diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml new file mode 100644 index 0000000..a28a5c0 --- /dev/null +++ b/.github/workflows/push.yml @@ -0,0 +1,49 @@ +name: Build Artifacts +on: + release: + types: [created] + push: + branches: + - '**' +env: + TAG_NAME: ${{ github.event.release.tag_name || (github.ref == 'refs/heads/main' && 'main' || ( inputs.postfix != '' && format('{0}-{1}', github.ref, inputs.postfix) || 'none' )) }} + +jobs: + multiplatform_build: + strategy: + fail-fast: false + matrix: + component: + - name: jaeger-integration-tests + file: integration-tests/Dockerfile + context: integration-tests + - name: jaeger-readiness-probe + file: readiness-probe/Dockerfile + context: readiness-probe + - name: jaeger-transfer + file: docker-transfer/Dockerfile + context: "" + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v4 + - name: Set up QEMU + uses: docker/setup-qemu-action@v3 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + - name: Login to Docker Hub + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${GITHUB_ACTOR} + password: ${{secrets.GITHUB_TOKEN}} + - name: Build and push + uses: docker/build-push-action@v5 + with: + no-cache: true + context: ${{ matrix.component.context }} + file: ${{ matrix.component.file }} + platforms: linux/amd64,linux/arm64 + push: true + tags: ghcr.io/netcracker/${{ matrix.component.name }}:${{ env.TAG_NAME }} + provenance: false \ No newline at end of file diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..83a533b --- /dev/null +++ b/.gitignore @@ -0,0 +1,4 @@ +*.zip +*.tar.gz +.vscode +**/last diff --git a/CODE-OF-CONDUCT.md b/CODE-OF-CONDUCT.md new file mode 100644 index 0000000..ac83c70 --- /dev/null +++ b/CODE-OF-CONDUCT.md @@ -0,0 +1,73 @@ +# Code of Conduct + +This repository is governed by following code of conduct guidelines. + +We put collaboration, trust, respect and transparency as core values for our community. +Our community welcomes participants from all over the world with different experience, +opinion and ideas to share. + +We have adopted this code of conduct and require all contributors to agree with that to build a healthy, +safe and productive community for all. + +The guideline is aimed to support a community where all people should feel safe to participate, +introduce new ideas and inspire others, regardless of: + +* Age +* Gender +* Gender identity or expression +* Family status +* Marital status +* Ability +* Ethnicity +* Race +* Sex characteristics +* Sexual identity and orientation +* Education +* Native language +* Background +* Caste +* Religion +* Geographic location +* Socioeconomic status +* Personal appearance +* Any other dimension of diversity + +## Our Standards + +We are welcoming the following behavior: + +* Be respectful for different ideas, opinions and points of view +* Be constructive and professional +* Use inclusive language +* Be collaborative and show the empathy +* Focus on the best results for the community + +The following behavior is unacceptable: + +* Violence, threats of violence, or inciting others to commit self-harm +* Personal attacks, trolling, intentionally spreading misinformation, insulting/derogatory comments +* Public or private harassment +* Publishing others' private information, such as a physical or electronic address, without explicit permission +* Derogatory language +* Encouraging unacceptable behavior +* Other conduct which could reasonably be considered inappropriate in a professional community + +## Our Responsibilities + +Project maintainers are responsible for clarifying the standards of the Code of Conduct +and are expected to take appropriate actions in response to any instances of unacceptable behavior. + +Project maintainers have the right and responsibility to remove, edit, or reject comments, +commits, code, wiki edits, issues, and other contributions that are not aligned +to this Code of Conduct, or to ban temporarily or permanently any contributor for other behaviors +that they deem inappropriate, threatening, offensive, or harmful. + +## Reporting + +If you believe you’re experiencing unacceptable behavior that will not be tolerated as outlined above, +please report to `plutosdev@gmail.com`. All complaints will be reviewed and investigated and will result in a response +that is deemed necessary and appropriate to the circumstances. The project team is obligated to maintain confidentiality +with regard to the reporter of an incident. + +Please also report if you observe a potentially dangerous situation, someone in distress, or violations of these guidelines, +even if the situation is not happening to you. diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md new file mode 100644 index 0000000..292ce26 --- /dev/null +++ b/CONTRIBUTING.md @@ -0,0 +1,12 @@ +# Contribution Guide + +We'd love to accept patches and contributions to this project. +Please, follow these guidelines to make the contribution process easy and effective for everyone involved. + +## Contributor License Agreement + +You must sign the [Contributor License Agreement](https://pages.netcracker.com/cla-main.html) in order to contribute. + +## Code of Conduct + +Please make sure to read and follow the [Code of Conduct](CODE-OF-CONDUCT.md). diff --git a/LICENSE b/LICENSE index 261eeb9..d645695 100644 --- a/LICENSE +++ b/LICENSE @@ -1,3 +1,4 @@ + Apache License Version 2.0, January 2004 http://www.apache.org/licenses/ diff --git a/README.md b/README.md index 468b7a0..7f002da 100644 --- a/README.md +++ b/README.md @@ -1 +1,17 @@ -# jaeger \ No newline at end of file +# qubership-jaeger + +[Jaeger](https://github.com/jaegertracing/jaeger) helm charts. + +## Documents +* [docs](docs) + +## Application and components + +Jaeger application: +* [https://github.com/jaegertracing/jaeger](https://github.com/jaegertracing/jaeger) + +Included components: + +* [jaeger](https://github.com/jaegertracing/jaeger) +* [readiness-probe](readiness-probe) +* [deployment-status-provisioner](https://github.com/Netcracker/deployment-status-provisioner) diff --git a/SECURITY.md b/SECURITY.md new file mode 100644 index 0000000..7f3e300 --- /dev/null +++ b/SECURITY.md @@ -0,0 +1,15 @@ +# Security Reporting Process + +Please, report any security issue to `plutosdev@gmail.com` where the issue will be triaged appropriately. + +If you know of a publicly disclosed security vulnerability please IMMEDIATELY email `plutosdev@gmail.com` +to inform the team about the vulnerability, so we may start the patch, release, and communication process. + +# Security Release Process + +If the vulnerability is found in the latest stable release, then it would be fixed in patch version for that release. +E.g., issue is found in 2.5.0 release, then 2.5.1 version with a fix will be released. +By default, older versions will not have security releases. + +If the issue doesn't affect any existing public releases, the fix for medium and high issues is performed +in a main branch before releasing a new version. For low priority issues the fix can be planned for future releases. diff --git a/charts/jaeger/.helmignore b/charts/jaeger/.helmignore new file mode 100644 index 0000000..50af031 --- /dev/null +++ b/charts/jaeger/.helmignore @@ -0,0 +1,22 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/charts/jaeger/Chart.yaml b/charts/jaeger/Chart.yaml new file mode 100644 index 0000000..6bb624b --- /dev/null +++ b/charts/jaeger/Chart.yaml @@ -0,0 +1,14 @@ +apiVersion: v2 +name: jaeger-chart +description: A Helm chart for jaeger + +# A chart can be either an 'application' or a 'library' chart. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +version: 0.20.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. +appVersion: 1.62.0 diff --git a/charts/jaeger/monitoring/dashboard-for-grafana.json b/charts/jaeger/monitoring/dashboard-for-grafana.json new file mode 100644 index 0000000..c4b8f91 --- /dev/null +++ b/charts/jaeger/monitoring/dashboard-for-grafana.json @@ -0,0 +1,1762 @@ +{ + "annotations": { + "list": [ + { + "builtIn": 1, + "datasource": { + "type": "grafana", + "uid": "-- Grafana --" + }, + "enable": true, + "hide": true, + "iconColor": "rgba(0, 211, 255, 1)", + "name": "Annotations & Alerts", + "type": "dashboard" + } + ] + }, + "editable": true, + "fiscalYearStartMonth": 0, + "graphTooltip": 0, + "id": 156, + "links": [], + "panels": [ + { + "collapsed": true, + "datasource": { + "type": "prometheus", + "uid": "PC3E95692D54ABCC0" + }, + "gridPos": { + "h": 1, + "w": 24, + "x": 0, + "y": 0 + }, + "id": 11, + "panels": [ + { + "datasource": { + "uid": "$datasource" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "barWidthFactor": 0.6, + "drawStyle": "line", + "fillOpacity": 100, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 0, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "never", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "normal" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "min": 0, + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green" + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "short" + }, + "overrides": [ + { + "matcher": { + "id": "byName", + "options": "error" + }, + "properties": [ + { + "id": "color", + "value": { + "fixedColor": "#E24D42", + "mode": "fixed" + } + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "success" + }, + "properties": [ + { + "id": "color", + "value": { + "fixedColor": "#7EB26D", + "mode": "fixed" + } + } + ] + } + ] + }, + "gridPos": { + "h": 7, + "w": 12, + "x": 0, + "y": 1 + }, + "id": 1, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "multi", + "sort": "none" + } + }, + "pluginVersion": "10.4.2", + "targets": [ + { + "datasource": { + "uid": "$datasource" + }, + "expr": "sum(rate(jaeger_reporter_spans{result=~\"dropped|err\"}[1m]))", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "error", + "refId": "A", + "step": 10 + }, + { + "datasource": { + "uid": "$datasource" + }, + "expr": "sum(rate(jaeger_reporter_spans[1m])) - sum(rate(jaeger_reporter_spans{result=~\"dropped|err\"}[1m]))", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "success", + "refId": "B", + "step": 10 + } + ], + "title": "span creation rate", + "type": "timeseries" + }, + { + "datasource": { + "uid": "$datasource" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "barWidthFactor": 0.6, + "drawStyle": "line", + "fillOpacity": 100, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 0, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "never", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "normal" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "max": 1, + "min": 0, + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green" + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "percentunit" + }, + "overrides": [] + }, + "gridPos": { + "h": 7, + "w": 12, + "x": 12, + "y": 1 + }, + "id": 2, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "multi", + "sort": "none" + } + }, + "pluginVersion": "10.4.2", + "targets": [ + { + "datasource": { + "uid": "$datasource" + }, + "expr": "sum(rate(jaeger_reporter_spans{result=~\"dropped|err\"}[1m])) by (namespace) / sum(rate(jaeger_reporter_spans[1m])) by (namespace)", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "{{namespace}}", + "refId": "A", + "step": 10 + } + ], + "title": "% spans dropped", + "type": "timeseries" + } + ], + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "PC3E95692D54ABCC0" + }, + "refId": "A" + } + ], + "title": "Services", + "type": "row" + }, + { + "collapsed": true, + "datasource": { + "type": "prometheus", + "uid": "PC3E95692D54ABCC0" + }, + "gridPos": { + "h": 1, + "w": 24, + "x": 0, + "y": 1 + }, + "id": 12, + "panels": [ + { + "datasource": { + "uid": "$datasource" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "barWidthFactor": 0.6, + "drawStyle": "line", + "fillOpacity": 100, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 0, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "never", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "normal" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "min": 0, + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "short" + }, + "overrides": [ + { + "matcher": { + "id": "byName", + "options": "error" + }, + "properties": [ + { + "id": "color", + "value": { + "fixedColor": "#E24D42", + "mode": "fixed" + } + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "success" + }, + "properties": [ + { + "id": "color", + "value": { + "fixedColor": "#7EB26D", + "mode": "fixed" + } + } + ] + } + ] + }, + "gridPos": { + "h": 7, + "w": 12, + "x": 0, + "y": 2 + }, + "id": 3, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "multi", + "sort": "none" + } + }, + "pluginVersion": "10.4.2", + "targets": [ + { + "datasource": { + "uid": "$datasource" + }, + "expr": "sum(rate(jaeger_agent_reporter_batches_failures_total[1m]))", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "error", + "refId": "A", + "step": 10 + }, + { + "datasource": { + "uid": "$datasource" + }, + "expr": "sum(rate(jaeger_agent_reporter_batches_submitted_total[1m])) - sum(rate(jaeger_agent_reporter_batches_failures_total[1m]))", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "success", + "refId": "B", + "step": 10 + } + ], + "title": "batch ingest rate", + "type": "timeseries" + }, + { + "datasource": { + "uid": "$datasource" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "barWidthFactor": 0.6, + "drawStyle": "line", + "fillOpacity": 100, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 0, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "never", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "normal" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "max": 1, + "min": 0, + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "percentunit" + }, + "overrides": [] + }, + "gridPos": { + "h": 7, + "w": 12, + "x": 12, + "y": 2 + }, + "id": 4, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "multi", + "sort": "none" + } + }, + "pluginVersion": "10.4.2", + "targets": [ + { + "datasource": { + "uid": "$datasource" + }, + "expr": "sum(rate(jaeger_agent_reporter_batches_failures_total[1m])) by (cluster) / sum(rate(jaeger_agent_reporter_batches_submitted_total[1m])) by (cluster)", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "{{cluster}}", + "refId": "A", + "step": 10 + } + ], + "title": "% batches dropped", + "type": "timeseries" + } + ], + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "PC3E95692D54ABCC0" + }, + "refId": "A" + } + ], + "title": "Agent", + "type": "row" + }, + { + "collapsed": true, + "datasource": { + "type": "prometheus", + "uid": "PC3E95692D54ABCC0" + }, + "gridPos": { + "h": 1, + "w": 24, + "x": 0, + "y": 2 + }, + "id": 13, + "panels": [ + { + "datasource": { + "uid": "$datasource" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "barWidthFactor": 0.6, + "drawStyle": "line", + "fillOpacity": 100, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 0, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "never", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "normal" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "min": 0, + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "short" + }, + "overrides": [ + { + "matcher": { + "id": "byName", + "options": "error" + }, + "properties": [ + { + "id": "color", + "value": { + "fixedColor": "#E24D42", + "mode": "fixed" + } + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "success" + }, + "properties": [ + { + "id": "color", + "value": { + "fixedColor": "#7EB26D", + "mode": "fixed" + } + } + ] + } + ] + }, + "gridPos": { + "h": 7, + "w": 12, + "x": 0, + "y": 3 + }, + "id": 5, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "multi", + "sort": "none" + } + }, + "pluginVersion": "10.4.2", + "targets": [ + { + "datasource": { + "uid": "$datasource" + }, + "expr": "sum(rate(jaeger_collector_spans_dropped_total[1m]))", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "error", + "refId": "A", + "step": 10 + }, + { + "datasource": { + "uid": "$datasource" + }, + "expr": "sum(rate(jaeger_collector_spans_received_total[1m])) - sum(rate(jaeger_collector_spans_dropped_total[1m]))", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "success", + "refId": "B", + "step": 10 + } + ], + "title": "span ingest rate", + "type": "timeseries" + }, + { + "datasource": { + "uid": "$datasource" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "barWidthFactor": 0.6, + "drawStyle": "line", + "fillOpacity": 100, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 0, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "never", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "normal" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "max": 1, + "min": 0, + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "percentunit" + }, + "overrides": [] + }, + "gridPos": { + "h": 7, + "w": 12, + "x": 12, + "y": 3 + }, + "id": 6, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "multi", + "sort": "none" + } + }, + "pluginVersion": "10.4.2", + "targets": [ + { + "datasource": { + "uid": "$datasource" + }, + "expr": "sum(rate(jaeger_collector_spans_dropped_total[1m])) by (instance) / sum(rate(jaeger_collector_spans_received_total[1m])) by (instance)", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "{{instance}}", + "refId": "A", + "step": 10 + } + ], + "title": "% spans dropped", + "type": "timeseries" + } + ], + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "PC3E95692D54ABCC0" + }, + "refId": "A" + } + ], + "title": "Collector", + "type": "row" + }, + { + "collapsed": true, + "datasource": { + "type": "prometheus", + "uid": "PC3E95692D54ABCC0" + }, + "gridPos": { + "h": 1, + "w": 24, + "x": 0, + "y": 3 + }, + "id": 14, + "panels": [ + { + "datasource": { + "uid": "$datasource" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "barWidthFactor": 0.6, + "drawStyle": "line", + "fillOpacity": 100, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 0, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "never", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "normal" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "min": 0, + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "short" + }, + "overrides": [] + }, + "gridPos": { + "h": 7, + "w": 12, + "x": 0, + "y": 4 + }, + "id": 7, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "multi", + "sort": "none" + } + }, + "pluginVersion": "10.4.2", + "targets": [ + { + "datasource": { + "uid": "$datasource" + }, + "expr": "jaeger_collector_queue_length", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "{{instance}}", + "refId": "A", + "step": 10 + } + ], + "title": "span queue length", + "type": "timeseries" + }, + { + "datasource": { + "uid": "$datasource" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "barWidthFactor": 0.6, + "drawStyle": "line", + "fillOpacity": 10, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "never", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "min": 0, + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "short" + }, + "overrides": [] + }, + "gridPos": { + "h": 7, + "w": 12, + "x": 12, + "y": 4 + }, + "id": 8, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "multi", + "sort": "none" + } + }, + "pluginVersion": "10.4.2", + "targets": [ + { + "datasource": { + "uid": "$datasource" + }, + "expr": "histogram_quantile(0.95, sum(rate(jaeger_collector_in_queue_latency_bucket[1m])) by (le, instance))", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "{{instance}}", + "refId": "A", + "step": 10 + } + ], + "title": "span queue time - 95 percentile", + "type": "timeseries" + } + ], + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "PC3E95692D54ABCC0" + }, + "refId": "A" + } + ], + "title": "Collector Queue", + "type": "row" + }, + { + "collapsed": true, + "datasource": { + "type": "prometheus", + "uid": "PC3E95692D54ABCC0" + }, + "gridPos": { + "h": 1, + "w": 24, + "x": 0, + "y": 4 + }, + "id": 15, + "panels": [ + { + "datasource": { + "uid": "$datasource" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "barWidthFactor": 0.6, + "drawStyle": "line", + "fillOpacity": 100, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 0, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "never", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "normal" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "min": 0, + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "short" + }, + "overrides": [ + { + "matcher": { + "id": "byName", + "options": "error" + }, + "properties": [ + { + "id": "color", + "value": { + "fixedColor": "#E24D42", + "mode": "fixed" + } + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "success" + }, + "properties": [ + { + "id": "color", + "value": { + "fixedColor": "#7EB26D", + "mode": "fixed" + } + } + ] + } + ] + }, + "gridPos": { + "h": 7, + "w": 12, + "x": 0, + "y": 5 + }, + "id": 9, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "multi", + "sort": "none" + } + }, + "pluginVersion": "10.4.2", + "targets": [ + { + "datasource": { + "uid": "$datasource" + }, + "expr": "sum(rate(jaeger_query_requests_total{result=\"err\"}[1m]))", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "error", + "refId": "A", + "step": 10 + }, + { + "datasource": { + "uid": "$datasource" + }, + "expr": "sum(rate(jaeger_query_requests_total[1m])) - sum(rate(jaeger_query_requests_total{result=\"err\"}[1m]))", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "success", + "refId": "B", + "step": 10 + } + ], + "title": "qps", + "type": "timeseries" + }, + { + "datasource": { + "uid": "$datasource" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "barWidthFactor": 0.6, + "drawStyle": "line", + "fillOpacity": 100, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 0, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "never", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "normal" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "min": 0, + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "short" + }, + "overrides": [] + }, + "gridPos": { + "h": 7, + "w": 12, + "x": 12, + "y": 5 + }, + "id": 10, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "multi", + "sort": "none" + } + }, + "pluginVersion": "10.4.2", + "targets": [ + { + "datasource": { + "uid": "$datasource" + }, + "expr": "histogram_quantile(0.99, sum(rate(jaeger_query_latency_bucket[1m])) by (le, instance))", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "{{instance}}", + "refId": "A", + "step": 10 + } + ], + "title": "latency - 99 percentile", + "type": "timeseries" + } + ], + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "PC3E95692D54ABCC0" + }, + "refId": "A" + } + ], + "title": "Query", + "type": "row" + }, + { + "collapsed": true, + "gridPos": { + "h": 1, + "w": 24, + "x": 0, + "y": 5 + }, + "id": 19, + "panels": [ + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "description": "Versions from build_info metrics", + "fieldConfig": { + "defaults": { + "color": { + "mode": "thresholds" + }, + "custom": { + "align": "auto", + "cellOptions": { + "type": "auto" + }, + "inspect": false + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + } + ] + } + }, + "overrides": [ + { + "matcher": { + "id": "byName", + "options": "version" + }, + "properties": [ + { + "id": "mappings", + "value": [ + { + "options": { + "pattern": "^v(.*)", + "result": { + "index": 0, + "text": "$1" + } + }, + "type": "regex" + } + ] + } + ] + } + ] + }, + "gridPos": { + "h": 5, + "w": 24, + "x": 0, + "y": 6 + }, + "id": 21, + "options": { + "cellHeight": "sm", + "footer": { + "countRows": false, + "fields": "", + "reducer": [ + "sum" + ], + "show": false + }, + "showHeader": true, + "sortBy": [] + }, + "pluginVersion": "11.2.1", + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "editorMode": "code", + "exemplar": false, + "expr": "jaeger_collector_build_info{cluster=\"$cluster\", namespace=\"$namespace\"}", + "format": "table", + "instant": true, + "legendFormat": "__auto", + "range": false, + "refId": "A" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "editorMode": "code", + "exemplar": false, + "expr": "jaeger_query_build_info{cluster=\"$cluster\", namespace=\"$namespace\"}", + "format": "table", + "hide": false, + "instant": true, + "legendFormat": "__auto", + "range": false, + "refId": "B" + } + ], + "title": "Version from metrics", + "transformations": [ + { + "id": "merge", + "options": {} + }, + { + "id": "organize", + "options": { + "excludeByName": { + "Time": true, + "Value #A": true, + "Value #B": true, + "__name__": true, + "build_date": false, + "endpoint": true, + "instance": true, + "job": true, + "prometheus": true, + "service": true + }, + "includeByName": {}, + "indexByName": { + "Time": 6, + "Value #A": 13, + "Value #B": 14, + "__name__": 7, + "build_date": 4, + "container": 2, + "endpoint": 8, + "instance": 9, + "job": 10, + "namespace": 0, + "pod": 1, + "prometheus": 11, + "revision": 5, + "service": 12, + "version": 3 + }, + "renameByName": { + "Value #A": "" + } + } + } + ], + "type": "table" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "description": "Versions from app.kubernetes.io labels", + "fieldConfig": { + "defaults": { + "color": { + "mode": "thresholds" + }, + "custom": { + "align": "auto", + "cellOptions": { + "type": "auto" + }, + "inspect": false + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 9, + "w": 24, + "x": 0, + "y": 11 + }, + "id": 22, + "options": { + "cellHeight": "sm", + "footer": { + "countRows": false, + "fields": "", + "reducer": [ + "sum" + ], + "show": false + }, + "showHeader": true + }, + "pluginVersion": "11.2.1", + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "editorMode": "code", + "exemplar": false, + "expr": "kube_pod_labels{ cluster=\"$cluster\", namespace=\"$namespace\"}", + "format": "table", + "instant": true, + "legendFormat": "__auto", + "range": false, + "refId": "A" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "editorMode": "code", + "exemplar": false, + "expr": "kube_cronjob_labels{cluster=\"$cluster\", namespace=\"$namespace\"}", + "format": "table", + "hide": false, + "instant": true, + "legendFormat": "__auto", + "range": false, + "refId": "C" + } + ], + "title": "Version from labels", + "transformations": [ + { + "id": "merge", + "options": {} + }, + { + "id": "organize", + "options": { + "excludeByName": { + "Time": true, + "Value": true, + "Value #A": true, + "Value #B": true, + "Value #C": true, + "Value #D": true, + "__name__": true, + "build_date": true, + "container": true, + "cronjob": true, + "deployment": true, + "endpoint": true, + "exported_namespace": true, + "exported_pod": true, + "instance": true, + "job": true, + "kube_container": true, + "kube_namespace": true, + "kube_pod": true, + "label_app": true, + "label_app_kubernetes_io_name": true, + "label_batch_kubernetes_io_controller_uid": true, + "label_batch_kubernetes_io_job_name": true, + "label_controller_uid": true, + "label_job_name": true, + "label_name": true, + "label_pod_template_hash": true, + "pod": true, + "prometheus": true, + "revision": true, + "service": true, + "uid": true, + "version": true + }, + "includeByName": {}, + "indexByName": { + "Time": 1, + "Value #A": 21, + "Value #B": 22, + "Value #C": 23, + "Value #D": 24, + "__name__": 2, + "deployment": 8, + "endpoint": 3, + "exported_namespace": 9, + "instance": 4, + "job": 5, + "kube_container": 10, + "kube_namespace": 11, + "kube_pod": 12, + "label_app": 13, + "label_app_kubernetes_io_component": 15, + "label_app_kubernetes_io_instance": 16, + "label_app_kubernetes_io_managed_by": 17, + "label_app_kubernetes_io_name": 19, + "label_app_kubernetes_io_part_of": 14, + "label_app_kubernetes_io_version": 18, + "label_name": 20, + "namespace": 0, + "prometheus": 6, + "service": 7 + }, + "renameByName": { + "label_app_kubernetes_io_component": "component", + "label_app_kubernetes_io_instance": "instance", + "label_app_kubernetes_io_managed_by": "managed-by", + "label_app_kubernetes_io_part_of": "part-of", + "label_app_kubernetes_io_version": "version", + "label_name": "" + } + } + } + ], + "type": "table" + } + ], + "title": "Build info", + "type": "row" + } + ], + "refresh": "", + "schemaVersion": 39, + "tags": [], + "templating": { + "list": [ + { + "current": { + "selected": false, + "text": "Platform Monitoring Prometheus", + "value": "PC3E95692D54ABCC0" + }, + "hide": 0, + "includeAll": false, + "multi": false, + "name": "datasource", + "options": [], + "query": "prometheus", + "queryValue": "", + "refresh": 1, + "regex": "", + "skipUrlSync": false, + "type": "datasource" + }, + { + "current": { + "selected": false, + "text": "None", + "value": "" + }, + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "definition": "label_values(jaeger_collector_build_info,cluster)", + "hide": 0, + "includeAll": false, + "multi": false, + "name": "cluster", + "options": [], + "query": { + "qryType": 1, + "query": "label_values(jaeger_collector_build_info,cluster)", + "refId": "PrometheusVariableQueryEditor-VariableQuery" + }, + "refresh": 1, + "regex": "", + "skipUrlSync": false, + "sort": 1, + "type": "query" + }, + { + "current": { + "selected": false, + "text": "tracing", + "value": "tracing" + }, + "datasource": { + "type": "prometheus", + "uid": "PC3E95692D54ABCC0" + }, + "definition": "label_values(jaeger_collector_build_info{cluster=\"$cluster\"},namespace)", + "hide": 0, + "includeAll": true, + "multi": false, + "name": "namespace", + "options": [], + "query": { + "qryType": 1, + "query": "label_values(jaeger_collector_build_info{cluster=\"$cluster\"},namespace)", + "refId": "PrometheusVariableQueryEditor-VariableQuery" + }, + "refresh": 1, + "regex": "", + "skipUrlSync": false, + "sort": 0, + "type": "query" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "filters": [], + "hide": 0, + "name": "Filters", + "skipUrlSync": false, + "type": "adhoc" + } + ] + }, + "time": { + "from": "now-30m", + "to": "now" + }, + "timepicker": { + "refresh_intervals": [ + "5s", + "10s", + "30s", + "1m", + "5m", + "15m", + "30m", + "1h", + "2h", + "1d" + ], + "time_options": [ + "5m", + "15m", + "1h", + "6h", + "12h", + "24h", + "2d", + "7d", + "30d" + ] + }, + "timezone": "utc", + "title": "Jaeger-Overview", + "uid": "Om7U5EW7k", + "version": 3, + "weekStart": "" +} \ No newline at end of file diff --git a/charts/jaeger/resource-profiles/dev.yaml b/charts/jaeger/resource-profiles/dev.yaml new file mode 100644 index 0000000..0664ab5 --- /dev/null +++ b/charts/jaeger/resource-profiles/dev.yaml @@ -0,0 +1,2 @@ +# Empty profile, just because the DP.Builder require dev.yaml and prod.yaml files during the build +type: dev diff --git a/charts/jaeger/resource-profiles/large.yaml b/charts/jaeger/resource-profiles/large.yaml new file mode 100644 index 0000000..561c192 --- /dev/null +++ b/charts/jaeger/resource-profiles/large.yaml @@ -0,0 +1,29 @@ +collector.resources.requests.cpu: 200m +collector.resources.requests.memory: 64Mi +collector.resources.limits.cpu: 500m +collector.resources.limits.memory: 512Mi + +query.resources.requests.cpu: 200m +query.resources.requests.memory: 128Mi +query.resources.limits.cpu: 500m +query.resources.limits.memory: 512Mi + +proxy.resources.requests.cpu: 50m +proxy.resources.requests.memory: 100Mi +proxy.resources.limits.cpu: 100m +proxy.resources.limits.memory: 200Mi + +readinessProbe.resources.requests.cpu: 10m +readinessProbe.resources.requests.memory: 32Mi +readinessProbe.resources.limits.cpu: 50m +readinessProbe.resources.limits.memory: 64Mi + +integrationTests.resources.requests.cpu: 50m +integrationTests.resources.requests.memory: 256Mi +integrationTests.resources.limits.cpu: 400m +integrationTests.resources.limits.memory: 256Mi + +statusProvisioner.resources.requests.cpu: 50m +statusProvisioner.resources.requests.memory: 50Mi +statusProvisioner.resources.limits.cpu: 100m +statusProvisioner.resources.limits.memory: 100Mi diff --git a/charts/jaeger/resource-profiles/medium.yaml b/charts/jaeger/resource-profiles/medium.yaml new file mode 100644 index 0000000..2fe99eb --- /dev/null +++ b/charts/jaeger/resource-profiles/medium.yaml @@ -0,0 +1,29 @@ +collector.resources.requests.cpu: 100m +collector.resources.requests.memory: 64Mi +collector.resources.limits.cpu: 300m +collector.resources.limits.memory: 256Mi + +query.resources.requests.cpu: 100m +query.resources.requests.memory: 128Mi +query.resources.limits.cpu: 300m +query.resources.limits.memory: 256Mi + +proxy.resources.requests.cpu: 50m +proxy.resources.requests.memory: 100Mi +proxy.resources.limits.cpu: 100m +proxy.resources.limits.memory: 200Mi + +readinessProbe.resources.requests.cpu: 10m +readinessProbe.resources.requests.memory: 32Mi +readinessProbe.resources.limits.cpu: 50m +readinessProbe.resources.limits.memory: 64Mi + +integrationTests.resources.requests.cpu: 50m +integrationTests.resources.requests.memory: 256Mi +integrationTests.resources.limits.cpu: 400m +integrationTests.resources.limits.memory: 256Mi + +statusProvisioner.resources.requests.cpu: 50m +statusProvisioner.resources.requests.memory: 50Mi +statusProvisioner.resources.limits.cpu: 100m +statusProvisioner.resources.limits.memory: 100Mi diff --git a/charts/jaeger/resource-profiles/prod.yaml b/charts/jaeger/resource-profiles/prod.yaml new file mode 100644 index 0000000..e645283 --- /dev/null +++ b/charts/jaeger/resource-profiles/prod.yaml @@ -0,0 +1,2 @@ +# Empty profile, just because the DP.Builder require dev.yaml and prod.yaml files during the build +type: prod diff --git a/charts/jaeger/resource-profiles/small.yaml b/charts/jaeger/resource-profiles/small.yaml new file mode 100644 index 0000000..d9a933c --- /dev/null +++ b/charts/jaeger/resource-profiles/small.yaml @@ -0,0 +1,29 @@ +collector.resources.requests.cpu: 50m +collector.resources.requests.memory: 64Mi +collector.resources.limits.cpu: 100m +collector.resources.limits.memory: 128Mi + +query.resources.requests.cpu: 100m +query.resources.requests.memory: 128Mi +query.resources.limits.cpu: 150m +query.resources.limits.memory: 128Mi + +proxy.resources.requests.cpu: 50m +proxy.resources.requests.memory: 100Mi +proxy.resources.limits.cpu: 100m +proxy.resources.limits.memory: 200Mi + +readinessProbe.resources.requests.cpu: 10m +readinessProbe.resources.requests.memory: 32Mi +readinessProbe.resources.limits.cpu: 50m +readinessProbe.resources.limits.memory: 64Mi + +integrationTests.resources.requests.cpu: 50m +integrationTests.resources.requests.memory: 256Mi +integrationTests.resources.limits.cpu: 400m +integrationTests.resources.limits.memory: 256Mi + +statusProvisioner.resources.requests.cpu: 50m +statusProvisioner.resources.requests.memory: 50Mi +statusProvisioner.resources.limits.cpu: 100m +statusProvisioner.resources.limits.memory: 100Mi \ No newline at end of file diff --git a/charts/jaeger/templates/_helpers.tpl b/charts/jaeger/templates/_helpers.tpl new file mode 100644 index 0000000..ff76728 --- /dev/null +++ b/charts/jaeger/templates/_helpers.tpl @@ -0,0 +1,1190 @@ +{{/* vim: set filetype=mustache: */}} + +{{/******************************************************************************************************************/}} +{{/* +Set default value for hotrod ingress host if not specify in Values. +*/}} +{{- define "hotrod.ingress" -}} + {{- if not .Values.hotrod.ingress.host -}} + hotrod-{{ .Values.NAMESPACE | default .Release.Namespace }}.