OpenTelemetry - KS cloud support (#103)

* KS cloud otel collector support

Signed-off-by: Amir Malka <[email protected]>

* added missing env to host scanner for otel collector

Signed-off-by: Amir Malka <[email protected]>

---------

Signed-off-by: Amir Malka <[email protected]>

charts/kubescape-cloud-operator/assets/host-scanner-definition.yaml

@@ -1,3 +1,4 @@
+{{ template "cluster_name" . }}
 apiVersion: v1
 kind: Namespace
 metadata:
@@ -56,6 +57,8 @@ spec:
         {{- if .Values.otelCollector.enabled }}
         - name: ACCOUNT_ID
           value: "{{ .Values.account }}"
+        - name: CLUSTER_NAME
+          value: "{{ regexReplaceAll "\\W+" .Values.clusterName "-" }}"
         - name: OTEL_COLLECTOR_SVC
           value: "otel-collector:4317"
         {{- end }}

charts/kubescape-cloud-operator/assets/otel-collector-config.yaml

@@ -13,6 +13,17 @@ processors:
 
 # exporters configure how to send processed data to one or more backends.
 exporters:
+  otlp/ksCloud:
+    {{- if eq .Values.environment "prod" }}
+    endpoint: "{{ .Values.ksCloudOtelCollector }}"
+    {{- else if or (eq .Values.environment "dev") (eq .Values.environment "staging") }}
+    endpoint: "{{ .Values.devKsCloudOtelCollector }}"
+    {{- else }}
+    endpoint: ""
+    {{- end }}
+    tls:
+      insecure: false
+  {{- if ne .Values.otelCollector.endpoint.host "" }}
   otlp:
     endpoint: "{{ .Values.otelCollector.endpoint.host }}:{{ .Values.otelCollector.endpoint.port }}"
     tls:
@@ -23,6 +34,7 @@ exporters:
       {{ $k }}: {{ $v }}
     {{- end }}
     {{- end }}
+  {{- end }}
 
 # service pulls the configured receivers, processors, and exporters together into
 # processing pipelines. Unused receivers/processors/exporters are ignored.
@@ -31,12 +43,24 @@ service:
     traces:
       receivers: [otlp]
       processors: [batch]
-      exporters: [otlp]
+      exporters: 
+      {{- if ne .Values.otelCollector.endpoint.host "" }}
+        - otlp
+      {{- end }}
+        - otlp/ksCloud
     metrics:
       receivers: [otlp]
       processors: [batch]
-      exporters: [otlp]
+      exporters: 
+      {{- if ne .Values.otelCollector.endpoint.host "" }}
+        - otlp
+      {{- end }}
+        - otlp/ksCloud
     logs:
       receivers: [otlp]
       processors: [batch]
-      exporters: [otlp]
+      exporters: 
+      {{- if ne .Values.otelCollector.endpoint.host "" }}
+        - otlp
+      {{- end }}
+        - otlp/ksCloud

charts/kubescape-cloud-operator/templates/kubescape/deployment.yaml

@@ -1,5 +1,6 @@
 {{- if .Values.kubescape.enabled  }}
 {{- $cloud_provider := (include "cloud_provider" .) -}}
+{{ template "cluster_name" . }}
 apiVersion: apps/v1
 kind: Deployment
 metadata:
@@ -68,6 +69,8 @@ spec:
           initialDelaySeconds: 3
           periodSeconds: 3
         env:
+        - name: CLUSTER_NAME
+          value: "{{ regexReplaceAll "\\W+" .Values.clusterName "-" }}"
         - name: KS_LOGGER_LEVEL
           value: "{{ .Values.logger.level }}"
         - name: KS_LOGGER_NAME

charts/kubescape-cloud-operator/values.yaml

@@ -15,11 +15,13 @@ eventReceiverHttpUrl: "https://report.armo.cloud"
 k8sReportUrl: "wss://report.armo.cloud"
 gatewayUrl: "ens.euprod1.cyberarmorsoft.com"
 backendOpenAPI: "https://api.armosec.io/api"
+ksCloudOtelCollector: "otelcol.armosec.io:443"
 # KS cloud DEV BE URLs
 devEventReceiverHttpUrl: "https://report.eudev3.cyberarmorsoft.com"
 devK8sReportUrl: "wss://report.eudev3.cyberarmorsoft.com"
 devGatewayUrl: "ens.eudev3.cyberarmorsoft.com"
 devBackendOpenAPI: "https://api-dev.armosec.io/api"
+devKsCloudOtelCollector: "otelcol-dev.armosec.io:443"
 # KS cloud STAGING BE URLs
 stagingEventReceiverHttpUrl: "https://report-ks.eustage2.cyberarmorsoft.com"
 stagingK8sReportUrl: "wss://report.eustage2.cyberarmorsoft.com"
@@ -422,8 +424,8 @@ registryScanScheduler:
 otelCollector:
 
   # -- enable/disable metrics and traces collection
-  enabled: false
 
+  enabled: true
   endpoint:
     host: ""
     port: 4317