry Collector executable command: name: otelcol-contrib - extraArgs: [] - -####################################################################################################################### -# Otel Operator Auto Instrumentation configuration -####################################################################################################################### -instrumentation: - # For intensive applications, to reduce the performance impact of the operator, you can define multiple - # namespaces to deploy the instrumentor resource at. This can help distribute the load in larger clusters. - # By default, a single instrumentation resource is deployed either in the default "monitoring" namespace, or in the - # "namespaceOverride" namespace (if defined). - includeNamespaces: "" - - # Choose propagator to specify the method of injecting and extracting context from carriers. - # By default, "tracecontext" (W3C Trace Context) and "baggage" (W3C Correlation Context) are enabled. - # You can enable or disable propagators as needed, or use "none" for no automatically configured propagator - # ref: https://opentelemetry.io/docs/languages/sdk-configuration/general/#otel_propagators - propagators: - - tracecontext - - baggage - # - b3 - # - b3multi - # - jaeger - # - xray - # - ottrace - - # Specifies the Sampler used to sample traces by the SDK. (Optional) - sampler: - # By default, "parentbased_always_on" is enabled, meaning new traces will always be recorded and if the parent span is sampled, then the child span will be sampled. - # ref: https://opentelemetry.io/docs/languages/sdk-configuration/general/#otel_traces_sampler - # type: "parentbased_always_on" - - # Each Sampler type defines its own expected args input gor configuring the sampler - # ref: https://opentelemetry.io/docs/languages/sdk-configuration/general/#otel_traces_sampler_arg - # argument: "0.25" + extraArgs: [] ####################################################################################################################### # Kubernetes Resources Configuration