diff --git a/.github/workflows/images.yaml b/.github/workflows/images.yaml index 63a72dd3a..38df87f78 100644 --- a/.github/workflows/images.yaml +++ b/.github/workflows/images.yaml @@ -37,7 +37,6 @@ jobs: ext-auth-example-authsvc: ${{ steps.filter.outputs.ext-auth-example-authsvc }} nginx: ${{ steps.filter.outputs.nginx }} nginx125: ${{ steps.filter.outputs.nginx125 }} - opentelemetry: ${{ steps.filter.outputs.opentelemetry }} steps: - name: Checkout @@ -65,8 +64,6 @@ jobs: - 'images/ext-auth-example-authsvc/**' nginx: - 'images/nginx/**' - opentelemetry: - - 'images/opentelemetry/**' nginx125: - 'images/nginx-1.25/TAG' @@ -166,23 +163,6 @@ jobs: run: | cd images/ && make NAME=kube-webhook-certgen test test-e2e - opentelemetry: - runs-on: ubuntu-latest - env: - PLATFORMS: linux/amd64,linux/arm,linux/arm64 - needs: changes - if: | - (needs.changes.outputs.opentelemetry == 'true') - strategy: - matrix: - nginx: ['1.25.3', '1.21.6'] - steps: - - name: Checkout - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - - name: image build - run: | - cd images/opentelemetry && make NGINX_VERSION=${{ matrix.nginx }} build - nginx125: permissions: contents: write diff --git a/charts/ingress-nginx/README.md b/charts/ingress-nginx/README.md index 5cf5bb179..f7ea20199 100644 --- a/charts/ingress-nginx/README.md +++ b/charts/ingress-nginx/README.md @@ -310,7 +310,7 @@ As of version `1.26.0` of this chart, by simply not providing any clusterIP valu | controller.extraContainers | list | `[]` | Additional containers to be added to the controller pod. See https://github.com/lemonldap-ng-controller/lemonldap-ng-controller as example. | | controller.extraEnvs | list | `[]` | Additional environment variables to set | | controller.extraInitContainers | list | `[]` | Containers, which are run before the app containers are started. | -| controller.extraModules | list | `[]` | Modules, which are mounted into the core nginx image. See values.yaml for a sample to add opentelemetry module | +| controller.extraModules | list | `[]` | Modules, which are mounted into the core nginx image. | | controller.extraVolumeMounts | list | `[]` | Additional volumeMounts to the controller main container. | | controller.extraVolumes | list | `[]` | Additional volumes to the controller pod. | | controller.healthCheckHost | string | `""` | Address to bind the health check endpoint. It is better to set this option to the internal node address if the Ingress-Nginx Controller is running in the `hostNetwork: true` mode. | @@ -393,21 +393,6 @@ As of version `1.26.0` of this chart, by simply not providing any clusterIP valu | controller.name | string | `"controller"` | | | controller.networkPolicy.enabled | bool | `false` | Enable 'networkPolicy' or not | | controller.nodeSelector | object | `{"kubernetes.io/os":"linux"}` | Node labels for controller pod assignment # Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/ # | -| controller.opentelemetry.containerSecurityContext.allowPrivilegeEscalation | bool | `false` | | -| controller.opentelemetry.containerSecurityContext.capabilities.drop[0] | string | `"ALL"` | | -| controller.opentelemetry.containerSecurityContext.readOnlyRootFilesystem | bool | `true` | | -| controller.opentelemetry.containerSecurityContext.runAsGroup | int | `65532` | | -| controller.opentelemetry.containerSecurityContext.runAsNonRoot | bool | `true` | | -| controller.opentelemetry.containerSecurityContext.runAsUser | int | `65532` | The image's default user, inherited from its base image `cgr.dev/chainguard/static`. | -| controller.opentelemetry.containerSecurityContext.seccompProfile.type | string | `"RuntimeDefault"` | | -| controller.opentelemetry.enabled | bool | `false` | | -| controller.opentelemetry.image.digest | string | `"sha256:f7604ac0547ed64d79b98d92133234e66c2c8aade3c1f4809fed5eec1fb7f922"` | | -| controller.opentelemetry.image.distroless | bool | `true` | | -| controller.opentelemetry.image.image | string | `"ingress-nginx/opentelemetry-1.25.3"` | | -| controller.opentelemetry.image.registry | string | `"registry.k8s.io"` | | -| controller.opentelemetry.image.tag | string | `"v20240813-b933310d"` | | -| controller.opentelemetry.name | string | `"opentelemetry"` | | -| controller.opentelemetry.resources | object | `{}` | | | controller.podAnnotations | object | `{}` | Annotations to be added to controller pods # | | controller.podLabels | object | `{}` | Labels to add to the pod container metadata | | controller.podSecurityContext | object | `{}` | Security context for controller pods | diff --git a/charts/ingress-nginx/ci/controller-daemonset-extra-modules-values.yaml b/charts/ingress-nginx/ci/controller-daemonset-extra-modules-values.yaml deleted file mode 100644 index edf12e77e..000000000 --- a/charts/ingress-nginx/ci/controller-daemonset-extra-modules-values.yaml +++ /dev/null @@ -1,30 +0,0 @@ -controller: - image: - repository: ingress-controller/controller - tag: 1.0.0-dev - digest: null - - service: - type: ClusterIP - - kind: DaemonSet - - extraModules: - - name: opentelemetry - image: - registry: registry.k8s.io - image: ingress-nginx/opentelemetry-1.25.3 - tag: v20240813-b933310d - digest: sha256:f7604ac0547ed64d79b98d92133234e66c2c8aade3c1f4809fed5eec1fb7f922 - distroless: true - containerSecurityContext: - runAsNonRoot: true - runAsUser: 65532 - runAsGroup: 65532 - allowPrivilegeEscalation: false - seccompProfile: - type: RuntimeDefault - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true diff --git a/charts/ingress-nginx/ci/controller-daemonset-opentelemetry-values.yaml b/charts/ingress-nginx/ci/controller-daemonset-opentelemetry-values.yaml deleted file mode 100644 index 179ab2a85..000000000 --- a/charts/ingress-nginx/ci/controller-daemonset-opentelemetry-values.yaml +++ /dev/null @@ -1,13 +0,0 @@ -controller: - image: - repository: ingress-controller/controller - tag: 1.0.0-dev - digest: null - - service: - type: ClusterIP - - kind: DaemonSet - - opentelemetry: - enabled: true diff --git a/charts/ingress-nginx/ci/controller-deployment-extra-modules-values.yaml b/charts/ingress-nginx/ci/controller-deployment-extra-modules-values.yaml deleted file mode 100644 index d4083cc37..000000000 --- a/charts/ingress-nginx/ci/controller-deployment-extra-modules-values.yaml +++ /dev/null @@ -1,30 +0,0 @@ -controller: - image: - repository: ingress-controller/controller - tag: 1.0.0-dev - digest: null - - service: - type: ClusterIP - - kind: Deployment - - extraModules: - - name: opentelemetry - image: - registry: registry.k8s.io - image: ingress-nginx/opentelemetry-1.25.3 - tag: v20240813-b933310d - digest: sha256:f7604ac0547ed64d79b98d92133234e66c2c8aade3c1f4809fed5eec1fb7f922 - distroless: true - containerSecurityContext: - runAsNonRoot: true - runAsUser: 65532 - runAsGroup: 65532 - allowPrivilegeEscalation: false - seccompProfile: - type: RuntimeDefault - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true diff --git a/charts/ingress-nginx/ci/controller-deployment-opentelemetry-values.yaml b/charts/ingress-nginx/ci/controller-deployment-opentelemetry-values.yaml deleted file mode 100644 index 9443ddefc..000000000 --- a/charts/ingress-nginx/ci/controller-deployment-opentelemetry-values.yaml +++ /dev/null @@ -1,13 +0,0 @@ -controller: - image: - repository: ingress-controller/controller - tag: 1.0.0-dev - digest: null - - service: - type: ClusterIP - - kind: Deployment - - opentelemetry: - enabled: true diff --git a/charts/ingress-nginx/templates/controller-daemonset.yaml