{{ .Values.CLOUD_PUBLIC_HOST }} + {{- else -}} + {{ .Values.hotrod.ingress.host | quote -}} + {{- end -}} +{{- end -}} + +{{/* +Set default value for query ingress host if not specify in Values. +*/}} +{{- define "query.ingress" -}} + {{- if not .Values.query.ingress.host -}} + query-{{ .Values.NAMESPACE | default .Release.Namespace }}.{{ .Values.CLOUD_PUBLIC_HOST }} + {{- else -}} + {{ .Values.query.ingress.host | quote -}} + {{- end -}} +{{- end -}} + +{{/* +Set default value for hotrod route host if not specify in Values. +*/}} +{{- define "hotrod.route" -}} + {{- if not .Values.hotrod.route.host -}} + hotrod-{{ .Values.NAMESPACE | default .Release.Namespace }}.{{ .Values.CLOUD_PUBLIC_HOST }} + {{- else -}} + {{ .Values.hotrod.route.host | quote -}} + {{- end -}} +{{- end -}} + +{{/* +Set default value for query route host if not specify in Values. +*/}} +{{- define "query.route" -}} + {{- if not .Values.query.route.host -}} + query-{{ .Values.NAMESPACE | default .Release.Namespace }}.{{ .Values.CLOUD_PUBLIC_HOST }} + {{- else -}} + {{ .Values.query.route.host | quote -}} + {{- end -}} +{{- end -}} + +{{/* +Create common labels for each resource which is creating by this chart. +*/}} +{{- define "jaeger.commonLabels" -}} +app: jaeger +app.kubernetes.io/part-of: jaeger +app.kubernetes.io/version: {{ .Chart.AppVersion }} +{{- end -}} + +{{/* +Return list of hosts for Ingress. +Support as already existing syntax with only one .host and syntax to specify list of hosts inside one Ingress +*/}} +{{- define "collector.ingress.rules" -}} +{{- if .Values.collector.ingress.host -}} +- host: {{ .Values.collector.ingress.host | quote }} + http: + paths: {{ include "collector.ingress.hostPaths" (list $ .) | nindent 6 }} +{{- end -}} +{{- if .Values.collector.ingress.hosts -}} +{{- range .Values.collector.ingress.hosts }} +- host: {{ tpl .host $ | quote }} + http: + paths: {{ include "collector.ingress.hostPaths" (list $ .) | nindent 6 }} +{{- end -}} +{{- end -}} +{{- end -}} + +{{/* +Return list of paths and endpoints for one host +*/}} +{{- define "collector.ingress.hostPaths" -}} +{{/* Restore the global context in the "$" */}} +{{- $ := index . 0 }} +{{- $defaultServiceName := printf "%s-collector" $.Values.jaeger.serviceName -}} +{{/* Start render template in the relative content, here .Values.jaeger.collector.ingress.hosts */}} +{{- with index . 1 }} +{{- $pathsToApply := coalesce .paths $.Values.collector.ingress.defaultPaths -}} +{{- range $pathsToApply }} +- path: {{ .prefix }} + pathType: Prefix + backend: + service: + name: {{ coalesce .service.name $defaultServiceName }} + port: + number: {{ .service.port }} +{{- end -}} +{{- end -}} +{{- end -}} + +{{/******************************************************************************************************************/}} + +{{/* +Find a collector image in various places. +Image can be found from: +* from default values .Values.collector.image +*/}} +{{- define "collector.image" -}} + {{- if .Values.collector.image -}} + {{- printf "%s" .Values.collector.image -}} + {{- else -}} + {{- print "jaegertracing/jaeger-collector:1.62.0" -}} + {{- end -}} +{{- end -}} + +{{/* +Find a jaeger-query image in various places. +Image can be found from: +* from default values .Values.query.image +*/}} +{{- define "query.image" -}} + {{- if .Values.query.image -}} + {{- printf "%s" .Values.query.image -}} + {{- else -}} + {{- print "jaegertracing/jaeger-query:1.62.0" -}} + {{- end -}} +{{- end -}} + +{{/* +Find a envoy image in various places. +Image can be found from: +* from default values .Values.proxy.image +*/}} +{{- define "proxy.image" -}} + {{- if .Values.proxy.image -}} + {{- printf "%s" .Values.proxy.image -}} + {{- else -}} + {{- print "envoyproxy/envoy:v1.30.7" -}} + {{- end -}} +{{- end -}} + +{{/* +Find a jaeger-agent image in various places. +Image can be found from: +* from default values .Values.agent.image +*/}} +{{- define "agent.image" -}} + {{- if .Values.agent.image -}} + {{- printf "%s" .Values.agent.image -}} + {{- else -}} + {{- print "jaegertracing/jaeger-agent:1.62.0" -}} + {{- end -}} +{{- end -}} + +{{/* +Find a jaeger-cassandra-schema-job image in various places. +Image can be found from: +* from default values .Values.cassandraSchemaJob.image +*/}} +{{- define "cassandra-schema-job.image" -}} + {{- if .Values.cassandraSchemaJob.image -}} + {{- printf "%s" .Values.cassandraSchemaJob.image -}} + {{- else -}} + {{- print "jaegertracing/jaeger-cassandra-schema:1.62.0" -}} + {{- end -}} +{{- end -}} + +{{/* +Find a hotrod example image in various places. +Image can be found from: +* from default values .Values.hotrod.image +*/}} +{{- define "hotrod.image" -}} + {{- if .Values.hotrod.image -}} + {{- printf "%s" .Values.hotrod.image -}} + {{- else -}} + {{- print "jaegertracing/example-hotrod:1.62.0" -}} + {{- end -}} +{{- end -}} + +{{/* +Find a indexCleaner image in various places. +Image can be found from: +* from default values .Values.elasticsearch.indexCleaner.image +*/}} +{{- define "indexCleaner.image" -}} + {{- if .Values.elasticsearch.indexCleaner.image -}} + {{- printf "%s" .Values.elasticsearch.indexCleaner.image -}} + {{- else -}} + {{- print "jaegertracing/jaeger-es-index-cleaner:1.62.0" -}} + {{- end -}} +{{- end -}} + +{{/* +Find a rollover image in various places. +Image can be found from: +* from default values .Values.elasticsearch.rollover.image +*/}} +{{- define "rollover.image" -}} + {{- if .Values.elasticsearch.rollover.image -}} + {{- printf "%s" .Values.elasticsearch.rollover.image -}} + {{- else -}} + {{- print "jaegertracing/jaeger-es-rollover:1.62.0" -}} + {{- end -}} +{{- end -}} + +{{/* +Find a jaeger-integration-tests image in various places. +Image can be found from: +* from default values .Values.collector.image +*/}} +{{- define "jaeger-integration-tests.image" -}} + {{- if .Values.integrationTests.image -}} + {{- printf "%s" .Values.integrationTests.image -}} + {{- else -}} + {{- print "ghcr.io/netcracker/jaeger-integration-tests:main" -}} + {{- end -}} +{{- end -}} + +{{/* +Find a Deployment Status Provisioner image in various places. +*/}} +{{- define "deployment-status-provisioner.image" -}} + {{- if .Values.statusProvisioner.image -}} + {{- printf "%s" .Values.statusProvisioner.image -}} + {{- else -}} + {{- print "ghcr.io/netcracker/deployment-status-provisioner:main" -}} + {{- end -}} +{{- end -}} + +{{/* +Find a readiness-probe image in various places. +*/}} +{{- define "readiness-probe.image" -}} + {{- if .Values.readinessProbe.image -}} + {{- printf "%s" .Values.readinessProbe.image -}} + {{- else -}} + {{- print "ghcr.io/netcracker/jaeger-readiness-probe:main" -}} + {{- end -}} +{{- end -}} + +{{/******************************************************************************************************************/}} + +{{/* +Return name of secret for cassandraSchemaJob. +*/}} +{{- define "cassandraSchemaJob.secretName" -}} + {{- if .Values.cassandraSchemaJob.existingSecret -}} + {{- printf "%s" (.Values.cassandraSchemaJob.existingSecret) -}} + {{- else -}} + {{- if .prehook -}} + {{- print "jaeger-cassandra-pre-hook" -}} + {{- else -}} + {{- print "jaeger-cassandra" -}} + {{- end -}} + {{- end -}} +{{- end -}} + +{{/* +Return name of secret for cassandraSchemaJob TLS. +*/}} +{{- define "cassandraSchemaJob.tls.secretName" -}} + {{- if .Values.cassandraSchemaJob.tls.existingSecret -}} + {{- printf "%s" (.Values.cassandraSchemaJob.tls.existingSecret) -}} + {{- else -}} + {{- if .prehook -}} + {{- print "jaeger-cassandra-tls-pre-hook" -}} + {{- else -}} + {{- print "jaeger-cassandra-tls" -}} + {{- end -}} + {{- end -}} +{{- end -}} + +{{/* +Return host for cassandra database. +*/}} +{{- define "cassandraSchemaJob.host" -}} + {{- if .Values.cassandraSchemaJob.host -}} + {{- printf "%s" (.Values.cassandraSchemaJob.host) -}} + {{- else -}} + {{- if .Values.INFRA_CASSANDRA_HOST -}} + {{- printf "%s" (.Values.INFRA_CASSANDRA_HOST) -}} + {{- else -}} + {{- print "cassandra.cassandra.svc" -}} + {{- end -}} + {{- end -}} +{{- end -}} + +{{/* +Return port for cassandra database. +*/}} +{{- define "cassandraSchemaJob.port" -}} + {{- if .Values.cassandraSchemaJob.port -}} + {{- printf "%v" (.Values.cassandraSchemaJob.port) -}} + {{- else -}} + {{- if .Values.INFRA_CASSANDRA_PORT -}} + {{- printf "%v" (.Values.INFRA_CASSANDRA_PORT) -}} + {{- else -}} + {{- print "9042" -}} + {{- end -}} + {{- end -}} +{{- end -}} + +{{/* +Return datacenter for cassandra database. +*/}} +{{- define "cassandraSchemaJob.datacenter" -}} + {{- if .Values.cassandraSchemaJob.datacenter -}} + {{- printf "%s" (.Values.cassandraSchemaJob.datacenter) -}} + {{- else -}} + {{- if .Values.INFRA_CASSANDRA_DC -}} + {{- printf "%s" (.Values.INFRA_CASSANDRA_DC) -}} + {{- else -}} + {{- print "" -}} + {{- end -}} + {{- end -}} +{{- end -}} + +{{/* +Return username for cassandra database. +*/}} +{{- define "cassandraSchemaJob.userName" -}} + {{- if .Values.cassandraSchemaJob.username -}} + {{- printf "%s" (.Values.cassandraSchemaJob.username) -}} + {{- else -}} + {{- if .Values.INFRA_CASSANDRA_USERNAME -}} + {{- printf "%s" (.Values.INFRA_CASSANDRA_USERNAME) -}} + {{- else -}} + {{- print "" -}} + {{- end -}} + {{- end -}} +{{- end -}} + +{{/* +Return list of allowed authenticators for Cassandra as string joined using comma (,). +Will use the default list of values if user don't specify custom values. +For example: org.apache.cassandra.auth.PasswordAuthenticator,com.instaclustr.cassandra.auth.SharedSecretAuthenticator,... +*/}} +{{- define "cassandraSchemaJob.allowedAuthenticators" -}} + {{- if .Values.cassandraSchemaJob.allowedAuthenticators -}} + {{- join "," .Values.cassandraSchemaJob.allowedAuthenticators -}} + {{- else -}} + {{- join "," .Values.cassandraSchemaJob.defaultAllowedAuthenticators -}} + {{- end -}} +{{- end -}} + +{{/* +Return password for cassandra database. +*/}} +{{- define "cassandraSchemaJob.password" -}} + {{- if .Values.cassandraSchemaJob.password -}} + {{- printf "%s" (.Values.cassandraSchemaJob.password) -}} + {{- else -}} + {{- if .Values.INFRA_CASSANDRA_PASSWORD -}} + {{- printf "%s" (.Values.INFRA_CASSANDRA_PASSWORD) -}} + {{- else -}} + {{- print "" -}} + {{- end -}} + {{- end -}} +{{- end -}} + +{{/* +Return name of secret for OpenSearch/ElasticSearch TLS. +*/}} +{{- define "elasticsearch.tls.secretName" -}} + {{- if .Values.elasticsearch.client.tls.existingSecret -}} + {{- printf "%s" (.Values.elasticsearch.client.tls.existingSecret) -}} + {{- else -}} + {{- if .prehook -}} + {{- printf "%s-es-pre-hook-tls-assets" (.Values.jaeger.serviceName) -}} + {{- else -}} + {{- printf "%s-elasticsearch-tls-assets" (.Values.jaeger.serviceName) -}} + {{- end -}} + {{- end -}} +{{- end -}} + +{{/* +Return URL for OpenSearch/ElasticSearch. +*/}} +{{- define "elasticsearch.url" -}} + {{- if .Values.elasticsearch.client.url -}} + {{- printf "%s://%s" (.Values.elasticsearch.client.scheme) (.Values.elasticsearch.client.url) -}} + {{- else -}} + {{- if .Values.INFRA_OPENSEARCH_URL -}} + {{- printf "%s" .Values.INFRA_OPENSEARCH_URL -}} + {{- else -}} + {{- print "" -}} + {{- end -}} + {{- end -}} +{{- end -}} + +{{/* +Return username for OpenSearch/ElasticSearch. +*/}} +{{- define "elasticsearch.userName" -}} + {{- if .Values.elasticsearch.client.username -}} + {{- printf "%s" (.Values.elasticsearch.client.username) -}} + {{- else -}} + {{- if .Values.INFRA_OPENSEARCH_USERNAME -}} + {{- printf "%s" .Values.INFRA_OPENSEARCH_USERNAME -}} + {{- else -}} + {{- print "" -}} + {{- end -}} + {{- end -}} +{{- end -}} + +{{/* +Return password for OpenSearch/ElasticSearch. +*/}} +{{- define "elasticsearch.password" -}} + {{- if .Values.elasticsearch.client.password -}} + {{- printf "%s" (.Values.elasticsearch.client.password) -}} + {{- else -}} + {{- if .Values.INFRA_OPENSEARCH_PASSWORD -}} + {{- printf "%s" .Values.INFRA_OPENSEARCH_PASSWORD -}} + {{- else -}} + {{- print "" -}} + {{- end -}} + {{- end -}} +{{- end -}} + +{{/* +Return securityContext section for Agent Container +*/}} +{{- define "agent.containerSecurityContext" -}} + {{- if ge .Capabilities.KubeVersion.Minor "25" -}} + {{- if .Values.agent.containerSecurityContext -}} + {{- toYaml .Values.agent.containerSecurityContext | nindent 10 }} + {{- else }} + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + {{- end -}} + {{- else }} + {{- if .Values.agent.containerSecurityContext -}} + {{- toYaml .Values.agent.containerSecurityContext | nindent 10 }} + {{- else }} + {} + {{- end -}} + {{- end -}} +{{- end -}} + +{{/* +Return securityContext section for Cassandra Schema Job Container +*/}} +{{- define "cassandraSchemaJob.containerSecurityContext" -}} + {{- if ge .Capabilities.KubeVersion.Minor "25" -}} + {{- if .Values.cassandraSchemaJob.containerSecurityContext -}} + {{- toYaml .Values.cassandraSchemaJob.containerSecurityContext | nindent 10 }} + {{- else }} + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + {{- end -}} + {{- else }} + {{- if .Values.cassandraSchemaJob.containerSecurityContext -}} + {{- toYaml .Values.cassandraSchemaJob.containerSecurityContext | nindent 10 }} + {{- else }} + {} + {{- end -}} + {{- end -}} +{{- end -}} + +{{/* +Return securityContext section for Collector Container +*/}} +{{- define "collector.containerSecurityContext" -}} + {{- if ge .Capabilities.KubeVersion.Minor "25" -}} + {{- if .Values.collector.containerSecurityContext -}} + {{- toYaml .Values.collector.containerSecurityContext | nindent 12 }} + {{- else }} + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + {{- end -}} + {{- else }} + {{- if .Values.collector.containerSecurityContext -}} + {{- toYaml .Values.collector.containerSecurityContext | nindent 12 }} + {{- else }} + {} + {{- end -}} + {{- end -}} +{{- end -}} + +{{/* +Return securityContext section for integration tests Container +*/}} +{{- define "integrationTests.containerSecurityContext" -}} + {{- if ge .Capabilities.KubeVersion.Minor "25" -}} + {{- if .Values.integrationTests.containerSecurityContext -}} + {{- toYaml .Values.integrationTests.containerSecurityContext | nindent 12 }} + {{- else }} + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + {{- end -}} + {{- else }} + {{- if .Values.integrationTests.containerSecurityContext -}} + {{- toYaml .Values.integrationTests.containerSecurityContext | nindent 12 }} + {{- else }} + {} + {{- end -}} + {{- end -}} +{{- end -}} + +{{/* +Return securityContext section for status provisioner Container +*/}} +{{- define "statusProvisioner.containerSecurityContext" -}} + {{- if ge .Capabilities.KubeVersion.Minor "25" -}} + {{- if .Values.statusProvisioner.containerSecurityContext -}} + {{- toYaml .Values.statusProvisioner.containerSecurityContext | nindent 10 }} + {{- else }} + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + {{- end -}} + {{- else }} + {{- if .Values.statusProvisioner.containerSecurityContext -}} + {{- toYaml .Values.statusProvisioner.containerSecurityContext | nindent 10 }} + {{- else }} + {} + {{- end -}} + {{- end -}} +{{- end -}} + +{{/* +Return securityContext section for Hotrod Container +*/}} +{{- define "hotrod.containerSecurityContext" -}} + {{- if ge .Capabilities.KubeVersion.Minor "25" -}} + {{- if .Values.hotrod.containerSecurityContext -}} + {{- toYaml .Values.hotrod.containerSecurityContext | nindent 12 }} + {{- else }} + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + {{- end -}} + {{- else }} + {{- if .Values.hotrod.containerSecurityContext -}} + {{- toYaml .Values.hotrod.containerSecurityContext | nindent 12 }} + {{- else }} + {} + {{- end -}} + {{- end -}} +{{- end -}} + +{{/* +Return securityContext section for elasticsearch rollover Container +*/}} +{{- define "elasticsearch.rolloverjob.containerSecurityContext" -}} + {{- if ge .Capabilities.KubeVersion.Minor "25" -}} + {{- if .Values.elasticsearch.rollover.containerSecurityContext -}} + {{- toYaml .Values.elasticsearch.rollover.containerSecurityContext | nindent 12 }} + {{- else }} + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + {{- end }} + {{- else -}} + {{- if .Values.elasticsearch.rollover.containerSecurityContext -}} + {{- toYaml .Values.elasticsearch.rollover.containerSecurityContext | nindent 12 }} + {{- else }} + {} + {{- end -}} + {{- end -}} +{{- end -}} + +{{/* +Return securityContext section for elasticsearch index cleaner Container +*/}} +{{- define "elasticsearch.indexCleaner.containerSecurityContext" -}} + {{- if ge .Capabilities.KubeVersion.Minor "25" -}} + {{- if .Values.elasticsearch.indexCleaner.containerSecurityContext -}} + {{- toYaml .Values.elasticsearch.indexCleaner.containerSecurityContext | nindent 14 }} + {{- else }} + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + {{- end -}} + {{- else }} + {{- if .Values.elasticsearch.indexCleaner.containerSecurityContext -}} + {{- toYaml .Values.elasticsearch.indexCleaner.containerSecurityContext | nindent 14 }} + {{- else }} + {} + {{- end -}} + {{- end -}} +{{- end -}} + +{{/* +Return securityContext section for elasticsearch lookback Container +*/}} +{{- define "elasticsearch.lookback.containerSecurityContext" -}} + {{- if ge .Capabilities.KubeVersion.Minor "25" -}} + {{- if .Values.elasticsearch.lookback.containerSecurityContext -}} + {{- toYaml .Values.elasticsearch.lookback.containerSecurityContext | nindent 14 }} + {{- else }} + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + {{- end -}} + {{- else }} + {{- if .Values.elasticsearch.lookback.containerSecurityContext -}} + {{- toYaml .Values.elasticsearch.lookback.containerSecurityContext | nindent 14 }} + {{- else }} + {} + {{- end -}} + {{- end -}} +{{- end -}} + +{{/* +Return securityContext section for elasticsearch rollover Container +*/}} +{{- define "elasticsearch.rollovercronjob.containerSecurityContext" -}} + {{- if ge .Capabilities.KubeVersion.Minor "25" -}} + {{- if .Values.elasticsearch.rollover.containerSecurityContext -}} + {{- toYaml .Values.elasticsearch.rollover.containerSecurityContext | nindent 14 }} + {{- else }} + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + {{- end -}} + {{- else }} + {{- if .Values.elasticsearch.rollover.containerSecurityContext -}} + {{- toYaml .Values.elasticsearch.rollover.containerSecurityContext | nindent 14 }} + {{- else }} + {} + {{- end -}} + {{- end -}} +{{- end -}} + +{{/* +Return securityContext section for query Container +*/}} +{{- define "query.containerSecurityContext" -}} + {{- if ge .Capabilities.KubeVersion.Minor "25" -}} + {{- if .Values.query.containerSecurityContext -}} + {{- toYaml .Values.query.containerSecurityContext | nindent 12 }} + {{- else }} + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + {{- end -}} + {{- else }} + {{- if .Values.query.containerSecurityContext -}} + {{- toYaml .Values.query.containerSecurityContext | nindent 12 }} + {{- else }} + {} + {{- end -}} + {{- end -}} +{{- end -}} + +{{/* +Return securityContext section for proxy Container +*/}} +{{- define "proxy.containerSecurityContext" -}} + {{- if ge .Capabilities.KubeVersion.Minor "25" -}} + {{- if .Values.proxy.containerSecurityContext -}} + {{- toYaml .Values.proxy.containerSecurityContext | nindent 12 }} + {{- else }} + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + {{- end -}} + {{- else }} + {{- if .Values.proxy.securityContext -}} + runAsUser: {{ default 2000 .Values.proxy.securityContext.runAsUser }} + {{- end -}} + {{- end -}} +{{- end -}} + +{{/* +Return securityContext section for ReadinessProbe Container +*/}} +{{- define "readinessProbe.containerSecurityContext" -}} + {{- if ge .Capabilities.KubeVersion.Minor "25" -}} + {{- if .Values.readinessProbe.containerSecurityContext -}} + {{- toYaml .Values.readinessProbe.containerSecurityContext | nindent 12 }} + {{- else }} + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + {{- end -}} + {{- else }} + {{- if .Values.readinessProbe.containerSecurityContext -}} + {{- toYaml .Values.readinessProbe.containerSecurityContext | nindent 12 }} + {{- else }} + {} + {{- end -}} + {{- end -}} +{{- end -}} + +{{/******************************************************************************************************************/}} + +{{/* +Return securityContext section for agent pod +*/}} +{{- define "agent.securityContext" -}} + {{- if .Values.agent.securityContext }} + {{- toYaml .Values.agent.securityContext | nindent 8 }} + {{- if not (.Capabilities.APIVersions.Has "apps.openshift.io/v1") }} + {{- if not .Values.agent.securityContext.runAsUser }} + runAsUser: 2000 + {{- end }} + {{- if not .Values.agent.securityContext.fsGroup }} + fsGroup: 2000 + {{- end }} + {{- end }} + {{- if (eq (.Values.agent.securityContext.runAsNonRoot | toString) "false") }} + runAsNonRoot: false + {{- else }} + runAsNonRoot: true + {{- end }} + {{- if and (ge .Capabilities.KubeVersion.Minor "25") (not .Values.agent.securityContext.seccompProfile) }} + seccompProfile: + type: "RuntimeDefault" + {{- end }} + {{- else }} + {{- if not (.Capabilities.APIVersions.Has "apps.openshift.io/v1") }} + runAsUser: 2000 + fsGroup: 2000 + {{- end }} + runAsNonRoot: true + {{- if ge .Capabilities.KubeVersion.Minor "25" }} + seccompProfile: + type: "RuntimeDefault" + {{- end }} + {{- end }} +{{- end -}} + +{{/* +Return securityContext section for cassandraSchemaJob pod +*/}} +{{- define "cassandraSchemaJob.securityContext" -}} + {{- if .Values.cassandraSchemaJob.securityContext }} + {{- toYaml .Values.cassandraSchemaJob.securityContext | nindent 8 }} + {{- if not (.Capabilities.APIVersions.Has "apps.openshift.io/v1") }} + {{- if not .Values.cassandraSchemaJob.securityContext.runAsUser }} + runAsUser: 2000 + {{- end }} + {{- if not .Values.cassandraSchemaJob.securityContext.fsGroup }} + fsGroup: 2000 + {{- end }} + {{- end }} + {{- if (eq (.Values.cassandraSchemaJob.securityContext.runAsNonRoot | toString) "false") }} + runAsNonRoot: false + {{- else }} + runAsNonRoot: true + {{- end }} + {{- if and (ge .Capabilities.KubeVersion.Minor "25") (not .Values.cassandraSchemaJob.securityContext.seccompProfile) }} + seccompProfile: + type: "RuntimeDefault" + {{- end }} + {{- else }} + {{- if not (.Capabilities.APIVersions.Has "apps.openshift.io/v1") }} + runAsUser: 2000 + fsGroup: 2000 + {{- end }} + runAsNonRoot: true + {{- if ge .Capabilities.KubeVersion.Minor "25" }} + seccompProfile: + type: "RuntimeDefault" + {{- end }} + {{- end }} +{{- end -}} + +{{/* +Return securityContext section for collector pod +*/}} +{{- define "collector.securityContext" -}} + {{- if .Values.collector.securityContext }} + {{- toYaml .Values.collector.securityContext | nindent 8 }} + {{- if not (.Capabilities.APIVersions.Has "apps.openshift.io/v1") }} + {{- if not .Values.collector.securityContext.runAsUser }} + runAsUser: 2000 + {{- end }} + {{- if not .Values.collector.securityContext.fsGroup }} + fsGroup: 2000 + {{- end }} + {{- end }} + {{- if (eq (.Values.collector.securityContext.runAsNonRoot | toString) "false") }} + runAsNonRoot: false + {{- else }} + runAsNonRoot: true + {{- end }} + {{- if and (ge .Capabilities.KubeVersion.Minor "25") (not .Values.collector.securityContext.seccompProfile) }} + seccompProfile: + type: "RuntimeDefault" + {{- end }} + {{- else }} + {{- if not (.Capabilities.APIVersions.Has "apps.openshift.io/v1") }} + runAsUser: 2000 + fsGroup: 2000 + {{- end }} + runAsNonRoot: true + {{- if ge .Capabilities.KubeVersion.Minor "25" }} + seccompProfile: + type: "RuntimeDefault" + {{- end }} + {{- end }} +{{- end -}} + +{{/* +Return securityContext section for hotrod pod +*/}} +{{- define "hotrod.securityContext" -}} + {{- if .Values.hotrod.securityContext }} + {{- toYaml .Values.hotrod.securityContext | nindent 8 }} + {{- if not (.Capabilities.APIVersions.Has "apps.openshift.io/v1") }} + {{- if not .Values.hotrod.securityContext.runAsUser }} + runAsUser: 2000 + {{- end }} + {{- if not .Values.hotrod.securityContext.fsGroup }} + fsGroup: 2000 + {{- end }} + {{- end }} + {{- if (eq (.Values.hotrod.securityContext.runAsNonRoot | toString) "false") }} + runAsNonRoot: false + {{- else }} + runAsNonRoot: true + {{- end }} + {{- if and (ge .Capabilities.KubeVersion.Minor "25") (not .Values.hotrod.securityContext.seccompProfile) }} + seccompProfile: + type: "RuntimeDefault" + {{- end }} + {{- else }} + {{- if not (.Capabilities.APIVersions.Has "apps.openshift.io/v1") }} + runAsUser: 2000 + fsGroup: 2000 + {{- end }} + runAsNonRoot: true + {{- if ge .Capabilities.KubeVersion.Minor "25" }} + seccompProfile: + type: "RuntimeDefault" + {{- end }} + {{- end }} +{{- end -}} + +{{/* +Return securityContext section for elasticsearch rollover job +*/}} +{{- define "elasticsearch.rolloverjob.securityContext" -}} + {{- if .Values.elasticsearch.rollover.securityContext }} + {{- toYaml .Values.elasticsearch.rollover.securityContext | nindent 8 }} + {{- if not (.Capabilities.APIVersions.Has "apps.openshift.io/v1") }} + {{- if not .Values.elasticsearch.rollover.securityContext.runAsUser }} + runAsUser: 2000 + {{- end }} + {{- if not .Values.elasticsearch.rollover.securityContext.fsGroup }} + fsGroup: 2000 + {{- end }} + {{- end }} + {{- if (eq (.Values.elasticsearch.rollover.securityContext.runAsNonRoot | toString) "false") }} + runAsNonRoot: false + {{- else }} + runAsNonRoot: true + {{- end }} + {{- if and (ge .Capabilities.KubeVersion.Minor "25") (not .Values.elasticsearch.rollover.securityContext.seccompProfile) }} + seccompProfile: + type: "RuntimeDefault" + {{- end }} + {{- else }} + {{- if not (.Capabilities.APIVersions.Has "apps.openshift.io/v1") }} + runAsUser: 2000 + fsGroup: 2000 + {{- end }} + runAsNonRoot: true + {{- if ge .Capabilities.KubeVersion.Minor "25" }} + seccompProfile: + type: "RuntimeDefault" + {{- end }} + {{- end }} +{{- end -}} + +{{/* +Return securityContext section for elasticsearch rollover cronjob +*/}} +{{- define "elasticsearch.rollovercronjob.securityContext" -}} + {{- if .Values.elasticsearch.rollover.securityContext }} + {{- toYaml .Values.elasticsearch.rollover.securityContext | nindent 12 }} + {{- if not (.Capabilities.APIVersions.Has "apps.openshift.io/v1") }} + {{- if not .Values.elasticsearch.rollover.securityContext.runAsUser }} + runAsUser: 2000 + {{- end }} + {{- if not .Values.elasticsearch.rollover.securityContext.fsGroup }} + fsGroup: 2000 + {{- end }} + {{- end }} + {{- if (eq (.Values.elasticsearch.rollover.securityContext.runAsNonRoot | toString) "false") }} + runAsNonRoot: false + {{- else }} + runAsNonRoot: true + {{- end }} + {{- if and (ge .Capabilities.KubeVersion.Minor "25") (not .Values.elasticsearch.rollover.securityContext.seccompProfile) }} + seccompProfile: + type: "RuntimeDefault" + {{- end }} + {{- else }} + {{- if not (.Capabilities.APIVersions.Has "apps.openshift.io/v1") }} + runAsUser: 2000 + fsGroup: 2000 + {{- end }} + runAsNonRoot: true + {{- if ge .Capabilities.KubeVersion.Minor "25" }} + seccompProfile: + type: "RuntimeDefault" + {{- end }} + {{- end }} +{{- end -}} + +{{/* +Return securityContext section for elasticsearch rollover cronjob +*/}} +{{- define "elasticsearch.indexCleaner.securityContext" -}} + {{- if .Values.elasticsearch.indexCleaner.securityContext }} + {{- toYaml .Values.elasticsearch.indexCleaner.securityContext | nindent 12 }} + {{- if not (.Capabilities.APIVersions.Has "apps.openshift.io/v1") }} + {{- if not .Values.elasticsearch.indexCleaner.securityContext.runAsUser }} + runAsUser: 2000 + {{- end }} + {{- if not .Values.elasticsearch.indexCleaner.securityContext.fsGroup }} + fsGroup: 2000 + {{- end }} + {{- end }} + {{- if (eq (.Values.elasticsearch.indexCleaner.securityContext.runAsNonRoot | toString) "false") }} + runAsNonRoot: false + {{- else }} + runAsNonRoot: true + {{- end }} + {{- if and (ge .Capabilities.KubeVersion.Minor "25") (not .Values.elasticsearch.indexCleaner.securityContext.seccompProfile) }} + seccompProfile: + type: "RuntimeDefault" + {{- end }} + {{- else }} + {{- if not (.Capabilities.APIVersions.Has "apps.openshift.io/v1") }} + runAsUser: 2000 + fsGroup: 2000 + {{- end }} + runAsNonRoot: true + {{- if ge .Capabilities.KubeVersion.Minor "25" }} + seccompProfile: + type: "RuntimeDefault" + {{- end }} + {{- end }} +{{- end -}} + +{{/* +Return securityContext section for elasticsearch lookback cronjob +*/}} +{{- define "elasticsearch.lookback.securityContext" -}} + {{- if .Values.elasticsearch.lookback.securityContext }} + {{- toYaml .Values.elasticsearch.lookback.securityContext | nindent 12 }} + {{- if not (.Capabilities.APIVersions.Has "apps.openshift.io/v1") }} + {{- if not .Values.elasticsearch.lookback.securityContext.runAsUser }} + runAsUser: 2000 + {{- end }} + {{- if not .Values.elasticsearch.lookback.securityContext.fsGroup }} + fsGroup: 2000 + {{- end }} + {{- end }} + {{- if (eq (.Values.elasticsearch.lookback.securityContext.runAsNonRoot | toString) "false") }} + runAsNonRoot: false + {{- else }} + runAsNonRoot: true + {{- end }} + {{- if and (ge .Capabilities.KubeVersion.Minor "25") (not .Values.elasticsearch.lookback.securityContext.seccompProfile) }} + seccompProfile: + type: "RuntimeDefault" + {{- end }} + {{- else }} + {{- if not (.Capabilities.APIVersions.Has "apps.openshift.io/v1") }} + runAsUser: 2000 + fsGroup: 2000 + {{- end }} + runAsNonRoot: true + {{- if ge .Capabilities.KubeVersion.Minor "25" }} + seccompProfile: + type: "RuntimeDefault" + {{- end }} + {{- end }} +{{- end -}} + +{{/* +Return securityContext section for query +*/}} +{{- define "query.securityContext" -}} + {{- if .Values.query.securityContext }} + {{- toYaml .Values.query.securityContext | nindent 8 }} + {{- if not (.Capabilities.APIVersions.Has "apps.openshift.io/v1") }} + {{- if not .Values.query.securityContext.runAsUser }} + runAsUser: 2000 + {{- end }} + {{- if not .Values.query.securityContext.fsGroup }} + fsGroup: 2000 + {{- end }} + {{- end }} + {{- if (eq (.Values.query.securityContext.runAsNonRoot | toString) "false") }} + runAsNonRoot: false + {{- else }} + runAsNonRoot: true + {{- end }} + {{- if and (ge .Capabilities.KubeVersion.Minor "25") (not .Values.query.securityContext.seccompProfile) }} + seccompProfile: + type: "RuntimeDefault" + {{- end }} + {{- else }} + {{- if not (.Capabilities.APIVersions.Has "apps.openshift.io/v1") }} + runAsUser: 2000 + fsGroup: 2000 + {{- end }} + runAsNonRoot: true + {{- if ge .Capabilities.KubeVersion.Minor "25" }} + seccompProfile: + type: "RuntimeDefault" + {{- end }} + {{- end }} +{{- end -}} + +{{/* +Return securityContext section for integration tests pod +*/}} +{{- define "integrationTests.securityContext" -}} + {{- if .Values.integrationTests.securityContext }} + {{- toYaml .Values.integrationTests.securityContext | nindent 8 }} + {{- if not (.Capabilities.APIVersions.Has "apps.openshift.io/v1") }} + {{- if not .Values.integrationTests.securityContext.runAsUser }} + runAsUser: 2000 + {{- end }} + {{- if not .Values.integrationTests.securityContext.fsGroup }} + fsGroup: 2000 + {{- end }} + {{- end }} + {{- if (eq (.Values.integrationTests.securityContext.runAsNonRoot | toString) "false") }} + runAsNonRoot: false + {{- else }} + runAsNonRoot: true + {{- end }} + {{- if and (ge .Capabilities.KubeVersion.Minor "25") (not .Values.integrationTests.securityContext.seccompProfile) }} + seccompProfile: + type: "RuntimeDefault" + {{- end }} + {{- else }} + {{- if not (.Capabilities.APIVersions.Has "apps.openshift.io/v1") }} + runAsUser: 2000 + fsGroup: 2000 + {{- end }} + runAsNonRoot: true + {{- if ge .Capabilities.KubeVersion.Minor "25" }} + seccompProfile: + type: "RuntimeDefault" + {{- end }} + {{- end }} +{{- end -}} + +{{/* +Return securityContext section for status provisioner pod +*/}} +{{- define "statusProvisioner.securityContext" -}} + {{- if .Values.statusProvisioner.securityContext }} + {{- toYaml .Values.statusProvisioner.securityContext | nindent 8 }} + {{- if not (.Capabilities.APIVersions.Has "apps.openshift.io/v1") }} + {{- if not .Values.statusProvisioner.securityContext.runAsUser }} + runAsUser: 2000 + {{- end }} + {{- if not .Values.statusProvisioner.securityContext.fsGroup }} + fsGroup: 2000 + {{- end }} + {{- end }} + {{- if (eq (.Values.statusProvisioner.securityContext.runAsNonRoot | toString) "false") }} + runAsNonRoot: false + {{- else }} + runAsNonRoot: true + {{- end }} + {{- if and (ge .Capabilities.KubeVersion.Minor "25") (not .Values.statusProvisioner.securityContext.seccompProfile) }} + seccompProfile: + type: "RuntimeDefault" + {{- end }} + {{- else }} + {{- if not (.Capabilities.APIVersions.Has "apps.openshift.io/v1") }} + runAsUser: 2000 + fsGroup: 2000 + {{- end }} + runAsNonRoot: true + {{- if ge .Capabilities.KubeVersion.Minor "25" }} + seccompProfile: + type: "RuntimeDefault" + {{- end }} + {{- end }} +{{- end -}} + +{{/******************************************************************************************************************/}} + +{{/* +Calculates resources that should be monitored during deployment by Deployment Status Provisioner. +*/}} +{{- define "jaeger.monitoredResources" -}} + {{- if .Values.collector.install }} + {{- printf "Deployment %s-collector, " .Values.jaeger.serviceName -}} + {{- end }} + {{- if .Values.query.install }} + {{- printf "Deployment %s-query, " .Values.jaeger.serviceName -}} + {{- end }} + {{- if .Values.agent.install }} + {{- printf "DaemonSet %s-agent, " .Values.jaeger.serviceName -}} + {{- end }} + {{- if .Values.hotrod.install }} + {{- printf "Deployment %s-hotrod, " .Values.jaeger.serviceName -}} + {{- end }} + {{- if .Values.integrationTests.install }} + {{- printf "Deployment %s, " .Values.integrationTests.service.name -}} + {{- end }} +{{- end -}} + +{{/******************************************************************************************************************/}} + +{{/* +Prepare args for readiness-probe container. +*/}} +{{- define "readinessProbe.args" -}} + {{- if .Values.readinessProbe.args }} + {{- range .Values.readinessProbe.args }} + - {{ . | quote }} + {{- end }} + {{- else }} + - "-namespace={{ .Values.NAMESPACE | default .Release.Namespace }}" + {{- if eq .Values.jaeger.storage.type "cassandra" }} + - "-storage=cassandra" + - "-authSecretName=jaeger-cassandra" + - "-datacenter={{ include "cassandraSchemaJob.datacenter" . }}" + {{- if .Values.cassandraSchemaJob.keyspace }} + - "-keyspace={{ .Values.cassandraSchemaJob.keyspace }}" + {{- end }} + - "-host={{ include "cassandraSchemaJob.host" . }}" + - "-port={{ include "cassandraSchemaJob.port" . }}" + {{- if .Values.cassandraSchemaJob.tls.enabled }} + - "-tlsEnabled=true" + - "-caPath=/cassandra-tls/ca-cert.pem" + - "-crtPath=/cassandra-tls/client-cert.pem" + - "-keyPath=/cassandra-tls/client-key.pem" + {{- end }} + {{- else }} + - "-storage=opensearch" + - "-host={{ include "elasticsearch.url" . }}" + - "-authSecretName=jaeger-elasticsearch" + {{- if .Values.elasticsearch.client.tls.enabled }} + - "-tlsEnabled=true" + - "-caPath=/es-tls/ca-cert.pem" + - "-crtPath=/es-tls/client-cert.pem" + - "-keyPath=/es-tls/client-key.pem" + {{- end }} + {{- end }} + {{- end }} +{{- end -}} + +{{- define "jaeger.monitoredImages" -}} + {{- if .Values.agent.install -}} + {{- printf "daemonset %s-agent %s %s, " .Values.jaeger.serviceName .Values.agent.name "jaegertracing/jaeger-agent:1.62.0" -}} + {{- end -}} + {{- if .Values.collector.install -}} + {{- printf "deployment %s-collector %s %s, " .Values.jaeger.serviceName .Values.collector.name "jaegertracing/jaeger-collector:1.62.0" -}} + {{- if .Values.readinessProbe.install }} + {{- printf "deployment %s-collector readiness-probe %s, " .Values.jaeger.serviceName "qubership/jaeger-readiness-probe:1.62.0" -}} + {{- end -}} + {{- end -}} + {{- if .Values.hotrod.install -}} + {{- printf "deployment %s-hotrod %s %s, " .Values.jaeger.serviceName .Values.hotrod.name "jaegertracing/example-hotrod:1.62.0" -}} + {{- end -}} + {{- if .Values.integrationTests.install -}} + {{- printf "deployment %s %s %s, " .Values.integrationTests.service.name .Values.integrationTests.service.name "qubership/integration-tests" -}} + {{- end -}} + {{- if .Values.query.install -}} + {{- printf "deployment %s-query jaeger-query %s, " .Values.jaeger.serviceName "jaegertracing/jaeger-query:1.62.0" -}} + {{- if .Values.readinessProbe.install }} + {{- printf "deployment %s-query readiness-probe %s, " .Values.jaeger.serviceName "qubership/jaeger-readiness-probe:1.62.0" -}} + {{- end -}} + {{- if .Values.proxy.install }} + {{- printf "deployment %s-query proxy %s, " .Values.jaeger.serviceName "envoyproxy/envoy:v1.30.7" -}} + {{- end -}} + {{- end -}} +{{- end -}} diff --git a/charts/jaeger/templates/agent/daemon-set.yaml b/charts/jaeger/templates/agent/daemon-set.yaml new file mode 100644 index 0000000..ade1642 --- /dev/null +++ b/charts/jaeger/templates/agent/daemon-set.yaml @@ -0,0 +1,140 @@ +{{- if .Values.agent.install }} +apiVersion: apps/v1 +kind: DaemonSet +metadata: + name: {{ .Values.jaeger.serviceName }}-agent + labels: + name: {{ .Values.jaeger.serviceName }}-agent + app.kubernetes.io/name: {{ .Values.jaeger.serviceName }}-agent + app.kubernetes.io/instance: {{ cat .Values.jaeger.serviceName "-agent-" .Release.Namespace | nospace | trunc 63 | trimSuffix "-" }} + app.kubernetes.io/component: agent + {{- include "jaeger.commonLabels" . | nindent 4 }} + {{- if .Values.agent.labels }} + {{- toYaml .Values.agent.labels | nindent 4 }} + {{- end }} + {{- if .Values.agent.annotations }} + annotations: + {{- toYaml .Values.agent.annotations | nindent 4 }} + {{- end }} +spec: + selector: + matchLabels: + app.kubernetes.io/name: {{ .Values.jaeger.serviceName }}-agent + app.kubernetes.io/component: agent + template: + metadata: + {{- if .Values.agent.annotations }} + annotations: + {{- toYaml .Values.agent.annotations | nindent 8 }} + {{- end }} + labels: + name: {{ .Values.jaeger.serviceName }}-agent + app.kubernetes.io/name: {{ .Values.jaeger.serviceName }}-agent + app.kubernetes.io/instance: {{ cat .Values.jaeger.serviceName "-agent-" .Release.Namespace | nospace | trunc 63 | trimSuffix "-" }} + app.kubernetes.io/component: agent + {{- include "jaeger.commonLabels" . | nindent 8 }} + app.kubernetes.io/managed-by: Helm + {{- if .Values.agent.labels }} + {{- toYaml .Values.agent.labels | nindent 8 }} + {{- end }} + spec: + securityContext: + {{- include "agent.securityContext" . }} + {{- if .Values.agent.useHostNetwork }} + hostNetwork: true + {{- end }} + serviceAccountName: {{ .Values.jaeger.serviceName }}-agent + {{- with .Values.agent.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- if .Values.agent.priorityClassName }} + priorityClassName: {{ .Values.agent.priorityClassName }} + {{- end }} + containers: + - name: {{ .Values.agent.name }} + image: {{ template "agent.image" . }} + imagePullPolicy: {{ .Values.agent.imagePullPolicy }} + args: + {{- if .Values.agent.cmdlineParams }} + {{ toYaml .Values.agent.cmdlineParams | nindent 10 }} + {{- end }} + env: + {{- if .Values.agent.extraEnv }} + {{- toYaml .Values.agent.extraEnv | nindent 10 }} + {{- end }} + - name: REPORTER_GRPC_HOST_PORT + value: {{ .Values.jaeger.serviceName }}-collector:14250 + ports: + - name: zipkin-compact + containerPort: {{ .Values.agent.service.zipkinThriftPort }} + protocol: UDP + {{- if .Values.agent.useHostPort }} + hostPort: {{ .Values.agent.service.zipkinThriftPort }} + {{- end }} + - name: jaeger-compact + containerPort: {{ .Values.agent.service.compactPort }} + protocol: UDP + {{- if .Values.agent.useHostPort }} + hostPort: {{ .Values.agent.service.compactPort }} + {{- end }} + - name: jaeger-binary + containerPort: {{ .Values.agent.service.binaryPort }} + protocol: UDP + {{- if .Values.agent.useHostPort }} + hostPort: {{ .Values.agent.service.binaryPort }} + {{- end }} + - name: http + containerPort: {{ .Values.agent.service.samplingPort }} + protocol: TCP + {{- if .Values.agent.useHostPort }} + hostPort: {{ .Values.agent.service.samplingPort }} + {{- end }} + - name: admin + containerPort: 14271 + protocol: TCP + livenessProbe: + httpGet: + path: / + port: admin + readinessProbe: + httpGet: + path: / + port: admin + resources: + {{- toYaml .Values.agent.resources | nindent 10 }} + securityContext: + {{- include "agent.containerSecurityContext" . }} + volumeMounts: + {{- range .Values.agent.extraConfigmapMounts }} + - name: {{ .name }} + mountPath: {{ .mountPath }} + subPath: {{ .subPath }} + readOnly: {{ .readOnly }} + {{- end }} + {{- range .Values.agent.extraSecretMounts }} + - name: {{ .name }} + mountPath: {{ .mountPath }} + subPath: {{ .subPath }} + readOnly: {{ .readOnly }} + {{- end }} + volumes: + {{- range .Values.agent.extraConfigmapMounts }} + - name: {{ .name }} + configMap: + name: {{ .configMap }} + {{- end }} + {{- range .Values.agent.extraSecretMounts }} + - name: {{ .name }} + secret: + secretName: {{ .secretName }} + {{- end }} + {{- if .Values.agent.nodeSelector }} + nodeSelector: + {{- toYaml .Values.agent.nodeSelector | nindent 8 }} + {{- end }} + {{- if .Values.agent.tolerations }} + tolerations: + {{- toYaml .Values.agent.tolerations | nindent 8 }} + {{- end }} +{{- end }} diff --git a/charts/jaeger/templates/agent/service-account.yaml b/charts/jaeger/templates/agent/service-account.yaml new file mode 100644 index 0000000..09a9300 --- /dev/null +++ b/charts/jaeger/templates/agent/service-account.yaml @@ -0,0 +1,15 @@ +{{- if .Values.agent.install }} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ .Values.jaeger.serviceName }}-agent + labels: + name: {{ .Values.jaeger.serviceName }}-agent + app.kubernetes.io/name: {{ .Values.jaeger.serviceName }}-agent + app.kubernetes.io/instance: {{ cat .Values.jaeger.serviceName "-agent-" .Release.Namespace | nospace | trunc 63 | trimSuffix "-" }} + app.kubernetes.io/component: agent + {{- include "jaeger.commonLabels" . | nindent 4 }} + {{- if .Values.agent.labels }} + {{- toYaml .Values.agent.labels | nindent 4 }} + {{- end }} +{{- end }} diff --git a/charts/jaeger/templates/agent/service-monitor.yaml b/charts/jaeger/templates/agent/service-monitor.yaml new file mode 100644 index 0000000..ad3098c --- /dev/null +++ b/charts/jaeger/templates/agent/service-monitor.yaml @@ -0,0 +1,27 @@ +{{- if .Values.jaeger.prometheusMonitoring }} +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: {{ .Values.jaeger.serviceName }}-agent + labels: + name: {{ .Values.jaeger.serviceName }}-agent + app.kubernetes.io/name: {{ .Values.jaeger.serviceName }}-agent + app.kubernetes.io/instance: {{ cat .Values.jaeger.serviceName "-agent-" .Release.Namespace | nospace | trunc 63 | trimSuffix "-" }} + app.kubernetes.io/component: monitoring # Keep for monitoring contract + app.kubernetes.io/part-of: jaeger + app.kubernetes.io/version: {{ .Chart.AppVersion }} + {{- if .Values.agent.labels }} + {{- toYaml .Values.agent.labels | nindent 4 }} + {{- end }} +spec: + endpoints: + - interval: 30s + port: admin + path: /metrics + scheme: http + jobLabel: k8s + selector: + matchLabels: + name: {{ .Values.jaeger.serviceName }}-agent + app.kubernetes.io/component: agent +{{- end }} diff --git a/charts/jaeger/templates/agent/service.yaml b/charts/jaeger/templates/agent/service.yaml new file mode 100644 index 0000000..6871945 --- /dev/null +++ b/charts/jaeger/templates/agent/service.yaml @@ -0,0 +1,44 @@ +{{- if .Values.agent.install }} +apiVersion: v1 +kind: Service +metadata: + name: {{ .Values.jaeger.serviceName }}-agent + labels: + name: {{ .Values.jaeger.serviceName }}-agent + app.kubernetes.io/name: {{ .Values.jaeger.serviceName }}-agent + app.kubernetes.io/instance: {{ cat .Values.jaeger.serviceName "-agent-" .Release.Namespace | nospace | trunc 63 | trimSuffix "-" }} + app.kubernetes.io/component: agent + {{- include "jaeger.commonLabels" . | nindent 4 }} + {{- if .Values.agent.labels }} + {{- toYaml .Values.agent.labels | nindent 4 }} + {{- end }} + {{- if .Values.agent.annotations }} + annotations: + {{- toYaml .Values.agent.annotations | nindent 4 }} + {{- end }} +spec: + ports: + - name: zipkin-compact + port: {{ .Values.agent.service.zipkinThriftPort }} + protocol: UDP + targetPort: zipkin-compact + - name: jaeger-compact + port: {{ .Values.agent.service.compactPort }} + protocol: UDP + targetPort: jaeger-compact + - name: jaeger-binary + port: {{ .Values.agent.service.binaryPort }} + protocol: UDP + targetPort: jaeger-binary + - name: http + port: {{ .Values.agent.service.samplingPort }} + protocol: TCP + targetPort: http + - name: admin + port: 14271 + protocol: TCP + targetPort: admin + selector: + app.kubernetes.io/name: {{ .Values.jaeger.serviceName }}-agent + app.kubernetes.io/component: agent +{{- end }} \ No newline at end of file diff --git a/charts/jaeger/templates/cassandra/credentials-secret.yaml b/charts/jaeger/templates/cassandra/credentials-secret.yaml new file mode 100644 index 0000000..3a2cf0a --- /dev/null +++ b/charts/jaeger/templates/cassandra/credentials-secret.yaml @@ -0,0 +1,25 @@ +{{- if eq .Values.jaeger.storage.type "cassandra" }} +{{- if not .Values.cassandraSchemaJob.existingSecret }} +apiVersion: v1 +kind: Secret +metadata: + name: jaeger-cassandra + labels: + name: jaeger-cassandra + app.kubernetes.io/name: jaeger-cassandra + app.kubernetes.io/instance: {{ cat "jaeger-cassandra-" .Release.Namespace | nospace | trunc 63 | trimSuffix "-" }} + app.kubernetes.io/component: jaeger + {{- include "jaeger.commonLabels" . | nindent 4 }} + {{- if .Values.cassandraSchemaJob.labels }} + {{- toYaml .Values.cassandraSchemaJob.labels | nindent 4 }} + {{- end }} + {{- if .Values.cassandraSchemaJob.annotations }} + annotations: + {{- toYaml .Values.cassandraSchemaJob.annotations | nindent 4 }} + {{- end }} +type: Opaque +data: + username: {{ include "cassandraSchemaJob.userName" . | b64enc }} + password: {{ include "cassandraSchemaJob.password" . | b64enc }} +{{- end }} +{{- end }} diff --git a/charts/jaeger/templates/cassandra/pre-hook/cassandra-credentials-secret.yaml b/charts/jaeger/templates/cassandra/pre-hook/cassandra-credentials-secret.yaml new file mode 100644 index 0000000..db70b13 --- /dev/null +++ b/charts/jaeger/templates/cassandra/pre-hook/cassandra-credentials-secret.yaml @@ -0,0 +1,30 @@ +{{- if eq .Values.jaeger.storage.type "cassandra" }} +{{- if not .Values.cassandraSchemaJob.existingSecret }} +apiVersion: v1 +kind: Secret +metadata: + name: jaeger-cassandra-pre-hook + labels: + name: jaeger-cassandra-pre-hook + app.kubernetes.io/name: jaeger-cassandra-pre-hook + app.kubernetes.io/instance: {{ cat "jaeger-cassandra-pre-hook-" .Release.Namespace | nospace | trunc 63 | trimSuffix "-" }} + app.kubernetes.io/component: jaeger + {{- include "jaeger.commonLabels" . | nindent 4 }} + {{- if .Values.cassandraSchemaJob.labels }} + {{- toYaml .Values.cassandraSchemaJob.labels | nindent 4 }} + {{- end }} + annotations: + # This is what defines this resource as a hook. Without this line, the + # job is considered part of the release. + "helm.sh/hook": pre-install,pre-upgrade + "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded,hook-failed + "helm.sh/hook-weight": "-5" + {{- if .Values.cassandraSchemaJob.annotations }} + {{- toYaml .Values.cassandraSchemaJob.annotations | nindent 4 }} + {{- end }} +type: Opaque +data: + username: {{ include "cassandraSchemaJob.userName" . | b64enc }} + password: {{ include "cassandraSchemaJob.password" . | b64enc }} +{{- end }} +{{- end }} diff --git a/charts/jaeger/templates/cassandra/pre-hook/schema-job.yaml b/charts/jaeger/templates/cassandra/pre-hook/schema-job.yaml new file mode 100644 index 0000000..e7b4f78 --- /dev/null +++ b/charts/jaeger/templates/cassandra/pre-hook/schema-job.yaml @@ -0,0 +1,150 @@ +{{- if eq .Values.jaeger.storage.type "cassandra" }} +apiVersion: batch/v1 +kind: Job +metadata: + name: {{ .Values.jaeger.serviceName }}-cassandra-schema + labels: + job-name: {{ .Values.jaeger.serviceName }}-cassandra-schema + name: {{ .Values.jaeger.serviceName }}-cassandra-schema + app.kubernetes.io/name: {{ .Values.jaeger.serviceName }}-cassandra-schema + app.kubernetes.io/instance: {{ cat .Values.jaeger.serviceName "-cassandra-schema-" .Release.Namespace | nospace | trunc 63 | trimSuffix "-" }} + app.kubernetes.io/component: jaeger + {{- include "jaeger.commonLabels" . | nindent 4 }} + {{- if .Values.cassandraSchemaJob.labels }} + {{- toYaml .Values.cassandraSchemaJob.labels | nindent 4 }} + {{- end }} + annotations: + # This is what defines this resource as a hook. Without this line, the + # job is considered part of the release. + "helm.sh/hook": pre-install,pre-upgrade + "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded,hook-failed + {{- if .Values.cassandraSchemaJob.annotations }} + {{- toYaml .Values.cassandraSchemaJob.annotations | nindent 4 }} + {{- end }} +spec: + activeDeadlineSeconds: 320 + backoffLimit: 6 + completions: 1 + parallelism: 1 + {{- if semverCompare ">=1.21-0" .Capabilities.KubeVersion.GitVersion }} + ttlSecondsAfterFinished: {{ .Values.cassandraSchemaJob.ttlSecondsAfterFinished }} + {{- end }} + template: + metadata: + creationTimestamp: null + labels: + job-name: {{ .Values.jaeger.serviceName }}-cassandra-schema + name: {{ .Values.jaeger.serviceName }}-cassandra-schema + app.kubernetes.io/name: {{ .Values.jaeger.serviceName }}-cassandra-schema + app.kubernetes.io/instance: {{ cat .Values.jaeger.serviceName "-cassandra-schema-" .Release.Namespace | nospace | trunc 63 | trimSuffix "-" }} + app.kubernetes.io/component: jaeger + {{- include "jaeger.commonLabels" . | nindent 8 }} + app.kubernetes.io/managed-by: Helm + {{- if .Values.cassandraSchemaJob.labels }} + {{- toYaml .Values.cassandraSchemaJob.labels | nindent 8 }} + {{- end }} + {{- if .Values.cassandraSchemaJob.annotations }} + annotations: + {{- toYaml .Values.cassandraSchemaJob.annotations | nindent 8 }} + {{- end }} + spec: + activeDeadlineSeconds: 320 + {{- with .Values.cassandraSchemaJob.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- if .Values.cassandraSchemaJob.priorityClassName }} + priorityClassName: {{ .Values.cassandraSchemaJob.priorityClassName }} + {{- end }} + containers: + - name: {{ .Values.cassandraSchemaJob.name }} + image: {{ template "cassandra-schema-job.image" . }} + imagePullPolicy: {{ .Values.cassandraSchemaJob.imagePullPolicy }} + env: + {{- if .Values.cassandraSchemaJob.extraEnv }} + {{- toYaml .Values.cassandraSchemaJob.extraEnv | nindent 8 }} + {{- end }} + - name: CQLSH_HOST + value: {{ include "cassandraSchemaJob.host" . }} + - name: CQLSH_PORT + value: {{ include "cassandraSchemaJob.port" . | quote }} + {{- if .Values.cassandraSchemaJob.tls.enabled }} + - name: CQLSH_SSL + value: "--ssl --cqlshrc /cassandra-tls/cqlshrc" + {{- end }} + - name: MODE + value: {{ .Values.cassandraSchemaJob.mode }} + - name: DATACENTER + value: {{ include "cassandraSchemaJob.datacenter" . }} + - name: KEYSPACE + value: {{ .Values.cassandraSchemaJob.keyspace }} + - name: CASSANDRA_USERNAME + valueFrom: + secretKeyRef: + name: {{ template "cassandraSchemaJob.secretName" (merge (dict "prehook" true) .) }} + key: username + - name: CASSANDRA_PASSWORD + valueFrom: + secretKeyRef: + name: {{ template "cassandraSchemaJob.secretName" (merge (dict "prehook" true) .) }} + key: password + {{- if .Values.cassandraSchemaJob.ttl }} + {{- if .Values.cassandraSchemaJob.ttl.trace }} + - name: TRACE_TTL + value: {{ .Values.cassandraSchemaJob.ttl.trace | int | quote }} + {{- end }} + {{- if .Values.cassandraSchemaJob.ttl.dependencies }} + - name: DEPENDENCIES_TTL + value: {{ .Values.cassandraSchemaJob.ttl.dependencies | int | quote }} + {{- end }} + {{- end }} + resources: + {{- toYaml .Values.cassandraSchemaJob.resources | nindent 10 }} + securityContext: + {{- include "cassandraSchemaJob.containerSecurityContext" . }} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + {{- if .Values.cassandraSchemaJob.tls.enabled }} + volumeMounts: + - name: {{ template "cassandraSchemaJob.tls.secretName" (merge (dict "prehook" true) .) }} + mountPath: "/cassandra-tls/ca-cert.pem" + subPath: "ca-cert.pem" + readOnly: true + - name: {{ template "cassandraSchemaJob.tls.secretName" (merge (dict "prehook" true) .) }} + mountPath: "/cassandra-tls/client-cert.pem" + subPath: "client-cert.pem" + readOnly: true + - name: {{ template "cassandraSchemaJob.tls.secretName" (merge (dict "prehook" true) .) }} + mountPath: "/cassandra-tls/client-key.pem" + subPath: "client-key.pem" + readOnly: true + - name: {{ template "cassandraSchemaJob.tls.secretName" (merge (dict "prehook" true) .) }} + mountPath: "/cassandra-tls/cqlshrc" + subPath: "cqlshrc" + readOnly: true + {{- end }} + securityContext: + {{- include "cassandraSchemaJob.securityContext" . }} + {{- if .Values.cassandraSchemaJob.affinity }} + affinity: + {{- toYaml .Values.cassandraSchemaJob.affinity | nindent 8 }} + {{- end }} + {{- if .Values.cassandraSchemaJob.nodeSelector }} + nodeSelector: + {{- toYaml .Values.cassandraSchemaJob.nodeSelector | nindent 8 }} + {{- end }} + {{- if .Values.cassandraSchemaJob.tolerations }} + tolerations: + {{- toYaml .Values.cassandraSchemaJob.tolerations | nindent 8 }} + {{- end }} + {{- if .Values.cassandraSchemaJob.tls.enabled }} + volumes: + - name: {{ template "cassandraSchemaJob.tls.secretName" (merge (dict "prehook" true) .) }} + secret: + secretName: {{ template "cassandraSchemaJob.tls.secretName" (merge (dict "prehook" true) .) }} + {{- end }} + dnsPolicy: ClusterFirst + restartPolicy: OnFailure + schedulerName: default-scheduler + terminationGracePeriodSeconds: 30 +{{- end }} diff --git a/charts/jaeger/templates/cassandra/pre-hook/tls-secret.yaml b/charts/jaeger/templates/cassandra/pre-hook/tls-secret.yaml new file mode 100644 index 0000000..4d0a66c --- /dev/null +++ b/charts/jaeger/templates/cassandra/pre-hook/tls-secret.yaml @@ -0,0 +1,33 @@ +{{- if eq .Values.jaeger.storage.type "cassandra" }} +{{- if not .Values.cassandraSchemaJob.tls.existingSecret }} +{{- if or .Values.cassandraSchemaJob.tls.ca .Values.cassandraSchemaJob.tls.cert .Values.cassandraSchemaJob.tls.key }} +apiVersion: v1 +kind: Secret +metadata: + name: jaeger-cassandra-tls-pre-hook + labels: + name: jaeger-cassandra-tls-pre-hook + app.kubernetes.io/name: jaeger-cassandra-tls-pre-hook + app.kubernetes.io/instance: {{ cat "jaeger-cassandra-tls-pre-hook-" .Release.Namespace | nospace | trunc 63 | trimSuffix "-" }} + app.kubernetes.io/component: jaeger + {{- include "jaeger.commonLabels" . | nindent 4 }} + {{- if .Values.cassandraSchemaJob.labels }} + {{- toYaml .Values.cassandraSchemaJob.labels | nindent 4 }} + {{- end }} + annotations: + # This is what defines this resource as a hook. Without this line, the + # job is considered part of the release. + "helm.sh/hook": pre-install,pre-upgrade + "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded,hook-failed + "helm.sh/hook-weight": "-5" + {{- if .Values.cassandraSchemaJob.annotations }} + {{- toYaml .Values.cassandraSchemaJob.annotations | nindent 4 }} + {{- end }} +data: + ca-cert.pem: {{ .Values.cassandraSchemaJob.tls.ca | b64enc }} + client-cert.pem: {{ .Values.cassandraSchemaJob.tls.cert | b64enc}} + client-key.pem: {{ .Values.cassandraSchemaJob.tls.key | b64enc }} + cqlshrc: {{ .Values.cassandraSchemaJob.tls.cqlshrc | b64enc }} +{{- end }} +{{- end }} +{{- end }} diff --git a/charts/jaeger/templates/cassandra/tls-secret.yaml b/charts/jaeger/templates/cassandra/tls-secret.yaml new file mode 100644 index 0000000..e70a9ff --- /dev/null +++ b/charts/jaeger/templates/cassandra/tls-secret.yaml @@ -0,0 +1,31 @@ +{{- if eq .Values.jaeger.storage.type "cassandra" }} +{{- if not .Values.cassandraSchemaJob.tls.existingSecret }} +{{- if or .Values.cassandraSchemaJob.tls.ca .Values.cassandraSchemaJob.tls.cert .Values.cassandraSchemaJob.tls.key }} +apiVersion: v1 +kind: Secret +metadata: + name: jaeger-cassandra-tls + labels: + name: jaeger-cassandra-tls + app.kubernetes.io/name: jaeger-cassandra-tls + app.kubernetes.io/instance: {{ cat "jaeger-cassandra-tls-" .Release.Namespace | nospace | trunc 63 | trimSuffix "-" }} + app.kubernetes.io/component: jaeger + {{- include "jaeger.commonLabels" . | nindent 4 }} + {{- if .Values.cassandraSchemaJob.labels }} + {{- toYaml .Values.cassandraSchemaJob.labels | nindent 4 }} + {{- end }} + {{- if .Values.cassandraSchemaJob.annotations }} + annotations: + {{- toYaml .Values.cassandraSchemaJob.annotations | nindent 4 }} + {{- end }} +data: + {{- if .Values.cassandraSchemaJob.tls.commonName }} + commonName: {{ .Values.cassandraSchemaJob.tls.commonName | b64enc }} + {{- end }} + ca-cert.pem: {{ .Values.cassandraSchemaJob.tls.ca | b64enc }} + client-cert.pem: {{ .Values.cassandraSchemaJob.tls.cert | b64enc}} + client-key.pem: {{ .Values.cassandraSchemaJob.tls.key | b64enc }} + cqlshrc: {{ .Values.cassandraSchemaJob.tls.cqlshrc | b64enc }} +{{- end }} +{{- end }} +{{- end }} diff --git a/charts/jaeger/templates/collector/certificate.yaml b/charts/jaeger/templates/collector/certificate.yaml new file mode 100644 index 0000000..39a6dce --- /dev/null +++ b/charts/jaeger/templates/collector/certificate.yaml @@ -0,0 +1,50 @@ +{{- if not .Values.collector.tlsConfig.existingSecret }} +{{- if and .Values.collector.tlsConfig.generateCerts.enabled (or .Values.collector.tlsConfig.otelHttp.enabled + .Values.collector.tlsConfig.otelgRPC.enabled + .Values.collector.tlsConfig.jaegerHttp.enabled + .Values.collector.tlsConfig.jaegergRPC.enabled + .Values.collector.tlsConfig.zipkin.enabled) }} +apiVersion: cert-manager.io/v1 +kind: Certificate +metadata: + name: jaeger-collector-tls-certificate + labels: + name: jaeger-collector-tls-certificate + app.kubernetes.io/name: jaeger-collector-tls-certificate + app.kubernetes.io/instance: {{ cat "jaeger-collector-tls-certificate-" .Release.Namespace | nospace | trunc 63 | trimSuffix "-" }} + app.kubernetes.io/component: collector + {{- if .Values.collector.labels }} + {{- toYaml .Values.collector.labels | nindent 4 }} + {{- end }} + {{- if .Values.collector.annotations }} + annotations: + {{- toYaml .Values.collector.annotations | nindent 4 }} + {{- end }} +spec: + secretName: {{ default "jaeger-collector-tls-secret" .Values.collector.tlsConfig.newSecretName }} + duration: {{ default 365 .Values.collector.tlsConfig.generateCerts.duration | mul 24 }}h + renewBefore: {{ default 15 .Values.collector.tlsConfig.generateCerts.renewBefore | mul 24 }}h + commonName: jaeger-collector-crt + isCA: false + privateKey: + rotationPolicy: Always + algorithm: RSA + encoding: PKCS1 + size: 2048 + dnsNames: + - localhost + - {{ .Values.jaeger.serviceName }}-collector.{{ .Release.Namespace }}.svc + - {{ .Values.jaeger.serviceName }}-collector + ipAddresses: + - 127.0.0.1 + issuerRef: +{{- if .Values.collector.tlsConfig.generateCerts.clusterIssuerName }} + name: {{ .Values.collector.tlsConfig.generateCerts.clusterIssuerName }} + kind: ClusterIssuer +{{- else }} + name: jaeger-collector-tls-issuer + kind: Issuer +{{- end }} + group: cert-manager.io +{{- end }} +{{- end }} \ No newline at end of file diff --git a/charts/jaeger/templates/collector/deployment.yaml b/charts/jaeger/templates/collector/deployment.yaml new file mode 100644 index 0000000..92d2ba3 --- /dev/null +++ b/charts/jaeger/templates/collector/deployment.yaml @@ -0,0 +1,524 @@ +{{- $otelhttpTlsConfigEnabled := .Values.collector.tlsConfig.otelHttp.enabled }} +{{- $otelgrpcTlsConfigEnabled := .Values.collector.tlsConfig.otelgRPC.enabled }} +{{- $jaegerhttpTlsConfigEnabled := .Values.collector.tlsConfig.jaegerHttp.enabled }} +{{- $jaegergrpcTlsConfigEnabled := .Values.collector.tlsConfig.jaegergRPC.enabled }} +{{- $zipkinTlsConfigEnabled := .Values.collector.tlsConfig.zipkin.enabled }} +{{- if .Values.collector.install }} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ .Values.jaeger.serviceName }}-collector + labels: + name: {{ .Values.jaeger.serviceName }}-collector + app.kubernetes.io/name: {{ .Values.jaeger.serviceName }}-collector + app.kubernetes.io/instance: {{ cat .Values.jaeger.serviceName "-collector-" .Release.Namespace | nospace | trunc 63 | trimSuffix "-" }} + app.kubernetes.io/component: collector + {{- include "jaeger.commonLabels" . | nindent 4 }} + {{- if .Values.collector.labels }} + {{- toYaml .Values.collector.labels | nindent 4 }} + {{- end }} + {{- if .Values.collector.annotations }} + annotations: + {{- toYaml .Values.collector.annotations | nindent 4 }} + {{- end }} +spec: + progressDeadlineSeconds: 600 + replicas: {{ .Values.collector.replicas }} + revisionHistoryLimit: 10 + selector: + matchLabels: + app.kubernetes.io/name: {{ .Values.jaeger.serviceName }}-collector + app.kubernetes.io/component: collector + strategy: + rollingUpdate: + maxSurge: 25% + maxUnavailable: 25% + type: RollingUpdate + template: + metadata: + labels: + name: {{ .Values.jaeger.serviceName }}-collector + app.kubernetes.io/name: {{ .Values.jaeger.serviceName }}-collector + app.kubernetes.io/instance: {{ cat .Values.jaeger.serviceName "-collector-" .Release.Namespace | nospace | trunc 63 | trimSuffix "-" }} + app.kubernetes.io/component: collector + {{- include "jaeger.commonLabels" . | nindent 8 }} + {{- if .Values.collector.labels }} + {{- toYaml .Values.collector.labels | nindent 8 }} + {{- end }} + app.kubernetes.io/managed-by: Helm + {{- if .Values.collector.annotations }} + annotations: + {{- toYaml .Values.collector.annotations | nindent 8 }} + {{- end }} + spec: + {{- with .Values.collector.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + securityContext: + {{- include "collector.securityContext" . }} + {{- if .Values.collector.priorityClassName }} + priorityClassName: {{ .Values.collector.priorityClassName }} + {{- end }} + serviceAccountName: {{ .Values.jaeger.serviceName }}-collector + containers: + {{- if .Values.readinessProbe.install }} + - name: readiness-probe + image: {{ template "readiness-probe.image" . }} + imagePullPolicy: {{ .Values.readinessProbe.imagePullPolicy }} + command: ["/app/probe"] + args: + {{- template "readinessProbe.args" . }} + ports: + - containerPort: 8080 + protocol: TCP + readinessProbe: + failureThreshold: 1 + httpGet: + path: /health + port: 8080 + scheme: HTTP + initialDelaySeconds: 5 + periodSeconds: 600 + successThreshold: 1 + timeoutSeconds: 900 + livenessProbe: + failureThreshold: 1 + httpGet: + path: /health + port: 8080 + scheme: HTTP + initialDelaySeconds: 5 + periodSeconds: 5 + successThreshold: 1 + timeoutSeconds: 10 + resources: + {{- toYaml .Values.readinessProbe.resources | nindent 12 }} + securityContext: + {{- include "readinessProbe.containerSecurityContext" . }} + volumeMounts: + {{- if .Values.cassandraSchemaJob.tls.enabled }} + - name: {{ template "cassandraSchemaJob.tls.secretName" . }} + mountPath: "/cassandra-tls/ca-cert.pem" + subPath: "ca-cert.pem" + readOnly: true + - name: {{ template "cassandraSchemaJob.tls.secretName" . }} + mountPath: "/cassandra-tls/client-cert.pem" + subPath: "client-cert.pem" + readOnly: true + - name: {{ template "cassandraSchemaJob.tls.secretName" . }} + mountPath: "/cassandra-tls/client-key.pem" + subPath: "client-key.pem" + readOnly: true + {{- end }} + {{- if and .Values.elasticsearch.client.tls.enabled (not .Values.elasticsearch.client.tls.insecureSkipVerify) }} + - name: {{ .Values.jaeger.serviceName }}-elasticsearch-tls-assets + mountPath: "/es-tls/ca-cert.pem" + subPath: "ca-cert.pem" + readOnly: true + - name: {{ .Values.jaeger.serviceName }}-elasticsearch-tls-assets + mountPath: "/es-tls/client-cert.pem" + subPath: "client-cert.pem" + readOnly: true + - name: {{ .Values.jaeger.serviceName }}-elasticsearch-tls-assets + mountPath: "/es-tls/client-key.pem" + subPath: "client-key.pem" + readOnly: true + {{- end }} + {{- end }} + - name: {{ .Values.collector.name }} + image: {{ template "collector.image" . }} + imagePullPolicy: {{ .Values.collector.imagePullPolicy }} + args: + {{- if .Values.collector.cmdlineParams }} + {{- toYaml .Values.collector.cmdlineParams | nindent 12 }} + {{- end }} + env: + {{- if $otelhttpTlsConfigEnabled }} + - name: COLLECTOR_OTLP_HTTP_TLS_ENABLED + value: {{ $otelhttpTlsConfigEnabled | quote }} + - name: COLLECTOR_OTLP_HTTP_TLS_CERT + value: /collector-tls/tls.crt + - name: COLLECTOR_OTLP_HTTP_TLS_CLIENT_CA + value: /collector-tls/ca.crt + - name: COLLECTOR_OTLP_HTTP_TLS_KEY + value: /collector-tls/tls.key + {{- if .Values.collector.tlsConfig.otelHttp.cipherSuites }} + - name: COLLECTOR_OTLP_HTTP_TLS_CIPHER_SUITES + value: {{ .Values.collector.tlsConfig.otelHttp.cipherSuites }} + {{- end }} + {{- if .Values.collector.tlsConfig.otelHttp.maxVersion }} + - name: COLLECTOR_OTLP_HTTP_TLS_MAX_VERSION + value: {{ .Values.collector.tlsConfig.otelHttp.maxVersion | quote }} + {{- end }} + {{- if .Values.collector.tlsConfig.otelHttp.minVersion }} + - name: COLLECTOR_OTLP_HTTP_TLS_MIN_VERSION + value: {{ .Values.collector.tlsConfig.otelHttp.minVersion | quote }} + {{- end }} + {{- if .Values.collector.tlsConfig.otelHttp.certificateReloadInterval }} + - name: COLLECTOR_OTLP_HTTP_TLS_RELOAD_INTERVAL + value: {{ default "0s" .Values.collector.tlsConfig.otelHttp.certificateReloadInterval }} + {{- end }} + {{- end }} + {{- if $otelgrpcTlsConfigEnabled }} + - name: COLLECTOR_OTLP_GRPC_TLS_ENABLED + value: {{ $otelgrpcTlsConfigEnabled | quote }} + - name: COLLECTOR_OTLP_GRPC_TLS_CERT + value: /collector-tls/tls.crt + - name: COLLECTOR_OTLP_GRPC_TLS_CLIENT_CA + value: /collector-tls/ca.crt + - name: COLLECTOR_OTLP_GRPC_TLS_KEY + value: /collector-tls/tls.key + {{- if .Values.collector.tlsConfig.otelgRPC.cipherSuites }} + - name: COLLECTOR_OTLP_GRPC_TLS_CIPHER_SUITES + value: {{ .Values.collector.tlsConfig.otelgRPC.cipherSuites }} + {{- end }} + {{- if .Values.collector.tlsConfig.otelgRPC.maxVersion }} + - name: COLLECTOR_OTLP_GRPC_TLS_MAX_VERSION + value: {{ .Values.collector.tlsConfig.otelgRPC.maxVersion | quote }} + {{- end }} + {{- if .Values.collector.tlsConfig.otelgRPC.minVersion }} + - name: COLLECTOR_OTLP_GRPC_TLS_MIN_VERSION + value: {{ .Values.collector.tlsConfig.otelgRPC.minVersion | quote }} + {{- end }} + {{- if .Values.collector.tlsConfig.otelgRPC.certificateReloadInterval }} + - name: COLLECTOR_OTLP_GRPC_TLS_RELOAD_INTERVAL + value: {{ default "0s" .Values.collector.tlsConfig.otelgRPC.certificateReloadInterval }} + {{- end }} + {{- end }} + {{- if $jaegerhttpTlsConfigEnabled }} + - name: COLLECTOR_HTTP_TLS_ENABLED + value: {{ $jaegerhttpTlsConfigEnabled | quote }} + - name: COLLECTOR_HTTP_TLS_CERT + value: /collector-tls/tls.crt + - name: COLLECTOR_HTTP_TLS_CLIENT_CA + value: /collector-tls/ca.crt + - name: COLLECTOR_HTTP_TLS_KEY + value: /collector-tls/tls.key + {{- if .Values.collector.tlsConfig.jaegerHttp.cipherSuites }} + - name: COLLECTOR_HTTP_TLS_CIPHER_SUITES + value: {{ .Values.collector.tlsConfig.jaegerHttp.cipherSuites }} + {{- end }} + {{- if .Values.collector.tlsConfig.jaegerHttp.maxVersion }} + - name: COLLECTOR_HTTP_TLS_MAX_VERSION + value: {{ .Values.collector.tlsConfig.jaegerHttp.maxVersion | quote }} + {{- end }} + {{- if .Values.collector.tlsConfig.jaegerHttp.minVersion }} + - name: COLLECTOR_HTTP_TLS_MIN_VERSION + value: {{ .Values.collector.tlsConfig.jaegerHttp.minVersion | quote }} + {{- end }} + {{- end }} + {{- if $jaegergrpcTlsConfigEnabled }} + - name: COLLECTOR_GRPC_TLS_ENABLED + value: {{ $jaegergrpcTlsConfigEnabled | quote }} + - name: COLLECTOR_GRPC_TLS_CERT + value: /collector-tls/tls.crt + - name: COLLECTOR_GRPC_TLS_CLIENT_CA + value: /collector-tls/ca.crt + - name: COLLECTOR_GRPC_TLS_KEY + value: /collector-tls/tls.key + {{- if .Values.collector.tlsConfig.jaegergRPC.cipherSuites }} + - name: COLLECTOR_GRPC_TLS_CIPHER_SUITES + value: {{ .Values.collector.tlsConfig.jaegergRPC.cipherSuites }} + {{- end }} + {{- if .Values.collector.tlsConfig.jaegergRPC.maxVersion }} + - name: COLLECTOR_GRPC_TLS_MAX_VERSION + value: {{ .Values.collector.tlsConfig.jaegergRPC.maxVersion | quote }} + {{- end }} + {{- if .Values.collector.tlsConfig.jaegergRPC.minVersion }} + - name: COLLECTOR_GRPC_TLS_MIN_VERSION + value: {{ .Values.collector.tlsConfig.jaegergRPC.minVersion | quote }} + {{- end }} + {{- end }} + {{- if $zipkinTlsConfigEnabled }} + - name: COLLECTOR_ZIPKIN_TLS_ENABLED + value: {{ $zipkinTlsConfigEnabled | quote }} + - name: COLLECTOR_ZIPKIN_TLS_CERT + value: /collector-tls/tls.crt + - name: COLLECTOR_ZIPKIN_TLS_CLIENT_CA + value: /collector-tls/ca.crt + - name: COLLECTOR_ZIPKIN_TLS_KEY + value: /collector-tls/tls.key + {{- if .Values.collector.tlsConfig.zipkin.cipherSuites }} + - name: COLLECTOR_ZIPKIN_TLS_CIPHER_SUITES + value: {{ .Values.collector.tlsConfig.zipkin.cipherSuites }} + {{- end }} + {{- if .Values.collector.tlsConfig.zipkin.maxVersion }} + - name: COLLECTOR_ZIPKIN_TLS_MAX_VERSION + value: {{ .Values.collector.tlsConfig.zipkin.maxVersion | quote }} + {{- end }} + {{- if .Values.collector.tlsConfig.zipkin.minVersion }} + - name: COLLECTOR_ZIPKIN_TLS_MIN_VERSION + value: {{ .Values.collector.tlsConfig.zipkin.minVersion | quote }} + {{- end }} + {{- end }} + - name: COLLECTOR_OTLP_ENABLED + value: "true" + {{- if .Values.collector.zipkinPort }} + - name: COLLECTOR_ZIPKIN_HOST_PORT + value: {{ .Values.collector.zipkinPort | quote }} + {{- end }} + {{- if .Values.collector.samplingConfig }} + - name: SAMPLING_STRATEGIES_FILE + value: /etc/jaeger/sampling/sampling.json + {{- end }} + - name: SPAN_STORAGE_TYPE + value: {{ .Values.jaeger.storage.type }} + {{- /* Section with Cassandra enviroment variables */}} + {{- if .Values.collector.extraEnv }} + {{- toYaml .Values.collector.extraEnv | nindent 12 }} + {{- end }} + {{- if eq .Values.jaeger.storage.type "cassandra" }} + - name: CASSANDRA_SERVERS + value: {{ include "cassandraSchemaJob.host" . | quote }} + - name: CASSANDRA_PORT + value: {{ include "cassandraSchemaJob.port" . | quote }} + - name: CASSANDRA_USERNAME + valueFrom: + secretKeyRef: + name: {{ template "cassandraSchemaJob.secretName" . }} + key: username + - name: CASSANDRA_PASSWORD + valueFrom: + secretKeyRef: + name: {{ template "cassandraSchemaJob.secretName" . }} + key: password + - name: CASSANDRA_BASIC_ALLOWED_AUTHENTICATORS + value: {{ template "cassandraSchemaJob.allowedAuthenticators" . }} + {{- if .Values.cassandraSchemaJob.tls.enabled }} + - name: CASSANDRA_TLS_ENABLED + value: "true" + {{- if .Values.cassandraSchemaJob.tls.commonName }} + - name: CASSANDRA_TLS_SERVER_NAME + valueFrom: + secretKeyRef: + name: {{ template "cassandraSchemaJob.tls.secretName" . }} + key: commonName + {{- end }} + - name: CASSANDRA_TLS_KEY + value: "/cassandra-tls/client-key.pem" + - name: CASSANDRA_TLS_CERT + value: "/cassandra-tls/client-cert.pem" + - name: CASSANDRA_TLS_CA + value: "/cassandra-tls/ca-cert.pem" + {{- end }} + {{- if .Values.cassandraSchemaJob.keyspace }} + - name: CASSANDRA_KEYSPACE + value: {{ .Values.cassandraSchemaJob.keyspace }} + {{- end }} + - name: CASSANDRA_LOCAL_DC + value: {{ include "cassandraSchemaJob.datacenter" . }} + {{- /* Section with Cassandra extra enviroment variables */}} + {{- if .Values.cassandraSchemaJob.extraEnv }} + {{- toYaml .Values.cassandraSchemaJob.extraEnv | nindent 12 }} + {{- end }} + {{- /* Section with ElasticSearch/OpenSearch enviroment variables */}} + {{- else if eq .Values.jaeger.storage.type "elasticsearch" }} + - name: ES_SERVER_URLS + value: {{ include "elasticsearch.url" . }} + - name: ES_USERNAME + valueFrom: + secretKeyRef: + name: {{ if .Values.elasticsearch.existingSecret }}{{ .Values.elasticsearch.existingSecret }}{{- else }}jaeger-elasticsearch{{- end }} + key: username + - name: ES_PASSWORD + valueFrom: + secretKeyRef: + name: {{ if .Values.elasticsearch.existingSecret }}{{ .Values.elasticsearch.existingSecret }}{{- else }}jaeger-elasticsearch{{- end }} + key: password + {{- if .Values.elasticsearch.indexPrefix }} + - name: ES_INDEX_PREFIX + value: {{ .Values.elasticsearch.indexPrefix }} + {{- end }} + {{- if .Values.elasticsearch.client.tls.enabled }} + - name: ES_TLS_ENABLED + value: {{ .Values.elasticsearch.client.tls.enabled | quote }} + {{- if or .Values.elasticsearch.client.tls.existingSecret (or .Values.elasticsearch.client.tls.ca .Values.elasticsearch.client.tls.cert .Values.elasticsearch.client.tls.key) }} + - name: ES_TLS_CA + value: /es-tls/ca-cert.pem + - name: ES_TLS_CERT + value: /es-tls/client-cert.pem + - name: ES_TLS_KEY + value: /es-tls/client-key.pem + {{- else if .Values.elasticsearch.client.tls.insecureSkipVerify }} + - name: ES_TLS_SKIP_HOST_VERIFY + value: {{ .Values.elasticsearch.client.tls.insecureSkipVerify | quote }} + {{- end }} + {{- end }} + {{- /* Section with ElasticSearch/OpenSearch extra enviroment variables */}} + {{- if .Values.elasticsearch.extraEnv }} + {{- toYaml .Values.elasticsearch.extraEnv | nindent 12 }} + {{- end }} + {{- end }} + {{- if .Values.readinessProbe.install }} + readinessProbe: + failureThreshold: 1 + httpGet: + path: /health + port: 8080 + scheme: HTTP + initialDelaySeconds: 1 + periodSeconds: 300 + successThreshold: 1 + timeoutSeconds: 600 + {{- else }} + readinessProbe: + failureThreshold: 3 + httpGet: + path: / + port: admin-http + scheme: HTTP + initialDelaySeconds: 1 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + {{- end }} + livenessProbe: + failureThreshold: 5 + httpGet: + path: / + port: admin-http + scheme: HTTP + initialDelaySeconds: 5 + periodSeconds: 15 + successThreshold: 1 + timeoutSeconds: 1 + ports: + {{- if .Values.collector.zipkinPort }} + - containerPort: {{ .Values.collector.zipkinPort }} + name: zipkin + protocol: TCP + {{- end }} + - containerPort: 14267 + name: c-tchan-trft + protocol: TCP + - containerPort: 14268 + name: c-binary-trft + protocol: TCP + - containerPort: 14269 + name: admin-http + protocol: TCP + - containerPort: 14250 + name: grpc + protocol: TCP + - containerPort: 4317 + name: otlp-grpc + protocol: TCP + - containerPort: 4318 + name: otlp-http + protocol: TCP + resources: + {{- toYaml .Values.collector.resources | nindent 12 }} + securityContext: + {{- include "collector.containerSecurityContext" . }} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /etc/jaeger/sampling + name: {{ .Values.jaeger.serviceName }}-sampling-configuration-volume + readOnly: true + {{- if .Values.cassandraSchemaJob.tls.enabled }} + - name: {{ template "cassandraSchemaJob.tls.secretName" . }} + mountPath: "/cassandra-tls/ca-cert.pem" + subPath: "ca-cert.pem" + readOnly: true + - name: {{ template "cassandraSchemaJob.tls.secretName" . }} + mountPath: "/cassandra-tls/client-cert.pem" + subPath: "client-cert.pem" + readOnly: true + - name: {{ template "cassandraSchemaJob.tls.secretName" . }} + mountPath: "/cassandra-tls/client-key.pem" + subPath: "client-key.pem" + readOnly: true + {{- end }} + {{- if and .Values.elasticsearch.client.tls.enabled (not .Values.elasticsearch.client.tls.insecureSkipVerify) }} + - name: {{ .Values.jaeger.serviceName }}-elasticsearch-tls-assets + mountPath: "/es-tls/ca-cert.pem" + subPath: "ca-cert.pem" + readOnly: true + - name: {{ .Values.jaeger.serviceName }}-elasticsearch-tls-assets + mountPath: "/es-tls/client-cert.pem" + subPath: "client-cert.pem" + readOnly: true + - name: {{ .Values.jaeger.serviceName }}-elasticsearch-tls-assets + mountPath: "/es-tls/client-key.pem" + subPath: "client-key.pem" + readOnly: true + {{- end }} + {{- if or .Values.collector.tlsConfig.otelHttp.enabled + .Values.collector.tlsConfig.otelgRPC.enabled + .Values.collector.tlsConfig.jaegerHttp.enabled + .Values.collector.tlsConfig.jaegergRPC.enabled + .Values.collector.tlsConfig.zipkin.enabled }} + {{- if .Values.collector.tlsConfig.existingSecret }} + - name: {{ .Values.collector.tlsConfig.existingSecret }} + mountPath: "/collector-tls/ca.crt" + subPath: "ca.crt" + readOnly: true + - name: {{ .Values.collector.tlsConfig.existingSecret }} + mountPath: "/collector-tls/tls.crt" + subPath: "tls.crt" + readOnly: true + - name: {{ .Values.collector.tlsConfig.existingSecret }} + mountPath: "/collector-tls/tls.key" + subPath: "tls.key" + readOnly: true + {{- else }} + - name: {{ default "jaeger-collector-tls-secret" .Values.collector.tlsConfig.newSecretName }} + mountPath: "/collector-tls/ca.crt" + subPath: "ca.crt" + readOnly: true + - name: {{ default "jaeger-collector-tls-secret" .Values.collector.tlsConfig.newSecretName }} + mountPath: "/collector-tls/tls.crt" + subPath: "tls.crt" + readOnly: true + - name: {{ default "jaeger-collector-tls-secret" .Values.collector.tlsConfig.newSecretName }} + mountPath: "/collector-tls/tls.key" + subPath: "tls.key" + readOnly: true + {{- end }} + {{- end }} + dnsPolicy: ClusterFirst + restartPolicy: Always + schedulerName: default-scheduler + terminationGracePeriodSeconds: 30 + volumes: + - name: {{ .Values.jaeger.serviceName }}-sampling-configuration-volume + configMap: + name: {{ .Values.jaeger.serviceName }}-sampling-configuration + defaultMode: 420 + items: + - key: sampling + path: sampling.json + {{- if .Values.cassandraSchemaJob.tls.enabled }} + - name: {{ template "cassandraSchemaJob.tls.secretName" . }} + secret: + secretName: {{ template "cassandraSchemaJob.tls.secretName" . }} + {{- end }} + {{- if and .Values.elasticsearch.client.tls.enabled (not .Values.elasticsearch.client.tls.insecureSkipVerify) }} + - name: {{ .Values.jaeger.serviceName }}-elasticsearch-tls-assets + secret: + secretName: {{ template "elasticsearch.tls.secretName" . }} + {{- end }} + {{- if .Values.collector.tlsConfig.existingSecret }} + - name: {{ .Values.collector.tlsConfig.existingSecret }} + secret: + secretName: {{ .Values.collector.tlsConfig.existingSecret }} + {{- else }} + - name: {{ default "jaeger-collector-tls-secret" .Values.collector.tlsConfig.newSecretName }} + secret: + secretName: {{ default "jaeger-collector-tls-secret" .Values.collector.tlsConfig.newSecretName }} + {{- end }} + {{- if .Values.collector.affinity }} + affinity: + {{- toYaml .Values.collector.affinity | nindent 8 }} + {{- end }} + {{- if .Values.collector.nodeSelector }} + nodeSelector: + {{- toYaml .Values.collector.nodeSelector | nindent 8 }} + {{- end }} + {{- if .Values.collector.tolerations }} + tolerations: + {{- toYaml .Values.collector.tolerations | nindent 8 }} + {{- end }} +{{- end }} diff --git a/charts/jaeger/templates/collector/headless-service.yaml b/charts/jaeger/templates/collector/headless-service.yaml new file mode 100644 index 0000000..fbd65d9 --- /dev/null +++ b/charts/jaeger/templates/collector/headless-service.yaml @@ -0,0 +1,61 @@ +{{- if .Values.collector.install }} +apiVersion: v1 +kind: Service +metadata: + name: {{ .Values.jaeger.serviceName }}-collector-headless + annotations: + service.beta.openshift.io/serving-cert-secret-name: {{ .Values.jaeger.serviceName }}-collector-headless-tls + labels: + name: {{ .Values.jaeger.serviceName }}-collector-headless + app.kubernetes.io/name: {{ .Values.jaeger.serviceName }}-collector-headless + app.kubernetes.io/instance: {{ cat .Values.jaeger.serviceName "-collector-headless-" .Release.Namespace | nospace | trunc 63 | trimSuffix "-" }} + app.kubernetes.io/component: collector + {{- include "jaeger.commonLabels" . | nindent 4 }} + {{- if .Values.collector.labels }} + {{- toYaml .Values.collector.labels | nindent 4 }} + {{- end }} + {{- if .Values.collector.annotations }} + annotations: + {{- toYaml .Values.collector.annotations | nindent 4 }} + {{- end }} +spec: + clusterIP: None + ports: + {{- if .Values.collector.zipkinPort }} + - name: http-zipkin + port: {{ .Values.collector.zipkinPort }} + protocol: TCP + targetPort: zipkin + {{- end }} + - name: otlp-grpc + port: 4317 + protocol: TCP + targetPort: 4317 + - name: otlp-http + port: 4318 + protocol: TCP + targetPort: 4318 + - name: grpc + port: 14250 + protocol: TCP + targetPort: 14250 + - name: c-tchan-trft + port: 14267 + protocol: TCP + targetPort: 14267 + - name: http-c-binary-trft + port: 14268 + protocol: TCP + targetPort: 14268 + - name: admin-http + port: 14269 + protocol: TCP + targetPort: 14269 + selector: + app.kubernetes.io/name: {{ .Values.jaeger.serviceName }}-collector + app.kubernetes.io/component: collector + sessionAffinity: None + type: ClusterIP +status: + loadBalancer: {} +{{- end }} \ No newline at end of file diff --git a/charts/jaeger/templates/collector/ingress.yaml b/charts/jaeger/templates/collector/ingress.yaml new file mode 100644 index 0000000..467b2aa --- /dev/null +++ b/charts/jaeger/templates/collector/ingress.yaml @@ -0,0 +1,29 @@ +{{- if and .Values.collector.install .Values.collector.ingress.install }} +{{- $defaultServiceName := printf "%s-collector" $.Values.jaeger.serviceName -}} +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: {{ .Values.jaeger.serviceName }}-collector + labels: + name: {{ .Values.jaeger.serviceName }}-collector + app.kubernetes.io/name: {{ .Values.jaeger.serviceName }}-collector + app.kubernetes.io/instance: {{ cat .Values.jaeger.serviceName "-collector-" .Release.Namespace | nospace | trunc 63 | trimSuffix "-" }} + app.kubernetes.io/component: collector + {{- include "jaeger.commonLabels" . | nindent 4 }} + {{- if .Values.collector.ingress.labels }} + {{- toYaml .Values.collector.ingress.labels | nindent 4 }} + {{- end }} + {{- if .Values.collector.ingress.annotations }} + annotations: + {{- toYaml .Values.collector.ingress.annotations | nindent 4 }} + {{- end }} +spec: + {{- if .Values.collector.ingress.className }} + ingressClassName: {{ .Values.collector.ingress.className }} + {{- end }} + {{- if .Values.collector.ingress.tls }} + tls: + {{- toYaml .Values.collector.ingress.tls | nindent 4 }} + {{- end }} + rules: {{ include "collector.ingress.rules" . | nindent 4 }} +{{- end }} \ No newline at end of file diff --git a/charts/jaeger/templates/collector/issuer.yaml b/charts/jaeger/templates/collector/issuer.yaml new file mode 100644 index 0000000..06c8ce6 --- /dev/null +++ b/charts/jaeger/templates/collector/issuer.yaml @@ -0,0 +1,27 @@ +{{- if not .Values.collector.tlsConfig.existingSecret }} +{{- if and .Values.collector.tlsConfig.generateCerts.enabled (or .Values.collector.tlsConfig.otelHttp.enabled + .Values.collector.tlsConfig.otelgRPC.enabled + .Values.collector.tlsConfig.jaegerHttp.enabled + .Values.collector.tlsConfig.jaegergRPC.enabled + .Values.collector.tlsConfig.zipkin.enabled) (not .Values.collector.tlsConfig.clusterIssuerName)}} +apiVersion: cert-manager.io/v1 +kind: Issuer +metadata: + name: jaeger-collector-tls-issuer + labels: + name: jaeger-collector-tls-issuer + app.kubernetes.io/name: jaeger-collector-tls-issuer + app.kubernetes.io/instance: {{ cat "jaeger-collector-tls-issuer-" .Release.Namespace | nospace | trunc 63 | trimSuffix "-" }} + app.kubernetes.io/component: collector + app.kubernetes.io/version: {{ .Chart.AppVersion }} + {{- if .Values.collector.labels }} + {{- toYaml .Values.collector.labels | nindent 4 }} + {{- end }} + {{- if .Values.collector.annotations }} + annotations: + {{- toYaml .Values.collector.annotations | nindent 4 }} + {{- end }} +spec: + selfSigned: {} +{{- end }} +{{- end }} \ No newline at end of file diff --git a/charts/jaeger/templates/collector/role.yaml b/charts/jaeger/templates/collector/role.yaml new file mode 100644 index 0000000..0a1cce7 --- /dev/null +++ b/charts/jaeger/templates/collector/role.yaml @@ -0,0 +1,30 @@ +{{- if .Values.collector.install }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + creationTimestamp: null + name: jaeger-collector + labels: + name: jaeger-collector + app.kubernetes.io/name: jaeger-collector + app.kubernetes.io/component: jaeger-collector + app.kubernetes.io/instance: {{ cat .Values.jaeger.serviceName "-collector-" .Release.Namespace | nospace | trunc 63 | trimSuffix "-" }} + app.kubernetes.io/part-of: jaeger + app.kubernetes.io/version: {{ .Chart.AppVersion }} + {{- if .Values.collector.labels }} + {{- toYaml .Values.collector.labels | nindent 4 }} + {{- end }} + {{- if .Values.collector.annotations }} + annotations: + {{- toYaml .Values.collector.annotations | nindent 4 }} + {{- end }} +rules: + - apiGroups: + - "" + resources: + - secrets + verbs: + - get + - list + - watch +{{- end }} diff --git a/charts/jaeger/templates/collector/role_binding.yaml b/charts/jaeger/templates/collector/role_binding.yaml new file mode 100644 index 0000000..b37783c --- /dev/null +++ b/charts/jaeger/templates/collector/role_binding.yaml @@ -0,0 +1,27 @@ +{{- if .Values.collector.install }} +kind: RoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: jaeger-collector + labels: + name: jaeger-collector + app.kubernetes.io/name: {{ .Values.jaeger.serviceName }}-collector + app.kubernetes.io/instance: {{ cat .Values.jaeger.serviceName "-collector-" .Release.Namespace | nospace | trunc 63 | trimSuffix "-" }} + app.kubernetes.io/component: jaeger-collector + app.kubernetes.io/part-of: jaeger + app.kubernetes.io/version: {{ .Chart.AppVersion }} + {{- if .Values.collector.labels }} + {{- toYaml .Values.collector.labels | nindent 4 }} + {{- end }} + {{- if .Values.collector.annotations }} + annotations: + {{- toYaml .Values.collector.annotations | nindent 4 }} + {{- end }} +subjects: + - kind: ServiceAccount + name: {{ .Values.jaeger.serviceName }}-collector +roleRef: + kind: Role + name: jaeger-collector + apiGroup: rbac.authorization.k8s.io +{{- end }} \ No newline at end of file diff --git a/charts/jaeger/templates/collector/sampling-configuration.yaml b/charts/jaeger/templates/collector/sampling-configuration.yaml new file mode 100644 index 0000000..a84f2e3 --- /dev/null +++ b/charts/jaeger/templates/collector/sampling-configuration.yaml @@ -0,0 +1,27 @@ +{{- if .Values.collector.install }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ .Values.jaeger.serviceName }}-sampling-configuration + labels: + name: {{ .Values.jaeger.serviceName }}-sampling-configuration + app.kubernetes.io/name: {{ .Values.jaeger.serviceName }}-sampling-configuration + app.kubernetes.io/instance: {{ cat .Values.jaeger.serviceName "-sampling-configuration-" .Release.Namespace | nospace | trunc 63 | trimSuffix "-" }} + app.kubernetes.io/component: collector + {{- include "jaeger.commonLabels" . | nindent 4 }} + {{- if .Values.collector.labels }} + {{- toYaml .Values.collector.labels | nindent 4 }} + {{- end }} + {{- if .Values.collector.annotations }} + annotations: + {{- toYaml .Values.collector.annotations | nindent 4 }} + {{- end }} +data: + sampling: | + { + "default_strategy":{ + "param":1, + "type":"probabilistic" + } + } +{{- end }} \ No newline at end of file diff --git a/charts/jaeger/templates/collector/secret.yaml b/charts/jaeger/templates/collector/secret.yaml new file mode 100644 index 0000000..822f731 --- /dev/null +++ b/charts/jaeger/templates/collector/secret.yaml @@ -0,0 +1,34 @@ +{{- if not .Values.collector.tlsConfig.existingSecret }} +{{- if .Values.collector.tlsConfig.createSecret }} +kind: Secret +apiVersion: v1 +metadata: + name: {{ default "jaeger-collector-tls-secret" .Values.collector.tlsConfig.newSecretName }} + labels: + name: {{ default "jaeger-collector-tls-secret" .Values.collector.tlsConfig.newSecretName }} + app.kubernetes.io/name: {{ default "jaeger-collector-tls-secret" .Values.collector.tlsConfig.newSecretName }} + app.kubernetes.io/instance: {{ cat (default "jaeger-collector-tls-secret" .Values.collector.tlsConfig.newSecretName) "-" .Release.Namespace | nospace | trunc 63 | trimSuffix "-" }} + app.kubernetes.io/component: collector + {{- if .Values.collector.labels }} + {{- toYaml .Values.collector.labels | nindent 4 }} + {{- end }} + {{- if .Values.collector.annotations }} + annotations: + {{- toYaml .Values.collector.annotations | nindent 4 }} + {{- end }} +data: {} +stringData: + {{- if .Values.collector.tlsConfig.createSecret.ca }} + ca.crt: + {{- toYaml .Values.collector.tlsConfig.createSecret.ca | nindent 4 }} + {{- end }} + {{- if .Values.collector.tlsConfig.createSecret.cert }} + tls.crt: + {{- toYaml .Values.collector.tlsConfig.createSecret.cert | nindent 4 }} + {{- end }} + {{- if .Values.collector.tlsConfig.createSecret.key }} + tls.key: + {{- toYaml .Values.collector.tlsConfig.createSecret.key | nindent 4 }} + {{- end }} +{{- end }} +{{- end }} diff --git a/charts/jaeger/templates/collector/service-monitor.yaml b/charts/jaeger/templates/collector/service-monitor.yaml new file mode 100644 index 0000000..194400a --- /dev/null +++ b/charts/jaeger/templates/collector/service-monitor.yaml @@ -0,0 +1,31 @@ +{{- if .Values.jaeger.prometheusMonitoring }} +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: {{ .Values.jaeger.serviceName }}-collector + labels: + name: {{ .Values.jaeger.serviceName }}-collector + app.kubernetes.io/name: {{ .Values.jaeger.serviceName }}-collector + app.kubernetes.io/instance: {{ cat .Values.jaeger.serviceName "-collector-" .Release.Namespace | nospace | trunc 63 | trimSuffix "-" }} + app.kubernetes.io/component: monitoring # Keep for monitoring contract + app.kubernetes.io/part-of: jaeger + app.kubernetes.io/version: {{ .Chart.AppVersion }} + {{- if .Values.collector.labels }} + {{- toYaml .Values.collector.labels | nindent 4 }} + {{- end }} + {{- if .Values.collector.annotations }} + annotations: + {{- toYaml .Values.collector.annotations | nindent 4 }} + {{- end }} +spec: + endpoints: + - interval: 30s + port: admin-http + path: /metrics + scheme: http + jobLabel: k8s + selector: + matchLabels: + app.kubernetes.io/component: collector + app.kubernetes.io/name: {{ .Values.jaeger.serviceName }}-collector +{{- end }} diff --git a/charts/jaeger/templates/collector/service.yaml b/charts/jaeger/templates/collector/service.yaml new file mode 100644 index 0000000..b669b00 --- /dev/null +++ b/charts/jaeger/templates/collector/service.yaml @@ -0,0 +1,56 @@ +{{- if .Values.collector.install }} +apiVersion: v1 +kind: Service +metadata: + name: {{ .Values.jaeger.serviceName }}-collector + labels: + name: {{ .Values.jaeger.serviceName }}-collector + app.kubernetes.io/name: {{ .Values.jaeger.serviceName }}-collector + app.kubernetes.io/instance: {{ cat .Values.jaeger.serviceName "-collector-" .Release.Namespace | nospace | trunc 63 | trimSuffix "-" }} + app.kubernetes.io/component: collector + {{- include "jaeger.commonLabels" . | nindent 4 }} + {{- if .Values.collector.labels }} + {{- toYaml .Values.collector.labels | nindent 4 }} + {{- end }} + {{- if .Values.collector.annotations }} + annotations: + {{- toYaml .Values.collector.annotations | nindent 4 }} + {{- end }} +spec: + ports: + {{- if .Values.collector.zipkinPort }} + - name: http-zipkin + port: {{ .Values.collector.zipkinPort }} + protocol: TCP + targetPort: zipkin + {{- end }} + - name: otlp-grpc + port: 4317 + protocol: TCP + targetPort: 4317 + - name: otlp-http + port: 4318 + protocol: TCP + targetPort: 4318 + - name: grpc + port: 14250 + protocol: TCP + targetPort: 14250 + - name: c-tchan-trft + port: 14267 + protocol: TCP + targetPort: 14267 + - name: http-c-binary-trft + port: 14268 + protocol: TCP + targetPort: 14268 + - name: admin-http + port: 14269 + protocol: TCP + targetPort: 14269 + selector: + app.kubernetes.io/name: {{ .Values.jaeger.serviceName }}-collector + app.kubernetes.io/component: collector + sessionAffinity: None + type: ClusterIP +{{- end }} diff --git a/charts/jaeger/templates/collector/service_account.yaml b/charts/jaeger/templates/collector/service_account.yaml new file mode 100644 index 0000000..0bdf03e --- /dev/null +++ b/charts/jaeger/templates/collector/service_account.yaml @@ -0,0 +1,19 @@ +{{- if .Values.collector.install }} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ .Values.jaeger.serviceName }}-collector + labels: + name: {{ .Values.jaeger.serviceName }}-collector + app.kubernetes.io/name: {{ .Values.jaeger.serviceName }}-collector + app.kubernetes.io/instance: {{ cat .Values.jaeger.serviceName "-collector-" .Release.Namespace | nospace | trunc 63 | trimSuffix "-" }} + app.kubernetes.io/component: collector + {{- include "jaeger.commonLabels" . | nindent 4 }} + {{- if .Values.collector.labels }} + {{- toYaml .Values.collector.labels | nindent 4 }} + {{- end }} + {{- if .Values.collector.annotations }} + annotations: + {{- toYaml .Values.collector.annotations | nindent 4 }} + {{- end }} +{{- end }} \ No newline at end of file diff --git a/charts/jaeger/templates/common/jaeger-overview-dashboard.yaml b/charts/jaeger/templates/common/jaeger-overview-dashboard.yaml new file mode 100644 index 0000000..36e06c9 --- /dev/null +++ b/charts/jaeger/templates/common/jaeger-overview-dashboard.yaml @@ -0,0 +1,16 @@ +{{- if .Values.jaeger.prometheusMonitoringDashboard }} +apiVersion: integreatly.org/v1alpha1 +kind: GrafanaDashboard +metadata: + name: {{ .Values.jaeger.serviceName }}-overview + labels: + name: {{ .Values.jaeger.serviceName }}-overview + app.kubernetes.io/name: {{ .Values.jaeger.serviceName }}-overview + app.kubernetes.io/instance: {{ cat .Values.jaeger.serviceName "-overview-" .Release.Namespace | nospace | trunc 63 | trimSuffix "-" }} + app.kubernetes.io/component: monitoring # Keep for monitoring contract + app.kubernetes.io/part-of: jaeger + app.kubernetes.io/version: {{ .Chart.AppVersion }} +spec: + json: > + {{ .Files.Get "monitoring/dashboard-for-grafana.json" | nindent 4 }} +{{- end }} diff --git a/charts/jaeger/templates/hotrod/deployment.yaml b/charts/jaeger/templates/hotrod/deployment.yaml new file mode 100644 index 0000000..e793fbc --- /dev/null +++ b/charts/jaeger/templates/hotrod/deployment.yaml @@ -0,0 +1,84 @@ +{{- if .Values.hotrod.install }} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ .Values.jaeger.serviceName }}-hotrod + labels: + name: {{ .Values.jaeger.serviceName }}-hotrod + app.kubernetes.io/name: {{ .Values.jaeger.serviceName }}-hotrod + app.kubernetes.io/instance: {{ cat .Values.jaeger.serviceName "-hotrod-" .Release.Namespace | nospace | trunc 63 | trimSuffix "-" }} + app.kubernetes.io/component: hotrod + {{- include "jaeger.commonLabels" . | nindent 4 }} + {{- if .Values.hotrod.labels }} + {{- toYaml .Values.hotrod.labels | nindent 4 }} + {{- end }} +spec: + replicas: {{ default 1 .Values.hotrod.replicas }} + selector: + matchLabels: + app.kubernetes.io/name: {{ .Values.jaeger.serviceName }}-hotrod + app.kubernetes.io/component: hotrod + template: + metadata: + labels: + name: {{ .Values.jaeger.serviceName }}-hotrod + app.kubernetes.io/name: {{ .Values.jaeger.serviceName }}-hotrod + app.kubernetes.io/instance: {{ cat .Values.jaeger.serviceName "-hotrod-" .Release.Namespace | nospace | trunc 63 | trimSuffix "-" }} + app.kubernetes.io/component: hotrod + {{- include "jaeger.commonLabels" . | nindent 8 }} + app.kubernetes.io/managed-by: Helm + {{- if .Values.hotrod.labels }} + {{- toYaml .Values.hotrod.labels | nindent 8 }} + {{- end }} + spec: + securityContext: + {{- include "hotrod.securityContext" . }} + serviceAccountName: {{ .Values.jaeger.serviceName }}-hotrod + {{- with .Values.hotrod.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- if .Values.hotrod.priorityClassName }} + priorityClassName: {{ .Values.hotrod.priorityClassName }} + {{- end }} + containers: + - name: {{ .Values.hotrod.name }} + image: {{ template "hotrod.image" . }} + imagePullPolicy: {{ .Values.hotrod.imagePullPolicy }} + env: + {{- if .Values.hotrod.otelExporter.host }} + - name: OTEL_EXPORTER_OTLP_ENDPOINT + value: "http://{{ .Values.hotrod.otelExporter.host }}:{{ .Values.hotrod.otelExporter.port }}" + {{- else }} + - name: OTEL_EXPORTER_OTLP_ENDPOINT + value: "http://{{ .Values.jaeger.serviceName }}-collector:{{ .Values.hotrod.otelExporter.port }}" + {{- end }} + ports: + - name: http + containerPort: 8080 + protocol: TCP + livenessProbe: + httpGet: + path: / + port: http + readinessProbe: + httpGet: + path: / + port: http + resources: + {{- toYaml .Values.hotrod.resources | nindent 12 }} + securityContext: + {{- include "hotrod.containerSecurityContext" . }} + {{- if .Values.hotrod.affinity }} + affinity: + {{- toYaml .Values.hotrod.affinity | nindent 8 }} + {{- end }} + {{- if .Values.hotrod.nodeSelector }} + nodeSelector: + {{- toYaml .Values.hotrod.nodeSelector | nindent 8 }} + {{- end }} + {{- if .Values.hotrod.tolerations }} + tolerations: + {{- toYaml .Values.hotrod.tolerations | nindent 8 }} + {{- end }} +{{- end }} diff --git a/charts/jaeger/templates/hotrod/ingress.yaml b/charts/jaeger/templates/hotrod/ingress.yaml new file mode 100644 index 0000000..3a501e7 --- /dev/null +++ b/charts/jaeger/templates/hotrod/ingress.yaml @@ -0,0 +1,44 @@ +{{- if and .Values.hotrod.install .Values.hotrod.ingress.install }} +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: {{ .Values.jaeger.serviceName }}-hotrod + labels: + name: {{ .Values.jaeger.serviceName }}-hotrod + app.kubernetes.io/name: {{ .Values.jaeger.serviceName }}-hotrod + app.kubernetes.io/instance: {{ cat .Values.jaeger.serviceName "-hotrod-" .Release.Namespace | nospace | trunc 63 | trimSuffix "-" }} + app.kubernetes.io/component: hotrod + {{- include "jaeger.commonLabels" . | nindent 4 }} + {{- if .Values.hotrod.labels }} + {{- toYaml .Values.hotrod.labels | nindent 4 }} + {{- end }} + {{- if .Values.hotrod.annotations }} + annotations: + {{- toYaml .Values.hotrod.annotations | nindent 4 }} + {{- end }} +spec: + {{- if .Values.hotrod.ingress.className }} + ingressClassName: {{ .Values.hotrod.ingress.className }} + {{- end }} + rules: + - host: {{ include "hotrod.ingress" . }} + http: + paths: + - path: / + {{- if semverCompare "<1.21-0" .Capabilities.KubeVersion.GitVersion }} + backend: + serviceName: {{ .Values.jaeger.serviceName }}-hotrod + servicePort: "http" + {{- else }} + pathType: Prefix + backend: + service: + name: {{ .Values.jaeger.serviceName }}-hotrod + port: + name: "http" + {{- end }} + {{- if .Values.hotrod.ingress.tls }} + tls: + {{- toYaml .Values.hotrod.ingress.tls | nindent 4 }} + {{- end }} +{{- end }} diff --git a/charts/jaeger/templates/hotrod/route.yaml b/charts/jaeger/templates/hotrod/route.yaml new file mode 100644 index 0000000..5842662 --- /dev/null +++ b/charts/jaeger/templates/hotrod/route.yaml @@ -0,0 +1,29 @@ +{{- if and .Values.hotrod.install .Values.hotrod.route.install}} +apiVersion: route.openshift.io/v1 +kind: Route +metadata: + name: {{ .Values.jaeger.serviceName }}-hotrod + labels: + name: {{ .Values.jaeger.serviceName }}-hotrod + app.kubernetes.io/name: {{ .Values.jaeger.serviceName }}-hotrod + app.kubernetes.io/instance: {{ cat .Values.jaeger.serviceName "-hotrod-" .Release.Namespace | nospace | trunc 63 | trimSuffix "-" }} + app.kubernetes.io/component: hotrod + {{- include "jaeger.commonLabels" . | nindent 4 }} + {{- if .Values.hotrod.labels }} + {{- toYaml .Values.hotrod.labels | nindent 4 }} + {{- end }} + {{- if .Values.hotrod.annotations }} + annotations: + {{- toYaml .Values.hotrod.annotations | nindent 4 }} + {{- end }} +spec: + host: {{ include "hotrod.route" . }} + port: + targetPort: http + to: + kind: Service + name: {{ .Values.jaeger.serviceName }}-hotrod + weight: 100 +status: + ingress: [] +{{- end }} \ No newline at end of file diff --git a/charts/jaeger/templates/hotrod/service-account.yaml b/charts/jaeger/templates/hotrod/service-account.yaml new file mode 100644 index 0000000..b7e0f0d --- /dev/null +++ b/charts/jaeger/templates/hotrod/service-account.yaml @@ -0,0 +1,15 @@ +{{- if .Values.hotrod.install }} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ .Values.jaeger.serviceName }}-hotrod + labels: + name: {{ .Values.jaeger.serviceName }}-hotrod + app.kubernetes.io/name: {{ .Values.jaeger.serviceName }}-hotrod + app.kubernetes.io/instance: {{ cat .Values.jaeger.serviceName "-hotrod-" .Release.Namespace | nospace | trunc 63 | trimSuffix "-" }} + app.kubernetes.io/component: hotrod + {{- include "jaeger.commonLabels" . | nindent 4 }} + {{- if .Values.hotrod.labels }} + {{- toYaml .Values.hotrod.labels | nindent 4 }} + {{- end }} +{{- end }} diff --git a/charts/jaeger/templates/hotrod/service.yaml b/charts/jaeger/templates/hotrod/service.yaml new file mode 100644 index 0000000..d1a90d1 --- /dev/null +++ b/charts/jaeger/templates/hotrod/service.yaml @@ -0,0 +1,32 @@ +{{- if .Values.hotrod.install }} +apiVersion: v1 +kind: Service +metadata: + name: {{ .Values.jaeger.serviceName }}-hotrod + labels: + name: {{ .Values.jaeger.serviceName }}-hotrod + app.kubernetes.io/name: {{ .Values.jaeger.serviceName }}-hotrod + app.kubernetes.io/instance: {{ cat .Values.jaeger.serviceName "-hotrod-" .Release.Namespace | nospace | trunc 63 | trimSuffix "-" }} + app.kubernetes.io/component: hotrod + {{- include "jaeger.commonLabels" . | nindent 4 }} + {{- if .Values.hotrod.labels }} + {{- toYaml .Values.hotrod.labels | nindent 4 }} + {{- end }} + {{- if .Values.hotrod.annotations }} + annotations: + {{- toYaml .Values.hotrod.annotations | nindent 4 }} + {{- end }} +spec: + ports: + - name: http + port: {{ .Values.hotrod.service.port }} + protocol: TCP + targetPort: http + selector: + app.kubernetes.io/name: {{ .Values.jaeger.serviceName }}-hotrod + app.kubernetes.io/component: hotrod + {{- include "jaeger.commonLabels" . | nindent 4 }} + {{- if .Values.hotrod.labels }} + {{- toYaml .Values.hotrod.labels | nindent 4 }} + {{- end }} +{{- end }} diff --git a/charts/jaeger/templates/integration-tests/deployment.yaml b/charts/jaeger/templates/integration-tests/deployment.yaml new file mode 100644 index 0000000..db87ab3 --- /dev/null +++ b/charts/jaeger/templates/integration-tests/deployment.yaml @@ -0,0 +1,81 @@ +{{- if .Values.integrationTests.install }} +kind: Deployment +apiVersion: apps/v1 +metadata: + name: {{ .Values.integrationTests.service.name }} + labels: + name: {{ .Values.integrationTests.service.name }} + app.kubernetes.io/name: {{ .Values.integrationTests.service.name }} + app.kubernetes.io/instance: {{ cat .Values.integrationTests.service.name "-" .Release.Namespace | nospace | trunc 63 | trimSuffix "-" }} + app.kubernetes.io/component: jaeger-integration-tests + app.kubernetes.io/part-of: jaeger + app.kubernetes.io/version: {{ .Chart.AppVersion }} +spec: + selector: + matchLabels: + name: {{ .Values.integrationTests.service.name }} + strategy: + type: RollingUpdate + replicas: 1 + template: + metadata: + labels: + name: {{ .Values.integrationTests.service.name }} + app.kubernetes.io/name: {{ .Values.integrationTests.service.name }} + app.kubernetes.io/instance: {{ cat .Values.integrationTests.service.name "-" .Release.Namespace | nospace | trunc 63 | trimSuffix "-" }} + app.kubernetes.io/component: jaeger-integration-tests + app.kubernetes.io/part-of: jaeger + app.kubernetes.io/version: {{ .Chart.AppVersion }} + app.kubernetes.io/managed-by: Helm + spec: + securityContext: + {{- include "integrationTests.securityContext" . }} + serviceAccountName: {{ .Values.integrationTests.serviceAccount.name }} + {{- if .Values.integrationTests.affinity }} + affinity: + {{ toYaml .Values.integrationTests.affinity }} + {{- end }} + {{- if .Values.integrationTests.priorityClassName }} + priorityClassName: {{ .Values.integrationTests.priorityClassName }} + {{- end }} + containers: + - name: {{ .Values.integrationTests.service.name }} + image: {{ template "jaeger-integration-tests.image" . }} + ports: + - containerPort: 8080 + protocol: TCP + env: + - name: TAGS + value: {{ .Values.integrationTests.tags }} + - name: JAEGER_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: JAEGER_SERVICE_NAME + value: {{ .Values.jaeger.serviceName }} + - name: LINK_FOR_GENERATOR + value: {{ .Values.integrationTests.linkForGenerator }} + - name: GENERATE_COUNT + value: {{ .Values.integrationTests.generateCount | quote}} + - name: WAITING_TIME + value: {{ .Values.integrationTests.waitingTime }} + - name: STATUS_WRITING_ENABLED + value: {{ .Values.integrationTests.statusWriting.enabled | quote }} + - name: ONLY_INTEGRATION_TESTS + value: {{ .Values.integrationTests.statusWriting.onlyIntegrationTests | quote }} + - name: IS_SHORT_STATUS_MESSAGE + value: {{ .Values.integrationTests.statusWriting.isShortStatusMessage | quote }} + - name: STATUS_CUSTOM_RESOURCE_PATH + value: {{ toYaml .Values.integrationTests.statusWriting.customResourcePath }} + resources: {{ toYaml .Values.integrationTests.resources | nindent 12 }} + securityContext: + {{- include "integrationTests.containerSecurityContext" . }} + volumeMounts: + - name: output + mountPath: /opt/robot/output + terminationMessagePath: /dev/termination-log + imagePullPolicy: Always + volumes: + - name: output + emptyDir: {} +{{- end }} \ No newline at end of file diff --git a/charts/jaeger/templates/integration-tests/role-binding.yaml b/charts/jaeger/templates/integration-tests/role-binding.yaml new file mode 100644 index 0000000..e778ee3 --- /dev/null +++ b/charts/jaeger/templates/integration-tests/role-binding.yaml @@ -0,0 +1,20 @@ +{{- if and .Values.integrationTests.install .Values.integrationTests.serviceAccount.create }} +kind: RoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: {{ .Values.integrationTests.serviceAccount.name }}-service-operator + labels: + name: {{ .Values.integrationTests.serviceAccount.name }}-service-operator + app.kubernetes.io/name: {{ .Values.integrationTests.serviceAccount.name }}-service-operator + app.kubernetes.io/instance: {{ cat .Values.integrationTests.serviceAccount.name "-service-operator-" .Release.Namespace | nospace | trunc 63 | trimSuffix "-" }} + app.kubernetes.io/component: jaeger-integration-tests + app.kubernetes.io/part-of: jaeger + app.kubernetes.io/version: {{ .Chart.AppVersion }} +subjects: + - kind: ServiceAccount + name: {{ .Values.integrationTests.serviceAccount.name }} +roleRef: + kind: Role + name: {{ .Values.integrationTests.serviceAccount.name }}-service-operator + apiGroup: rbac.authorization.k8s.io +{{- end }} diff --git a/charts/jaeger/templates/integration-tests/role.yaml b/charts/jaeger/templates/integration-tests/role.yaml new file mode 100644 index 0000000..80a9438 --- /dev/null +++ b/charts/jaeger/templates/integration-tests/role.yaml @@ -0,0 +1,56 @@ +{{- if and .Values.integrationTests.install .Values.integrationTests.serviceAccount.create }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + creationTimestamp: null + name: {{ .Values.integrationTests.serviceAccount.name }}-service-operator + labels: + name: {{ .Values.integrationTests.serviceAccount.name }}-service-operator + app.kubernetes.io/name: {{ .Values.integrationTests.serviceAccount.name }}-service-operator + app.kubernetes.io/component: jaeger-integration-tests + app.kubernetes.io/instance: {{ cat .Values.integrationTests.serviceAccount.name "-service-operator-" .Release.Namespace | nospace | trunc 63 | trimSuffix "-" }} + app.kubernetes.io/part-of: jaeger + app.kubernetes.io/version: {{ .Chart.AppVersion }} +rules: + - apiGroups: + - "" + resources: + - pods + - services + - secrets + verbs: + - get + - list + - patch + - update + - watch + - delete + - apiGroups: + - apps + resources: + - deployments + - statefulsets + - statefulsets/scale + - deployments/scale + - deployments/status + - daemonsets/status + verbs: + - get + - list + - patch + - update + - watch + - delete + - apiGroups: + - '' + resources: + - configmaps + verbs: + - get + - apiGroups: + - apps + resources: + - daemonsets + verbs: + - list +{{- end }} diff --git a/charts/jaeger/templates/integration-tests/service-account.yaml b/charts/jaeger/templates/integration-tests/service-account.yaml new file mode 100644 index 0000000..e56b921 --- /dev/null +++ b/charts/jaeger/templates/integration-tests/service-account.yaml @@ -0,0 +1,13 @@ +{{- if and .Values.integrationTests.install .Values.integrationTests.serviceAccount.create }} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ .Values.integrationTests.serviceAccount.name }} + labels: + name: {{ .Values.integrationTests.serviceAccount.name }} + app.kubernetes.io/name: {{ .Values.integrationTests.serviceAccount.name }} + app.kubernetes.io/instance: {{ cat .Values.integrationTests.serviceAccount.name "-" .Release.Namespace | nospace | trunc 63 | trimSuffix "-" }} + app.kubernetes.io/component: jaeger-integration-tests + app.kubernetes.io/part-of: jaeger + app.kubernetes.io/version: {{ .Chart.AppVersion }} +{{- end }} diff --git a/charts/jaeger/templates/integration-tests/service.yaml b/charts/jaeger/templates/integration-tests/service.yaml new file mode 100644 index 0000000..afcbd7d --- /dev/null +++ b/charts/jaeger/templates/integration-tests/service.yaml @@ -0,0 +1,20 @@ +{{- if and .Values.integrationTests.install }} +kind: Service +apiVersion: v1 +metadata: + name: {{ .Values.integrationTests.service.name }} + labels: + name: {{ .Values.integrationTests.service.name }} + app.kubernetes.io/name: {{ .Values.integrationTests.service.name }} + app.kubernetes.io/instance: {{ cat .Values.integrationTests.service.name "-" .Release.Namespace | nospace | trunc 63 | trimSuffix "-" }} + app.kubernetes.io/component: jaeger-integration-tests + app.kubernetes.io/part-of: jaeger + app.kubernetes.io/version: {{ .Chart.AppVersion }} +spec: + ports: + - name: http + port: 8080 + protocol: TCP + selector: + name: {{ .Values.integrationTests.service.name }} +{{- end }} \ No newline at end of file diff --git a/charts/jaeger/templates/integration-tests/test-config.yaml b/charts/jaeger/templates/integration-tests/test-config.yaml new file mode 100644 index 0000000..7a63d0b --- /dev/null +++ b/charts/jaeger/templates/integration-tests/test-config.yaml @@ -0,0 +1,14 @@ +{{- if .Values.integrationTests.install -}} +apiVersion: v1 +kind: ConfigMap +metadata: + name: tests-config + labels: + app: jaeger-tests +data: + {{- if include "jaeger.monitoredImages" . }} + images: {{ include "jaeger.monitoredImages" . }} + {{ else }} + images: "" + {{ end }} +{{ end }} diff --git a/charts/jaeger/templates/integration-tests/write-status-role-binding.yaml b/charts/jaeger/templates/integration-tests/write-status-role-binding.yaml new file mode 100644 index 0000000..bbaf11b --- /dev/null +++ b/charts/jaeger/templates/integration-tests/write-status-role-binding.yaml @@ -0,0 +1,21 @@ +{{- if and .Values.integrationTests.install .Values.integrationTests.statusWriting.enabled }} +kind: RoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: tracing-tests-write-status + labels: + name: tracing-tests-write-status + app.kubernetes.io/name: tracing-tests-write-status + app.kubernetes.io/instance: {{ cat "tracing-tests-write-status-" .Release.Namespace | nospace | trunc 63 | trimSuffix "-" }} + app.kubernetes.io/component: jaeger-integration-tests + app.kubernetes.io/part-of: jaeger + app.kubernetes.io/version: {{ .Chart.AppVersion }} +subjects: +- kind: ServiceAccount + name: {{ .Values.integrationTests.serviceAccount.name }} + namespace: {{ .Release.Namespace }} +roleRef: + kind: Role + name: tracing-tests-write-status + apiGroup: rbac.authorization.k8s.io +{{- end }} \ No newline at end of file diff --git a/charts/jaeger/templates/integration-tests/write-status-role.yaml b/charts/jaeger/templates/integration-tests/write-status-role.yaml new file mode 100644 index 0000000..373887e --- /dev/null +++ b/charts/jaeger/templates/integration-tests/write-status-role.yaml @@ -0,0 +1,22 @@ +{{- if and .Values.integrationTests.install .Values.integrationTests.statusWriting.enabled }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: tracing-tests-write-status + labels: + name: tracing-tests-write-status + app.kubernetes.io/name: tracing-tests-write-status + app.kubernetes.io/instance: {{ cat "tracing-tests-write-status-" .Release.Namespace | nospace | trunc 63 | trimSuffix "-" }} + app.kubernetes.io/component: jaeger-integration-tests + app.kubernetes.io/part-of: jaeger + app.kubernetes.io/version: {{ .Chart.AppVersion }} +rules: +- apiGroups: + - apps + resources: + - deployments/status + - daemonsets/status + verbs: + - get + - patch +{{- end }} \ No newline at end of file diff --git a/charts/jaeger/templates/opensearch/credentials-secret.yaml b/charts/jaeger/templates/opensearch/credentials-secret.yaml new file mode 100644 index 0000000..eb7b20a --- /dev/null +++ b/charts/jaeger/templates/opensearch/credentials-secret.yaml @@ -0,0 +1,23 @@ +{{- if eq .Values.jaeger.storage.type "elasticsearch" }} +apiVersion: v1 +kind: Secret +metadata: + name: jaeger-elasticsearch + labels: + name: jaeger-elasticsearch + app.kubernetes.io/name: jaeger-elasticsearch + app.kubernetes.io/instance: {{ cat "jaeger-elasticsearch-" .Release.Namespace | nospace | trunc 63 | trimSuffix "-" }} + app.kubernetes.io/component: jaeger + {{- include "jaeger.commonLabels" . | nindent 4 }} + {{- if .Values.elasticsearch.rollover.labels }} + {{- toYaml .Values.elasticsearch.rollover.labels | nindent 4 }} + {{- end }} + {{- if .Values.elasticsearch.rollover.annotations }} + annotations: + {{- toYaml .Values.elasticsearch.rollover.annotations | nindent 4 }} + {{- end }} +type: Opaque +data: + username: {{ include "elasticsearch.userName" . | b64enc}} + password: {{ include "elasticsearch.password" . | b64enc}} +{{- end }} diff --git a/charts/jaeger/templates/opensearch/index-cleaner-cronjob.yaml b/charts/jaeger/templates/opensearch/index-cleaner-cronjob.yaml new file mode 100644 index 0000000..b9131cd --- /dev/null +++ b/charts/jaeger/templates/opensearch/index-cleaner-cronjob.yaml @@ -0,0 +1,155 @@ +{{- if .Values.elasticsearch.indexCleaner.install }} +apiVersion: batch/v1 +kind: CronJob +metadata: + name: {{ .Values.jaeger.serviceName }}-index-cleaner + labels: + name: {{ .Values.jaeger.serviceName }}-index-cleaner + app.kubernetes.io/name: {{ .Values.jaeger.serviceName }}-index-cleaner + app.kubernetes.io/instance: {{ cat .Values.jaeger.serviceName "-index-cleaner-" .Release.Namespace | nospace | trunc 63 | trimSuffix "-" }} + app.kubernetes.io/component: jaeger + {{- include "jaeger.commonLabels" . | nindent 4 }} + {{- if .Values.elasticsearch.indexCleaner.labels }} + {{- toYaml .Values.elasticsearch.indexCleaner.labels | nindent 4 }} + {{- end }} + {{- if .Values.elasticsearch.indexCleaner.annotations }} + annotations: + {{- toYaml .Values.elasticsearch.indexCleaner.annotations | nindent 4 }} + {{- end }} +spec: + concurrencyPolicy: {{ .Values.elasticsearch.indexCleaner.concurrencyPolicy }} + schedule: {{ .Values.elasticsearch.indexCleaner.schedule | quote }} + successfulJobsHistoryLimit: {{ .Values.elasticsearch.indexCleaner.successfulJobsHistoryLimit }} + failedJobsHistoryLimit: {{ .Values.elasticsearch.indexCleaner.failedJobsHistoryLimit }} + suspend: false + jobTemplate: + spec: + {{- if semverCompare ">=1.21-0" .Capabilities.KubeVersion.GitVersion }} + ttlSecondsAfterFinished: {{ .Values.elasticsearch.indexCleaner.ttlSecondsAfterFinished }} + {{- end }} + template: + metadata: + {{- if .Values.elasticsearch.indexCleaner.annotations }} + annotations: + {{- toYaml .Values.elasticsearch.indexCleaner.annotations | nindent 12 }} + {{- end }} + labels: + name: {{ .Values.jaeger.serviceName }}-index-cleaner + app.kubernetes.io/name: {{ .Values.jaeger.serviceName }}-index-cleaner + app.kubernetes.io/instance: {{ cat .Values.jaeger.serviceName "-index-cleaner-" .Release.Namespace | nospace | trunc 63 | trimSuffix "-" }} + app.kubernetes.io/component: jaeger + {{- include "jaeger.commonLabels" . | nindent 12 }} + app.kubernetes.io/managed-by: Helm + {{- if .Values.elasticsearch.indexCleaner.labels }} + {{- toYaml .Values.elasticsearch.indexCleaner.labels | nindent 12 }} + {{- end }} + spec: + serviceAccountName: {{ .Values.jaeger.serviceName }}-index-cleaner + securityContext: + {{- include "elasticsearch.indexCleaner.securityContext" . }} + {{- with .Values.elasticsearch.indexCleaner.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- if .Values.elasticsearch.indexCleaner.priorityClassName }} + priorityClassName: {{ .Values.elasticsearch.indexCleaner.priorityClassName }} + {{- end }} + containers: + - name: {{ .Values.elasticsearch.indexCleaner.name }} + image: {{ template "indexCleaner.image" . }} + imagePullPolicy: {{ .Values.elasticsearch.indexCleaner.imagePullPolicy }} + args: + - {{ .Values.elasticsearch.indexCleaner.numberOfDays | quote }} + - {{ include "elasticsearch.url" .}} + env: + - name: ES_SERVER_URLS + value: {{ include "elasticsearch.url" .}} + - name: ES_USERNAME + valueFrom: + secretKeyRef: + name: {{ if .Values.elasticsearch.existingSecret }}{{ .Values.elasticsearch.existingSecret }}{{- else }}jaeger-elasticsearch{{- end }} + key: username + - name: ES_PASSWORD + valueFrom: + secretKeyRef: + name: {{ if .Values.elasticsearch.existingSecret }}{{ .Values.elasticsearch.existingSecret }}{{- else }}jaeger-elasticsearch{{- end }} + key: password + {{- if .Values.elasticsearch.client.tls.enabled }} + - name: ES_TLS_ENABLED + value: {{ .Values.elasticsearch.client.tls.enabled | quote }} + {{- if or .Values.elasticsearch.client.tls.existingSecret (or .Values.elasticsearch.client.tls.ca .Values.elasticsearch.client.tls.cert .Values.elasticsearch.client.tls.key) }} + - name: ES_TLS_CA + value: /es-tls/ca-cert.pem + - name: ES_TLS_CERT + value: /es-tls/client-cert.pem + - name: ES_TLS_KEY + value: /es-tls/client-key.pem + {{- else if .Values.elasticsearch.client.tls.insecureSkipVerify }} + - name: ES_TLS_SKIP_HOST_VERIFY + value: {{ .Values.elasticsearch.client.tls.insecureSkipVerify | quote }} + {{- end }} + {{- end }} + {{- if .Values.elasticsearch.indexCleaner.extraEnv }} + {{- toYaml .Values.elasticsearch.indexCleaner.extraEnv | nindent 14 }} + {{- end }} + resources: + {{- toYaml .Values.elasticsearch.indexCleaner.resources | nindent 14 }} + securityContext: + {{- include "elasticsearch.indexCleaner.containerSecurityContext" . }} + volumeMounts: + {{- if and .Values.elasticsearch.client.tls.enabled (not .Values.elasticsearch.client.tls.insecureSkipVerify) }} + - name: {{ .Values.jaeger.serviceName }}-elasticsearch-tls-assets + mountPath: "/es-tls/ca-cert.pem" + subPath: "ca-cert.pem" + readOnly: true + - name: {{ .Values.jaeger.serviceName }}-elasticsearch-tls-assets + mountPath: "/es-tls/client-cert.pem" + subPath: "client-cert.pem" + readOnly: true + - name: {{ .Values.jaeger.serviceName }}-elasticsearch-tls-assets + mountPath: "/es-tls/client-key.pem" + subPath: "client-key.pem" + readOnly: true + {{- end }} + {{- range .Values.elasticsearch.indexCleaner.extraConfigmapMounts }} + - name: {{ .name }} + mountPath: {{ .mountPath }} + subPath: {{ .subPath }} + readOnly: {{ .readOnly }} + {{- end }} + {{- range .Values.elasticsearch.indexCleaner.extraSecretMounts }} + - name: {{ .name }} + mountPath: {{ .mountPath }} + subPath: {{ .subPath }} + readOnly: {{ .readOnly }} + {{- end }} + restartPolicy: OnFailure + {{- if .Values.elasticsearch.indexCleaner.affinity }} + affinity: + {{- toYaml .Values.elasticsearch.indexCleaner.affinity | nindent 12 }} + {{- end }} + {{- if .Values.elasticsearch.indexCleaner.nodeSelector }} + nodeSelector: + {{- toYaml .Values.elasticsearch.indexCleaner.nodeSelector | nindent 12 }} + {{- end }} + {{- if .Values.elasticsearch.indexCleaner.tolerations }} + tolerations: + {{- toYaml .Values.elasticsearch.indexCleaner.tolerations | nindent 12 }} + {{- end }} + volumes: + {{- if and .Values.elasticsearch.client.tls.enabled (not .Values.elasticsearch.client.tls.insecureSkipVerify) }} + - name: {{ .Values.jaeger.serviceName }}-elasticsearch-tls-assets + secret: + secretName: {{ template "elasticsearch.tls.secretName" . }} + {{- end }} + {{- range .Values.elasticsearch.indexCleaner.extraConfigmapMounts }} + - name: {{ .name }} + configMap: + name: {{ .configMap }} + {{- end }} + {{- range .Values.elasticsearch.indexCleaner.extraSecretMounts }} + - name: {{ .name }} + secret: + secretName: {{ .secretName }} + {{- end }} +{{- end }} diff --git a/charts/jaeger/templates/opensearch/index-cleaner-service-account.yaml b/charts/jaeger/templates/opensearch/index-cleaner-service-account.yaml new file mode 100644 index 0000000..1cba5c5 --- /dev/null +++ b/charts/jaeger/templates/opensearch/index-cleaner-service-account.yaml @@ -0,0 +1,19 @@ +{{- if .Values.elasticsearch.indexCleaner.install }} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ .Values.jaeger.serviceName }}-index-cleaner + labels: + name: {{ .Values.jaeger.serviceName }}-index-cleaner + app.kubernetes.io/name: {{ .Values.jaeger.serviceName }}-index-cleaner + app.kubernetes.io/instance: {{ cat .Values.jaeger.serviceName "-index-cleaner-" .Release.Namespace | nospace | trunc 63 | trimSuffix "-" }} + app.kubernetes.io/component: jaeger + {{- include "jaeger.commonLabels" . | nindent 4 }} + {{- if .Values.elasticsearch.indexCleaner.labels }} + {{- toYaml .Values.elasticsearch.indexCleaner.labels | nindent 4 }} + {{- end }} + {{- if .Values.elasticsearch.indexCleaner.annotations }} + annotations: + {{- toYaml .Values.elasticsearch.indexCleaner.annotations | nindent 4 }} + {{- end }} +{{- end }} \ No newline at end of file diff --git a/charts/jaeger/templates/opensearch/lookback-cronjob.yaml b/charts/jaeger/templates/opensearch/lookback-cronjob.yaml new file mode 100644 index 0000000..bd3459b --- /dev/null +++ b/charts/jaeger/templates/opensearch/lookback-cronjob.yaml @@ -0,0 +1,155 @@ +{{- if .Values.elasticsearch.lookback.install }} +apiVersion: batch/v1 +kind: CronJob +metadata: + name: {{ .Values.jaeger.serviceName }}-lookback + labels: + name: {{ .Values.jaeger.serviceName }}-lookback + app.kubernetes.io/name: {{ .Values.jaeger.serviceName }}-lookback + app.kubernetes.io/instance: {{ cat .Values.jaeger.serviceName "-lookback-" .Release.Namespace | nospace | trunc 63 | trimSuffix "-" }} + app.kubernetes.io/component: jaeger + {{- include "jaeger.commonLabels" . | nindent 4 }} + {{- if .Values.elasticsearch.lookback.labels }} + {{- toYaml .Values.elasticsearch.lookback.labels | nindent 4 }} + {{- end }} + {{- if .Values.elasticsearch.lookback.annotations }} + annotations: + {{- toYaml .Values.elasticsearch.lookback.annotations | nindent 4 }} + {{- end }} +spec: + concurrencyPolicy: {{ .Values.elasticsearch.lookback.concurrencyPolicy }} + schedule: {{ .Values.elasticsearch.lookback.schedule | quote }} + successfulJobsHistoryLimit: {{ .Values.elasticsearch.lookback.successfulJobsHistoryLimit }} + failedJobsHistoryLimit: {{ .Values.elasticsearch.lookback.failedJobsHistoryLimit }} + suspend: false + jobTemplate: + spec: + {{- if semverCompare ">=1.21-0" .Capabilities.KubeVersion.GitVersion }} + ttlSecondsAfterFinished: {{ .Values.elasticsearch.lookback.ttlSecondsAfterFinished }} + {{- end }} + template: + metadata: + {{- if .Values.elasticsearch.lookback.annotations }} + annotations: + {{- toYaml .Values.elasticsearch.lookback.annotations | nindent 12 }} + {{- end }} + labels: + name: {{ .Values.jaeger.serviceName }}-lookback + app.kubernetes.io/name: {{ .Values.jaeger.serviceName }}-lookback + app.kubernetes.io/instance: {{ cat .Values.jaeger.serviceName "-lookback-" .Release.Namespace | nospace | trunc 63 | trimSuffix "-" }} + app.kubernetes.io/component: jaeger + {{- include "jaeger.commonLabels" . | nindent 12 }} + app.kubernetes.io/managed-by: Helm + {{- if .Values.elasticsearch.lookback.labels }} + {{- toYaml .Values.elasticsearch.lookback.labels | nindent 12 }} + {{- end }} + spec: + serviceAccountName: {{ .Values.jaeger.serviceName }}-lookback + securityContext: + {{- include "elasticsearch.lookback.securityContext" . }} + restartPolicy: OnFailure + {{- if .Values.elasticsearch.lookback.affinity }} + affinity: + {{- toYaml .Values.elasticsearch.lookback.affinity | nindent 12 }} + {{- end }} + {{- if .Values.elasticsearch.lookback.nodeSelector }} + nodeSelector: + {{- toYaml .Values.elasticsearch.lookback.nodeSelector | nindent 12 }} + {{- end }} + {{- if .Values.elasticsearch.lookback.tolerations }} + tolerations: + {{- toYaml .Values.elasticsearch.lookback.tolerations | nindent 12 }} + {{- end }} + {{- with .Values.elasticsearch.lookback.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- if .Values.elasticsearch.lookback.priorityClassName }} + priorityClassName: {{ .Values.elasticsearch.lookback.priorityClassName }} + {{- end }} + containers: + - name: {{ .Values.elasticsearch.lookback.name }} + image: {{ template "rollover.image" . }} + imagePullPolicy: {{ .Values.elasticsearch.lookback.imagePullPolicy }} + args: + - lookback + - {{ include "elasticsearch.url" . }} + env: + - name: ES_SERVER_URLS + value: {{ include "elasticsearch.url" . }} + - name: ES_USERNAME + valueFrom: + secretKeyRef: + name: {{ if .Values.elasticsearch.existingSecret }}{{ .Values.elasticsearch.existingSecret }}{{- else }}jaeger-elasticsearch{{- end }} + key: username + - name: ES_PASSWORD + valueFrom: + secretKeyRef: + name: {{ if .Values.elasticsearch.existingSecret }}{{ .Values.elasticsearch.existingSecret }}{{- else }}jaeger-elasticsearch{{- end }} + key: password + {{- if .Values.elasticsearch.client.tls.enabled }} + - name: ES_TLS_ENABLED + value: {{ .Values.elasticsearch.client.tls.enabled | quote }} + {{- if or .Values.elasticsearch.client.tls.existingSecret (or .Values.elasticsearch.client.tls.ca .Values.elasticsearch.client.tls.cert .Values.elasticsearch.client.tls.key) }} + - name: ES_TLS_CA + value: /es-tls/ca-cert.pem + - name: ES_TLS_CERT + value: /es-tls/client-cert.pem + - name: ES_TLS_KEY + value: /es-tls/client-key.pem + {{- else if .Values.elasticsearch.client.tls.insecureSkipVerify }} + - name: ES_TLS_SKIP_HOST_VERIFY + value: {{ .Values.elasticsearch.client.tls.insecureSkipVerify | quote }} + {{- end }} + {{- end }} + {{- if .Values.elasticsearch.lookback.extraEnv }} + {{- toYaml .Values.elasticsearch.lookback.extraEnv | nindent 14 }} + {{- end }} + resources: + {{- toYaml .Values.elasticsearch.lookback.resources | nindent 14 }} + securityContext: + {{- include "elasticsearch.lookback.containerSecurityContext" . }} + volumeMounts: + {{- if and .Values.elasticsearch.client.tls.enabled (not .Values.elasticsearch.client.tls.insecureSkipVerify) }} + - name: {{ .Values.jaeger.serviceName }}-elasticsearch-tls-assets + mountPath: "/es-tls/ca-cert.pem" + subPath: "ca-cert.pem" + readOnly: true + - name: {{ .Values.jaeger.serviceName }}-elasticsearch-tls-assets + mountPath: "/es-tls/client-cert.pem" + subPath: "client-cert.pem" + readOnly: true + - name: {{ .Values.jaeger.serviceName }}-elasticsearch-tls-assets + mountPath: "/es-tls/client-key.pem" + subPath: "client-key.pem" + readOnly: true + {{- end }} + {{- range .Values.elasticsearch.lookback.extraConfigmapMounts }} + - name: {{ .name }} + mountPath: {{ .mountPath }} + subPath: {{ .subPath }} + readOnly: {{ .readOnly }} + {{- end }} + {{- range .Values.elasticsearch.lookback.extraSecretMounts }} + - name: {{ .name }} + mountPath: {{ .mountPath }} + subPath: {{ .subPath }} + readOnly: {{ .readOnly }} + {{- end }} + volumes: + {{- if and .Values.elasticsearch.client.tls.enabled (not .Values.elasticsearch.client.tls.insecureSkipVerify) }} + - name: {{ .Values.jaeger.serviceName }}-elasticsearch-tls-assets + secret: + secretName: {{ template "elasticsearch.tls.secretName" . }} + {{- end }} + {{- range .Values.elasticsearch.lookback.extraConfigmapMounts }} + - name: {{ .name }} + configMap: + name: {{ .configMap }} + {{- end }} + {{- range .Values.elasticsearch.lookback.extraSecretMounts }} + - name: {{ .name }} + secret: + secretName: {{ .secretName }} + {{- end }} +{{- end }} diff --git a/charts/jaeger/templates/opensearch/lookback-service-account.yaml b/charts/jaeger/templates/opensearch/lookback-service-account.yaml new file mode 100644 index 0000000..5185855 --- /dev/null +++ b/charts/jaeger/templates/opensearch/lookback-service-account.yaml @@ -0,0 +1,19 @@ +{{- if .Values.elasticsearch.lookback.install }} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ .Values.jaeger.serviceName }}-lookback + labels: + name: {{ .Values.jaeger.serviceName }}-lookback + app.kubernetes.io/name: {{ .Values.jaeger.serviceName }}-lookback + app.kubernetes.io/instance: {{ cat .Values.jaeger.serviceName "-lookback-" .Release.Namespace | nospace | trunc 63 | trimSuffix "-" }} + app.kubernetes.io/component: jaeger + {{- include "jaeger.commonLabels" . | nindent 4 }} + {{- if .Values.elasticsearch.lookback.labels }} + {{- toYaml .Values.elasticsearch.lookback.labels | nindent 4 }} + {{- end }} + {{- if .Values.elasticsearch.lookback.annotations }} + annotations: + {{- toYaml .Values.elasticsearch.lookback.annotations | nindent 4 }} + {{- end }} +{{- end }} \ No newline at end of file diff --git a/charts/jaeger/templates/opensearch/pre-hook/rollover-job.yaml b/charts/jaeger/templates/opensearch/pre-hook/rollover-job.yaml new file mode 100644 index 0000000..715a2f0 --- /dev/null +++ b/charts/jaeger/templates/opensearch/pre-hook/rollover-job.yaml @@ -0,0 +1,146 @@ +{{- if .Values.elasticsearch.rollover.install }} +apiVersion: batch/v1 +kind: Job +metadata: + name: {{ .Values.jaeger.serviceName }}-rollover-init + labels: + name: {{ .Values.jaeger.serviceName }}-rollover-init + app.kubernetes.io/name: {{ .Values.jaeger.serviceName }}-rollover-init + app.kubernetes.io/instance: {{ cat .Values.jaeger.serviceName "-rollover-init-" .Release.Namespace | nospace | trunc 63 | trimSuffix "-" }} + app.kubernetes.io/component: jaeger + {{- include "jaeger.commonLabels" . | nindent 4 }} + {{- if .Values.elasticsearch.rollover.labels }} + {{- toYaml .Values.elasticsearch.rollover.labels | nindent 4 }} + {{- end }} + annotations: + "helm.sh/hook": pre-install,pre-upgrade + "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded + {{- if .Values.elasticsearch.rollover.annotations }} + {{- toYaml .Values.elasticsearch.rollover.annotations | nindent 4 }} + {{- end }} +spec: + {{- if semverCompare ">=1.21-0" .Capabilities.KubeVersion.GitVersion }} + ttlSecondsAfterFinished: {{ .Values.elasticsearch.rollover.initHook.ttlSecondsAfterFinished }} + {{- end }} + template: + metadata: + {{- if .Values.elasticsearch.rollover.annotations }} + annotations: + {{- toYaml .Values.elasticsearch.rollover.annotations | nindent 8 }} + {{- end }} + labels: + name: {{ .Values.jaeger.serviceName }}-rollover-init + app.kubernetes.io/name: {{ .Values.jaeger.serviceName }}-rollover-init + app.kubernetes.io/instance: {{ cat .Values.jaeger.serviceName "-rollover-init-" .Release.Namespace | nospace | trunc 63 | trimSuffix "-" }} + app.kubernetes.io/component: jaeger + {{- include "jaeger.commonLabels" . | nindent 8 }} + app.kubernetes.io/managed-by: Helm + {{- if .Values.elasticsearch.rollover.labels }} + {{- toYaml .Values.elasticsearch.rollover.labels | nindent 8 }} + {{- end }} + spec: + serviceAccountName: {{ .Values.jaeger.serviceName }}-rollover-init + securityContext: + {{- include "elasticsearch.rolloverjob.securityContext" . }} + restartPolicy: OnFailure + {{- if .Values.elasticsearch.rollover.affinity }} + affinity: + {{- toYaml .Values.elasticsearch.rollover.affinity | nindent 8 }} + {{- end }} + {{- if .Values.elasticsearch.rollover.nodeSelector }} + nodeSelector: + {{- toYaml .Values.elasticsearch.rollover.nodeSelector | nindent 8 }} + {{- end }} + {{- if .Values.elasticsearch.rollover.tolerations }} + tolerations: + {{- toYaml .Values.elasticsearch.rollover.tolerations | nindent 8 }} + {{- end }} + {{- if .Values.elasticsearch.rollover.priorityClassName }} + priorityClassName: {{ .Values.elasticsearch.rollover.priorityClassName }} + {{- end }} + containers: + - name: {{ .Values.elasticsearch.rollover.initHook.name }} + image: {{ template "rollover.image" . }} + imagePullPolicy: IfNotPresent + args: + - init + - {{ include "elasticsearch.url" . }} + env: + - name: ES_SERVER_URLS + value: {{ include "elasticsearch.url" . }} + - name: ES_USERNAME + valueFrom: + secretKeyRef: + name: {{ .Values.jaeger.serviceName }}-elasticsearch-rollover-init + key: username + - name: ES_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Values.jaeger.serviceName }}-elasticsearch-rollover-init + key: password + {{- if .Values.elasticsearch.client.tls.enabled }} + - name: ES_TLS_ENABLED + value: {{ .Values.elasticsearch.client.tls.enabled | quote }} + {{- if or .Values.elasticsearch.client.tls.existingSecret (or .Values.elasticsearch.client.tls.ca .Values.elasticsearch.client.tls.cert .Values.elasticsearch.client.tls.key) }} + - name: ES_TLS_CA + value: /es-tls/ca-cert.pem + - name: ES_TLS_CERT + value: /es-tls/client-cert.pem + - name: ES_TLS_KEY + value: /es-tls/client-key.pem + {{- else if .Values.elasticsearch.client.tls.insecureSkipVerify }} + - name: ES_TLS_SKIP_HOST_VERIFY + value: {{ .Values.elasticsearch.client.tls.insecureSkipVerify | quote }} + {{- end }} + {{- end }} + {{- with .Values.elasticsearch.rollover.initHook.extraEnv }} + {{- toYaml . | nindent 12 }} + {{- end }} + resources: + {{- toYaml .Values.elasticsearch.rollover.resources | nindent 12 }} + securityContext: + {{- include "elasticsearch.rolloverjob.containerSecurityContext" . }} + volumeMounts: + {{- if and .Values.elasticsearch.client.tls.enabled (not .Values.elasticsearch.client.tls.insecureSkipVerify) }} + - name: {{ .Values.jaeger.serviceName }}-es-pre-hook-tls-assets + mountPath: "/es-tls/ca-cert.pem" + subPath: "ca-cert.pem" + readOnly: true + - name: {{ .Values.jaeger.serviceName }}-es-pre-hook-tls-assets + mountPath: "/es-tls/client-cert.pem" + subPath: "client-cert.pem" + readOnly: true + - name: {{ .Values.jaeger.serviceName }}-es-pre-hook-tls-assets + mountPath: "/es-tls/client-key.pem" + subPath: "client-key.pem" + readOnly: true + {{- end }} + {{- range .Values.elasticsearch.rollover.extraConfigmapMounts }} + - name: {{ .name }} + mountPath: {{ .mountPath }} + subPath: {{ .subPath }} + readOnly: {{ .readOnly }} + {{- end }} + {{- range .Values.elasticsearch.rollover.extraSecretMounts }} + - name: {{ .name }} + mountPath: {{ .mountPath }} + subPath: {{ .subPath }} + readOnly: {{ .readOnly }} + {{- end }} + volumes: + {{- if and .Values.elasticsearch.client.tls.enabled (not .Values.elasticsearch.client.tls.insecureSkipVerify) }} + - name: {{ .Values.jaeger.serviceName }}-es-pre-hook-tls-assets + secret: + secretName: {{ template "elasticsearch.tls.secretName" (merge (dict "prehook" true) .) }} + {{- end }} + {{- range .Values.elasticsearch.rollover.extraConfigmapMounts }} + - name: {{ .name }} + configMap: + name: {{ .configMap }} + {{- end }} + {{- range .Values.elasticsearch.rollover.extraSecretMounts }} + - name: {{ .name }} + secret: + secretName: {{ .secretName }} + {{- end }} +{{- end }} \ No newline at end of file diff --git a/charts/jaeger/templates/opensearch/pre-hook/rollover-secret.yaml b/charts/jaeger/templates/opensearch/pre-hook/rollover-secret.yaml new file mode 100644 index 0000000..0336f4c --- /dev/null +++ b/charts/jaeger/templates/opensearch/pre-hook/rollover-secret.yaml @@ -0,0 +1,26 @@ +{{- if eq .Values.jaeger.storage.type "elasticsearch" }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ .Values.jaeger.serviceName }}-elasticsearch-rollover-init + labels: + name: {{ .Values.jaeger.serviceName }}-elasticsearch-rollover-init + app.kubernetes.io/name: {{ .Values.jaeger.serviceName }}-elasticsearch-rollover-init + app.kubernetes.io/instance: {{ cat .Values.jaeger.serviceName "-elasticsearch-rollover-init-" .Release.Namespace | nospace | trunc 63 | trimSuffix "-" }} + app.kubernetes.io/component: jaeger + {{- include "jaeger.commonLabels" . | nindent 4 }} + {{- if .Values.elasticsearch.rollover.labels }} + {{- toYaml .Values.elasticsearch.rollover.labels | nindent 4 }} + {{- end }} + annotations: + "helm.sh/hook": pre-install,pre-upgrade + "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded,hook-failed + "helm.sh/hook-weight": "-5" + {{- if .Values.elasticsearch.rollover.annotations }} + {{- toYaml .Values.elasticsearch.rollover.annotations | nindent 4 }} + {{- end }} +type: Opaque +data: + username: {{ include "elasticsearch.userName" . | b64enc}} + password: {{ include "elasticsearch.password" . | b64enc}} +{{- end }} diff --git a/charts/jaeger/templates/opensearch/pre-hook/rollover-service-account.yaml b/charts/jaeger/templates/opensearch/pre-hook/rollover-service-account.yaml new file mode 100644 index 0000000..33607b2 --- /dev/null +++ b/charts/jaeger/templates/opensearch/pre-hook/rollover-service-account.yaml @@ -0,0 +1,23 @@ +{{- if .Values.elasticsearch.rollover.install }} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ .Values.jaeger.serviceName }}-rollover-init + labels: + name: {{ .Values.jaeger.serviceName }}-rollover-init + app.kubernetes.io/name: {{ .Values.jaeger.serviceName }}-rollover-init + app.kubernetes.io/instance: {{ cat .Values.jaeger.serviceName "-rollover-" .Release.Namespace | nospace | trunc 63 | trimSuffix "-" }} + app.kubernetes.io/component: jaeger + {{- include "jaeger.commonLabels" . | nindent 4 }} + {{- if .Values.elasticsearch.rollover.labels }} + {{- toYaml .Values.elasticsearch.rollover.labels | nindent 4 }} + {{- end }} + annotations: + "helm.sh/hook": pre-install,pre-upgrade + # Must be created before the rollover init hook + "helm.sh/hook-weight": "-10" + "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded,hook-failed + {{- if .Values.elasticsearch.rollover.annotations }} + {{- toYaml .Values.elasticsearch.rollover.annotations | nindent 4 }} + {{- end }} +{{- end }} \ No newline at end of file diff --git a/charts/jaeger/templates/opensearch/pre-hook/tls-secret.yaml b/charts/jaeger/templates/opensearch/pre-hook/tls-secret.yaml new file mode 100644 index 0000000..7a6cd05 --- /dev/null +++ b/charts/jaeger/templates/opensearch/pre-hook/tls-secret.yaml @@ -0,0 +1,34 @@ +{{- if eq .Values.jaeger.storage.type "elasticsearch" }} +{{- if not .Values.elasticsearch.client.tls.existingSecret }} +{{- if or .Values.elasticsearch.client.tls.ca .Values.elasticsearch.client.tls.cert .Values.elasticsearch.client.tls.key }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ .Values.jaeger.serviceName }}-es-pre-hook-tls-assets + labels: + name: {{ .Values.jaeger.serviceName }}-es-pre-hook-tls-assets + app.kubernetes.io/name: {{ .Values.jaeger.serviceName }}-es-pre-hook-tls-assets + app.kubernetes.io/instance: {{ cat .Values.jaeger.serviceName "-es-pre-hook-tls-assets-" .Release.Namespace | nospace | trunc 63 | trimSuffix "-" }} + app.kubernetes.io/component: jaeger + {{- include "jaeger.commonLabels" . | nindent 4 }} + {{- if .Values.elasticsearch.rollover.labels }} + {{- toYaml .Values.elasticsearch.rollover.labels | nindent 4 }} + {{- end }} + annotations: + "helm.sh/hook": pre-install,pre-upgrade + # Must be created before the rollover init hook + "helm.sh/hook-weight": "-5" + "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded,hook-failed + {{- if .Values.elasticsearch.rollover.annotations }} + {{- toYaml .Values.elasticsearch.rollover.annotations | nindent 4 }} + {{- end }} +data: + {{- if .Values.elasticsearch.client.tls.commonName }} + commonName: {{ .Values.elasticsearch.client.tls.commonName | b64enc }} + {{- end }} + ca-cert.pem: {{ .Values.elasticsearch.client.tls.ca | b64enc }} + client-cert.pem: {{ .Values.elasticsearch.client.tls.cert | b64enc}} + client-key.pem: {{ .Values.elasticsearch.client.tls.key | b64enc }} +{{- end }} +{{- end }} +{{- end }} diff --git a/charts/jaeger/templates/opensearch/rollover-cronjob.yaml b/charts/jaeger/templates/opensearch/rollover-cronjob.yaml new file mode 100644 index 0000000..0b84a7e --- /dev/null +++ b/charts/jaeger/templates/opensearch/rollover-cronjob.yaml @@ -0,0 +1,155 @@ +{{- if .Values.elasticsearch.rollover.install }} +apiVersion: batch/v1 +kind: CronJob +metadata: + name: {{ .Values.jaeger.serviceName }}-rollover + labels: + name: {{ .Values.jaeger.serviceName }}-rollover + app.kubernetes.io/name: {{ .Values.jaeger.serviceName }}-rollover + app.kubernetes.io/instance: {{ cat .Values.jaeger.serviceName "-rollover-" .Release.Namespace | nospace | trunc 63 | trimSuffix "-" }} + app.kubernetes.io/component: jaeger + {{- include "jaeger.commonLabels" . | nindent 4 }} + {{- if .Values.elasticsearch.rollover.labels }} + {{- toYaml .Values.elasticsearch.rollover.labels | nindent 4 }} + {{- end }} + {{- if .Values.elasticsearch.rollover.annotations }} + annotations: + {{- toYaml .Values.elasticsearch.rollover.annotations | nindent 4 }} + {{- end }} +spec: + concurrencyPolicy: {{ .Values.elasticsearch.rollover.concurrencyPolicy }} + schedule: {{ .Values.elasticsearch.rollover.schedule | quote }} + successfulJobsHistoryLimit: {{ .Values.elasticsearch.rollover.successfulJobsHistoryLimit }} + failedJobsHistoryLimit: {{ .Values.elasticsearch.rollover.failedJobsHistoryLimit }} + suspend: false + jobTemplate: + spec: + {{- if semverCompare ">=1.21-0" .Capabilities.KubeVersion.GitVersion }} + ttlSecondsAfterFinished: {{ .Values.elasticsearch.rollover.ttlSecondsAfterFinished }} + {{- end }} + template: + metadata: + {{- if .Values.elasticsearch.rollover.annotations }} + annotations: + {{- toYaml .Values.elasticsearch.rollover.annotations | nindent 12 }} + {{- end }} + labels: + name: {{ .Values.jaeger.serviceName }}-rollover + app.kubernetes.io/name: {{ .Values.jaeger.serviceName }}-rollover + app.kubernetes.io/instance: {{ cat .Values.jaeger.serviceName "-rollover-" .Release.Namespace | nospace | trunc 63 | trimSuffix "-" }} + app.kubernetes.io/component: jaeger + {{- include "jaeger.commonLabels" . | nindent 12 }} + app.kubernetes.io/managed-by: Helm + {{- if .Values.elasticsearch.rollover.labels }} + {{- toYaml .Values.elasticsearch.rollover.labels | nindent 12 }} + {{- end }} + spec: + serviceAccountName: {{ .Values.jaeger.serviceName }}-rollover + securityContext: + {{- include "elasticsearch.rollovercronjob.securityContext" . }} + restartPolicy: OnFailure + {{- if .Values.elasticsearch.rollover.affinity }} + affinity: + {{- toYaml .Values.elasticsearch.rollover.affinity | nindent 12 }} + {{- end }} + {{- if .Values.elasticsearch.rollover.nodeSelector }} + nodeSelector: + {{- toYaml .Values.elasticsearch.rollover.nodeSelector | nindent 12 }} + {{- end }} + {{- if .Values.elasticsearch.rollover.tolerations }} + tolerations: + {{- toYaml .Values.elasticsearch.rollover.tolerations | nindent 12 }} + {{- end }} + {{- with .Values.elasticsearch.rollover.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- if .Values.elasticsearch.rollover.priorityClassName }} + priorityClassName: {{ .Values.elasticsearch.rollover.priorityClassName }} + {{- end }} + containers: + - name: {{ .Values.elasticsearch.rollover.name }} + image: {{ template "rollover.image" . }} + imagePullPolicy: {{ .Values.elasticsearch.rollover.imagePullPolicy }} + args: + - rollover + - {{ include "elasticsearch.url" . }} + env: + - name: ES_SERVER_URLS + value: {{ include "elasticsearch.url" . }} + - name: ES_USERNAME + valueFrom: + secretKeyRef: + name: {{ if .Values.elasticsearch.existingSecret }}{{ .Values.elasticsearch.existingSecret }}{{- else }}jaeger-elasticsearch{{- end }} + key: username + - name: ES_PASSWORD + valueFrom: + secretKeyRef: + name: {{ if .Values.elasticsearch.existingSecret }}{{ .Values.elasticsearch.existingSecret }}{{- else }}jaeger-elasticsearch{{- end }} + key: password + {{- if .Values.elasticsearch.client.tls.enabled }} + - name: ES_TLS_ENABLED + value: {{ .Values.elasticsearch.client.tls.enabled | quote }} + {{- if or .Values.elasticsearch.client.tls.existingSecret (or .Values.elasticsearch.client.tls.ca .Values.elasticsearch.client.tls.cert .Values.elasticsearch.client.tls.key) }} + - name: ES_TLS_CA + value: /es-tls/ca-cert.pem + - name: ES_TLS_CERT + value: /es-tls/client-cert.pem + - name: ES_TLS_KEY + value: /es-tls/client-key.pem + {{- else if .Values.elasticsearch.client.tls.insecureSkipVerify }} + - name: ES_TLS_SKIP_HOST_VERIFY + value: {{ .Values.elasticsearch.client.tls.insecureSkipVerify | quote }} + {{- end }} + {{- end }} + {{- with .Values.elasticsearch.rollover.extraEnv }} + {{- toYaml . | nindent 14 }} + {{- end }} + resources: + {{- toYaml .Values.elasticsearch.rollover.resources | nindent 14 }} + securityContext: + {{- include "elasticsearch.rollovercronjob.containerSecurityContext" . }} + volumeMounts: + {{- if and .Values.elasticsearch.client.tls.enabled (not .Values.elasticsearch.client.tls.insecureSkipVerify) }} + - name: {{ .Values.jaeger.serviceName }}-elasticsearch-tls-assets + mountPath: "/es-tls/ca-cert.pem" + subPath: "ca-cert.pem" + readOnly: true + - name: {{ .Values.jaeger.serviceName }}-elasticsearch-tls-assets + mountPath: "/es-tls/client-cert.pem" + subPath: "client-cert.pem" + readOnly: true + - name: {{ .Values.jaeger.serviceName }}-elasticsearch-tls-assets + mountPath: "/es-tls/client-key.pem" + subPath: "client-key.pem" + readOnly: true + {{- end }} + {{- range .Values.elasticsearch.rollover.extraConfigmapMounts }} + - name: {{ .name }} + mountPath: {{ .mountPath }} + subPath: {{ .subPath }} + readOnly: {{ .readOnly }} + {{- end }} + {{- range .Values.elasticsearch.rollover.extraSecretMounts }} + - name: {{ .name }} + mountPath: {{ .mountPath }} + subPath: {{ .subPath }} + readOnly: {{ .readOnly }} + {{- end }} + volumes: + {{- if and .Values.elasticsearch.client.tls.enabled (not .Values.elasticsearch.client.tls.insecureSkipVerify) }} + - name: {{ .Values.jaeger.serviceName }}-elasticsearch-tls-assets + secret: + secretName: {{ template "elasticsearch.tls.secretName" . }} + {{- end }} + {{- range .Values.elasticsearch.rollover.extraConfigmapMounts }} + - name: {{ .name }} + configMap: + name: {{ .configMap }} + {{- end }} + {{- range .Values.elasticsearch.rollover.extraSecretMounts }} + - name: {{ .name }} + secret: + secretName: {{ .secretName }} + {{- end }} +{{- end }} diff --git a/charts/jaeger/templates/opensearch/rollover-service-account.yaml b/charts/jaeger/templates/opensearch/rollover-service-account.yaml new file mode 100644 index 0000000..de6de32 --- /dev/null +++ b/charts/jaeger/templates/opensearch/rollover-service-account.yaml @@ -0,0 +1,19 @@ +{{- if .Values.elasticsearch.rollover.install }} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ .Values.jaeger.serviceName }}-rollover + labels: + name: {{ .Values.jaeger.serviceName }}-rollover + app.kubernetes.io/name: {{ .Values.jaeger.serviceName }}-rollover + app.kubernetes.io/instance: {{ cat .Values.jaeger.serviceName "-rollover-" .Release.Namespace | nospace | trunc 63 | trimSuffix "-" }} + app.kubernetes.io/component: jaeger + {{- include "jaeger.commonLabels" . | nindent 4 }} + {{- if .Values.elasticsearch.rollover.labels }} + {{- toYaml .Values.elasticsearch.rollover.labels | nindent 4 }} + {{- end }} + {{- if .Values.elasticsearch.rollover.annotations }} + annotations: + {{- toYaml .Values.elasticsearch.rollover.annotations | nindent 4 }} + {{- end }} +{{- end }} \ No newline at end of file diff --git a/charts/jaeger/templates/opensearch/tls-secret.yaml b/charts/jaeger/templates/opensearch/tls-secret.yaml new file mode 100644 index 0000000..175e8fe --- /dev/null +++ b/charts/jaeger/templates/opensearch/tls-secret.yaml @@ -0,0 +1,29 @@ +{{- if eq .Values.jaeger.storage.type "elasticsearch" }} +{{- if not .Values.elasticsearch.client.tls.existingSecret }} +{{- if or .Values.elasticsearch.client.tls.ca .Values.elasticsearch.client.tls.cert .Values.elasticsearch.client.tls.key }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ .Values.jaeger.serviceName }}-elasticsearch-tls-assets + labels: + name: {{ .Values.jaeger.serviceName }}-elasticsearch-tls-assets + app.kubernetes.io/name: {{ .Values.jaeger.serviceName }}-elasticsearch-tls-assets + app.kubernetes.io/instance: {{ cat .Values.jaeger.serviceName "-elasticsearch-tls-assets-" .Release.Namespace | nospace | trunc 63 | trimSuffix "-" }} + app.kubernetes.io/component: jaeger + {{- include "jaeger.commonLabels" . | nindent 4 }} + {{- if .Values.elasticsearch.rollover.labels }} + {{- toYaml .Values.elasticsearch.rollover.labels | nindent 4 }} + {{- end }} + {{- if .Values.elasticsearch.rollover.annotations }} + {{- toYaml .Values.elasticsearch.rollover.annotations | nindent 4 }} + {{- end }} +data: + {{- if .Values.elasticsearch.client.tls.commonName }} + commonName: {{ .Values.elasticsearch.client.tls.commonName | b64enc }} + {{- end }} + ca-cert.pem: {{ .Values.elasticsearch.client.tls.ca | b64enc }} + client-cert.pem: {{ .Values.elasticsearch.client.tls.cert | b64enc}} + client-key.pem: {{ .Values.elasticsearch.client.tls.key | b64enc }} +{{- end }} +{{- end }} +{{- end }} diff --git a/charts/jaeger/templates/query/auth-proxy/proxy-secret-config.yaml b/charts/jaeger/templates/query/auth-proxy/proxy-secret-config.yaml new file mode 100644 index 0000000..2358afe --- /dev/null +++ b/charts/jaeger/templates/query/auth-proxy/proxy-secret-config.yaml @@ -0,0 +1,206 @@ +{{- if .Values.proxy.install }} +kind: Secret +apiVersion: v1 +metadata: + name: proxy-config + labels: + name: proxy-config + app.kubernetes.io/name: proxy-config + app.kubernetes.io/instance: {{ cat "proxy-config-" .Release.Namespace | nospace | trunc 63 | trimSuffix "-" }} + app.kubernetes.io/component: query + {{- include "jaeger.commonLabels" . | nindent 4 }} + {{- if .Values.query.labels }} + {{- toYaml .Values.query.labels | nindent 4 }} + {{- end }} + {{- if .Values.query.annotations }} + annotations: + {{- toYaml .Values.query.annotations | nindent 4 }} + {{- end }} +type: Opaque +stringData: + config.yaml: |- + admin: + address: + socket_address: + protocol: TCP + address: 0.0.0.0 + port_value: 9901 + {{- if eq .Values.proxy.type "oauth2" }} + static_resources: + listeners: + - name: listener_proxy + address: + socket_address: + address: 0.0.0.0 + port_value: 16688 + filter_chains: + - filters: + - name: envoy.filters.network.http_connection_manager + typed_config: + "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager + codec_type: auto + stat_prefix: ingress_http + access_log: + - name: "envoy.access_loggers.stdout" + typed_config: + "@type": type.googleapis.com/envoy.extensions.access_loggers.stream.v3.StdoutAccessLog + log_format: + text_format_source: + inline_string: "[%START_TIME%] audit_log_type %REQ(:METHOD)% %REQ(X-ENVOY-ORIGINAL-PATH?:PATH)% %PROTOCOL% %RESPONSE_CODE% %RESPONSE_FLAGS% %BYTES_RECEIVED% %BYTES_SENT% %DURATION% %RESP(X-ENVOY-UPSTREAM-SERVICE-TIME)% %REQ(X-FORWARDED-FOR)% %REQ(USER-AGENT)% %REQ(X-REQUEST-ID)% %REQ(:AUTHORITY)% %UPSTREAM_HOST%\n" + route_config: + name: local_route + virtual_hosts: + - name: upstream + domains: + - "*" + routes: + - match: + prefix: / + route: + cluster: upstream-service + http_filters: + - name: envoy.filters.http.oauth2 + typed_config: + "@type": type.googleapis.com/envoy.extensions.filters.http.oauth2.v3.OAuth2 + config: + token_endpoint: + cluster: auth + uri: {{ .Values.proxy.oauth2.tokenEndpoint }} + timeout: 5s + authorization_endpoint: {{ .Values.proxy.oauth2.authorizationEndpoint }} + redirect_uri: "https://%REQ(:authority)%/callback" + auth_scopes: "openid profile" + redirect_path_matcher: + path: + exact: /callback + signout_path: + path: + exact: /signout + credentials: + client_id: {{ .Values.proxy.oauth2.clientId }} + token_secret: + name: token + sds_config: + resource_api_version: V3 + path_config_source: {"path": /envoy/oauth2/token-secret.yaml} + hmac_secret: + name: hmac + sds_config: + resource_api_version: V3 + path_config_source: {"path": /envoy/oauth2/hmac-secret.yaml} + forward_bearer_token: true + - name: envoy.filters.http.router + typed_config: + "@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router + clusters: + - name: auth + connect_timeout: 5s + type: LOGICAL_DNS + dns_lookup_family: V4_ONLY + lb_policy: ROUND_ROBIN + load_assignment: + cluster_name: auth + endpoints: + - lb_endpoints: + - endpoint: + address: + socket_address: + address: {{ .Values.proxy.oauth2.idpAddress }} + port_value: {{ .Values.proxy.oauth2.idpPort }} + {{- if and .Values.proxy.oauth2.authorizationEndpoint (hasPrefix "https://" .Values.proxy.oauth2.authorizationEndpoint) }} + transport_socket: + name: envoy.transport_sockets.tls + typed_config: + "@type": type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.UpstreamTlsContext + sni: {{ .Values.proxy.oauth2.idpAddress }} + {{- end }} + - name: upstream-service + connect_timeout: 5s + type: STRICT_DNS + lb_policy: ROUND_ROBIN + load_assignment: + cluster_name: upstream-service + endpoints: + - lb_endpoints: + - endpoint: + address: + socket_address: + address: 0.0.0.0 + port_value: 16686 + {{- else }} + static_resources: + listeners: + - name: listener_proxy + address: + socket_address: + protocol: TCP + address: 0.0.0.0 + port_value: 16688 + filter_chains: + - filters: + - name: envoy.http_connection_manager + typed_config: + "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager + stat_prefix: ingress_http + access_log: + - name: "envoy.access_loggers.stdout" + typed_config: + "@type": type.googleapis.com/envoy.extensions.access_loggers.stream.v3.StdoutAccessLog + log_format: + text_format_source: + inline_string: "[%START_TIME%] audit_log_type %REQ(:METHOD)% %REQ(X-ENVOY-ORIGINAL-PATH?:PATH)% %PROTOCOL% %RESPONSE_CODE% %RESPONSE_FLAGS% %BYTES_RECEIVED% %BYTES_SENT% %DURATION% %RESP(X-ENVOY-UPSTREAM-SERVICE-TIME)% %REQ(X-FORWARDED-FOR)% %REQ(USER-AGENT)% %REQ(X-REQUEST-ID)% %REQ(:AUTHORITY)% %UPSTREAM_HOST%\n" + route_config: + name: local_route + virtual_hosts: + - name: upstream + domains: ["*"] + routes: + - match: + prefix: "/" + route: + cluster: upstream-service + metadata: + filter_metadata: + envoy.filters.http.lua: + credentials: + {{- range .Values.proxy.basic.users }} + - "Basic {{ . }}" + {{- end }} + http_filters: + - name: envoy.filters.http.lua + typed_config: + "@type": type.googleapis.com/envoy.extensions.filters.http.lua.v3.Lua + default_source_code: + inline_string: | + function envoy_on_request(request_handle) + for _, credential in pairs(request_handle:metadata():get("credentials")) do + if request_handle:headers():get("authorization") == credential + then + return + end + end + request_handle:respond( + {[":status"] = "401", ["WWW-Authenticate"] = "Basic realm=\"Unknown\""}, "Unauthorized" + ) + end + - name: envoy.filters.http.router + typed_config: + "@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router + clusters: + - name: upstream-service + connect_timeout: 25s + type: LOGICAL_DNS + # Comment out the following line to test on v6 networks + dns_lookup_family: V4_ONLY + lb_policy: ROUND_ROBIN + load_assignment: + cluster_name: upstream-service + endpoints: + - lb_endpoints: + - endpoint: + address: + socket_address: + address: localhost + port_value: 16686 + {{- end }} +{{- end }} diff --git a/charts/jaeger/templates/query/auth-proxy/proxy-secret-oauth-token.yaml b/charts/jaeger/templates/query/auth-proxy/proxy-secret-oauth-token.yaml new file mode 100644 index 0000000..45fe931 --- /dev/null +++ b/charts/jaeger/templates/query/auth-proxy/proxy-secret-oauth-token.yaml @@ -0,0 +1,35 @@ +{{- if eq .Values.proxy.type "oauth2" }} +kind: Secret +apiVersion: v1 +metadata: + name: oauth2-token + labels: + name: oauth2-token + app.kubernetes.io/name: oauth2-token + app.kubernetes.io/instance: {{ cat "oauth2-token-" .Release.Namespace | nospace | trunc 63 | trimSuffix "-" }} + app.kubernetes.io/component: query + {{- include "jaeger.commonLabels" . | nindent 4 }} + {{- if .Values.query.labels }} + {{- toYaml .Values.query.labels | nindent 4 }} + {{- end }} + {{- if .Values.query.annotations }} + annotations: + {{- toYaml .Values.query.annotations | nindent 4 }} + {{- end }} +type: Opaque +stringData: + token-secret.yaml: >- + resources: + - "@type": "type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.Secret" + name: token + generic_secret: + secret: + inline_string: {{ .Values.proxy.oauth2.clientToken }} + hmac-secret.yaml: >- + resources: + - "@type": "type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.Secret" + name: hmac + generic_secret: + secret: + inline_bytes: {{ randAlphaNum 32 | b64enc }} +{{- end }} diff --git a/charts/jaeger/templates/query/deployment.yaml b/charts/jaeger/templates/query/deployment.yaml new file mode 100644 index 0000000..5b1f273 --- /dev/null +++ b/charts/jaeger/templates/query/deployment.yaml @@ -0,0 +1,406 @@ +{{- if .Values.query.install }} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ .Values.jaeger.serviceName }}-query + labels: + name: {{ .Values.jaeger.serviceName }}-query + app.kubernetes.io/name: {{ .Values.jaeger.serviceName }}-query + app.kubernetes.io/instance: {{ cat .Values.jaeger.serviceName "-query-" .Release.Namespace | nospace | trunc 63 | trimSuffix "-" }} + app.kubernetes.io/component: query + {{- include "jaeger.commonLabels" . | nindent 4 }} + {{- if .Values.query.labels }} + {{- toYaml .Values.query.labels | nindent 4 }} + {{- end }} + {{- if .Values.query.annotations }} + annotations: + {{- toYaml .Values.query.annotations | nindent 4 }} + {{- end }} +spec: + progressDeadlineSeconds: 600 + replicas: {{ .Values.query.replicas }} + revisionHistoryLimit: 10 + selector: + matchLabels: + app.kubernetes.io/name: {{ .Values.jaeger.serviceName }}-query + app.kubernetes.io/component: query + strategy: + rollingUpdate: + maxSurge: 25% + maxUnavailable: 25% + type: RollingUpdate + template: + metadata: + labels: + name: {{ .Values.jaeger.serviceName }}-query + app.kubernetes.io/name: {{ .Values.jaeger.serviceName }}-query + app.kubernetes.io/instance: {{ cat .Values.jaeger.serviceName "-query-" .Release.Namespace | nospace | trunc 63 | trimSuffix "-" }} + app.kubernetes.io/component: query + {{- include "jaeger.commonLabels" . | nindent 8 }} + app.kubernetes.io/managed-by: Helm + {{- if .Values.query.labels }} + {{- toYaml .Values.query.labels | nindent 8 }} + {{- end }} + {{- if .Values.query.annotations }} + annotations: + {{- toYaml .Values.query.annotations | nindent 8 }} + {{- end }} + spec: + {{- with .Values.query.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- if .Values.query.priorityClassName }} + priorityClassName: {{ .Values.query.priorityClassName }} + {{- end }} + serviceAccountName: {{ .Values.jaeger.serviceName }}-query + containers: + {{- if .Values.proxy.install }} + - name: proxy + image: {{ include "proxy.image" . }} + imagePullPolicy: IfNotPresent + args: + - '--config-path /envoy/config.yaml' + - '--service-cluster envoy' + - '--service-node envoy' + ports: + - containerPort: 16688 + protocol: TCP + - containerPort: 9901 + protocol: TCP + env: + - name: ENVOY_UID + value: '0' + - name: ENVOY_GID + value: '0' + resources: + {{- toYaml .Values.proxy.resources | nindent 12 }} + livenessProbe: + httpGet: + path: /ready + port: 9901 + scheme: HTTP + initialDelaySeconds: 15 + timeoutSeconds: 5 + periodSeconds: 20 + successThreshold: 1 + failureThreshold: 15 + readinessProbe: + httpGet: + path: /ready + port: 9901 + scheme: HTTP + initialDelaySeconds: 15 + timeoutSeconds: 5 + periodSeconds: 10 + successThreshold: 1 + failureThreshold: 60 + volumeMounts: + - name: envoy-config + mountPath: /envoy + {{- if eq .Values.proxy.type "oauth2" }} + - name: oauth2-token + mountPath: /envoy/oauth2 + {{- end }} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + securityContext: + {{- include "proxy.containerSecurityContext" . }} + {{- end }} + {{- if .Values.readinessProbe.install }} + - name: readiness-probe + image: {{ template "readiness-probe.image" . }} + imagePullPolicy: {{ .Values.readinessProbe.imagePullPolicy }} + command: [ "/app/probe" ] + args: + {{- template "readinessProbe.args" . }} + ports: + - containerPort: 8080 + protocol: TCP + readinessProbe: + failureThreshold: 1 + httpGet: + path: /health + port: 8080 + scheme: HTTP + initialDelaySeconds: 5 + periodSeconds: 600 + successThreshold: 1 + timeoutSeconds: 900 + livenessProbe: + failureThreshold: 1 + httpGet: + path: /health + port: 8080 + scheme: HTTP + initialDelaySeconds: 5 + periodSeconds: 5 + successThreshold: 1 + timeoutSeconds: 10 + resources: + {{- toYaml .Values.readinessProbe.resources | nindent 12 }} + securityContext: + {{- include "readinessProbe.containerSecurityContext" . }} + volumeMounts: + {{- if .Values.cassandraSchemaJob.tls.enabled }} + - name: {{ template "cassandraSchemaJob.tls.secretName" . }} + mountPath: "/cassandra-tls/ca-cert.pem" + subPath: "ca-cert.pem" + readOnly: true + - name: {{ template "cassandraSchemaJob.tls.secretName" . }} + mountPath: "/cassandra-tls/client-cert.pem" + subPath: "client-cert.pem" + readOnly: true + - name: {{ template "cassandraSchemaJob.tls.secretName" . }} + mountPath: "/cassandra-tls/client-key.pem" + subPath: "client-key.pem" + readOnly: true + {{- end }} + {{- if and .Values.elasticsearch.client.tls.enabled (not .Values.elasticsearch.client.tls.insecureSkipVerify) }} + - name: {{ .Values.jaeger.serviceName }}-elasticsearch-tls-assets + mountPath: "/es-tls/ca-cert.pem" + subPath: "ca-cert.pem" + readOnly: true + - name: {{ .Values.jaeger.serviceName }}-elasticsearch-tls-assets + mountPath: "/es-tls/client-cert.pem" + subPath: "client-cert.pem" + readOnly: true + - name: {{ .Values.jaeger.serviceName }}-elasticsearch-tls-assets + mountPath: "/es-tls/client-key.pem" + subPath: "client-key.pem" + readOnly: true + {{- end }} + {{- end }} + - name: jaeger-query + image: {{ template "query.image" . }} + imagePullPolicy: {{ .Values.query.imagePullPolicy }} + args: + - '--query.ui-config=/etc/config/query-ui-config.json' + {{- if .Values.query.cmdlineParams }} + {{- toYaml .Values.query.cmdlineParams | nindent 12 }} + {{- end }} + env: + {{- if .Values.query.config }} + - name: QUERY_UI_CONFIG + value: /etc/conf/query-ui-config.json + {{- end }} + - name: SPAN_STORAGE_TYPE + value: {{ .Values.jaeger.storage.type }} + - name: JAEGER_SERVICE_NAME + value: {{ .Values.jaeger.serviceName }}.{{ .Release.Namespace }} + - name: JAEGER_PROPAGATION + value: 'jaeger,b3' + {{- if .Values.query.extraEnv }} + {{- toYaml .Values.query.extraEnv | nindent 12 }} + {{- end }} + {{- /* Section with Cassandra enviroment variables */}} + {{- if eq .Values.jaeger.storage.type "cassandra" }} + - name: CASSANDRA_SERVERS + value: {{ include "cassandraSchemaJob.host" . | quote }} + - name: CASSANDRA_PORT + value: {{ include "cassandraSchemaJob.port" . | quote }} + - name: CASSANDRA_USERNAME + valueFrom: + secretKeyRef: + name: {{ template "cassandraSchemaJob.secretName" . }} + key: username + - name: CASSANDRA_PASSWORD + valueFrom: + secretKeyRef: + name: {{ template "cassandraSchemaJob.secretName" . }} + key: password + - name: CASSANDRA_BASIC_ALLOWED_AUTHENTICATORS + value: {{ template "cassandraSchemaJob.allowedAuthenticators" . }} + {{- if .Values.cassandraSchemaJob.keyspace }} + - name: CASSANDRA_KEYSPACE + value: {{ .Values.cassandraSchemaJob.keyspace }} + {{- end }} + - name: CASSANDRA_LOCAL_DC + value: {{ include "cassandraSchemaJob.datacenter" . }} + {{- if .Values.cassandraSchemaJob.tls.enabled }} + - name: CASSANDRA_TLS_ENABLED + value: "true" + {{- if .Values.cassandraSchemaJob.tls.commonName }} + - name: CASSANDRA_TLS_SERVER_NAME + valueFrom: + secretKeyRef: + name: {{ template "cassandraSchemaJob.tls.secretName" . }} + key: commonName + {{- end }} + - name: CASSANDRA_TLS_KEY + value: "/cassandra-tls/client-key.pem" + - name: CASSANDRA_TLS_CERT + value: "/cassandra-tls/client-cert.pem" + - name: CASSANDRA_TLS_CA + value: "/cassandra-tls/ca-cert.pem" + {{- end }} + {{- /* Section with Cassandra extra enviroment variables */}} + {{- if .Values.cassandraSchemaJob.extraEnv }} + {{- toYaml .Values.cassandraSchemaJob.extraEnv | nindent 12 }} + {{- end }} + {{- /* Section with ElasticSearch/OpenSearch enviroment variables */}} + {{- else if eq .Values.jaeger.storage.type "elasticsearch" }} + - name: ES_SERVER_URLS + value: {{ include "elasticsearch.url" . }} + - name: ES_USERNAME + valueFrom: + secretKeyRef: + name: {{ if .Values.elasticsearch.existingSecret }}{{ .Values.elasticsearch.existingSecret }}{{- else }}jaeger-elasticsearch{{- end }} + key: username + - name: ES_PASSWORD + valueFrom: + secretKeyRef: + name: {{ if .Values.elasticsearch.existingSecret }}{{ .Values.elasticsearch.existingSecret }}{{- else }}jaeger-elasticsearch{{- end }} + key: password + {{- if .Values.elasticsearch.indexPrefix }} + - name: ES_INDEX_PREFIX + value: {{ .Values.elasticsearch.indexPrefix }} + {{- end }} + {{- if .Values.elasticsearch.client.tls.enabled }} + - name: ES_TLS_ENABLED + value: {{ .Values.elasticsearch.client.tls.enabled | quote }} + {{- if or .Values.elasticsearch.client.tls.existingSecret (or .Values.elasticsearch.client.tls.ca .Values.elasticsearch.client.tls.cert .Values.elasticsearch.client.tls.key) }} + - name: ES_TLS_CA + value: /es-tls/ca-cert.pem + - name: ES_TLS_CERT + value: /es-tls/client-cert.pem + - name: ES_TLS_KEY + value: /es-tls/client-key.pem + {{- else if .Values.elasticsearch.client.tls.insecureSkipVerify }} + - name: ES_TLS_SKIP_HOST_VERIFY + value: {{ .Values.elasticsearch.client.tls.insecureSkipVerify | quote }} + {{- end }} + {{- end }} + {{- range $key, $value := .Values.elasticsearch.env }} + - name: {{ $key | quote }} + value: {{ $value | quote }} + {{- end }} + {{- /* Section with ElasticSearch/OpenSearch extra enviroment variables */}} + {{- if .Values.elasticsearch.extraEnv }} + {{ toYaml .Values.elasticsearch.extraEnv | nindent 12 }} + {{- end }} + {{- end }} + livenessProbe: + failureThreshold: 5 + httpGet: + path: / + port: admin-http + scheme: HTTP + initialDelaySeconds: 15 + periodSeconds: 15 + successThreshold: 1 + timeoutSeconds: 1 + {{- if .Values.readinessProbe.install }} + readinessProbe: + failureThreshold: 1 + httpGet: + path: /health + port: 8080 + scheme: HTTP + initialDelaySeconds: 1 + periodSeconds: 300 + successThreshold: 1 + timeoutSeconds: 600 + {{- else }} + readinessProbe: + failureThreshold: 3 + httpGet: + path: / + port: admin-http + scheme: HTTP + initialDelaySeconds: 15 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + {{- end }} + ports: + - containerPort: 16686 + name: query + protocol: TCP + - containerPort: 16687 + name: admin-http + protocol: TCP + resources: + {{- toYaml .Values.query.resources | nindent 12 }} + securityContext: + {{- include "query.containerSecurityContext" . }} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /etc/config + name: {{ .Values.jaeger.serviceName }}-ui-configuration-volume + readOnly: true + {{- if .Values.cassandraSchemaJob.tls.enabled }} + - name: {{ template "cassandraSchemaJob.tls.secretName" . }} + mountPath: "/cassandra-tls/ca-cert.pem" + subPath: "ca-cert.pem" + readOnly: true + - name: {{ template "cassandraSchemaJob.tls.secretName" . }} + mountPath: "/cassandra-tls/client-cert.pem" + subPath: "client-cert.pem" + readOnly: true + - name: {{ template "cassandraSchemaJob.tls.secretName" . }} + mountPath: "/cassandra-tls/client-key.pem" + subPath: "client-key.pem" + readOnly: true + {{- end }} + {{- if and .Values.elasticsearch.client.tls.enabled (not .Values.elasticsearch.client.tls.insecureSkipVerify) }} + - name: {{ .Values.jaeger.serviceName }}-elasticsearch-tls-assets + mountPath: "/es-tls/ca-cert.pem" + subPath: "ca-cert.pem" + readOnly: true + - name: {{ .Values.jaeger.serviceName }}-elasticsearch-tls-assets + mountPath: "/es-tls/client-cert.pem" + subPath: "client-cert.pem" + readOnly: true + - name: {{ .Values.jaeger.serviceName }}-elasticsearch-tls-assets + mountPath: "/es-tls/client-key.pem" + subPath: "client-key.pem" + readOnly: true + {{- end }} + dnsPolicy: ClusterFirst + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + {{- include "query.securityContext" . }} + terminationGracePeriodSeconds: 30 + volumes: + - name: {{ .Values.jaeger.serviceName }}-ui-configuration-volume + configMap: + name: {{ .Values.jaeger.serviceName }}-ui-configuration + defaultMode: 420 + {{- if .Values.proxy.install }} + - name: envoy-config + secret: + secretName: proxy-config + defaultMode: 420 + {{- if eq .Values.proxy.type "oauth2" }} + - name: oauth2-token + secret: + secretName: oauth2-token + defaultMode: 420 + {{- end }} + {{- end }} + {{- if .Values.cassandraSchemaJob.tls.enabled }} + - name: {{ template "cassandraSchemaJob.tls.secretName" . }} + secret: + secretName: {{ template "cassandraSchemaJob.tls.secretName" . }} + {{- end }} + {{- if and .Values.elasticsearch.client.tls.enabled (not .Values.elasticsearch.client.tls.insecureSkipVerify) }} + - name: {{ .Values.jaeger.serviceName }}-elasticsearch-tls-assets + secret: + secretName: {{ template "elasticsearch.tls.secretName" . }} + {{- end }} + {{- if .Values.query.affinity }} + affinity: + {{- toYaml .Values.query.affinity | nindent 8 }} + {{- end }} + {{- if .Values.query.nodeSelector }} + nodeSelector: + {{- toYaml .Values.query.nodeSelector | nindent 8 }} + {{- end }} + {{- if .Values.query.tolerations }} + tolerations: + {{- toYaml .Values.query.tolerations | nindent 8 }} + {{- end }} +{{- end }} diff --git a/charts/jaeger/templates/query/ingress.yaml b/charts/jaeger/templates/query/ingress.yaml new file mode 100644 index 0000000..183ba86 --- /dev/null +++ b/charts/jaeger/templates/query/ingress.yaml @@ -0,0 +1,44 @@ +{{- if and .Values.query.install .Values.query.ingress.install }} +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: {{ .Values.jaeger.serviceName }}-query + labels: + name: {{ .Values.jaeger.serviceName }}-query + app.kubernetes.io/name: {{ .Values.jaeger.serviceName }}-query + app.kubernetes.io/instance: {{ cat .Values.jaeger.serviceName "-query-" .Release.Namespace | nospace | trunc 63 | trimSuffix "-" }} + app.kubernetes.io/component: query + {{- include "jaeger.commonLabels" . | nindent 4 }} + {{- if .Values.query.labels }} + {{- toYaml .Values.query.labels | nindent 4 }} + {{- end }} + {{- if .Values.query.annotations }} + annotations: + {{- toYaml .Values.query.annotations | nindent 4 }} + {{- end }} +spec: + {{- if .Values.query.ingress.className }} + ingressClassName: {{ .Values.query.ingress.className }} + {{- end }} + rules: + - host: {{ include "query.ingress" . }} + http: + paths: + - path: / + {{- if semverCompare "<1.21-0" .Capabilities.KubeVersion.GitVersion }} + backend: + serviceName: {{ .Values.jaeger.serviceName }}-query + servicePort: "http-query" + {{- else }} + pathType: Prefix + backend: + service: + name: {{ .Values.jaeger.serviceName }}-query + port: + name: "http-query" + {{- end }} + {{- if .Values.query.ingress.tls }} + tls: + {{- toYaml .Values.query.ingress.tls | nindent 4 }} + {{- end }} +{{- end }} \ No newline at end of file diff --git a/charts/jaeger/templates/query/role.yaml b/charts/jaeger/templates/query/role.yaml new file mode 100644 index 0000000..461c0b1 --- /dev/null +++ b/charts/jaeger/templates/query/role.yaml @@ -0,0 +1,30 @@ +{{- if .Values.query.install }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + creationTimestamp: null + name: jaeger-query + labels: + name: jaeger-query + app.kubernetes.io/name: jaeger-query + app.kubernetes.io/component: jaeger-query + app.kubernetes.io/instance: {{ cat .Values.jaeger.serviceName "-query-" .Release.Namespace | nospace | trunc 63 | trimSuffix "-" }} + app.kubernetes.io/part-of: jaeger + app.kubernetes.io/version: {{ .Chart.AppVersion }} + {{- if .Values.query.labels }} + {{- toYaml .Values.query.labels | nindent 4 }} + {{- end }} + {{- if .Values.query.annotations }} + annotations: + {{- toYaml .Values.query.annotations | nindent 4 }} + {{- end }} +rules: + - apiGroups: + - "" + resources: + - secrets + verbs: + - get + - list + - watch +{{- end }} diff --git a/charts/jaeger/templates/query/role_binding.yaml b/charts/jaeger/templates/query/role_binding.yaml new file mode 100644 index 0000000..65f460d --- /dev/null +++ b/charts/jaeger/templates/query/role_binding.yaml @@ -0,0 +1,27 @@ +{{- if .Values.query.install }} +kind: RoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: jaeger-query + labels: + name: jaeger-query + app.kubernetes.io/name: {{ .Values.jaeger.serviceName }}-query + app.kubernetes.io/instance: {{ cat .Values.jaeger.serviceName "-query-" .Release.Namespace | nospace | trunc 63 | trimSuffix "-" }} + app.kubernetes.io/component: jaeger-query + app.kubernetes.io/part-of: jaeger + app.kubernetes.io/version: {{ .Chart.AppVersion }} + {{- if .Values.query.labels }} + {{- toYaml .Values.query.labels | nindent 4 }} + {{- end }} + {{- if .Values.query.annotations }} + annotations: + {{- toYaml .Values.query.annotations | nindent 4 }} + {{- end }} +subjects: + - kind: ServiceAccount + name: {{ .Values.jaeger.serviceName }}-query +roleRef: + kind: Role + name: jaeger-query + apiGroup: rbac.authorization.k8s.io +{{- end }} \ No newline at end of file diff --git a/charts/jaeger/templates/query/route.yaml b/charts/jaeger/templates/query/route.yaml new file mode 100644 index 0000000..9a2b2c0 --- /dev/null +++ b/charts/jaeger/templates/query/route.yaml @@ -0,0 +1,29 @@ +{{- if and .Values.query.install .Values.query.route.install }} +apiVersion: route.openshift.io/v1 +kind: Route +metadata: + labels: + name: {{ .Values.jaeger.serviceName }}-query + app.kubernetes.io/name: {{ .Values.jaeger.serviceName }}-query + app.kubernetes.io/instance: {{ cat .Values.jaeger.serviceName "-query-" .Release.Namespace | nospace | trunc 63 | trimSuffix "-" }} + app.kubernetes.io/component: query + {{- include "jaeger.commonLabels" . | nindent 4 }} + {{- if .Values.query.labels }} + {{- toYaml .Values.query.labels | nindent 4 }} + {{- end }} + {{- if .Values.query.annotations }} + annotations: + {{- toYaml .Values.query.annotations | nindent 4 }} + {{- end }} + name: {{ .Values.jaeger.serviceName }}-query +spec: + port: + targetPort: http-query + to: + kind: Service + name: {{ .Values.jaeger.serviceName }}-query + weight: 100 + host: {{ include "query.route" . }} +status: + ingress: [] +{{- end }} \ No newline at end of file diff --git a/charts/jaeger/templates/query/service-monitor.yaml b/charts/jaeger/templates/query/service-monitor.yaml new file mode 100644 index 0000000..499f521 --- /dev/null +++ b/charts/jaeger/templates/query/service-monitor.yaml @@ -0,0 +1,37 @@ +{{- if .Values.jaeger.prometheusMonitoring }} +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: {{ .Values.jaeger.serviceName }}-query + labels: + name: {{ .Values.jaeger.serviceName }}-query + app.kubernetes.io/name: {{ .Values.jaeger.serviceName }}-query + app.kubernetes.io/instance: {{ cat .Values.jaeger.serviceName "-query-" .Release.Namespace | nospace | trunc 63 | trimSuffix "-" }} + app.kubernetes.io/component: monitoring # Keep for monitoring contract + app.kubernetes.io/part-of: jaeger + app.kubernetes.io/version: {{ .Chart.AppVersion }} + {{- if .Values.query.labels }} + {{- toYaml .Values.query.labels | nindent 4 }} + {{- end }} + {{- if .Values.query.annotations }} + annotations: + {{- toYaml .Values.query.annotations | nindent 4 }} + {{- end }} +spec: + endpoints: + - interval: 30s + port: admin-http + path: /metrics + scheme: http + {{- if .Values.proxy.install }} + - interval: 30s + path: /stats/prometheus + port: envoy-admin + scheme: http + {{- end }} + jobLabel: k8s + selector: + matchLabels: + app.kubernetes.io/name: {{ .Values.jaeger.serviceName }}-query + app.kubernetes.io/component: query +{{- end }} diff --git a/charts/jaeger/templates/query/service.yaml b/charts/jaeger/templates/query/service.yaml new file mode 100644 index 0000000..812449f --- /dev/null +++ b/charts/jaeger/templates/query/service.yaml @@ -0,0 +1,45 @@ +{{- if .Values.query.install }} +apiVersion: v1 +kind: Service +metadata: + labels: + name: {{ .Values.jaeger.serviceName }}-query + app.kubernetes.io/name: {{ .Values.jaeger.serviceName }}-query + app.kubernetes.io/instance: {{ cat .Values.jaeger.serviceName "-query-" .Release.Namespace | nospace | trunc 63 | trimSuffix "-" }} + app.kubernetes.io/component: query + {{- include "jaeger.commonLabels" . | nindent 4 }} + {{- if .Values.query.labels }} + {{- toYaml .Values.query.labels | nindent 4 }} + {{- end }} + {{- if .Values.query.annotations }} + annotations: + {{- toYaml .Values.query.annotations | nindent 4 }} + {{- end }} + name: {{ .Values.jaeger.serviceName }}-query +spec: + ports: + {{- if .Values.proxy.install }} + - name: http-query + port: 16686 + protocol: TCP + targetPort: 16688 + - name: envoy-admin + port: 9901 + protocol: TCP + targetPort: 9901 + {{- else }} + - name: http-query + port: 16686 + protocol: TCP + targetPort: 16686 + {{- end }} + - name: admin-http + port: 16687 + protocol: TCP + targetPort: 16687 + selector: + app.kubernetes.io/name: {{ .Values.jaeger.serviceName }}-query + app.kubernetes.io/component: query + sessionAffinity: None + type: ClusterIP +{{- end }} diff --git a/charts/jaeger/templates/query/service_account.yaml b/charts/jaeger/templates/query/service_account.yaml new file mode 100644 index 0000000..6a41738 --- /dev/null +++ b/charts/jaeger/templates/query/service_account.yaml @@ -0,0 +1,19 @@ +{{- if .Values.query.install }} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ .Values.jaeger.serviceName }}-query + labels: + name: {{ .Values.jaeger.serviceName }}-query + app.kubernetes.io/name: {{ .Values.jaeger.serviceName }}-query + app.kubernetes.io/instance: {{ cat .Values.jaeger.serviceName "-query-" .Release.Namespace | nospace | trunc 63 | trimSuffix "-" }} + app.kubernetes.io/component: query + {{- include "jaeger.commonLabels" . | nindent 4 }} + {{- if .Values.query.labels }} + {{- toYaml .Values.query.labels | nindent 4 }} + {{- end }} + {{- if .Values.query.annotations }} + annotations: + {{- toYaml .Values.query.annotations | nindent 4 }} + {{- end }} +{{- end }} \ No newline at end of file diff --git a/charts/jaeger/templates/query/ui-config-configmap.yaml b/charts/jaeger/templates/query/ui-config-configmap.yaml new file mode 100644 index 0000000..e9008ea --- /dev/null +++ b/charts/jaeger/templates/query/ui-config-configmap.yaml @@ -0,0 +1,37 @@ +{{- if .Values.query.install }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ .Values.jaeger.serviceName }}-ui-configuration + labels: + name: {{ .Values.jaeger.serviceName }}-ui-configuration + app.kubernetes.io/name: {{ .Values.jaeger.serviceName }}-ui-configuration + app.kubernetes.io/instance: {{ cat .Values.jaeger.serviceName "-ui-configuration-" .Release.Namespace | nospace | trunc 63 | trimSuffix "-" }} + app.kubernetes.io/component: query + {{- include "jaeger.commonLabels" . | nindent 4 }} + {{- if .Values.query.labels }} + {{- toYaml .Values.query.labels | nindent 4 }} + {{- end }} + {{- if .Values.query.annotations }} + annotations: + {{- toYaml .Values.query.annotations | nindent 4 }} + {{- end }} +data: + query-ui-config.json: >- + { + "menu":[ + { + "items":[ + { + "label":"Documentation", + "url":"https://www.jaegertracing.io/docs/latest" + } + ], + "label":"About" + } + ], + "monitor": { + "menuEnabled": false + } + } +{{- end }} diff --git a/charts/jaeger/templates/status-provisioner/job.yaml b/charts/jaeger/templates/status-provisioner/job.yaml new file mode 100644 index 0000000..e9694ba --- /dev/null +++ b/charts/jaeger/templates/status-provisioner/job.yaml @@ -0,0 +1,86 @@ +{{- if .Values.statusProvisioner.install }} +kind: Job +apiVersion: batch/v1 +metadata: + name: integration-tests-status-provisioner + labels: + name: integration-tests-status-provisioner + app.kubernetes.io/name: integration-tests-status-provisioner + app.kubernetes.io/instance: {{ cat "integration-tests-status-provisioner-" .Release.Namespace | nospace | trunc 63 | trimSuffix "-" }} + app.kubernetes.io/component: jaeger-integration-tests + app.kubernetes.io/part-of: jaeger + app.kubernetes.io/version: {{ .Chart.AppVersion }} +spec: + {{- if or (gt .Capabilities.KubeVersion.Major "1") (ge .Capabilities.KubeVersion.Minor "12") }} + ttlSecondsAfterFinished: {{ .Values.statusProvisioner.lifetimeAfterCompletion | default 300 }} + {{- end }} + completions: 1 + parallelism: 1 + backoffLimit: 4 + template: + metadata: + labels: + name: integration-tests-status-provisioner + app.kubernetes.io/name: integration-tests-status-provisioner + app.kubernetes.io/instance: {{ cat "integration-tests-status-provisioner-" .Release.Namespace | nospace | trunc 63 | trimSuffix "-" }} + app.kubernetes.io/component: jaeger-integration-tests + app.kubernetes.io/part-of: jaeger + app.kubernetes.io/version: {{ .Chart.AppVersion }} + app.kubernetes.io/managed-by: Helm + spec: + securityContext: + {{- include "statusProvisioner.securityContext" . }} + restartPolicy: Never + serviceAccountName: integration-tests-status-provisioner + {{- if .Values.statusProvisioner.priorityClassName }} + priorityClassName: {{ .Values.statusProvisioner.priorityClassName }} + {{- end }} + containers: + - name: integration-tests-status-provisioner + image: {{ template "deployment-status-provisioner.image" . }} + imagePullPolicy: Always + resources: {{ toYaml .Values.statusProvisioner.resources | nindent 10 }} + env: + - name: NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: TEMP + value: /opt/robot/target + - name: RESOURCE_TO_SET_STATUS + value: "batch v1 jobs integration-tests-status-provisioner" + - name: CONDITION_REASON + value: "IntegrationTestsExecutionStatus" + - name: MONITORED_RESOURCES + value: '{{ include "jaeger.monitoredResources" . | trim | trimSuffix "," }}' + - name: STATUS_WRITING_ENABLED + value: {{ .Values.integrationTests.statusWriting.enabled | quote }} + {{- if and .Values.integrationTests.install .Values.integrationTests.statusWriting.enabled }} + - name: INTEGRATION_TESTS_RESOURCE + value: {{ printf "apps v1 deployments %s" .Values.integrationTests.service.name }} + - name: ONLY_INTEGRATION_TESTS + value: {{ .Values.integrationTests.statusWriting.onlyIntegrationTests | quote }} + - name: IS_SHORT_STATUS_MESSAGE + value: {{ .Values.integrationTests.statusWriting.isShortStatusMessage | quote }} + - name: STATUS_CUSTOM_RESOURCE_PATH + value: {{ toYaml .Values.integrationTests.statusWriting.customResourcePath }} + - name: INTEGRATION_TESTS_CONDITION_REASON + value: "IntegrationTestsExecutionStatus" + - name: INTEGRATION_TESTS_SUCCESSFUL_CONDITION_TYPE + value: "Successful" + {{- end }} + volumeMounts: + - name: robot-storage + mountPath: /opt/robot/target + securityContext: + {{- include "statusProvisioner.containerSecurityContext" . }} + volumes: + - name: robot-storage + emptyDir: {} + nodeSelector: {} + affinity: {} +{{- end }} diff --git a/charts/jaeger/templates/status-provisioner/role.yaml b/charts/jaeger/templates/status-provisioner/role.yaml new file mode 100644 index 0000000..56dff1f --- /dev/null +++ b/charts/jaeger/templates/status-provisioner/role.yaml @@ -0,0 +1,28 @@ +{{- if .Values.statusProvisioner.install }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: integration-tests-status-provisioner + labels: + name: integration-tests-status-provisioner + app.kubernetes.io/name: integration-tests-status-provisioner + app.kubernetes.io/instance: {{ cat "integration-tests-status-provisioner-" .Release.Namespace | nospace | trunc 63 | trimSuffix "-" }} + app.kubernetes.io/component: jaeger-integration-tests + app.kubernetes.io/part-of: jaeger + app.kubernetes.io/version: {{ .Chart.AppVersion }} +rules: + - apiGroups: + - apps + resources: + - deployments/status + - daemonsets/status + verbs: + - get + - apiGroups: + - batch + resources: + - jobs/status + verbs: + - get + - patch +{{- end }} diff --git a/charts/jaeger/templates/status-provisioner/rolebinding.yaml b/charts/jaeger/templates/status-provisioner/rolebinding.yaml new file mode 100644 index 0000000..9cb65af --- /dev/null +++ b/charts/jaeger/templates/status-provisioner/rolebinding.yaml @@ -0,0 +1,20 @@ +{{- if .Values.statusProvisioner.install }} +kind: RoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: integration-tests-status-provisioner + labels: + name: integration-tests-status-provisioner + app.kubernetes.io/name: integration-tests-status-provisioner + app.kubernetes.io/instance: {{ cat "integration-tests-status-provisioner-" .Release.Namespace | nospace | trunc 63 | trimSuffix "-" }} + app.kubernetes.io/component: jaeger-integration-tests + app.kubernetes.io/part-of: jaeger + app.kubernetes.io/version: {{ .Chart.AppVersion }} +subjects: + - kind: ServiceAccount + name: integration-tests-status-provisioner +roleRef: + kind: Role + name: integration-tests-status-provisioner + apiGroup: rbac.authorization.k8s.io +{{- end }} diff --git a/charts/jaeger/templates/status-provisioner/service-account.yaml b/charts/jaeger/templates/status-provisioner/service-account.yaml new file mode 100644 index 0000000..9ec54e2 --- /dev/null +++ b/charts/jaeger/templates/status-provisioner/service-account.yaml @@ -0,0 +1,13 @@ +{{- if .Values.statusProvisioner.install }} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: integration-tests-status-provisioner + labels: + name: integration-tests-status-provisioner + app.kubernetes.io/name: integration-tests-status-provisioner + app.kubernetes.io/instance: {{ cat "integration-tests-status-provisioner-" .Release.Namespace | nospace | trunc 63 | trimSuffix "-" }} + app.kubernetes.io/component: jaeger-integration-tests + app.kubernetes.io/part-of: jaeger + app.kubernetes.io/version: {{ .Chart.AppVersion }} +{{- end }} diff --git a/charts/jaeger/values.yaml b/charts/jaeger/values.yaml new file mode 100644 index 0000000..51eab27 --- /dev/null +++ b/charts/jaeger/values.yaml @@ -0,0 +1,2338 @@ +# Default values for jaeger. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +jaeger: + # Name of jaeger service. + # Type: string + # Default: jaeger + # + serviceName: jaeger + + # Allow creating a service monitor that sends Jaeger metrics to prometheus. + # Type: boolean + # Default: true + # + prometheusMonitoring: true + + # Allow creating a grafana dashboard for jaeger. + # Type: boolean + # Default: true + # + prometheusMonitoringDashboard: true + + # Specify type of storage for jaeger. E.g. 'elasticsearch' or 'cassandra'. + # Type: string + # Default: "cassandra" + # + storage: + type: cassandra + +proxy: + # Allow disabling create envoy proxy container. + # Type: boolean + # Default: false + # + install: false + + # A docker image to use for envoy container. + # Type: string + # Mandatory: no + # Default: "envoyproxy/envoy:v1.20.0" + # + # image: "envoyproxy/envoy:v1.20.0" + + # Authentication type to be used + # Available values - "basic" and "oauth2" + # Type: string + # Mandatory: no + # Default: "basic" + # + type: "basic" + + # Settings for oauth2 authentication. + # + oauth2: + + # Endpoint on the authorization server to retrieve the access token from. + # Type: string + # Mandatory: yes + # Default: no + # Example: "http://my-keycloak.com/auth/realms/test/protocol/openid-connect/token" + # + tokenEndpoint: "" + + # The endpoint redirect to for authorization in response to unauthorized requests. + # Type: string + # Mandatory: yes + # Default: no + # Example: "http://my-keycloak.com/auth/realms/test/protocol/openid-connect/auth" + # + authorizationEndpoint: "" + + # The client_id to be used in the authorize calls. This value will be URL encoded when sent to the OAuth server. + # Type: string + # Mandatory: yes + # Default: no + # + clientId: "" + + # The secret used to retrieve the access token. This value will be URL encoded when sent to the OAuth server. + # Type: string + # Mandatory: yes + # Default: no + # + clientToken: "" + + # The address for this socket. Listeners will bind to the address. An empty address is not allowed. + # Specify 0.0.0.0 or :: to bind to any address. + # For clusters, the cluster type determines whether the address must be an IP + # or a hostname resolved by DNS. + # Type: string + # Mandatory: yes + # Default: no + # Example: "my-keycloak.com" + # + idpAddress: "" + + # Listeners will bind to the port. + # Mandatory: yes + # Default: 80 + # + idpPort: 80 + + # Settings for basic authentication. + # + basic: + + # List of login:password in base64. + # For example + # admin:admin -> YWRtaW46YWRtaW4= + # test:test -> dGVzdDp0ZXN0 + # Default: no + # + # users: + # - YWRtaW46YWRtaW4= + # - dGVzdDp0ZXN0 + + # The resources describe to compute resource requests and limits for single Pods. + # Ref: https://kubernetes.io/docs/user-guide/compute-resources/ + # Type: object + # Mandatory: no + # Default: + resources: + limits: + cpu: 100m + memory: 200Mi + requests: + cpu: 50m + memory: 100Mi + + # SecurityContext holds pod-level security attributes. + # The parameters are required if a Pod Security Policy is enabled + # for Kubernetes cluster and required if a Security Context Constraints is enabled for Kubernetes cluster. + # Type: object + # Mandatory: no + # Default: + # securityContext: + # runAsUser: 2000 + + containerSecurityContext: {} + # Controls whether a process can gain more privileges than its parent process. + # This bool directly controls whether the 'no_new_privs' flag gets set on the container process. + # Type: bool + # Mandatory: no + # + # allowPrivilegeEscalation: false + + # Allow to give or drop a process some privileges, but not all the privileges of the root user. + # Type: object + # Mandatory: no + # + # capabilities: + # drop: + # - ALL + +elasticsearch: + # Name of existing secret with elasticsearch username and password. + # Type: string + # Default: "" + # + existingSecret: "" + + # Index prefix for elasticsearch. + # Type: string + # Default: "" + # + indexPrefix: "" + + # Elasticsearch related extra env vars to be configured on the concerned components. + # Type: object + # Default: [] + # + extraEnv: [] + + client: + # Username for Elasticsearch with access to HTTP API. + # Type: string + # Default: "" + # + username: "" + + # Password for Elasticsearch with access to HTTP API. + # Type: string + # Default: "" + # + password: "" + + # This is the URL with port used to connect to Elasticsearch. + # Type: string + # For example: elasticsearch.elasticsearch.svc:9200 + # Default: "" + # + url: "" + + # Scheme for elasticsearch. + # Type: string + # Default: "http" + # + scheme: http + + tls: + # Allow disabling create tls. + # Type: boolean + # Default: false + # + enabled: false + + # Name of existing secret with SSL certificates. + # If specified, all subsequent parameters in tls section are ignored. + # Type: string + # Default: "" + # + existingSecret: "" + + # Allow to specify common name - server name protected by the SSL certificate. + # Ignored if the existingSecret is specified. + # Type: string + # Default: not set + # + # commonName: + + # Allow to specify CA certificate. It use to provide list of trusted CA who issued the certificates. + # Mandatory field when using SSL connection to Cassandra. Ignored if the existingSecret is specified. + # Type: multiline string + # Default: not set + # + # ca: | + # -----BEGIN CERTIFICATE----- + # ... + # -----END CERTIFICATE----- + + # Allow to specify public key of certificate. + # Mandatory field when using SSL connection to Cassandra. Ignored if the existingSecret is specified. + # Type: multiline string + # Default: not set + # + # cert: | + # -----BEGIN CERTIFICATE----- + # ... + # -----END CERTIFICATE----- + + # Allow to specify private part of certificate. + # Mandatory field when using SSL connection to Cassandra. Ignored if the existingSecret is specified. + # Type: multiline string + # Default: not set + # + # key: | + # -----BEGIN RSA PRIVATE KEY----- + # ... + # -----END RSA PRIVATE KEY----- + + # insecureSkipVerify: false + + indexCleaner: + # Allow disabling create index cleaner cronJob. + # Type: boolean + # Default: false + # + install: false + + # A docker image to use for index cleaner cronJob. + # Type: string + # Mandatory: no + # Default: "jaegertracing/jaeger-es-index-cleaner:1.33.0" + # + # image: "jaegertracing/jaeger-es-index-cleaner:1.33.0" + + # A name of a microservice to deploy with. + # This name will be used as name of the microservice cronjob and in labels. + # + name: index-cleaner + + # The imagePullPolicy for a container and the tag of the image affect when the kubelet + # attempts to pull (download) the specified image. + # Available value : "IfNotPresent", "Always" and "Never" + # Default: IfNotPresent + # + imagePullPolicy: IfNotPresent + + # Only pods which provide own keys can access the private registry. + # Default: [] + # + imagePullSecrets: [] + + # Map of string keys and values that can be used to organize and categorize (scope and select) objects. + # May match selectors of replication controllers and services. + # More info: https://kubernetes.io/docs/user-guide/labels + # Type: map[string]string + # Mandatory: no + # Default: not set + # + labels: {} + # label-key: label-value + + # Annotations is an unstructured key value map stored + # with a resource that may be set by external tools to store and retrieve arbitrary metadata. + # They are not queryable and should be preserved when modifying objects. + # More info: https://kubernetes.io/docs/user-guide/annotations + # Type: map[string]string + # Mandatory: no + # Default: not set + # + annotations: {} + # annotation-key: annotation-value + + # It specifies how to treat concurrent executions of a job that is created by this cron job. + # * Allow: The cron job allows concurrently running jobs. + # * Forbid: The cron job does not allow concurrent runs; if it is time for a new job run and the previous job + # run hasn't finished yet, the cron job skips the new job run + # * Replace: If it is time for a new job run and the previous job run hasn't finished yet, the cron job + # replaces the currently running job run with a new job run + # Type: string + # Default: Forbid + # + concurrencyPolicy: Forbid + + # Specify schedule time of its jobs to be created and executed. + # For example, "0 * * * *" or "@hourly" + # Default: "55 23 * * *" + # + schedule: "55 23 * * *" + + # Parameter specify how many completed jobs should be kept. + # Default: 1 + # + successfulJobsHistoryLimit: 1 + + # Parameter specify how many failed jobs should be kept. + # Default: 1 + # + failedJobsHistoryLimit: 1 + + # Allow to set time to life (TTL) for TTL controller. TTL controller cleans up the Job, it will delete the Job + # cascadingly, i.e. delete its dependent objects, such as Pods, together with the Job. + # Useful to set a value other than 0 if you want to see job logs. + # Type: int + # Default: 0 + # + ttlSecondsAfterFinished: 0 + + # SecurityContext holds pod-level security attributes. + # The parameters are required if a Pod Security Policy is enabled + # for Kubernetes cluster and required if a Security Context Constraints is enabled for Kubernetes cluster. + # Type: object + # Mandatory: no + # + securityContext: {} + # The UID to run the entrypoint of the container process. + # Defaults to user specified in image metadata if unspecified. + # Type: integer + # Mandatory: no + # + # runAsUser: 2000 + + # A special supplemental group that applies to all containers in a pod. + # Some volume types allow the Kubelet to change the ownership of that volume + # to be owned by the pod: + # 1. The owning GID will be the FSGroup + # 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) + # 3. The permission bits are OR'd with rw-rw---- + # If unset, the Kubelet will not modify the ownership and permissions of any volume. + # Type: integer + # Mandatory: no + # + # fsGroup: 2000 + + # Set mandatory flag to run as non root user + # Type: bool + # Mandatory: no + # + # runAsNonRoot: true + + # Seccomp profile for Pod + # Valid options for type include 'RuntimeDefault', 'Unconfined', and 'Localhost'. + # Type: object + # Mandatory: no + # + # seccompProfile: + # type: RuntimeDefault + + containerSecurityContext: {} + # Controls whether a process can gain more privileges than its parent process. + # This bool directly controls whether the 'no_new_privs' flag gets set on the container process. + # Type: bool + # Mandatory: no + # + # allowPrivilegeEscalation: false + + # Allow to give or drop a process some privileges, but not all the privileges of the root user. + # Type: object + # Mandatory: no + # + # capabilities: + # drop: + # - ALL + + # Specify number of day that job will be executed. + # Default: 7 + # + numberOfDays: 7 + + # indexCleaner related extra env vars to be configured on the concerned components. + # Type: object + # Default: [] + # + extraEnv: [] + + # Specify extra configMap mounts for indexCleaner. + # Type: object + # Default: [] + # + extraConfigmapMounts: [] + + # Specify extra secret mounts for indexCleaner. + # Type: object + # Default: [] + # + extraSecretMounts: [] + + # Allow defining which Nodes the Pods are scheduled on. + # Type: map[string] + # Mandatory: no + # Default: not set + # + nodeSelector: {} + + # Tolerations allow the pods to schedule onto nodes with matching taints. + # Type: object + # Mandatory: no + # + tolerations: {} + + # The resources describe to compute resource requests and limits for single Pods. + # Ref: https://kubernetes.io/docs/user-guide/compute-resources/ + # Type: object + # Mandatory: no + # + resources: + limits: + cpu: 100m + memory: 128Mi + requests: + cpu: 100m + memory: 128Mi + + # PriorityClassName assigned to the Pods to prevent them from evicting. + # Type: string + # priorityClassName: "priorityClassName" + + lookback: + # Allow disabling create lookback cronJob. + # Type: boolean + # Default: false + # + install: false + + # A name of a microservice to deploy with. + # This name will be used as name of the microservice cronjob and in labels. + # + name: lookback + + # The imagePullPolicy for a container and the tag of the image affect when the kubelet + # attempts to pull (download) the specified image. + # Available value : "IfNotPresent", "Always" and "Never" + # Default: IfNotPresent + # + imagePullPolicy: IfNotPresent + + # Only pods which provide own keys can access the private registry. + # Default: [] + # + imagePullSecrets: [] + + # Map of string keys and values that can be used to organize and categorize (scope and select) objects. + # May match selectors of replication controllers and services. + # More info: https://kubernetes.io/docs/user-guide/labels + # Type: map[string]string + # Mandatory: no + # Default: not set + # + labels: {} + # label-key: label-value + + # Annotations is an unstructured key value map stored + # with a resource that may be set by external tools to store and retrieve arbitrary metadata. + # They are not queryable and should be preserved when modifying objects. + # More info: https://kubernetes.io/docs/user-guide/annotations + # Type: map[string]string + # Mandatory: no + # Default: not set + # + annotations: {} + # annotation-key: annotation-value + + # It specifies how to treat concurrent executions of a job that is created by this cron job. + # * Allow: The cron job allows concurrently running jobs. + # * Forbid: The cron job does not allow concurrent runs; if it is time for a new job run and the previous job + # run hasn't finished yet, the cron job skips the new job run + # * Replace: If it is time for a new job run and the previous job run hasn't finished yet, the cron job + # replaces the currently running job run with a new job run + # Type: string + # Default: Forbid + # + concurrencyPolicy: Forbid + + # Specify schedule time of its jobs to be created and executed. + # For example, "0 * * * *" or "@hourly" + # Default: "5 0 * * *" + # + schedule: "5 0 * * *" + + # Parameter specify how many completed jobs should be kept. + # Default: 1 + # + successfulJobsHistoryLimit: 1 + + # Parameter specify how many failed jobs should be kept. + # Default: 1 + # + failedJobsHistoryLimit: 1 + + # Allow to set time to life (TTL) for TTL controller. TTL controller cleans up the Job, it will delete the Job + # cascadingly, i.e. delete its dependent objects, such as Pods, together with the Job. + # Useful to set a value other than 0 if you want to see job logs. + # Type: int + # Default: 0 + # + ttlSecondsAfterFinished: 0 + + # SecurityContext holds pod-level security attributes. + # The parameters are required if a Pod Security Policy is enabled + # for Kubernetes cluster and required if a Security Context Constraints is enabled for Kubernetes cluster. + # Type: object + # Mandatory: no + # + securityContext: {} + # The UID to run the entrypoint of the container process. + # Defaults to user specified in image metadata if unspecified. + # Type: integer + # Mandatory: no + # + # runAsUser: 2000 + + # A special supplemental group that applies to all containers in a pod. + # Some volume types allow the Kubelet to change the ownership of that volume + # to be owned by the pod: + # 1. The owning GID will be the FSGroup + # 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) + # 3. The permission bits are OR'd with rw-rw---- + # If unset, the Kubelet will not modify the ownership and permissions of any volume. + # Type: integer + # Mandatory: no + # + # fsGroup: 2000 + + # Set mandatory flag to run as non root user + # Type: bool + # Mandatory: no + # + # runAsNonRoot: true + + # Seccomp profile for Pod + # Valid options for type include 'RuntimeDefault', 'Unconfined', and 'Localhost'. + # Type: object + # Mandatory: no + # + # seccompProfile: + # type: RuntimeDefault + + containerSecurityContext: {} + # Controls whether a process can gain more privileges than its parent process. + # This bool directly controls whether the 'no_new_privs' flag gets set on the container process. + # Type: bool + # Mandatory: no + # + # allowPrivilegeEscalation: false + + # Allow to give or drop a process some privileges, but not all the privileges of the root user. + # Type: object + # Mandatory: no + # + # capabilities: + # drop: + # - ALL + + # Allow defining which Nodes the Pods are scheduled on. + # Type: map[string] + # Mandatory: no + # Default: not set + # + nodeSelector: {} + + # Tolerations allow the pods to schedule onto nodes with matching taints. + # Type: object + # Mandatory: no + # + tolerations: {} + + # lookback related extra env vars to be configured on the concerned components. + # Type: object + # Default: [] + # + extraEnv: [] + + # Specify extra configMap mounts for lookback. + # Type: object + # Default: [] + # + extraConfigmapMounts: [] + + # Specify extra secret mounts for lookback. + # Type: object + # Default: [] + # + extraSecretMounts: [] + + + # The resources describe to compute resource requests and limits for single Pods. + # Ref: https://kubernetes.io/docs/user-guide/compute-resources/ + # Type: object + # Mandatory: no + # + resources: + limits: + cpu: 100m + memory: 128Mi + requests: + cpu: 100m + memory: 128Mi + + # PriorityClassName assigned to the Pods to prevent them from evicting. + # Type: string + # priorityClassName: "priorityClassName" + + rollover: + # Allow disabling create rollover cronJob. + # Type: boolean + # Default: false + # + install: false + + # A docker image to use for rollover cronJob. + # Type: string + # Mandatory: no + # Default: "jaegertracing/jaeger-es-rollover:1.33.0" + # + # image: "jaegertracing/jaeger-es-rollover:1.33.0" + + # A name of a microservice to deploy with. + # This name will be used as name of the microservice cronjob and in labels. + # + name: rollover + + initHook: + # A name of a microservice to deploy with. + # This name will be used as name of the microservice init job. + # + name: rollover-init + + # TTL in seconds after finished initial job. + # Default: 120 + # + ttlSecondsAfterFinished: 120 + + # rollover init related extra env vars to be configured on the concerned components. + # Type: object + # Default: [] + # + extraEnv: [] + + # The imagePullPolicy for a container and the tag of the image affect when the kubelet + # attempts to pull (download) the specified image. + # Available value : "IfNotPresent", "Always" and "Never" + # Default: IfNotPresent + # + imagePullPolicy: IfNotPresent + + # Only pods which provide own keys can access the private registry. + # Default: [] + # + imagePullSecrets: [] + + # Map of string keys and values that can be used to organize and categorize (scope and select) objects. + # May match selectors of replication controllers and services. + # More info: https://kubernetes.io/docs/user-guide/labels + # Type: map[string]string + # Mandatory: no + # Default: not set + # + labels: {} + # label-key: label-value + + # Annotations is an unstructured key value map stored + # with a resource that may be set by external tools to store and retrieve arbitrary metadata. + # They are not queryable and should be preserved when modifying objects. + # More info: https://kubernetes.io/docs/user-guide/annotations + # Type: map[string]string + # Mandatory: no + # Default: not set + # + annotations: {} + # annotation-key: annotation-value + + # It specifies how to treat concurrent executions of a job that is created by this cron job. + # * Allow: The cron job allows concurrently running jobs. + # * Forbid: The cron job does not allow concurrent runs; if it is time for a new job run and the previous job + # run hasn't finished yet, the cron job skips the new job run + # * Replace: If it is time for a new job run and the previous job run hasn't finished yet, the cron job + # replaces the currently running job run with a new job run + # Type: string + # Default: Forbid + # + concurrencyPolicy: Forbid + + # Specify schedule time of its jobs to be created and executed. + # For example, "0 * * * *" or "@hourly" + # Default: "10 0 * * *" + # + schedule: "10 0 * * *" + + # Parameter specify how many completed jobs should be kept. + # Default: 1 + # + successfulJobsHistoryLimit: 1 + + # Parameter specify how many failed jobs should be kept. + # Default: 1 + # + failedJobsHistoryLimit: 1 + + # Allow to set time to life (TTL) for TTL controller. TTL controller cleans up the Job, it will delete the Job + # cascadingly, i.e. delete its dependent objects, such as Pods, together with the Job. + # Useful to set a value other than 0 if you want to see job logs. + # Type: int + # Default: 0 + # + ttlSecondsAfterFinished: 0 + + # SecurityContext holds pod-level security attributes. + # The parameters are required if a Pod Security Policy is enabled + # for Kubernetes cluster and required if a Security Context Constraints is enabled for Kubernetes cluster. + # Type: object + # Mandatory: no + # + securityContext: {} + # The UID to run the entrypoint of the container process. + # Defaults to user specified in image metadata if unspecified. + # Type: integer + # Mandatory: no + # + # runAsUser: 2000 + + # A special supplemental group that applies to all containers in a pod. + # Some volume types allow the Kubelet to change the ownership of that volume + # to be owned by the pod: + # 1. The owning GID will be the FSGroup + # 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) + # 3. The permission bits are OR'd with rw-rw---- + # If unset, the Kubelet will not modify the ownership and permissions of any volume. + # Type: integer + # Mandatory: no + # + # fsGroup: 2000 + + # Set mandatory flag to run as non root user + # Type: bool + # Mandatory: no + # + # runAsNonRoot: true + + # Seccomp profile for Pod + # Valid options for type include 'RuntimeDefault', 'Unconfined', and 'Localhost'. + # Type: object + # Mandatory: no + # + # seccompProfile: + # type: RuntimeDefault + + containerSecurityContext: {} + # Controls whether a process can gain more privileges than its parent process. + # This bool directly controls whether the 'no_new_privs' flag gets set on the container process. + # Type: bool + # Mandatory: no + # + # allowPrivilegeEscalation: false + + # Allow to give or drop a process some privileges, but not all the privileges of the root user. + # Type: object + # Mandatory: no + # + # capabilities: + # drop: + # - ALL + + # Allow defining which Nodes the Pods are scheduled on. + # Type: map[string] + # Mandatory: no + # Default: not set + # + nodeSelector: {} + + # Tolerations allow the pods to schedule onto nodes with matching taints. + # Type: object + # Mandatory: no + # + tolerations: {} + + # rollover related extra env vars to be configured on the concerned components. + # Type: object + # Default: [] + # + extraEnv: [] + + # Specify extra configMap mounts for rollover. + # Type: object + # Default: [] + # + extraConfigmapMounts: [] + + # Specify extra secret mounts for rollover. + # Type: object + # Default: [] + # + extraSecretMounts: [] + + # The resources describe to compute resource requests and limits for single Pods. + # Ref: https://kubernetes.io/docs/user-guide/compute-resources/ + # Type: object + # Mandatory: no + # + resources: + limits: + cpu: 100m + memory: 128Mi + requests: + cpu: 100m + memory: 128Mi + + # PriorityClassName assigned to the Pods to prevent them from evicting. + # Type: string + # priorityClassName: "priorityClassName" + +cassandraSchemaJob: + + # A docker image to use for cassandraSchemaJob job. + # Type: string + # Mandatory: no + # Default: "jaegertracing/jaeger-cassandra-schema:1.33.0" + # + # image: "jaegertracing/jaeger-cassandra-schema:1.33.0" + + # A name of a microservice to deploy with. + # This name will be used as name of the microservice job and in labels. + # + name: cassandra-schema-job + + # The imagePullPolicy for a container and the tag of the image affect when the kubelet + # attempts to pull (download) the specified image. + # Available value : "IfNotPresent", "Always" and "Never" + # Default: IfNotPresent + # + imagePullPolicy: IfNotPresent + + # Only pods which provide own keys can access the private registry. + # Default: [] + # + imagePullSecrets: [] + + # This is the host used to connect to Cassandra. + # Type: string + # Default: "cassandra.cassandra.svc" + # + host: "" + + # This is the host used to connect to Cassandra. + # Type: integer + # Default: 9042 + # + port: "" + + # Name of existing secret with cassandra username and password. + # Type: string + # Default: "" + # + existingSecret: "" + + # Cassandra schema job related extra env vars to be configured on the concerned components. + # Type: object + # Default: [] + # + extraEnv: [] + + # Allow to set time to life (TTL) for TTL controller. TTL controller cleans up the Job, it will delete the Job + # cascadingly, i.e. delete its dependent objects, such as Pods, together with the Job. + # Useful to set a value other than 0 if you want to see job logs. + # Type: int + # Default: 0 + # + ttlSecondsAfterFinished: 0 + + # List of allowed authenticators for gocql driver + # Full list of supported authenticators cna be found in the gocql source code: + # https://github.com/apache/cassandra-gocql-driver/blob/34fdeebefcbf183ed7f916f931aa0586fdaa1b40/conn.go#L27 + # Type: array[string] + # Default: [] + # + allowedAuthenticators: [] + + # List of default authenticators for gocql driver + # This list need because in versions > 1.58 the default value of "allowedAuthenticators" is empty element + # need to override the default values in gocql driver + # Type: array[string] + # Default: [] + # + defaultAllowedAuthenticators: + - org.apache.cassandra.auth.PasswordAuthenticator + - com.instaclustr.cassandra.auth.SharedSecretAuthenticator + - com.datastax.bdp.cassandra.auth.DseAuthenticator + - io.aiven.cassandra.auth.AivenAuthenticator + - com.ericsson.bss.cassandra.ecaudit.auth.AuditPasswordAuthenticator + - com.amazon.helenus.auth.HelenusAuthenticator + - com.ericsson.bss.cassandra.ecaudit.auth.AuditAuthenticator + - com.scylladb.auth.SaslauthdAuthenticator + - com.scylladb.auth.TransitionalAuthenticator + - com.instaclustr.cassandra.auth.InstaclustrPasswordAuthenticator + + tls: + # Allow disabling create tls. + # Type: boolean + # Default: false + # + enabled: false + + # Name of existing secret with SSL certificates. + # If specified, all subsequent parameters in tls section are ignored. + # Type: string + # Default: "" + # + existingSecret: "" + + # Allow to specify common name - server name protected by the SSL certificate. + # Ignored if the existingSecret is specified. + # Type: string + # Default: not set + # + # commonName: + + # Allow to specify CA certificate. It use to provide list of trusted CA who issued the certificates. + # Mandatory field when using SSL connection to Cassandra. Ignored if the existingSecret is specified. + # Type: multiline string + # Default: not set + # + # ca: | + # -----BEGIN CERTIFICATE----- + # ... + # -----END CERTIFICATE----- + + # Allow to specify public key of certificate. + # Mandatory field when using SSL connection to Cassandra. Ignored if the existingSecret is specified. + # Type: multiline string + # Default: not set + # + # cert: | + # -----BEGIN CERTIFICATE----- + # ... + # -----END CERTIFICATE----- + + # Allow to specify private part of certificate. + # Mandatory field when using SSL connection to Cassandra. Ignored if the existingSecret is specified. + # Type: multiline string + # Default: not set + # + # key: | + # -----BEGIN RSA PRIVATE KEY----- + # ... + # -----END RSA PRIVATE KEY----- + + # Allow to override path to certificates which cqlsh in cassandraSchemaJob job will use to connect to Cassandra. + # Mandatory field when using SSL connection to Cassandra. Ignored if the existingSecret is specified. + # Type: multiline string + # Default: see below + # + cqlshrc: | + [ssl] + certfile = /cassandra-tls/ca-cert.pem + usercert = /cassandra-tls/client-cert.pem + userkey = /cassandra-tls/client-key.pem + + # Parameter specifies the Cassandra mode, `prod` or `test`. + # Type: string + # Default: test + # + mode: test + + # Parameter specifies the Cassandra datacenter. + # Type: string + # Default: "" + # + datacenter: "" + + # Parameter specifies the Cassandra keyspace for Jaeger. + # Type: string + # Default: "jaeger" + # + keyspace: "jaeger" + + # Username for Cassandra with access to HTTP API. + # Type: string + # Default: "" + # + username: "" + + # Password for Cassandra with access to HTTP API. + # Type: string + # Default: "" + # + password: "" + + # The resources describe to compute resource requests and limits for single Pods. + # Ref: https://kubernetes.io/docs/user-guide/compute-resources/ + # Type: object + # Mandatory: no + # + resources: {} + + # SecurityContext holds pod-level security attributes. + # The parameters are required if a Pod Security Policy is enabled + # for Kubernetes cluster and required if a Security Context Constraints is enabled for Kubernetes cluster. + # Type: object + # Mandatory: no + # + securityContext: {} + # The UID to run the entrypoint of the container process. + # Defaults to user specified in image metadata if unspecified. + # Type: integer + # Mandatory: no + # + # runAsUser: 2000 + + # A special supplemental group that applies to all containers in a pod. + # Some volume types allow the Kubelet to change the ownership of that volume + # to be owned by the pod: + # 1. The owning GID will be the FSGroup + # 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) + # 3. The permission bits are OR'd with rw-rw---- + # If unset, the Kubelet will not modify the ownership and permissions of any volume. + # Type: integer + # Mandatory: no + # + # fsGroup: 2000 + + # Set mandatory flag to run as non root user + # Type: bool + # Mandatory: no + # + # runAsNonRoot: true + + # Seccomp profile for Pod + # Valid options for type include 'RuntimeDefault', 'Unconfined', and 'Localhost'. + # Type: object + # Mandatory: no + # + # seccompProfile: + # type: RuntimeDefault + + containerSecurityContext: {} + # Controls whether a process can gain more privileges than its parent process. + # This bool directly controls whether the 'no_new_privs' flag gets set on the container process. + # Type: bool + # Mandatory: no + # + # allowPrivilegeEscalation: false + + # Allow to give or drop a process some privileges, but not all the privileges of the root user. + # Type: object + # Mandatory: no + # + # capabilities: + # drop: + # - ALL + + # Map of string keys and values that can be used to organize and categorize (scope and select) objects. + # May match selectors of replication controllers and services. + # More info: https://kubernetes.io/docs/user-guide/labels + # Type: map[string]string + # Mandatory: no + # Default: not set + # + labels: {} + # label-key: label-value + + # Annotations is an unstructured key value map stored + # with a resource that may be set by external tools to store and retrieve arbitrary metadata. + # They are not queryable and should be preserved when modifying objects. + # More info: https://kubernetes.io/docs/user-guide/annotations + # Type: map[string]string + # Mandatory: no + # Default: not set + # + annotations: {} + # annotation-key: annotation-value + + ttl: + # Time to live for trace data, in seconds + # default: 172800 (2 days) + # + # trace: 172800 + + # Time to live for dependencies data, in seconds + # default: 0, no TTL + # + # dependencies: 0 + + # PriorityClassName assigned to the Pods to prevent them from evicting. + # Type: string + # priorityClassName: "priorityClassName" + +agent: + # Allow disabling create agent daemon-set. + # Type: boolean + # Default: false + # + install: false + + # A docker image to use for agent daemon-set. + # Type: string + # Mandatory: no + # Default: "jaegertracing/jaeger-agent:1.33.0" + # + # image: "jaegertracing/jaeger-agent:1.33.0" + + # A name of a microservice to deploy with. + # This name will be used as name of the microservice daemon-set and in labels. + # + name: agent + + # The imagePullPolicy for a container and the tag of the image affect when the kubelet + # attempts to pull (download) the specified image. + # Available value : "IfNotPresent", "Always" and "Never" + # Default: IfNotPresent + # + imagePullPolicy: IfNotPresent + + # Only pods which provide own keys can access the private registry. + # Default: [] + # + imagePullSecrets: [] + + # Map of string keys and values that can be used to organize and categorize (scope and select) objects. + # May match selectors of replication controllers and services. + # More info: https://kubernetes.io/docs/user-guide/labels + # Type: map[string]string + # Mandatory: no + # Default: not set + # + labels: {} + # label-key: label-value + + # Annotations is an unstructured key value map stored + # with a resource that may be set by external tools to store and retrieve arbitrary metadata. + # They are not queryable and should be preserved when modifying objects. + # More info: https://kubernetes.io/docs/user-guide/annotations + # Type: map[string]string + # Mandatory: no + # Default: not set + # + annotations: {} + # annotation-key: annotation-value + + # SecurityContext holds pod-level security attributes. + # The parameters are required if a Pod Security Policy is enabled + # for Kubernetes cluster and required if a Security Context Constraints is enabled for Kubernetes cluster. + # Type: object + # Mandatory: no + # + securityContext: {} + + # The UID to run the entrypoint of the container process. + # Defaults to user specified in image metadata if unspecified. + # Type: integer + # Mandatory: no + # + # runAsUser: 2000 + + # A special supplemental group that applies to all containers in a pod. + # Some volume types allow the Kubelet to change the ownership of that volume + # to be owned by the pod: + # 1. The owning GID will be the FSGroup + # 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) + # 3. The permission bits are OR'd with rw-rw---- + # If unset, the Kubelet will not modify the ownership and permissions of any volume. + # Type: integer + # Mandatory: no + # + # fsGroup: 2000 + + # Set mandatory flag to run as non root user + # Type: bool + # Mandatory: no + # + # runAsNonRoot: true + + # Seccomp profile for Pod + # Valid options for type include 'RuntimeDefault', 'Unconfined', and 'Localhost'. + # Type: object + # Mandatory: no + # + # seccompProfile: + # type: RuntimeDefault + + containerSecurityContext: {} + # Controls whether a process can gain more privileges than its parent process. + # This bool directly controls whether the 'no_new_privs' flag gets set on the container process. + # Type: bool + # Mandatory: no + # + # allowPrivilegeEscalation: false + + # Allow to give or drop a process some privileges, but not all the privileges of the root user. + # Type: object + # Mandatory: no + # + # capabilities: + # drop: + # - ALL + + # Enable using host network. + # Type: boolean + # Default: false + # + useHostNetwork: false + + # Enable using host port. + # Type: boolean + # Default: false + # + useHostPort: false + + # Agent related cmd line opts to be configured on the concerned components. + # Type: object + # Default: [] + # + cmdlineParams: [] + + # Agent related extra env vars to be configured on the concerned components. + # Type: object + # Default: [] + # + extraEnv: [] + + # Specify extra configMap mounts for agent. + # Type: object + # Default: [] + # + extraConfigmapMounts: [] + + # Specify extra secret mounts for agent. + # Type: object + # Default: [] + # + extraSecretMounts: [] + + # Allow defining which Nodes the Pods are scheduled on. + # Type: map[string] + # Mandatory: no + # Default: not set + # + nodeSelector: {} + + # Tolerations allow the pods to schedule onto nodes with matching taints. + # Type: object + # Mandatory: no + # + tolerations: {} + + # The resources describe to compute resource requests and limits for single Pods. + # Ref: https://kubernetes.io/docs/user-guide/compute-resources/ + # Type: object + # Mandatory: no + # + resources: + limits: + cpu: 100m + memory: 100Mi + requests: + cpu: 50m + memory: 50Mi + + # Specify service ports. + # + service: + # Accept zipkin.thrift over compact thrift protocol. + # Default: 5775 + # + zipkinThriftPort: 5775 + + # Accept jaeger.thrift over compact thrift protocol. + # Default: 6831 + # + compactPort: 6831 + + # Accept jaeger.thrift over binary thrift protocol. + # Default: 6832 + # + binaryPort: 6832 + + # (HTTP) serve configs, sampling strategies. + # Default: 5778 + # + samplingPort: 5778 + + # PriorityClassName assigned to the Pods to prevent them from evicting. + # Type: string + # priorityClassName: "priorityClassName" + +collector: + # Allow disabling create collector deployment. + # Type: boolean + # Default: true + # + install: true + + # A docker image to use for collector deployment. + # Type: string + # Mandatory: no + # Default: "jaegertracing/jaeger-collector:1.33.0" + # + # image: "jaegertracing/jaeger-collector:1.33.0" + + # A name of a microservice to deploy with. + # This name will be used as name of the microservice deployment and in labels. + # + name: collector + + # The imagePullPolicy for a container and the tag of the image affect when the kubelet + # attempts to pull (download) the specified image. + # Available value : "IfNotPresent", "Always" and "Never" + # Default: IfNotPresent + # + imagePullPolicy: IfNotPresent + + # Only pods which provide own keys can access the private registry. + # Default: [] + # + imagePullSecrets: [] + + # Replicas spec configuration for collector. + # Type: integer + # Mandatory: no + # Default: 1 + # + replicas: 1 + + # TLS configuration for collector. + # + tlsConfig: + # TLS configuration from existing secret + # If specified, all subsequent parameters in tls section are ignored. + # + # existingSecret: "" + + # Name of the secret that will be used for both generateCerts and createSecret sections below. + # Must be specified if existingSecret is not configured. + # Type: string + # Default: jaeger-collector-tls-secret + # + # newSecretName: jaeger-collector-tls-secret + + # Use generateCerts section if you want cert-manager to generate secret. + # Will be ignored if existingSecret is already specified. + generateCerts: + enabled: true + clusterIssuerName: "" + duration: 365 + renewBefore: 15 + + # Use createSecret section to create secret with already known content of TLS certificates. + # Do not use createSecret if you use generateCerts + # Will be ignored if existingSecret is already specified. + # createSecret: + # ca: "" + # key: "" + # cert: "" + + # TLS configuration for OTEL HTTP endpoint. + # + otelHttp: + # Allow disabling/enabling tls. + # Type: boolean + # Default: false + # + enabled: false + + # Comma-separated list of cipher suites for the server. + # Values are from tls package constants (https://golang.org/pkg/crypto/tls/#pkg-constants) + # Type: string + # + # cipherSuites: "" + + # Maximum TLS version supported (Possible values: 1.0, 1.1, 1.2, 1.3) + # Type: string + # + # maxVersion: "" + + # Minimum TLS version supported (Possible values: 1.0, 1.1, 1.2, 1.3) + # Type: string + # + # minVersion: "" + + # The duration after which the certificate will be reloaded (0s means will not be reloaded) + # Type: string + # Default: 0s + # + # certificateReloadInterval: 0s + + # TLS configuration for OTEL gRPC endpoint. + # + otelgRPC: + # Allow disabling/enabling tls. + # Type: boolean + # Default: false + # + enabled: false + + # Comma-separated list of cipher suites for the server. + # Values are from tls package constants (https://golang.org/pkg/crypto/tls/#pkg-constants) + # Type: string + # + # cipherSuites: "" + + # Maximum TLS version supported (Possible values: 1.0, 1.1, 1.2, 1.3) + # Type: string + # + # maxVersion: "" + + # Minimum TLS version supported (Possible values: 1.0, 1.1, 1.2, 1.3) + # Type: string + # + # minVersion: "" + + # The duration after which the certificate will be reloaded (0s means will not be reloaded) + # Type: string + # Default: 0s + # + # certificateReloadInterval: 0s + + # TLS configuration for Jaeger/Thrift HTTP endpoint. + # + jaegerHttp: + # Allow disabling/enabling tls. + # Type: boolean + # Default: false + # + enabled: false + + # Comma-separated list of cipher suites for the server. + # Values are from tls package constants (https://golang.org/pkg/crypto/tls/#pkg-constants) + # Type: string + # + # cipherSuites: "" + + # Maximum TLS version supported (Possible values: 1.0, 1.1, 1.2, 1.3) + # Type: string + # + # maxVersion: "" + + # Minimum TLS version supported (Possible values: 1.0, 1.1, 1.2, 1.3) + # Type: string + # + # minVersion: "" + + # TLS configuration for Jaeger/Thrift gRPC endpoint. + # + jaegergRPC: + # Allow disabling/enabling tls. + # Type: boolean + # Default: false + # + enabled: false + + # Comma-separated list of cipher suites for the server. + # Values are from tls package constants (https://golang.org/pkg/crypto/tls/#pkg-constants) + # Type: string + # + # cipherSuites: "" + + # Maximum TLS version supported (Possible values: 1.0, 1.1, 1.2, 1.3) + # Type: string + # + # maxVersion: "" + + # Minimum TLS version supported (Possible values: 1.0, 1.1, 1.2, 1.3) + # Type: string + # + # minVersion: "" + + # TLS configuration for Zipkin HTTP endpoint. + # + zipkin: + # Allow disabling/enabling tls. + # Type: boolean + # Default: false + # + enabled: false + + # Comma-separated list of cipher suites for the server. + # Values are from tls package constants (https://golang.org/pkg/crypto/tls/#pkg-constants) + # Type: string + # + # cipherSuites: "" + + # Maximum TLS version supported (Possible values: 1.0, 1.1, 1.2, 1.3) + # Type: string + # + # maxVersion: "" + + # Minimum TLS version supported (Possible values: 1.0, 1.1, 1.2, 1.3) + # Type: string + # + # minVersion: "" + + # Collector related cmd line opts to be configured on the concerned components. + # Type: object + # Default: [] + # + cmdlineParams: [] + + # Collector related extra env vars to be configured on the concerned components. + # Type: object + # Default: [] + # + extraEnv: [] + + # Enable SAMPLING_STRATEGIES_FILE + # Type: boolean + # Default: false + # + samplingConfig: false + + # Enable port of zipkin service. + # Type: integer + # Default: 9411 + # + zipkinPort: 9411 + + # SecurityContext holds pod-level security attributes. + # The parameters are required if a Pod Security Policy is enabled + # for Kubernetes cluster and required if a Security Context Constraints is enabled for Kubernetes cluster. + # Type: object + # Mandatory: no + # + securityContext: {} + + # The UID to run the entrypoint of the container process. + # Defaults to user specified in image metadata if unspecified. + # Type: integer + # Mandatory: no + # + # runAsUser: 2000 + + # A special supplemental group that applies to all containers in a pod. + # Some volume types allow the Kubelet to change the ownership of that volume + # to be owned by the pod: + # 1. The owning GID will be the FSGroup + # 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) + # 3. The permission bits are OR'd with rw-rw---- + # If unset, the Kubelet will not modify the ownership and permissions of any volume. + # Type: integer + # Mandatory: no + # + # fsGroup: 2000 + + # Set mandatory flag to run as non root user + # Type: bool + # Mandatory: no + # + # runAsNonRoot: true + + # Seccomp profile for Pod + # Valid options for type include 'RuntimeDefault', 'Unconfined', and 'Localhost'. + # Type: object + # Mandatory: no + # + # seccompProfile: + # type: RuntimeDefault + + containerSecurityContext: {} + # Controls whether a process can gain more privileges than its parent process. + # This bool directly controls whether the 'no_new_privs' flag gets set on the container process. + # Type: bool + # Mandatory: no + # + # allowPrivilegeEscalation: false + + # Allow to give or drop a process some privileges, but not all the privileges of the root user. + # Type: object + # Mandatory: no + # + # capabilities: + # drop: + # - ALL + + # Allow defining which Nodes the Pods are scheduled on. + # Type: map[string] + # Mandatory: no + # Default: not set + # + nodeSelector: {} + + # Tolerations allow the pods to schedule onto nodes with matching taints. + # Type: object + # Mandatory: no + # + tolerations: {} + + # If specified, the pod's scheduling constraints + # More info: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.26/#affinity-v1-core + # Type: object + # Mandatory: no + # Default: see below + # + affinity: + podAntiAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: app.kubernetes.io/name + operator: In + values: + - jaeger-collector + topologyKey: kubernetes.io/hostname + + # The resources describe to compute resource requests and limits for single Pods. + # Ref: https://kubernetes.io/docs/user-guide/compute-resources/ + # Type: object + # Mandatory: no + # + resources: + limits: + cpu: 1 + memory: 200Mi + requests: + cpu: 100m + memory: 100Mi + + # PriorityClassName assigned to the Pods to prevent them from evicting. + # Type: string + # priorityClassName: "priorityClassName" + + # Map of string keys and values that can be used to organize and categorize (scope and select) objects. + # May match selectors of replication controllers and services. + # More info: https://kubernetes.io/docs/user-guide/labels + # Type: map[string]string + # Mandatory: no + # Default: not set + # + labels: {} + # label-key: label-value + + # Annotations is an unstructured key value map stored + # with a resource that may be set by external tools to store and retrieve arbitrary metadata. + # They are not queryable and should be preserved when modifying objects. + # More info: https://kubernetes.io/docs/user-guide/annotations + # Type: map[string]string + # Mandatory: no + # Default: not set + # + annotations: {} + # annotation-key: annotation-value + + ingress: + install: false + hosts: [] + defaultPaths: + # Format: + # - prefix: + # service: + # name: + # port: + - prefix: / + service: + # name: jaeger-collector + port: 16269 + - prefix: /zipkin + service: + port: 9411 + - prefix: /otlp/grpc + service: + port: 4317 + - prefix: /otlp/http + service: + port: 4318 + - prefix: /thrift/tchannel + service: + port: 14250 + - prefix: /thrift/grpc + service: + port: 14267 + - prefix: /thrift/http + service: + port: 14268 + tls: {} + +hotrod: + # Allow disabling create hotrod deployment. + # Type: boolean + # Default: false + # + install: false + + # A docker image to use for hotrod deployment. + # Type: string + # Mandatory: no + # Default: "jaegertracing/example-hotrod:1.33.0" + # + # image: "jaegertracing/example-hotrod:1.33.0" + + # A name of a microservice to deploy with. + # This name will be used as name of the microservice deployment and in labels. + # + name: hotrod + + # The imagePullPolicy for a container and the tag of the image affect when the kubelet + # attempts to pull (download) the specified image. + # Available value : "IfNotPresent", "Always" and "Never" + # Default: IfNotPresent + # + imagePullPolicy: IfNotPresent + + # Only pods which provide own keys can access the private registry. + # Default: [] + # + imagePullSecrets: [] + + # Map of string keys and values that can be used to organize and categorize (scope and select) objects. + # May match selectors of replication controllers and services. + # More info: https://kubernetes.io/docs/user-guide/labels + # Type: map[string]string + # Mandatory: no + # Default: not set + # + labels: {} + # label-key: label-value + + # Annotations is an unstructured key value map stored + # with a resource that may be set by external tools to store and retrieve arbitrary metadata. + # They are not queryable and should be preserved when modifying objects. + # More info: https://kubernetes.io/docs/user-guide/annotations + # Type: map[string]string + # Mandatory: no + # Default: not set + # + annotations: {} + # annotation-key: annotation-value + + # SecurityContext holds pod-level security attributes. + # The parameters are required if a Pod Security Policy is enabled + # for Kubernetes cluster and required if a Security Context Constraints is enabled for Kubernetes cluster. + # Type: object + # Mandatory: no + # + securityContext: {} + + # The UID to run the entrypoint of the container process. + # Defaults to user specified in image metadata if unspecified. + # Type: integer + # Mandatory: no + # + # runAsUser: 2000 + + # A special supplemental group that applies to all containers in a pod. + # Some volume types allow the Kubelet to change the ownership of that volume + # to be owned by the pod: + # 1. The owning GID will be the FSGroup + # 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) + # 3. The permission bits are OR'd with rw-rw---- + # If unset, the Kubelet will not modify the ownership and permissions of any volume. + # Type: integer + # Mandatory: no + # + # fsGroup: 2000 + + # Set mandatory flag to run as non root user + # Type: bool + # Mandatory: no + # + # runAsNonRoot: true + + # Seccomp profile for Pod + # Valid options for type include 'RuntimeDefault', 'Unconfined', and 'Localhost'. + # Type: object + # Mandatory: no + # + # seccompProfile: + # type: RuntimeDefault + + containerSecurityContext: {} + # Controls whether a process can gain more privileges than its parent process. + # This bool directly controls whether the 'no_new_privs' flag gets set on the container process. + # Type: bool + # Mandatory: no + # + # allowPrivilegeEscalation: false + + # Allow to give or drop a process some privileges, but not all the privileges of the root user. + # Type: object + # Mandatory: no + # + # capabilities: + # drop: + # - ALL + + otelExporter: + # This is the host used to connect to Open Telemetry Exporter. + # Type: string + # Default: jaeger-collector + # + # host: jaeger-collector + + # This is the port used to connect to jaeger agent. + # Type: integer + # Default: 4318 + # + port: 4318 + + agent: + # DEPRECATED! Please use otelExporter.host + # This is the host used to connect to jaeger agent. + # Type: string + # Default: "" + # + host: "" + + # DEPRECATED! Please use otelExporter.port + # This is the port used to connect to jaeger agent. + # Type: integer + # Default: 6831 + # + port: 6831 + + # The resources describe to compute resource requests and limits for single Pods. + # Ref: https://kubernetes.io/docs/user-guide/compute-resources/ + # Type: object + # Mandatory: no + # + resources: + limits: + cpu: 100m + memory: 128Mi + requests: + cpu: 100m + memory: 128Mi + + # Allow defining which Nodes the Pods are scheduled on. + # Type: map[string] + # Mandatory: no + # Default: not set + # + nodeSelector: {} + + # Tolerations allow the pods to schedule onto nodes with matching taints. + # Type: object + # Mandatory: no + # + tolerations: {} + + ingress: + # Allow disabling create ingress. + # Type: boolean + # Default: false + # + install: false + + # FQDN of ingress host. + # Type: string + # Mandatory: yes + # Default: "" + # + host: "" + + # Allow to specify ingressClassName. For example, "nginx". + # You can find the list of IngressClasses with using a command: + # kubectl get ingressclasses + # Type: string + # Mandatory: no + # Default: - + # + # className: "" + + # Configuration for ingress TLS. + # Type: object + # Default: {} + # + tls: {} + + route: + # Allow disabling create route. + # Type: boolean + # Default: false + # + install: false + + # FQDN of ingress host. + # Type: string + # Mandatory: yes + # