From 230ddc756cf8522de6e8e82f72ca96d1040bed12 Mon Sep 17 00:00:00 2001 From: Milica Cvrkota Date: Tue, 30 Jul 2024 15:52:24 +0200 Subject: [PATCH 1/3] add ServiceEntries when REGISTRY_ONLY enabled Signed-off-by: Milica Cvrkota --- api/v1/inline_types.go | 4 + api/v1/instanaagent_types.go | 2 + api/v1/instanaagent_types_test.go | 25 +++++++ config/rbac/role.yaml | 7 ++ .../instana_v1_extended_instanaagent.yaml | 4 + controllers/apply.go | 15 +++- controllers/instanaagent_controller.go | 8 ++ controllers/util.go | 53 +++++++++++++ go.mod | 19 +++-- go.sum | 38 ++++++---- main.go | 3 + pkg/k8s/client/client.go | 8 ++ .../agent/serviceentry/serviceentry.go | 75 +++++++++++++++++++ .../builders/common/constants/constants.go | 4 + .../builders/k8s-sensor/rbac/clusterrole.go | 5 ++ 15 files changed, 245 insertions(+), 25 deletions(-) create mode 100644 pkg/k8s/object/builders/agent/serviceentry/serviceentry.go diff --git a/api/v1/inline_types.go b/api/v1/inline_types.go index cc0e9a54..c46585e0 100644 --- a/api/v1/inline_types.go +++ b/api/v1/inline_types.go @@ -270,6 +270,10 @@ type HostSpec struct { type ServiceMeshSpec struct { // +kubebuilder:validation:Optional Enabled bool `json:"enabled,omitempty"` + // +kubebuilder:validation:Optional + Namespace string `json:"namespace,omitempty"` + // +kubebuilder:validation:Optional + Configmap string `json:"configmap,omitempty"` } type Prometheus struct { diff --git a/api/v1/instanaagent_types.go b/api/v1/instanaagent_types.go index e3843f53..27f65637 100644 --- a/api/v1/instanaagent_types.go +++ b/api/v1/instanaagent_types.go @@ -172,6 +172,8 @@ func (in *InstanaAgent) Default() { optional.ValueOrDefault(&in.Spec.K8sSensor.ImageSpec.Tag, "latest") optional.ValueOrDefault(&in.Spec.K8sSensor.ImageSpec.PullPolicy, corev1.PullAlways) optional.ValueOrDefault(&in.Spec.K8sSensor.DeploymentSpec.Replicas, 3) + optional.ValueOrDefault(&in.Spec.ServiceMesh.Namespace, "istio-system") + optional.ValueOrDefault(&in.Spec.ServiceMesh.Configmap, "istio") } // +kubebuilder:object:root=true diff --git a/api/v1/instanaagent_types_test.go b/api/v1/instanaagent_types_test.go index 7b5c4740..96dc3a99 100644 --- a/api/v1/instanaagent_types_test.go +++ b/api/v1/instanaagent_types_test.go @@ -1,3 +1,20 @@ +/* +(c) Copyright IBM Corp. 2024 +(c) Copyright Instana Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + package v1 import ( @@ -51,6 +68,10 @@ func TestInstanaAgent_Default(t *testing.T) { Replicas: 2, }, }, + ServiceMesh: ServiceMeshSpec{ + Namespace: "istio-system", + Configmap: "istio", + }, } tests := []struct { @@ -100,6 +121,10 @@ func TestInstanaAgent_Default(t *testing.T) { Replicas: 3, }, }, + ServiceMesh: ServiceMeshSpec{ + Namespace: "istio-system", + Configmap: "istio", + }, }, }, { diff --git a/config/rbac/role.yaml b/config/rbac/role.yaml index ecf4ba8a..2a943635 100644 --- a/config/rbac/role.yaml +++ b/config/rbac/role.yaml @@ -136,6 +136,13 @@ rules: - get - patch - update +- apiGroups: + - networking.istio.io + resources: + - serviceentries + verbs: + - create + - patch - apiGroups: - networking.k8s.io resources: diff --git a/config/samples/instana_v1_extended_instanaagent.yaml b/config/samples/instana_v1_extended_instanaagent.yaml index 24bca628..741ca006 100644 --- a/config/samples/instana_v1_extended_instanaagent.yaml +++ b/config/samples/instana_v1_extended_instanaagent.yaml @@ -96,6 +96,10 @@ spec: # agent.serviceMesh.enabled sets the Instana agent's communication direction with JVMs. # To allow communication to be directed to the agent, set this variable to true. enabled: true + # Namespace where istio is installed. Defaults to istio-system. This may have to be changed for OpenShift ServiceMesh + namespace: istio-system + # ConfigMap for mesh. Defaults to istio. This may have to be changed for OpenShift ServiceMesh + configmap: istio # agent.host.repository sets a host path to be mounted as the agent maven repository (for debugging or development purposes) # host: diff --git a/controllers/apply.go b/controllers/apply.go index 02b5e008..4a5c1082 100644 --- a/controllers/apply.go +++ b/controllers/apply.go @@ -29,6 +29,7 @@ import ( tlssecret "github.com/instana/instana-agent-operator/pkg/k8s/object/builders/agent/secrets/tls-secret" "github.com/instana/instana-agent-operator/pkg/k8s/object/builders/agent/service" agentserviceaccount "github.com/instana/instana-agent-operator/pkg/k8s/object/builders/agent/serviceaccount" + "github.com/instana/instana-agent-operator/pkg/k8s/object/builders/agent/serviceentry" "github.com/instana/instana-agent-operator/pkg/k8s/object/builders/common/builder" k8ssensorconfigmap "github.com/instana/instana-agent-operator/pkg/k8s/object/builders/k8s-sensor/configmap" k8ssensordeployment "github.com/instana/instana-agent-operator/pkg/k8s/object/builders/k8s-sensor/deployment" @@ -64,12 +65,22 @@ func (r *InstanaAgentReconciler) applyResources( ctx context.Context, agent *instanav1.InstanaAgent, isOpenShift bool, + isIstioRegistryOnlyEnabled bool, + nodeIPs []string, operatorUtils operator_utils.OperatorUtils, statusManager status.AgentStatusManager, ) reconcileReturn { log := r.loggerFor(ctx, agent) log.V(1).Info("applying Kubernetes resources for agent") + var serviceEntriesBuilders []builder.ObjectBuilder + + if isIstioRegistryOnlyEnabled { + for _, nodeIP := range nodeIPs { + serviceEntriesBuilders = append(serviceEntriesBuilders, serviceentry.NewServiceEntriesBuilder(agent, nodeIP)) + } + } + builders := append( getDaemonSetBuilders(agent, isOpenShift, statusManager), agentconfigmap.NewConfigMapBuilder(agent, statusManager), @@ -87,7 +98,9 @@ func (r *InstanaAgentReconciler) applyResources( k8ssensorserviceaccount.NewServiceAccountBuilder(agent), ) - if err := operatorUtils.ApplyAll(builders...); err != nil { + mergedBuilders := append(builders, serviceEntriesBuilders...) + + if err := operatorUtils.ApplyAll(mergedBuilders...); err != nil { log.Error(err, "failed to apply kubernetes resources for agent") return reconcileFailure(err) } diff --git a/controllers/instanaagent_controller.go b/controllers/instanaagent_controller.go index de705cc7..c9ea7239 100644 --- a/controllers/instanaagent_controller.go +++ b/controllers/instanaagent_controller.go @@ -123,10 +123,17 @@ func (r *InstanaAgentReconciler) reconcile( return isOpenShiftRes } + isIstioRegistryOnlyEnabled, nodeIPs, isIstioRegistryOnlyEnabledRes := r.getIstioOutboundConfigAndNodeIps(ctx, agent.Spec.ServiceMesh.Namespace, agent.Spec.ServiceMesh.Configmap) + if isIstioRegistryOnlyEnabledRes.suppliesReconcileResult() { + return isIstioRegistryOnlyEnabledRes + } + if applyResourcesRes := r.applyResources( ctx, agent, isOpenShift, + isIstioRegistryOnlyEnabled, + nodeIPs, operatorUtils, statusManager, ); applyResourcesRes.suppliesReconcileResult() { @@ -157,6 +164,7 @@ func (r *InstanaAgentReconciler) reconcile( // +kubebuilder:rbac:groups=apps.openshift.io,resources=deploymentconfigs,verbs=get;list;watch // +kubebuilder:rbac:groups=security.openshift.io,resourceNames=privileged,resources=securitycontextconstraints,verbs=use // +kubebuilder:rbac:groups=policy,resourceNames=instana-agent-k8sensor,resources=podsecuritypolicies,verbs=use +// +kubebuilder:rbac:groups=networking.istio.io,resources=serviceentries,verbs=create;patch func (r *InstanaAgentReconciler) Reconcile(ctx context.Context, req ctrl.Request) ( res ctrl.Result, diff --git a/controllers/util.go b/controllers/util.go index f035eb9f..bb94d01a 100644 --- a/controllers/util.go +++ b/controllers/util.go @@ -19,8 +19,11 @@ package controllers import ( "context" + "strings" "github.com/go-logr/logr" + corev1 "k8s.io/api/core/v1" + "k8s.io/apimachinery/pkg/types" logf "sigs.k8s.io/controller-runtime/pkg/log" instanav1 "github.com/instana/instana-agent-operator/api/v1" @@ -42,6 +45,56 @@ func (r *InstanaAgentReconciler) isOpenShift(ctx context.Context, operatorUtils return isOpenShiftRes, reconcileContinue() } +func (r *InstanaAgentReconciler) getIstioOutboundConfigAndNodeIps(ctx context.Context, namespace string, configmap string) ( + bool, + []string, + reconcileReturn, +) { + log := logf.FromContext(ctx) + var nodeIPs []string + + isIstioRegistryOnlyEnabled := r.checkRegistryOnlyMode(ctx, namespace, configmap) + + if isIstioRegistryOnlyEnabled { + nodes, err := r.client.ListNodes(ctx) + if err != nil { + log.Error(err, "could not list nodes for generating ServiceEntries") + } + nodeIPs = getNodeIPs(nodes) + } + + return isIstioRegistryOnlyEnabled, nodeIPs, reconcileContinue() +} + +func (r *InstanaAgentReconciler) checkRegistryOnlyMode(ctx context.Context, namespace string, configmap string) bool { + istioConfigMap := &corev1.ConfigMap{} + err := r.client.Get(ctx, types.NamespacedName{Name: configmap, Namespace: namespace}, istioConfigMap) + if err != nil { + return false + } + if istioConfigMap.Data == nil { + return false + } + meshConfig, ok := istioConfigMap.Data["mesh"] + if !ok { + return false + } + + return strings.Contains(meshConfig, "REGISTRY_ONLY") +} + +func getNodeIPs(nodes *corev1.NodeList) []string { + var nodeIPs []string + for _, node := range nodes.Items { + for _, address := range node.Status.Addresses { + if address.Type == corev1.NodeInternalIP { + nodeIPs = append(nodeIPs, address.Address) + } + } + } + return nodeIPs +} + func (r *InstanaAgentReconciler) loggerFor(ctx context.Context, agent *instanav1.InstanaAgent) logr.Logger { return logf.FromContext(ctx).WithValues( "Generation", diff --git a/go.mod b/go.mod index a390f32e..5b85b873 100644 --- a/go.mod +++ b/go.mod @@ -10,9 +10,10 @@ require ( github.com/pkg/errors v0.9.1 github.com/stretchr/testify v1.8.4 go.uber.org/mock v0.4.0 - golang.org/x/net v0.21.0 + golang.org/x/net v0.22.0 gopkg.in/yaml.v3 v3.0.1 helm.sh/helm/v3 v3.14.2 + istio.io/client-go v1.22.2 k8s.io/api v0.29.2 k8s.io/apimachinery v0.29.2 k8s.io/client-go v0.29.2 @@ -58,7 +59,7 @@ require ( github.com/gobwas/glob v0.2.3 // indirect github.com/gogo/protobuf v1.3.2 // indirect github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect - github.com/golang/protobuf v1.5.3 // indirect + github.com/golang/protobuf v1.5.4 // indirect github.com/google/btree v1.0.1 // indirect github.com/google/gnostic-models v0.6.8 // indirect github.com/google/go-cmp v0.6.0 // indirect @@ -126,22 +127,24 @@ require ( go.starlark.net v0.0.0-20230525235612-a134d8f9ddca // indirect go.uber.org/multierr v1.11.0 // indirect go.uber.org/zap v1.26.0 // indirect - golang.org/x/crypto v0.19.0 // indirect + golang.org/x/crypto v0.21.0 // indirect golang.org/x/exp v0.0.0-20240222234643-814bf88cf225 // indirect golang.org/x/oauth2 v0.17.0 // indirect golang.org/x/sync v0.6.0 // indirect - golang.org/x/sys v0.17.0 // indirect - golang.org/x/term v0.17.0 // indirect + golang.org/x/sys v0.18.0 // indirect + golang.org/x/term v0.18.0 // indirect golang.org/x/text v0.14.0 // indirect golang.org/x/time v0.5.0 // indirect gomodules.xyz/jsonpatch/v2 v2.4.0 // indirect google.golang.org/appengine v1.6.8 // indirect - google.golang.org/genproto/googleapis/rpc v0.0.0-20230822172742-b8732ec3820d // indirect - google.golang.org/grpc v1.58.3 // indirect - google.golang.org/protobuf v1.32.0 // indirect + google.golang.org/genproto/googleapis/api v0.0.0-20240318140521-94a12d6c2237 // indirect + google.golang.org/genproto/googleapis/rpc v0.0.0-20240314234333-6e1732d8331c // indirect + google.golang.org/grpc v1.62.1 // indirect + google.golang.org/protobuf v1.33.0 // indirect gopkg.in/inf.v0 v0.9.1 // indirect gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 // indirect gopkg.in/yaml.v2 v2.4.0 // indirect + istio.io/api v1.22.2-0.20240619002433-8214ad1c7bd7 // indirect k8s.io/apiextensions-apiserver v0.29.2 // indirect k8s.io/apiserver v0.29.2 // indirect k8s.io/cli-runtime v0.29.0 // indirect diff --git a/go.sum b/go.sum index 04fe9fab..ecf3b2f1 100644 --- a/go.sum +++ b/go.sum @@ -164,8 +164,8 @@ github.com/golang/protobuf v1.4.1/go.mod h1:U8fpvMrcmy5pZrNK1lt4xCsGvpyWQ/VVv6QD github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk= github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= -github.com/golang/protobuf v1.5.3 h1:KhyjKVUg7Usr/dYsdSqoFveMYd5ko72D+zANwlG1mmg= -github.com/golang/protobuf v1.5.3/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= +github.com/golang/protobuf v1.5.4 h1:i7eJL8qZTpSEXOPTxNKhASYpMn+8e5Q6AdndVa1dWek= +github.com/golang/protobuf v1.5.4/go.mod h1:lnTiLA8Wa4RWRcIUkrtSVa5nRhsEGBg48fD6rSs7xps= github.com/gomodule/redigo v1.8.2 h1:H5XSIre1MB5NbPYFp+i1NBbb5qN1W8Y8YAQoAYbkm8k= github.com/gomodule/redigo v1.8.2/go.mod h1:P9dn9mFrCBvWhGE1wpxx6fgq7BAeLBk+UUUzlpkBYO0= github.com/google/btree v1.0.1 h1:gK4Kx5IaGY9CD5sPJ36FHiBJ6ZXl0kilRiiCj+jdYp4= @@ -428,8 +428,8 @@ golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8U golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.3.0/go.mod h1:hebNnKkNXi2UzZN1eVRvBB7co0a+JxK6XbPiWVs/3J4= -golang.org/x/crypto v0.19.0 h1:ENy+Az/9Y1vSrlrvBSyna3PITt4tiZLf7sgCjZBX7Wo= -golang.org/x/crypto v0.19.0/go.mod h1:Iy9bg/ha4yyC70EfRS8jz+B6ybOBKMaSxLj6P6oBDfU= +golang.org/x/crypto v0.21.0 h1:X31++rzVUdKhX5sWmSOFZxx8UW/ldWx55cbf08iNAMA= +golang.org/x/crypto v0.21.0/go.mod h1:0BP7YvVV9gBbVKyeTG0Gyn+gZm94bibOW5BjDEYAOMs= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20240222234643-814bf88cf225 h1:LfspQV/FYTatPTr/3HzIcmiUFH7PGP+OQ6mgDYo3yuQ= golang.org/x/exp v0.0.0-20240222234643-814bf88cf225/go.mod h1:CxmFvTBINI24O/j8iY7H1xHzx2i4OsyguNBmN/uPtqc= @@ -456,8 +456,8 @@ golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwY golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= golang.org/x/net v0.2.0/go.mod h1:KqCZLdyyvdV855qA2rE3GC2aiw5xGR5TEjj8smXukLY= -golang.org/x/net v0.21.0 h1:AQyQV4dYCvJ7vGmJyKki9+PBdyvhkSd8EIx/qb0AYv4= -golang.org/x/net v0.21.0/go.mod h1:bIjVDfnllIU7BJ2DNgfnXvpSvtn8VRwhlsaeUTyUS44= +golang.org/x/net v0.22.0 h1:9sGLhx7iRIHEiX0oAJ3MRZMUCElJgy7Br1nO+AMN3Tc= +golang.org/x/net v0.22.0/go.mod h1:JKghWKKOSdJwpW2GEx0Ja7fmaKnMsbu+MWVZTokSYmg= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.17.0 h1:6m3ZPmLEFdVxKKWnKq4VqZ60gutO35zm+zrAHVmHyDQ= golang.org/x/oauth2 v0.17.0/go.mod h1:OzPDGQiuQMguemayvdylqddI7qcD9lnSDb+1FiwQ5HA= @@ -495,14 +495,14 @@ golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220908164124-27713097b956/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.2.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.17.0 h1:25cE3gD+tdBA7lp7QfhuV+rJiE9YXTcS3VG1SqssI/Y= -golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/sys v0.18.0 h1:DBdB3niSjOA/O0blCZBqDefyWNYveAYMNF1Wum0DYQ4= +golang.org/x/sys v0.18.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.0.0-20220526004731-065cf7ba2467/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.2.0/go.mod h1:TVmDHMZPmdnySmBfhjOoOdhjzdE1h4u1VwSiw2l1Nuc= -golang.org/x/term v0.17.0 h1:mkTF7LCd6WGJNL3K1Ad7kwxNfYAW6a8a8QqtMblp/4U= -golang.org/x/term v0.17.0/go.mod h1:lLRBjIVuehSbZlaOtGMbcMncT+aqLLLmKrsjNrUguwk= +golang.org/x/term v0.18.0 h1:FcHjZXDMxI8mM3nwhX9HlKop4C0YQvCVCdwYl2wOtE8= +golang.org/x/term v0.18.0/go.mod h1:ILwASektA3OnRv7amZ1xhE/KTR+u50pbXfZ03+6Nx58= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= @@ -537,13 +537,15 @@ google.golang.org/appengine v1.6.8/go.mod h1:1jJ3jBArFh5pcgW8gCtRJnepW8FzD1V44FJ google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc= google.golang.org/genproto v0.0.0-20200526211855-cb27e3aa2013/go.mod h1:NbSheEEYHJ7i3ixzK3sjbqSGDJWnxyFXZblF3eUsNvo= -google.golang.org/genproto/googleapis/rpc v0.0.0-20230822172742-b8732ec3820d h1:uvYuEyMHKNt+lT4K3bN6fGswmK8qSvcreM3BwjDh+y4= -google.golang.org/genproto/googleapis/rpc v0.0.0-20230822172742-b8732ec3820d/go.mod h1:+Bk1OCOj40wS2hwAMA+aCW9ypzm63QTBBHp6lQ3p+9M= +google.golang.org/genproto/googleapis/api v0.0.0-20240318140521-94a12d6c2237 h1:RFiFrvy37/mpSpdySBDrUdipW/dHwsRwh3J3+A9VgT4= +google.golang.org/genproto/googleapis/api v0.0.0-20240318140521-94a12d6c2237/go.mod h1:Z5Iiy3jtmioajWHDGFk7CeugTyHtPvMHA4UTmUkyalE= +google.golang.org/genproto/googleapis/rpc v0.0.0-20240314234333-6e1732d8331c h1:lfpJ/2rWPa/kJgxyyXM8PrNnfCzcmxJ265mADgwmvLI= +google.golang.org/genproto/googleapis/rpc v0.0.0-20240314234333-6e1732d8331c/go.mod h1:WtryC6hu0hhx87FDGxWCDptyssuo68sk10vYjF+T9fY= google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg= google.golang.org/grpc v1.27.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= -google.golang.org/grpc v1.58.3 h1:BjnpXut1btbtgN/6sp+brB2Kbm2LjNXnidYujAVbSoQ= -google.golang.org/grpc v1.58.3/go.mod h1:tgX3ZQDlNJGU96V6yHh1T/JeoBQ2TXdr43YbYSsCJk0= +google.golang.org/grpc v1.62.1 h1:B4n+nfKzOICUXMgyrNd19h/I9oH0L1pizfk1d4zSgTk= +google.golang.org/grpc v1.62.1/go.mod h1:IWTG0VlJLCh1SkC58F7np9ka9mx/WNkjl4PGJaiq+QE= google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8= google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0= google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM= @@ -555,8 +557,8 @@ google.golang.org/protobuf v1.23.1-0.20200526195155-81db48ad09cc/go.mod h1:EGpAD google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c= google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= -google.golang.org/protobuf v1.32.0 h1:pPC6BG5ex8PDFnkbrGU3EixyhKcQ2aDuBS36lqK/C7I= -google.golang.org/protobuf v1.32.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos= +google.golang.org/protobuf v1.33.0 h1:uNO2rsAINq/JlFpSdYEKIZ0uKD/R9cpdv0T+yoGwGmI= +google.golang.org/protobuf v1.33.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos= gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= @@ -582,6 +584,10 @@ helm.sh/helm/v3 v3.14.2 h1:V71fv+NGZv0icBlr+in1MJXuUIHCiPG1hW9gEBISTIA= helm.sh/helm/v3 v3.14.2/go.mod h1:2itvvDv2WSZXTllknfQo6j7u3VVgMAvm8POCDgYH424= honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= +istio.io/api v1.22.2-0.20240619002433-8214ad1c7bd7 h1:iSnlKJkc4UREFpBnaJLnZv2dtpg5DXUbk0BqTXpa3n0= +istio.io/api v1.22.2-0.20240619002433-8214ad1c7bd7/go.mod h1:S3l8LWqNYS9yT+d4bH+jqzH2lMencPkW7SKM1Cu9EyM= +istio.io/client-go v1.22.2 h1:BiE7itlXFTHpZwOv0t2aZQGga7oCox8lYOdaYbyWNEo= +istio.io/client-go v1.22.2/go.mod h1:Fxt0tVZLXQRKyrBv7uwm4zCZE0qayejG0bSwZy9K6Hg= k8s.io/api v0.29.2 h1:hBC7B9+MU+ptchxEqTNW2DkUosJpp1P+Wn6YncZ474A= k8s.io/api v0.29.2/go.mod h1:sdIaaKuU7P44aoyyLlikSLayT6Vb7bvJNCX105xZXY0= k8s.io/apiextensions-apiserver v0.29.2 h1:UK3xB5lOWSnhaCk0RFZ0LUacPZz9RY4wi/yt2Iu+btg= diff --git a/main.go b/main.go index 1389601c..df4c03de 100644 --- a/main.go +++ b/main.go @@ -12,6 +12,7 @@ import ( "runtime" "strconv" + istionetworking "istio.io/client-go/pkg/apis/networking/v1alpha3" k8sruntime "k8s.io/apimachinery/pkg/runtime" utilruntime "k8s.io/apimachinery/pkg/util/runtime" clientgoscheme "k8s.io/client-go/kubernetes/scheme" @@ -37,6 +38,8 @@ func init() { utilruntime.Must(clientgoscheme.AddToScheme(scheme)) utilruntime.Must(agentoperatorv1.AddToScheme(scheme)) + + utilruntime.Must(istionetworking.AddToScheme(scheme)) // +kubebuilder:scaffold:scheme } diff --git a/pkg/k8s/client/client.go b/pkg/k8s/client/client.go index 25bd4f6c..8db47fb4 100644 --- a/pkg/k8s/client/client.go +++ b/pkg/k8s/client/client.go @@ -31,6 +31,7 @@ import ( "github.com/instana/instana-agent-operator/pkg/multierror" "github.com/instana/instana-agent-operator/pkg/result" + corev1 "k8s.io/api/core/v1" k8sClient "sigs.k8s.io/controller-runtime/pkg/client" ) @@ -52,6 +53,7 @@ type InstanaAgentClient interface { GetAsResult(ctx context.Context, key k8sClient.ObjectKey, obj k8sClient.Object, opts ...k8sClient.GetOption) result.Result[k8sClient.Object] Status() k8sClient.SubResourceWriter Patch(ctx context.Context, obj k8sClient.Object, patch k8sClient.Patch, opts ...k8sClient.PatchOption) error + ListNodes(ctx context.Context) (*corev1.NodeList, error) } type instanaAgentClient struct { @@ -216,3 +218,9 @@ func (c *instanaAgentClient) deleteAllInTimeLimit( return err } } + +func (c *instanaAgentClient) ListNodes(ctx context.Context) (*corev1.NodeList, error) { + nodeList := &corev1.NodeList{} + err := c.k8sClient.List(ctx, nodeList) + return nodeList, err +} diff --git a/pkg/k8s/object/builders/agent/serviceentry/serviceentry.go b/pkg/k8s/object/builders/agent/serviceentry/serviceentry.go new file mode 100644 index 00000000..4466d17e --- /dev/null +++ b/pkg/k8s/object/builders/agent/serviceentry/serviceentry.go @@ -0,0 +1,75 @@ +/* + * (c) Copyright IBM Corp. 2024 + * (c) Copyright Instana Inc. 2024 + */ + +package serviceentry + +import ( + "fmt" + "strings" + + instanav1 "github.com/instana/instana-agent-operator/api/v1" + "github.com/instana/instana-agent-operator/pkg/k8s/object/builders/common/builder" + "github.com/instana/instana-agent-operator/pkg/k8s/object/builders/common/constants" + "github.com/instana/instana-agent-operator/pkg/k8s/object/builders/common/helpers" + "github.com/instana/instana-agent-operator/pkg/optional" + networkingv1alpha3api "istio.io/api/networking/v1alpha3" + networkingv1alpha3 "istio.io/client-go/pkg/apis/networking/v1alpha3" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "sigs.k8s.io/controller-runtime/pkg/client" +) + +const ( + componentName = constants.ComponentInstanaAgent + agentPort = constants.AgentPort +) + +type serviceEntryListBuilder struct { + *instanav1.InstanaAgent + helpers.Helpers + nodeIP string +} + +func (s *serviceEntryListBuilder) Build() builder.OptionalObject { + return optional.Of[client.Object]( + &networkingv1alpha3.ServiceEntry{ + TypeMeta: metav1.TypeMeta{ + APIVersion: "networking.istio.io/v1alpha3", + Kind: "ServiceEntry", + }, + ObjectMeta: metav1.ObjectMeta{ + Name: fmt.Sprintf("%s-worker-%s", componentName, s.nodeIP), + Namespace: s.Namespace, + }, + Spec: networkingv1alpha3api.ServiceEntry{ + Hosts: []string{fmt.Sprintf("%s.%s.%s.svc", s.nodeIP, s.HeadlessServiceName(), s.Namespace)}, + Ports: []*networkingv1alpha3api.ServicePort{ + { + Number: agentPort, + Protocol: "TCP", + Name: "agent", + }, + }, + Resolution: networkingv1alpha3api.ServiceEntry_DNS, + Location: networkingv1alpha3api.ServiceEntry_MESH_EXTERNAL, + }, + }, + ) +} + +func (s *serviceEntryListBuilder) ComponentName() string { + return componentName +} + +func (s *serviceEntryListBuilder) IsNamespaced() bool { + return true +} + +func NewServiceEntriesBuilder(agent *instanav1.InstanaAgent, nodeIP string) builder.ObjectBuilder { + return &serviceEntryListBuilder{ + InstanaAgent: agent, + Helpers: helpers.NewHelpers(agent), + nodeIP: strings.ReplaceAll(nodeIP, ".", "-"), + } +} diff --git a/pkg/k8s/object/builders/common/constants/constants.go b/pkg/k8s/object/builders/common/constants/constants.go index 03f69e65..40c64744 100644 --- a/pkg/k8s/object/builders/common/constants/constants.go +++ b/pkg/k8s/object/builders/common/constants/constants.go @@ -34,3 +34,7 @@ const ( DownloadKey = "downloadKey" BackendKey = "backend" ) + +const ( + AgentPort = 42699 +) diff --git a/pkg/k8s/object/builders/k8s-sensor/rbac/clusterrole.go b/pkg/k8s/object/builders/k8s-sensor/rbac/clusterrole.go index 93e463f1..19c8bde2 100644 --- a/pkg/k8s/object/builders/k8s-sensor/rbac/clusterrole.go +++ b/pkg/k8s/object/builders/k8s-sensor/rbac/clusterrole.go @@ -1,3 +1,8 @@ +/* + * (c) Copyright IBM Corp. 2024 + * (c) Copyright Instana Inc. 2024 + */ + package rbac import ( From 99daf2285085d58652aa285a8cc91fb7082f3950 Mon Sep 17 00:00:00 2001 From: Milica Cvrkota Date: Tue, 6 Aug 2024 14:30:40 +0200 Subject: [PATCH 2/3] unmarshal istio config --- controllers/controllers_test.go | 16 ++++++++++++++ controllers/util.go | 17 ++++++++++++-- go.mod | 4 +--- go.sum | 39 ++++----------------------------- 4 files changed, 36 insertions(+), 40 deletions(-) diff --git a/controllers/controllers_test.go b/controllers/controllers_test.go index e80f657d..507b10d2 100644 --- a/controllers/controllers_test.go +++ b/controllers/controllers_test.go @@ -136,6 +136,12 @@ var ( }, key: agentNamespace, } + agentServiceEntries = object{ + gvk: schema.GroupVersionKind{ + Version: "networking.istio.io/v1alpha3", + Kind: "ServiceEntry", + }, + } ) // number of k8sensor resources used for diffing whether the controller functions properly @@ -316,6 +322,16 @@ func (suite *InstanaAgentControllerTestSuite) TestInstanaAgentCR() { "Should contain all objects in the schema", ) + require.Eventually(suite.T(), + suite.all( + suite.notExist, + agentServiceEntries, + ), + 10*time.Second, + time.Second, + "Should not contain ServiceEntries by default", + ) + agentNew := agent.DeepCopy() agentNew.Spec.K8sSensor.PodDisruptionBudget.Enabled = pointer.To(false) agentNew.Spec.Agent.KeysSecret = "test" diff --git a/controllers/util.go b/controllers/util.go index bb94d01a..f58f560a 100644 --- a/controllers/util.go +++ b/controllers/util.go @@ -22,6 +22,7 @@ import ( "strings" "github.com/go-logr/logr" + "gopkg.in/yaml.v3" corev1 "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/types" logf "sigs.k8s.io/controller-runtime/pkg/log" @@ -30,6 +31,12 @@ import ( "github.com/instana/instana-agent-operator/pkg/k8s/operator/operator_utils" ) +type IstioMeshConfig struct { + OutboundTrafficPolicy struct { + Mode string `yaml:"mode"` + } `yaml:"outboundTrafficPolicy"` +} + func (r *InstanaAgentReconciler) isOpenShift(ctx context.Context, operatorUtils operator_utils.OperatorUtils) ( bool, reconcileReturn, @@ -75,12 +82,18 @@ func (r *InstanaAgentReconciler) checkRegistryOnlyMode(ctx context.Context, name if istioConfigMap.Data == nil { return false } - meshConfig, ok := istioConfigMap.Data["mesh"] + meshConfigData, ok := istioConfigMap.Data["mesh"] if !ok { return false } - return strings.Contains(meshConfig, "REGISTRY_ONLY") + var meshConfig IstioMeshConfig + err = yaml.Unmarshal([]byte(meshConfigData), &meshConfig) + if err != nil { + return false + } + + return strings.EqualFold(meshConfig.OutboundTrafficPolicy.Mode, "REGISTRY_ONLY") } func getNodeIPs(nodes *corev1.NodeList) []string { diff --git a/go.mod b/go.mod index 5b85b873..e648ba42 100644 --- a/go.mod +++ b/go.mod @@ -13,6 +13,7 @@ require ( golang.org/x/net v0.22.0 gopkg.in/yaml.v3 v3.0.1 helm.sh/helm/v3 v3.14.2 + istio.io/api v1.22.2-0.20240619002433-8214ad1c7bd7 istio.io/client-go v1.22.2 k8s.io/api v0.29.2 k8s.io/apimachinery v0.29.2 @@ -99,7 +100,6 @@ require ( github.com/morikuni/aec v1.0.0 // indirect github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f // indirect - github.com/nxadm/tail v1.4.11 // indirect github.com/opencontainers/go-digest v1.0.0 // indirect github.com/opencontainers/image-spec v1.1.0-rc5 // indirect github.com/peterbourgon/diskv v2.0.1+incompatible // indirect @@ -142,9 +142,7 @@ require ( google.golang.org/grpc v1.62.1 // indirect google.golang.org/protobuf v1.33.0 // indirect gopkg.in/inf.v0 v0.9.1 // indirect - gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 // indirect gopkg.in/yaml.v2 v2.4.0 // indirect - istio.io/api v1.22.2-0.20240619002433-8214ad1c7bd7 // indirect k8s.io/apiextensions-apiserver v0.29.2 // indirect k8s.io/apiserver v0.29.2 // indirect k8s.io/cli-runtime v0.29.0 // indirect diff --git a/go.sum b/go.sum index ecf3b2f1..42b595c8 100644 --- a/go.sum +++ b/go.sum @@ -106,9 +106,6 @@ github.com/foxcpp/go-mockdns v1.0.0 h1:7jBqxd3WDWwi/6WhDvacvH1XsN3rOLXyHM1uhvIx6 github.com/foxcpp/go-mockdns v1.0.0/go.mod h1:lgRN6+KxQBawyIghpnl5CezHFGS9VLzvtVlwxvzXTQ4= github.com/frankban/quicktest v1.14.3 h1:FJKSZTDHjyhriyC81FLQ0LY93eSai0ZyR/ZIkd3ZUKE= github.com/frankban/quicktest v1.14.3/go.mod h1:mgiwOwqx65TmIk1wJ6Q7wvnVMocbUorkibMOrVTHZps= -github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo= -github.com/fsnotify/fsnotify v1.4.9/go.mod h1:znqG4EE+3YCdAaPaxE2ZRY/06pZUdp0tY4IgpuI1SZQ= -github.com/fsnotify/fsnotify v1.6.0/go.mod h1:sl3t1tCWJFWoRz9R8WJCbQihKKwmorjAbSClcnxKAGw= github.com/fsnotify/fsnotify v1.7.0 h1:8JEhPFa5W2WU7YfeZzPNqzMP6Lwt7L2715Ggo0nosvA= github.com/fsnotify/fsnotify v1.7.0/go.mod h1:40Bi/Hjc2AVfZrqy+aj+yEI+/bRxZnMJyTJwOpGvigM= github.com/go-errors/errors v1.4.2 h1:J6MZopCL4uSllY1OfXM374weqZFFItUbrImctkmUxIA= @@ -134,7 +131,6 @@ github.com/go-openapi/swag v0.22.9/go.mod h1:3/OXnFfnMAwBD099SwYRk7GD3xOrr1iL7d/ github.com/go-sql-driver/mysql v1.6.0 h1:BCTh4TKNUYmOmMUcQ3IipzF5prigylS7XXjEkfCHuOE= github.com/go-sql-driver/mysql v1.6.0/go.mod h1:DCzpHaOWr8IXmIStZouvnhqoel9Qv2LBy8hT2VhHyBg= github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY= -github.com/go-task/slim-sprig v0.0.0-20210107165309-348f09dbbbc0/go.mod h1:fyg7847qk6SyHyPtNmDHnmrv/HOrqktSC+C9fM+CJOE= github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 h1:tfuBGBXKqDEevZMzYi5KSi8KkcZtzBcTgAUUtapy0OI= github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572/go.mod h1:9Pwr4B2jHnOSGXyyzV8ROjYa2ojvAY6HCGYYfMoC3Ls= github.com/gobuffalo/logger