b/charts/ingress-nginx/templates/controller-daemonset.yaml index fcc633d3d..b8f9c331c 100644 --- a/charts/ingress-nginx/templates/controller-daemonset.yaml +++ b/charts/ingress-nginx/templates/controller-daemonset.yaml @@ -144,9 +144,9 @@ spec: hostPort: {{ $key }} {{- end }} {{- end }} - {{- if (or .Values.controller.customTemplate.configMapName .Values.controller.extraVolumeMounts .Values.controller.admissionWebhooks.enabled .Values.controller.extraModules .Values.controller.opentelemetry.enabled) }} + {{- if (or .Values.controller.customTemplate.configMapName .Values.controller.extraVolumeMounts .Values.controller.admissionWebhooks.enabled .Values.controller.extraModules) }} volumeMounts: - {{- if (or .Values.controller.extraModules .Values.controller.opentelemetry.enabled) }} + {{- if .Values.controller.extraModules }} - name: modules {{- if .Values.controller.image.chroot }} mountPath: /chroot/modules_mount @@ -174,7 +174,7 @@ spec: {{- if .Values.controller.extraContainers }} {{- toYaml .Values.controller.extraContainers | nindent 8 }} {{- end }} - {{- if (or .Values.controller.extraInitContainers .Values.controller.extraModules .Values.controller.opentelemetry.enabled) }} + {{- if (or .Values.controller.extraInitContainers .Values.controller.extraModules) }} initContainers: {{- if .Values.controller.extraInitContainers }} {{- toYaml .Values.controller.extraInitContainers | nindent 8 }} @@ -185,12 +185,6 @@ spec: {{- include "extraModules" (dict "name" .name "image" .image "containerSecurityContext" $containerSecurityContext "resources" .resources) | nindent 8 }} {{- end }} {{- end }} - {{- if .Values.controller.opentelemetry.enabled }} - {{- with .Values.controller.opentelemetry }} - {{- $containerSecurityContext := .containerSecurityContext | default $.Values.controller.containerSecurityContext }} - {{- include "extraModules" (dict "name" .name "image" .image "containerSecurityContext" $containerSecurityContext "resources" .resources) | nindent 8 }} - {{- end }} - {{- end }} {{- end }} {{- if .Values.controller.hostNetwork }} hostNetwork: {{ .Values.controller.hostNetwork }} @@ -209,9 +203,9 @@ spec: {{- end }} serviceAccountName: {{ template "ingress-nginx.serviceAccountName" . }} terminationGracePeriodSeconds: {{ .Values.controller.terminationGracePeriodSeconds }} - {{- if (or .Values.controller.customTemplate.configMapName .Values.controller.extraVolumeMounts .Values.controller.admissionWebhooks.enabled .Values.controller.extraVolumes .Values.controller.extraModules .Values.controller.opentelemetry.enabled) }} + {{- if (or .Values.controller.customTemplate.configMapName .Values.controller.extraVolumeMounts .Values.controller.admissionWebhooks.enabled .Values.controller.extraVolumes .Values.controller.extraModules) }} volumes: - {{- if (or .Values.controller.extraModules .Values.controller.opentelemetry.enabled)}} + {{- if .Values.controller.extraModules }} - name: modules emptyDir: {} {{- end }} diff --git a/charts/ingress-nginx/templates/controller-deployment.yaml b/charts/ingress-nginx/templates/controller-deployment.yaml index c046311b0..286ec06b3 100644 --- a/charts/ingress-nginx/templates/controller-deployment.yaml +++ b/charts/ingress-nginx/templates/controller-deployment.yaml @@ -150,9 +150,9 @@ spec: hostPort: {{ $key }} {{- end }} {{- end }} - {{- if (or .Values.controller.customTemplate.configMapName .Values.controller.extraVolumeMounts .Values.controller.admissionWebhooks.enabled .Values.controller.extraModules .Values.controller.opentelemetry.enabled) }} + {{- if (or .Values.controller.customTemplate.configMapName .Values.controller.extraVolumeMounts .Values.controller.admissionWebhooks.enabled .Values.controller.extraModules) }} volumeMounts: - {{- if (or .Values.controller.extraModules .Values.controller.opentelemetry.enabled) }} + {{- if .Values.controller.extraModules }} - name: modules {{- if .Values.controller.image.chroot }} mountPath: /chroot/modules_mount @@ -180,7 +180,7 @@ spec: {{- if .Values.controller.extraContainers }} {{- toYaml .Values.controller.extraContainers | nindent 8 }} {{- end }} - {{- if (or .Values.controller.extraInitContainers .Values.controller.extraModules .Values.controller.opentelemetry.enabled) }} + {{- if (or .Values.controller.extraInitContainers .Values.controller.extraModules) }} initContainers: {{- if .Values.controller.extraInitContainers }} {{- toYaml .Values.controller.extraInitContainers | nindent 8 }} @@ -191,12 +191,6 @@ spec: {{- include "extraModules" (dict "name" .name "image" .image "containerSecurityContext" $containerSecurityContext "resources" .resources) | nindent 8 }} {{- end }} {{- end }} - {{- if .Values.controller.opentelemetry.enabled }} - {{- with .Values.controller.opentelemetry }} - {{- $containerSecurityContext := .containerSecurityContext | default $.Values.controller.containerSecurityContext }} - {{- include "extraModules" (dict "name" .name "image" .image "containerSecurityContext" $containerSecurityContext "resources" .resources) | nindent 8 }} - {{- end }} - {{- end }} {{- end }} {{- if .Values.controller.hostNetwork }} hostNetwork: {{ .Values.controller.hostNetwork }} @@ -215,9 +209,9 @@ spec: {{- end }} serviceAccountName: {{ template "ingress-nginx.serviceAccountName" . }} terminationGracePeriodSeconds: {{ .Values.controller.terminationGracePeriodSeconds }} - {{- if (or .Values.controller.customTemplate.configMapName .Values.controller.extraVolumeMounts .Values.controller.admissionWebhooks.enabled .Values.controller.extraVolumes .Values.controller.extraModules .Values.controller.opentelemetry.enabled) }} + {{- if (or .Values.controller.customTemplate.configMapName .Values.controller.extraVolumeMounts .Values.controller.admissionWebhooks.enabled .Values.controller.extraVolumes .Values.controller.extraModules) }} volumes: - {{- if (or .Values.controller.extraModules .Values.controller.opentelemetry.enabled)}} + {{- if .Values.controller.extraModules }} - name: modules emptyDir: {} {{- end }} diff --git a/charts/ingress-nginx/values.yaml b/charts/ingress-nginx/values.yaml index c2a0a1541..dd3faba59 100644 --- a/charts/ingress-nginx/values.yaml +++ b/charts/ingress-nginx/values.yaml @@ -682,7 +682,7 @@ controller: # image: busybox # command: ['sh', '-c', 'until nslookup myservice; do echo waiting for myservice; sleep 2; done;'] - # -- Modules, which are mounted into the core nginx image. See values.yaml for a sample to add opentelemetry module + # -- Modules, which are mounted into the core nginx image. extraModules: [] # - name: mytestmodule # image: @@ -711,31 +711,6 @@ controller: # will be executed as initContainers, to move its config files within the # mounted volume. - opentelemetry: - enabled: false - name: opentelemetry - image: - registry: registry.k8s.io - image: ingress-nginx/opentelemetry-1.25.3 - ## for backwards compatibility consider setting the full image url via the repository value below - ## use *either* current default registry/image or repository format or installing chart by providing the values.yaml will fail - ## repository: - tag: v20240813-b933310d - digest: sha256:f7604ac0547ed64d79b98d92133234e66c2c8aade3c1f4809fed5eec1fb7f922 - distroless: true - containerSecurityContext: - runAsNonRoot: true - # -- The image's default user, inherited from its base image `cgr.dev/chainguard/static`. - runAsUser: 65532 - runAsGroup: 65532 - allowPrivilegeEscalation: false - seccompProfile: - type: RuntimeDefault - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - resources: {} admissionWebhooks: name: admission annotations: {} diff --git a/docs/user-guide/third-party-addons/opentelemetry.md b/docs/user-guide/third-party-addons/opentelemetry.md index 32b17d2ca..255ba1ffa 100644 --- a/docs/user-guide/third-party-addons/opentelemetry.md +++ b/docs/user-guide/third-party-addons/opentelemetry.md @@ -147,17 +147,7 @@ graph TB To install the example and collectors run: -1. Enable Ingress addon with: - - ```yaml - opentelemetry: - enabled: true - image: registry.k8s.io/ingress-nginx/opentelemetry-1.25.3:v20240813-b933310d@sha256:f7604ac0547ed64d79b98d92133234e66c2c8aade3c1f4809fed5eec1fb7f922 - containerSecurityContext: - allowPrivilegeEscalation: false - ``` - -2. Enable OpenTelemetry and set the otlp-collector-host: +1. Enable OpenTelemetry and set the otlp-collector-host: ```yaml $ echo ' @@ -183,7 +173,7 @@ To install the example and collectors run: ' | kubectl replace -f - ``` -4. Deploy otel-collector, grafana and Jaeger backend: +2. Deploy otel-collector, grafana and Jaeger backend: ```bash # add helm charts needed for grafana and OpenTelemetry collector @@ -218,7 +208,7 @@ To install the example and collectors run: make deploy-app ``` -5. Make a few requests to the Service: +4. Make a few requests to the Service: ```bash kubectl port-forward --namespace=ingress-nginx service/ingress-nginx-controller 8090:80 @@ -247,7 +237,7 @@ To install the example and collectors run: RawContentLength : 21 ``` -6. View the Grafana UI: +5. View the Grafana UI: ```bash kubectl port-forward --namespace=observability service/grafana 3000:80 @@ -255,7 +245,7 @@ To install the example and collectors run: In the Grafana interface we can see the details: ![grafana screenshot](../../images/otel-grafana-demo.png "grafana screenshot") -7. View the Jaeger UI: +6. View the Jaeger UI: ```bash kubectl port-forward --namespace=observability service/jaeger-all-in-one-query 16686:16686 @@ -263,7 +253,7 @@ To install the example and collectors run: In the Jaeger interface we can see the details: ![Jaeger screenshot](../../images/otel-jaeger-demo.png "Jaeger screenshot") -8. View the Zipkin UI: +7. View the Zipkin UI: ```bash kubectl port-forward --namespace=observability service/zipkin 9411:9411 diff --git a/images/opentelemetry/Makefile b/images/opentelemetry/Makefile deleted file mode 100644 index eae435bef..000000000 --- a/images/opentelemetry/Makefile +++ /dev/null @@ -1,69 +0,0 @@ -# Copyright 2024 The Kubernetes Authors. All rights reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -.DEFAULT_GOAL:=build - -# set default shell -SHELL=/bin/bash -o pipefail -o errexit - -DIR:=$(strip $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST))))) -INIT_BUILDX=$(DIR)/../../hack/init-buildx.sh - -# 0.0.0 shouldn't clobber any released builds -SHORT_SHA ?=$(shell git rev-parse --short HEAD) -TAG ?=v$(shell date +%Y%m%d)-$(SHORT_SHA) - -REGISTRY ?= gcr.io/k8s-staging-ingress-nginx - -IMAGE = $(REGISTRY)/opentelemetry - -# required to enable buildx -export DOCKER_CLI_EXPERIMENTAL=enabled - -# build with buildx -PLATFORMS?=linux/amd64,linux/arm,linux/arm64 -OUTPUT= -PROGRESS=plain - -precheck: -ifndef NGINX_VERSION - $(error NGINX_VERSION variable is required) -endif - -build: precheck ensure-buildx - docker buildx build \ - --label=org.opencontainers.image.source=https://github.com/kubernetes/ingress-nginx \ - --label=org.opencontainers.image.licenses=Apache-2.0 \ - --label=org.opencontainers.image.description="Ingress NGINX Opentelemetry image" \ - --platform=${PLATFORMS} $(OUTPUT) \ - --progress=$(PROGRESS) \ - --build-arg=NGINX_VERSION=$(NGINX_VERSION) \ - --pull \ - --tag $(IMAGE)-$(NGINX_VERSION):$(TAG) rootfs - -# push the cross built image -push: OUTPUT=--push -push: build - -# enable buildx -ensure-buildx: -# this is required for