diff --git a/charts/nr-k8s-otel-collector/Chart.yaml b/charts/nr-k8s-otel-collector/Chart.yaml index a5319206a..0dbeb3a15 100644 --- a/charts/nr-k8s-otel-collector/Chart.yaml +++ b/charts/nr-k8s-otel-collector/Chart.yaml @@ -17,7 +17,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.7.7 +version: 0.8.0 dependencies: - name: common-library @@ -32,7 +32,7 @@ dependencies: # incremented each time you make changes to the application. Versions are not expected to # follow Semantic Versioning. They should reflect the version the application is using. # It is recommended to use it with quotes. -appVersion: "0.7.1" +appVersion: "0.8.0" maintainers: - name: csongnr diff --git a/charts/nr-k8s-otel-collector/README.md b/charts/nr-k8s-otel-collector/README.md index 748efb670..93e339606 100644 --- a/charts/nr-k8s-otel-collector/README.md +++ b/charts/nr-k8s-otel-collector/README.md @@ -106,6 +106,7 @@ daemonset: | deployment.resources | object | `{}` | Sets resources for the deployment. | | deployment.tolerations | list | `[]` | Sets deployment pod tolerations. Overrides `tolerations` and `global.tolerations` | | dnsConfig | object | `{}` | Sets pod's dnsConfig. Can be configured also with `global.dnsConfig` | +| gkeAutopilot | bool | `false` | If deploying to a GKE autopilot cluster, set to true | | image.pullPolicy | string | `"IfNotPresent"` | The pull policy is defaulted to IfNotPresent, which skips pulling an image if it already exists. If pullPolicy is defined without a specific value, it is also set to Always. | | image.repository | string | `"newrelic/nr-otel-collector"` | OTel collector image to be deployed. You can use your own collector as long it accomplish the following requirements mentioned below. | | image.tag | string | `"0.7.1"` | Overrides the image tag whose default is the chart appVersion. | @@ -119,7 +120,6 @@ daemonset: | podLabels | object | `{}` | Additional labels for chart pods | | podSecurityContext | object | `{}` | Sets all security contexts (at pod level). Can be configured also with `global.securityContext.pod` | | priorityClassName | string | `""` | Sets pod's priorityClassName. Can be configured also with `global.priorityClassName` | -| privileged | bool | `true` | Run the integration with full access to the host filesystem and network. Running in this mode allows reporting fine-grained cpu, memory, process and network metrics for your nodes. | | rbac.create | bool | `true` | Specifies whether RBAC resources should be created | | receivers.filelog.enabled | bool | `true` | Specifies whether the `filelog` receiver is enabled | | receivers.hostmetrics.enabled | bool | `true` | Specifies whether the `hostmetrics` receiver is enabled | diff --git a/charts/nr-k8s-otel-collector/templates/daemonset-configmap.yaml b/charts/nr-k8s-otel-collector/templates/daemonset-configmap.yaml index e996caffc..8bd4324f9 100644 --- a/charts/nr-k8s-otel-collector/templates/daemonset-configmap.yaml +++ b/charts/nr-k8s-otel-collector/templates/daemonset-configmap.yaml @@ -13,7 +13,7 @@ data: receivers: hostmetrics: # TODO (chris): this is a linux specific configuration - {{- if include "newrelic.common.privileged" . }} + {{- if not .Values.gkeAutopilot }} root_path: /hostfs {{- end }} collection_interval: {{ .Values.receivers.hostmetrics.scrapeInterval }} @@ -66,7 +66,7 @@ data: kubeletstats: collection_interval: {{ .Values.receivers.kubeletstats.scrapeInterval }} - {{- if include "newrelic.common.privileged" . }} + {{- if not .Values.gkeAutopilot }} endpoint: "${KUBE_NODE_NAME}:10250" auth_type: "serviceAccount" insecure_skip_verify: true @@ -564,13 +564,13 @@ data: {{- if or .Values.receivers.hostmetrics.enabled (or .Values.receivers.kubeletstats.enabled .Values.receivers.prometheus.enabled) }} metrics: receivers: - {{- if and .Values.receivers.hostmetrics.enabled (include "newrelic.common.privileged" .) }} + {{- if .Values.receivers.hostmetrics.enabled }} - hostmetrics {{- end }} {{- if .Values.receivers.kubeletstats.enabled }} - kubeletstats {{- end }} - {{- if and .Values.receivers.prometheus.enabled (include "newrelic.common.privileged" .) }} + {{- if .Values.receivers.prometheus.enabled }} - prometheus {{- end }} processors: diff --git a/charts/nr-k8s-otel-collector/templates/daemonset.yaml b/charts/nr-k8s-otel-collector/templates/daemonset.yaml index 396eeda26..f7ab8f090 100644 --- a/charts/nr-k8s-otel-collector/templates/daemonset.yaml +++ b/charts/nr-k8s-otel-collector/templates/daemonset.yaml @@ -79,27 +79,25 @@ spec: {{- . | toYaml | nindent 12 }} {{- end }} volumeMounts: - # TODO (chris): this is a linux specific configuration - {{- if include "newrelic.common.privileged" . }} + {{- if not .Values.gkeAutopilot }} - name: host-fs mountPath: /hostfs readOnly: true + {{- end }} - name: varlogpods mountPath: /var/log/pods readOnly: true - {{- end }} - name: daemonset-config mountPath: /config volumes: - # TODO (chris): this is a linux specific configuration - {{- if include "newrelic.common.privileged" . }} + {{- if not .Values.gkeAutopilot }} - name: host-fs hostPath: path: / + {{- end }} - name: varlogpods hostPath: path: /var/log/pods - {{- end }} - name: daemonset-config configMap: name: {{ include "nrKubernetesOtel.daemonset.configMap.fullname" . }} diff --git a/charts/nr-k8s-otel-collector/tests/privileged_test.yaml b/charts/nr-k8s-otel-collector/tests/privileged_test.yaml deleted file mode 100644 index d18d06e73..000000000 --- a/charts/nr-k8s-otel-collector/tests/privileged_test.yaml +++ /dev/null @@ -1,88 +0,0 @@ -suite: privileged -templates: - - templates/deployment.yaml - - templates/deployment-configmap.yaml - - templates/daemonset.yaml - - templates/daemonset-configmap.yaml -release: - name: my-release - namespace: my-namespace -tests: - - it: sets privileged to default when no values provided - set: - cluster: my-cluster - licenseKey: us-whatever - asserts: - - equal: - path: spec.template.spec.containers[0].volumeMounts - value: - - name: host-fs - mountPath: /hostfs - readOnly: true - - name: varlogpods - mountPath: /var/log/pods - readOnly: true - - name: daemonset-config - mountPath: /config - template: templates/daemonset.yaml - - lengthEqual: - path: spec.template.spec.volumes - count: 3 - template: templates/daemonset.yaml - - it: does not set privileged from global by common-library - set: - cluster: test-cluster - licenseKey: us-whatever - global: - privileged: false - asserts: - - equal: - path: spec.template.spec.containers[0].volumeMounts - value: - - name: host-fs - mountPath: /hostfs - readOnly: true - - name: varlogpods - mountPath: /var/log/pods - readOnly: true - - name: daemonset-config - mountPath: /config - template: templates/daemonset.yaml - - lengthEqual: - path: spec.template.spec.volumes - count: 3 - template: templates/daemonset.yaml - - it: sets privileged from values by common-library - set: - cluster: test-cluster - licenseKey: us-whatever - privileged: false - asserts: - - equal: - path: spec.template.spec.containers[0].volumeMounts - value: - - name: daemonset-config - mountPath: /config - template: templates/daemonset.yaml - - lengthEqual: - path: spec.template.spec.volumes - count: 1 - template: templates/daemonset.yaml - - it: sets privileged from values by common-library overriding global values - set: - cluster: test-cluster - licenseKey: us-whatever - privileged: false - global: - privileged: true - asserts: - - equal: - path: spec.template.spec.containers[0].volumeMounts - value: - - name: daemonset-config - mountPath: /config - template: templates/daemonset.yaml - - lengthEqual: - path: spec.template.spec.volumes - count: 1 - template: templates/daemonset.yaml diff --git a/charts/nr-k8s-otel-collector/values.yaml b/charts/nr-k8s-otel-collector/values.yaml index 055723f67..144f263ec 100644 --- a/charts/nr-k8s-otel-collector/values.yaml +++ b/charts/nr-k8s-otel-collector/values.yaml @@ -17,7 +17,7 @@ image: # -- The pull policy is defaulted to IfNotPresent, which skips pulling an image if it already exists. If pullPolicy is defined without a specific value, it is also set to Always. pullPolicy: IfNotPresent # -- Overrides the image tag whose default is the chart appVersion. - tag: "0.7.1" + tag: "0.8.3" # -- Name of the Kubernetes cluster monitored. Mandatory. Can be configured also with `global.cluster` cluster: "" @@ -39,10 +39,9 @@ priorityClassName: "" # -- Sets pod's dnsConfig. Can be configured also with `global.dnsConfig` dnsConfig: {} -# -- Run the integration with full access to the host filesystem and network. -# Running in this mode allows reporting fine-grained cpu, memory, process and network metrics for your nodes. -# @default -- `true` -privileged: true +# -- If deploying to a GKE autopilot cluster, set to true +# @default -- `false` +gkeAutopilot: false daemonset: # -- Sets daemonset pod node selector. Overrides `nodeSelector` and `global.nodeSelector`