v1.0.6 h1:nnZNpxYo0zx+Aj9RfMPBm+x9zAU2OayFh/xrAWi34HU= @@ -161,7 +157,6 @@ github.com/golang/protobuf v1.4.0-rc.2/go.mod h1:LlEzMj4AhA7rCAGe4KMBDvJI+AwstrU github.com/golang/protobuf v1.4.0-rc.4.0.20200313231945-b860323f09d0/go.mod h1:WU3c8KckQ9AFe+yFwt9sWVRKCVIyN9cPHBJSNnbL67w= github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvqG2KuDX0= github.com/golang/protobuf v1.4.1/go.mod h1:U8fpvMrcmy5pZrNK1lt4xCsGvpyWQ/VVv6QDs8UjoX8= -github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk= github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= github.com/golang/protobuf v1.5.4 h1:i7eJL8qZTpSEXOPTxNKhASYpMn+8e5Q6AdndVa1dWek= @@ -210,7 +205,6 @@ github.com/hashicorp/go-multierror v1.1.1 h1:H5DkEtf6CXdFp0N0Em5UCwQpXMWke8IA0+l github.com/hashicorp/go-multierror v1.1.1/go.mod h1:iw975J/qwKPdAO1clOe2L8331t/9/fmwbPZ6JB6eMoM= github.com/hashicorp/golang-lru v0.5.4 h1:YDjusn29QI/Das2iO9M0BHnIbxPeyuCHsjMW+lJfyTc= github.com/hashicorp/golang-lru v0.5.4/go.mod h1:iADmTwqILo4mZ8BN3D2Q6+9jd8WM5uGBxy+E8yxSoD4= -github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU= github.com/huandu/xstrings v1.3.3/go.mod h1:y5/lhBue+AyNmUVz9RLU9xbLR0o4KIIExikq4ovT0aE= github.com/huandu/xstrings v1.4.0 h1:D17IlohoQq4UcpqD7fDk80P7l+lwAmlFaBHgOipl2FU= github.com/huandu/xstrings v1.4.0/go.mod h1:y5/lhBue+AyNmUVz9RLU9xbLR0o4KIIExikq4ovT0aE= @@ -305,20 +299,10 @@ github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8m github.com/mwitkow/go-conntrack v0.0.0-20161129095857-cc309e4a2223/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U= github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f h1:y5//uYreIhSUg3J1GEMiLbxo1LJaP8RfCpH6pymGZus= github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f/go.mod h1:ZdcZmHo+o7JKHSa8/e818NopupXU1YMK5fe1lsApnBw= -github.com/nxadm/tail v1.4.4/go.mod h1:kenIhsEOeOJmVchQTgglprH7qJGnHDVpk1VPCcaMI8A= -github.com/nxadm/tail v1.4.8/go.mod h1:+ncqLTQzXmGhMZNUePPaPqPvBxHAIsmXswZKocGu+AU= -github.com/nxadm/tail v1.4.11 h1:8feyoE3OzPrcshW5/MJ4sGESc5cqmGkGCWlco4l0bqY= -github.com/nxadm/tail v1.4.11/go.mod h1:OTaG3NK980DZzxbRq6lEuzgU+mug70nY11sMd4JXXHc= -github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= -github.com/onsi/ginkgo v1.12.1/go.mod h1:zj2OWP4+oCPe1qIXoGWkgMRwljMUYCdkwsT2108oapk= -github.com/onsi/ginkgo v1.16.5 h1:8xi0RTUf59SOSfEtZMvwTvXYMzG4gV23XVHOZiXNtnE= -github.com/onsi/ginkgo v1.16.5/go.mod h1:+E8gABHa3K6zRBolWtd+ROzc/U5bkGt0FwiG042wbpU= -github.com/onsi/ginkgo/v2 v2.15.0 h1:79HwNRBAZHOEwrczrgSOPy+eFTTlIGELKy5as+ClttY= -github.com/onsi/ginkgo/v2 v2.15.0/go.mod h1:HlxMHtYF57y6Dpf+mc5529KKmSq9h2FpCF+/ZkwUxKM= -github.com/onsi/gomega v1.7.1/go.mod h1:XdKZgCCFLUoM/7CFJVPcG8C1xQ1AJ0vpAezJrB7JYyY= -github.com/onsi/gomega v1.10.1/go.mod h1:iN09h71vgCQne3DLsj+A5owkum+a2tYe+TOCB1ybHNo= -github.com/onsi/gomega v1.31.1 h1:KYppCUK+bUgAZwHOu7EXVBKyQA6ILvOESHkn/tgoqvo= -github.com/onsi/gomega v1.31.1/go.mod h1:y40C95dwAD1Nz36SsEnxvfFe8FFfNxzI5eJ0EYGyAy0= +github.com/onsi/ginkgo/v2 v2.14.0 h1:vSmGj2Z5YPb9JwCWT6z6ihcUvDhuXLc3sJiqd3jMKAY= +github.com/onsi/ginkgo/v2 v2.14.0/go.mod h1:JkUdW7JkN0V6rFvsHcJ478egV3XH9NxpD27Hal/PhZw= +github.com/onsi/gomega v1.30.0 h1:hvMK7xYz4D3HapigLTeGdId/NcfQx1VHMJc60ew99+8= +github.com/onsi/gomega v1.30.0/go.mod h1:9sxs+SwGrKI0+PWe4Fxa9tFQQBG5xSsSbMXOI8PPpoQ= github.com/opencontainers/go-digest v1.0.0 h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8Oi/yOhh5U= github.com/opencontainers/go-digest v1.0.0/go.mod h1:0JzlMkj0TRzQZfJkVvzbP0HBR3IKzErnv2BNG4W4MAM= github.com/opencontainers/image-spec v1.1.0-rc5 h1:Ygwkfw9bpDvs+c9E34SdgGOj41dX/cbdlwvlWt0pnFI= @@ -443,7 +427,6 @@ golang.org/x/mod v0.15.0 h1:SernR4v+D55NyBH2QiEQrlBAnj1ECL6AGrA5+dPaMY8= golang.org/x/mod v0.15.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20181114220301-adae6a3d119a/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= @@ -451,7 +434,6 @@ golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn golang.org/x/net v0.0.0-20190613194153-d28f0bde5980/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20200520004742-59133d7f0dd7/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= @@ -472,20 +454,14 @@ golang.org/x/sync v0.6.0 h1:5BMeUDZ7vkXGfEr1x9B4bRcTH4lpkTkpdh0T/J+qjbQ= golang.org/x/sync v0.6.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20181116152217-5ac8a444bdc5/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190801041406-cbf593c0f2f3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190904154756-749cb33beabd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20191005200804-aed5e4c7ecf9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20191120155948-bd437916bb0e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200116001909-b77594299b42/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210112080510-489259a85091/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210616094352-59db8d763f22/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= @@ -493,7 +469,6 @@ golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220908164124-27713097b956/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.2.