cloudbuild -ifeq ("$(wildcard $(INIT_BUILDX))","") - @curl -sSL https://raw.githubusercontent.com/kubernetes/ingress-nginx/main/hack/init-buildx.sh | bash -else - @exec $(INIT_BUILDX) -endif - @echo "done" - -.PHONY: build precheck push ensure-buildx diff --git a/images/opentelemetry/TAG b/images/opentelemetry/TAG deleted file mode 100644 index 0ec25f750..000000000 --- a/images/opentelemetry/TAG +++ /dev/null @@ -1 +0,0 @@ -v1.0.0 diff --git a/images/opentelemetry/cloudbuild.yaml b/images/opentelemetry/cloudbuild.yaml deleted file mode 100644 index df86d37e7..000000000 --- a/images/opentelemetry/cloudbuild.yaml +++ /dev/null @@ -1,14 +0,0 @@ -options: - # Increase machine type for multi-arch builds. - machineType: E2_HIGHCPU_8 - # Ignore Prow provided substitutions. - substitution_option: ALLOW_LOOSE -steps: - - name: gcr.io/k8s-staging-test-infra/gcb-docker-gcloud:v20240523-a15ad90fc9 - env: - - REGISTRY=gcr.io/k8s-staging-ingress-nginx - entrypoint: bash - args: - - -c - - gcloud auth configure-docker && cd images/opentelemetry && make NGINX_VERSION=1.21.6 push && make NGINX_VERSION=1.25.3 push -timeout: 1800s diff --git a/images/opentelemetry/rootfs/CMakeLists.txt b/images/opentelemetry/rootfs/CMakeLists.txt deleted file mode 100644 index 1c68d6fc6..000000000 --- a/images/opentelemetry/rootfs/CMakeLists.txt +++ /dev/null @@ -1,74 +0,0 @@ -#!/bin/bash - -# Copyright 2021 The Kubernetes Authors. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -cmake_minimum_required(VERSION 3.11 FATAL_ERROR) - -project( - dependencies - LANGUAGES CXX - VERSION 0.0.1) - -set(CMAKE_CXX_STANDARD 17) -set(CMAKE_CXX_EXTENSIONS OFF) -set(CMAKE_CXX_STANDARD_REQUIRED ON) -set(CMAKE_CXX_FLAGS "-O2 -fpic") -set(CMAKE_VERBOSE_MAKEFILE ON CACHE BOOL "ON" FORCE) - -set(CMAKE_BUILD_TYPE - Release - CACHE STRING "Build type" FORCE) - -include(GNUInstallDirs) - -set(CMAKE_ARCHIVE_OUTPUT_DIRECTORY - ${PROJECT_BINARY_DIR}/${CMAKE_INSTALL_LIBDIR}) -set(CMAKE_LIBRARY_OUTPUT_DIRECTORY - ${PROJECT_BINARY_DIR}/${CMAKE_INSTALL_LIBDIR}) -set(CMAKE_RUNTIME_OUTPUT_DIRECTORY - ${PROJECT_BINARY_DIR}/${CMAKE_INSTALL_BINDIR}) - -set(INSTALL_LIBDIR - ${CMAKE_INSTALL_LIBDIR} - CACHE PATH "directory for libraries") -set(INSTALL_BINDIR - ${CMAKE_INSTALL_BINDIR} - CACHE PATH "directory for executables") -set(INSTALL_INCLUDEDIR - ${CMAKE_INSTALL_INCLUDEDIR} - CACHE PATH "directory for header files") - -set(DEF_INSTALL_CMAKEDIR share/cmake/${PROJECT_NAME}) -set(INSTALL_CMAKEDIR - ${DEF_INSTALL_CMAKEDIR} - CACHE PATH "directory for CMake files") - -set_property(DIRECTORY PROPERTY EP_BASE ${CMAKE_BINARY_DIR}/subs) - -set(STAGED_INSTALL_PREFIX ${CMAKE_BINARY_DIR}/stage) -message(STATUS "${PROJECT_NAME} staged install: ${STAGED_INSTALL_PREFIX}") - -find_package(OpenSSL REQUIRED) -message("OpenSSL include dir: ${OPENSSL_INCLUDE_DIR}") -message("OpenSSL libraries: ${OPENSSL_LIBRARIES}") - -find_package(Protobuf REQUIRED) -find_package(gRPC REQUIRED) -find_package(OpentelemetryCPP REQUIRED) - -install( - DIRECTORY ${STAGED_INSTALL_PREFIX}/ - DESTINATION . - USE_SOURCE_PERMISSIONS) diff --git a/images/opentelemetry/rootfs/Dockerfile b/images/opentelemetry/rootfs/Dockerfile deleted file mode 100644 index 4b64b96a6..000000000 --- a/images/opentelemetry/rootfs/Dockerfile +++ /dev/null @@ -1,46 +0,0 @@ -# Copyright 2021 The Kubernetes Authors. All rights reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - - -FROM alpine:3.20 AS base - -RUN mkdir -p /opt/third_party/install -COPY . /opt/third_party/ - -# install build tools -RUN apk update \ - && apk upgrade \ - && apk add -U bash \ - && bash /opt/third_party/build.sh -p - -ENV NINJA_STATUS="[%p/%f/%t] " - -# install otel_ngx_module.so -FROM base AS nginx -ARG NGINX_VERSION=1.25.3 -RUN bash /opt/third_party/build.sh -n ${NGINX_VERSION} - -FROM golang:1.22.7-bullseye AS build-init - -WORKDIR /go/src/app -COPY . . - -RUN go mod download -RUN CGO_ENABLED=0 go build -o /go/bin/init_module - -FROM gcr.io/distroless/static-debian11 AS final -COPY --from=build-init /go/bin/init_module / -COPY --from=nginx /etc/nginx/modules /etc/nginx/modules - -CMD ["/init_module"] diff --git a/images/opentelemetry/rootfs/build.sh b/images/opentelemetry/rootfs/build.sh deleted file mode 100755 index 6f803fc9f..000000000 --- a/images/opentelemetry/rootfs/build.sh +++ /dev/null @@ -1,165 +0,0 @@ -#!/bin/bash - -# Copyright 2021 The Kubernetes Authors. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -set -o errexit -set -o nounset -set -o pipefail -set -x -# Check for recent changes: https://github.com/open-telemetry/opentelemetry-cpp/compare/v1.2.0...main -export OPENTELEMETRY_CPP_VERSION=${OPENTELEMETRY_CPP_VERSION:="v1.11.0"} -export INSTALL_DIR=/opt/third_party/install - -export NGINX_VERSION=${NGINX_VERSION:="1.25.3"} -# improve compilation times -CORES=$(($(grep -c ^processor /proc/cpuinfo) - 1)) - -rm -rf \ - /var/cache/debconf/* \ - /var/lib/apt/lists/* \ - /var/log/* \ - /tmp/* \ - /var/tmp/* - -export BUILD_PATH=/tmp/build -mkdir --verbose -p "$BUILD_PATH" - -Help() -{ - # Display Help - echo "Add description of the script functions here." - echo - echo "Syntax: scriptTemplate [-h|o|n|p|]" - echo "options:" - echo "h Print Help." - echo "o OpenTelemetry git tag" - echo "n install nginx" - echo "p prepare" - echo -} - -prepare() -{ - echo "https://dl-cdn.alpinelinux.org/alpine/edge/main" >> /etc/apk/repositories - echo "https://dl-cdn.alpinelinux.org/alpine/edge/community" >> /etc/apk/repositories - echo "https://dl-cdn.alpinelinux.org/alpine/edge/testing" >> /etc/apk/repositories - - apk add \ - linux-headers \ - cmake \ - ninja \ - openssl \ - curl-dev \ - openssl-dev \ - gtest-dev \ - c-ares-dev \ - pcre-dev \ - curl \ - git \ - build-base \ - coreutils \ - build-base \ - openssl-dev \ - pkgconfig \ - c-ares-dev \ - re2-dev \ - grpc-dev \ - protobuf-dev \ - opentelemetry-cpp-dev - - git config --global http.version HTTP/1.1 - git config --global http.postBuffer 157286400 -} - -install_otel() -{ - cd ${BUILD_PATH} - export LD_LIBRARY_PATH="${LD_LIBRARY_PATH:+LD_LIBRARY_PATH:}${INSTALL_DIR}/lib:/usr/local" - export PATH="${PATH}:${INSTALL_DIR}/bin" - git clone --recurse-submodules -j ${CORES} --depth=1 -b \ - ${OPENTELEMETRY_CPP_VERSION} https://github.com/open-telemetry/opentelemetry-cpp.git opentelemetry-cpp-${OPENTELEMETRY_CPP_VERSION} - cd "opentelemetry-cpp-${OPENTELEMETRY_CPP_VERSION}" - mkdir -p .build - cd .build - - cmake -DCMAKE_BUILD_TYPE=Release \ - -G Ninja \ - -DCMAKE_CXX_STANDARD=17 \ - -DCMAKE_POSITION_INDEPENDENT_CODE=TRUE \ - -DWITH_ZIPKIN=OFF \ - -DCMAKE_INSTALL_PREFIX=${INSTALL_DIR} \ - -DBUILD_TESTING=OFF \ - -DWITH_BENCHMARK=OFF \ - -DWITH_FUNC_TESTS=OFF \ - -DBUILD_SHARED_LIBS=OFF \ - -DWITH_OTLP_GRPC=ON \ - -DWITH_OTLP_HTTP=OFF \ - -DWITH_ABSEIL=ON \ - -DWITH_EXAMPLES=OFF \ - -DWITH_NO_DEPRECATED_CODE=ON \ - .. - cmake --build . -j ${CORES} --target install -} - -install_nginx() -{ - - # Check for recent changes: https://github.com/open-telemetry/opentelemetry-cpp-contrib/compare/e11348bb400d5472bf1da5d6128bead66fa111ff...main - export OPENTELEMETRY_CONTRIB_COMMIT=e11348bb400d5472bf1da5d6128bead66fa111ff - - mkdir -p /etc/nginx - cd "$BUILD_PATH" - - # TODO fix curl - # get_src 0528e793a97f942868616449d49326160f9cb67b2253fb2c4864603ac6ab09a9 \ - # "https://github.com/open-telemetry/opentelemetry-cpp-contrib/archive/$OPENTELEMETRY_CONTRIB_COMMIT.tar.gz" - - git clone https://github.com/open-telemetry/opentelemetry-cpp-contrib.git \ - opentelemetry-cpp-contrib-${OPENTELEMETRY_CONTRIB_COMMIT} - cd ${BUILD_PATH}/opentelemetry-cpp-contrib-${OPENTELEMETRY_CONTRIB_COMMIT} - git reset --hard ${OPENTELEMETRY_CONTRIB_COMMIT} - cd ${BUILD_PATH}/opentelemetry-cpp-contrib-${OPENTELEMETRY_CONTRIB_COMMIT}/instrumentation/nginx - mkdir -p build - cd build - cmake -DCMAKE_BUILD_TYPE=Release \ - -G Ninja \ - -DCMAKE_CXX_STANDARD=17 \ - -DCMAKE_INSTALL_PREFIX=${INSTALL_DIR} \ - -DBUILD_SHARED_LIBS=ON \ - -DNGINX_VERSION=${NGINX_VERSION} \ - .. - cmake --build . -j ${CORES} --target install - - mkdir -p /etc/nginx/modules - cp ${INSTALL_DIR}/otel_ngx_module.so /etc/nginx/modules/otel_ngx_module.so -} - -while getopts ":phn:" option; do - case $option in - h) # display Help - Help - exit;; - p) # prepare - prepare - exit;; - n) # install nginx - NGINX_VERSION=${OPTARG} - install_nginx - exit;; - \?) - Help - exit;; - esac -done diff --git a/images/opentelemetry/rootfs/go.mod b/images/opentelemetry/rootfs/go.mod deleted file mode 100644 index 207d1d914..000000000 --- a/images/opentelemetry/rootfs/go.mod +++ /dev/null @@ -1,3 +0,0 @@ -module init-otel - -go 1.22.7 diff --git a/images/opentelemetry/rootfs/init_module.go b/images/opentelemetry/rootfs/init_module.go deleted file mode 100644 index 5d285052d..000000000 --- a/images/opentelemetry/rootfs/init_module.go +++ /dev/null @@ -1,103 +0,0 @@ -/* -Copyright 2023 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package main - -import ( - "fmt" - "io" - "os" - "path/filepath" -) - -func main() { - // Enable error handling for all operations - err := run() - if err != nil { - fmt.Fprintf(os.Stderr, "Error: %v\n", err) - os.Exit(1) - } -} - -func run() error { - // Create the target directory if it doesn't exist - targetDir := "/modules_mount/etc/nginx/modules/otel" - err := os.MkdirAll(targetDir, os.ModePerm) - if err != nil { - return fmt.Errorf("failed to create target directory: %w", err) - } - - // Copy files from source directory to target directory - sourceDir := "/etc/nginx/modules/" - err = filepath.Walk(sourceDir, func(path string, info os.FileInfo, err error) error { - if err != nil { - return err - } - - // Skip directories - if info.IsDir() { - return nil - } - - // Calculate the destination path - relPath, err := filepath.Rel(sourceDir, path) - if err != nil { - return err - } - destPath := filepath.Join(targetDir, relPath) - - // Create the destination directory if it doesn't exist - destDir := filepath.Dir(destPath) - err = os.MkdirAll(destDir, os.ModePerm) - if err != nil { - return err - } - - // Copy the file - err = copyFile(path, destPath) - if err != nil { - return err - } - - return nil - }) - if err != nil { - return fmt.Errorf("failed to copy files: %w", err) - } - - return nil -} - -func copyFile(sourcePath, destPath string) error { - sourceFile, err := os.Open(sourcePath) - if err != nil { - return err - } - defer sourceFile.Close() - - destFile, err := os.Create(destPath) - if err != nil { - return err - } - defer destFile.Close() - - _, err = io.Copy(destFile, sourceFile) - if err != nil { - return err - } - - return nil -} diff --git a/magefiles/utils/helm.go b/magefiles/utils/helm.go index 677e322f5..cb8acae57 100644 --- a/magefiles/utils/helm.go +++ b/magefiles/utils/helm.go @@ -207,13 +207,6 @@ type IngressChartValue struct { ExtraVolumes []interface{} `yaml:"extraVolumes"` ExtraInitContainers []interface{} `yaml:"extraInitContainers"` ExtraModules []interface{} `yaml:"extraModules"` - Opentelemetry struct { - Enabled bool `yaml:"enabled"` - Image string `yaml:"image"` - ContainerSecurityContext struct { - AllowPrivilegeEscalation bool `yaml:"allowPrivilegeEscalation"` - } `yaml:"containerSecurityContext"` - } `yaml:"opentelemetry"` AdmissionWebhooks struct { Annotations struct{} `yaml:"annotations"` Enabled bool `yaml:"enabled"`