-
Notifications
You must be signed in to change notification settings - Fork 395
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge branch 'main' into instrumentation-support-label
- Loading branch information
Showing
7 changed files
with
197 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
26 changes: 26 additions & 0 deletions
26
tests/e2e-openshift/scrape-in-cluster-monitoring/chainsaw-test.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,26 @@ | ||
apiVersion: chainsaw.kyverno.io/v1alpha1 | ||
kind: Test | ||
metadata: | ||
name: scrape-in-cluster-monitoring | ||
spec: | ||
namespace: chainsaw-scrape-in-cluster-monitoring | ||
steps: | ||
- name: Create OTEL collector with Prometheus receiver to scrape in-cluster metrics | ||
try: | ||
- apply: | ||
file: create-clusterrolebinding.yaml | ||
- assert: | ||
file: create-clusterrolebinding-assert.yaml | ||
- apply: | ||
file: create-otel-instance.yaml | ||
- assert: | ||
file: create-otel-instance-assert.yaml | ||
- name: Wait for the metrics to be collected | ||
try: | ||
- sleep: | ||
duration: 10s | ||
- name: Check the presence of metrics in the OTEL collector | ||
try: | ||
- script: | ||
timeout: 5m | ||
content: ./check_logs.sh |
57 changes: 57 additions & 0 deletions
57
tests/e2e-openshift/scrape-in-cluster-monitoring/check_logs.sh
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,57 @@ | ||
#!/bin/bash | ||
# This script checks the OpenTelemetry collector pod for the presence of Metrics. | ||
|
||
# Define the label selector | ||
LABEL_SELECTOR="app.kubernetes.io/component=opentelemetry-collector" | ||
NAMESPACE=chainsaw-scrape-in-cluster-monitoring | ||
|
||
# Define the search strings | ||
SEARCH_STRING1='-> container' | ||
SEARCH_STRING2='-> label_pod_security_kubernetes_io_audit: Str(restricted)' | ||
SEARCH_STRING3='-> label_pod_security_kubernetes_io_enforce: Str(privileged)' | ||
SEARCH_STRING4='-> label_kubernetes_io_metadata_name:' | ||
SEARCH_STRING5='-> namespace:' | ||
|
||
# Initialize flags to track if strings are found | ||
FOUND1=false | ||
FOUND2=false | ||
FOUND3=false | ||
FOUND4=false | ||
FOUND5=false | ||
|
||
# Loop until all strings are found | ||
while ! $FOUND1 || ! $FOUND2 || ! $FOUND3 || ! $FOUND4 || ! $FOUND5; do | ||
# Get the list of pods with the specified label | ||
PODS=($(kubectl -n $NAMESPACE get pods -l $LABEL_SELECTOR -o jsonpath='{.items[*].metadata.name}')) | ||
|
||
# Loop through each pod and search for the strings in the logs | ||
for POD in "${PODS[@]}"; do | ||
# Search for the first string | ||
if ! $FOUND1 && kubectl -n $NAMESPACE --tail=500 logs $POD | grep -q -- "$SEARCH_STRING1"; then | ||
echo "\"$SEARCH_STRING1\" found in $POD" | ||
FOUND1=true | ||
fi | ||
# Search for the second string | ||
if ! $FOUND2 && kubectl -n $NAMESPACE --tail=500 logs $POD | grep -q -- "$SEARCH_STRING2"; then | ||
echo "\"$SEARCH_STRING2\" found in $POD" | ||
FOUND2=true | ||
fi | ||
# Search for the third string | ||
if ! $FOUND3 && kubectl -n $NAMESPACE --tail=500 logs $POD | grep -q -- "$SEARCH_STRING3"; then | ||
echo "\"$SEARCH_STRING3\" found in $POD" | ||
FOUND3=true | ||
fi | ||
# Search for the fourth string | ||
if ! $FOUND4 && kubectl -n $NAMESPACE --tail=500 logs $POD | grep -q -- "$SEARCH_STRING4"; then | ||
echo "\"$SEARCH_STRING4\" found in $POD" | ||
FOUND4=true | ||
fi | ||
# Search for the fifth string | ||
if ! $FOUND5 && kubectl -n $NAMESPACE --tail=500 logs $POD | grep -q -- "$SEARCH_STRING5"; then | ||
echo "\"$SEARCH_STRING5\" found in $POD" | ||
FOUND5=true | ||
fi | ||
done | ||
done | ||
|
||
echo "Found the matched metrics in collector" |
19 changes: 19 additions & 0 deletions
19
tests/e2e-openshift/scrape-in-cluster-monitoring/create-clusterrolebinding-assert.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,19 @@ | ||
apiVersion: rbac.authorization.k8s.io/v1 | ||
kind: ClusterRoleBinding | ||
metadata: | ||
name: chainsaw-scrape-in-cluster-monitoring-binding | ||
roleRef: | ||
apiGroup: rbac.authorization.k8s.io | ||
kind: ClusterRole | ||
name: cluster-monitoring-view | ||
subjects: | ||
- kind: ServiceAccount | ||
name: otel-collector | ||
namespace: chainsaw-scrape-in-cluster-monitoring | ||
|
||
--- | ||
apiVersion: v1 | ||
kind: ConfigMap | ||
metadata: | ||
name: cabundle | ||
namespace: chainsaw-scrape-in-cluster-monitoring |
21 changes: 21 additions & 0 deletions
21
tests/e2e-openshift/scrape-in-cluster-monitoring/create-clusterrolebinding.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,21 @@ | ||
apiVersion: rbac.authorization.k8s.io/v1 | ||
kind: ClusterRoleBinding | ||
metadata: | ||
name: chainsaw-scrape-in-cluster-monitoring-binding | ||
roleRef: | ||
apiGroup: rbac.authorization.k8s.io | ||
kind: ClusterRole | ||
name: cluster-monitoring-view | ||
subjects: | ||
- kind: ServiceAccount | ||
name: otel-collector | ||
namespace: chainsaw-scrape-in-cluster-monitoring | ||
|
||
--- | ||
kind: ConfigMap | ||
apiVersion: v1 | ||
metadata: | ||
name: cabundle | ||
namespce: chainsaw-scrape-in-cluster-monitoring | ||
annotations: | ||
service.beta.openshift.io/inject-cabundle: "true" |
27 changes: 27 additions & 0 deletions
27
tests/e2e-openshift/scrape-in-cluster-monitoring/create-otel-instance-assert.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,27 @@ | ||
apiVersion: apps/v1 | ||
kind: Deployment | ||
metadata: | ||
name: otel-collector | ||
namespace: chainsaw-scrape-in-cluster-monitoring | ||
status: | ||
availableReplicas: 1 | ||
readyReplicas: 1 | ||
replicas: 1 | ||
|
||
--- | ||
apiVersion: v1 | ||
kind: Service | ||
metadata: | ||
name: otel-collector-monitoring | ||
namespace: chainsaw-scrape-in-cluster-monitoring | ||
spec: | ||
ports: | ||
- name: monitoring | ||
port: 8888 | ||
protocol: TCP | ||
targetPort: 8888 | ||
selector: | ||
app.kubernetes.io/component: opentelemetry-collector | ||
app.kubernetes.io/instance: chainsaw-scrape-in-cluster-monitoring.otel | ||
app.kubernetes.io/managed-by: opentelemetry-operator | ||
app.kubernetes.io/part-of: opentelemetry |
46 changes: 46 additions & 0 deletions
46
tests/e2e-openshift/scrape-in-cluster-monitoring/create-otel-instance.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,46 @@ | ||
apiVersion: opentelemetry.io/v1alpha1 | ||
kind: OpenTelemetryCollector | ||
metadata: | ||
name: otel | ||
namespace: chainsaw-scrape-in-cluster-monitoring | ||
spec: | ||
volumeMounts: | ||
- name: cabundle-volume | ||
mountPath: /etc/pki/ca-trust/source/service-ca | ||
readOnly: true | ||
volumes: | ||
- name: cabundle-volume | ||
configMap: | ||
name: cabundle | ||
mode: deployment | ||
config: | | ||
receivers: | ||
prometheus: | ||
config: | ||
scrape_configs: | ||
- job_name: 'federate' | ||
scrape_interval: 15s | ||
scheme: https | ||
tls_config: | ||
ca_file: /etc/pki/ca-trust/source/service-ca/service-ca.crt | ||
bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token | ||
# honor_labels needs to be set to false due to bug https://github.com/open-telemetry/opentelemetry-collector-contrib/issues/32555 | ||
honor_labels: false | ||
params: | ||
'match[]': | ||
- '{__name__="kube_namespace_labels"}' | ||
metrics_path: '/federate' | ||
static_configs: | ||
- targets: | ||
- "prometheus-k8s.openshift-monitoring.svc.cluster.local:9091" | ||
exporters: | ||
debug: | ||
verbosity: detailed | ||
service: | ||
pipelines: | ||
metrics: | ||
receivers: [prometheus] | ||
processors: [] | ||
exporters: [debug] |