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.18.0 h1:DBdB3niSjOA/O0blCZBqDefyWNYveAYMNF1Wum0DYQ4= golang.org/x/sys v0.18.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= @@ -519,7 +494,6 @@ golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3 golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= -golang.org/x/tools v0.0.0-20201224043029-2b0845dc783e/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= golang.org/x/tools v0.18.0 h1:k8NLag8AGHnn+PHbl7g43CtqZAwG60vZkLqgyZgIHgQ= @@ -552,7 +526,6 @@ google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQ google.golang.org/protobuf v1.20.1-0.20200309200217-e05f789c0967/go.mod h1:A+miEFZTKqfCUM6K7xSMQL9OKL/b6hQv+e19PK+JZNE= google.golang.org/protobuf v1.21.0/go.mod h1:47Nbq4nVaFHyn7ilMalzfO3qCViNmqZ2kzikPIcrTAo= google.golang.org/protobuf v1.22.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= -google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= google.golang.org/protobuf v1.23.1-0.20200526195155-81db48ad09cc/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c= google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= @@ -563,14 +536,10 @@ gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLks gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= -gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys= gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc= gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= -gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 h1:uRGJdciOHaEIrze2W8Q3AKkepLTh2hOroT7a+7czfdQ= -gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY= From 3464ea641cddc7a624f0dd64a8c24220acfc6a09 Mon Sep 17 00:00:00 2001 From: Milica Cvrkota Date: Thu, 8 Aug 2024 17:07:24 +0200 Subject: [PATCH 3/3] add logging --- api/v1/instanaagent_types.go | 4 ++-- controllers/util.go | 9 +++++++++ 2 files changed, 11 insertions(+), 2 deletions(-) diff --git a/api/v1/instanaagent_types.go b/api/v1/instanaagent_types.go index 9710bd55..86d04f7d 100644 --- a/api/v1/instanaagent_types.go +++ b/api/v1/instanaagent_types.go @@ -173,8 +173,8 @@ func (in *InstanaAgent) Default() { optional.ValueOrDefault(&in.Spec.K8sSensor.ImageSpec.Tag, "latest") optional.ValueOrDefault(&in.Spec.K8sSensor.ImageSpec.PullPolicy, corev1.PullAlways) optional.ValueOrDefault(&in.Spec.K8sSensor.DeploymentSpec.Replicas, 3) - optional.ValueOrDefault(&in.Spec.ServiceMesh.Namespace, "istio-system") - optional.ValueOrDefault(&in.Spec.ServiceMesh.Configmap, "istio") + optional.ValueOrDefault(&in.Spec.Agent.ServiceMesh.Namespace, "istio-system") + optional.ValueOrDefault(&in.Spec.Agent.ServiceMesh.Configmap, "istio") } // +kubebuilder:object:root=true diff --git a/controllers/util.go b/controllers/util.go index f58f560a..9acd4fef 100644 --- a/controllers/util.go +++ b/controllers/util.go @@ -19,6 +19,7 @@ package controllers import ( "context" + "fmt" "strings" "github.com/go-logr/logr" @@ -60,6 +61,7 @@ func (r *InstanaAgentReconciler) getIstioOutboundConfigAndNodeIps(ctx context.Co log := logf.FromContext(ctx) var nodeIPs []string + log.Info("Check if REGISTRY_ONLY is enabled") isIstioRegistryOnlyEnabled := r.checkRegistryOnlyMode(ctx, namespace, configmap) if isIstioRegistryOnlyEnabled { @@ -75,11 +77,15 @@ func (r *InstanaAgentReconciler) getIstioOutboundConfigAndNodeIps(ctx context.Co func (r *InstanaAgentReconciler) checkRegistryOnlyMode(ctx context.Context, namespace string, configmap string) bool { istioConfigMap := &corev1.ConfigMap{} + log := logf.FromContext(ctx) + log.Info(fmt.Sprintf("Checking Istio ConfigMap %s in namespace %s for outbound traffic policy", configmap, namespace)) err := r.client.Get(ctx, types.NamespacedName{Name: configmap, Namespace: namespace}, istioConfigMap) if err != nil { + log.Error(err, "Failed fetching istio ConfigMap") return false } if istioConfigMap.Data == nil { + log.Info(fmt.Sprintf("Istio configmap %s in namespace %s data in nil", configmap, namespace)) return false } meshConfigData, ok := istioConfigMap.Data["mesh"] @@ -88,10 +94,13 @@ func (r *InstanaAgentReconciler) checkRegistryOnlyMode(ctx context.Context, name } var meshConfig IstioMeshConfig + log.Info("Unmarshalling config data") err = yaml.Unmarshal([]byte(meshConfigData), &meshConfig) if err != nil { + log.Error(err, "Unmarshalling config data ERROR") return false } + log.Info("Checking if policy is REGISTRY_ONLY") return strings.EqualFold(meshConfig.OutboundTrafficPolicy.Mode, "REGISTRY_ONLY") }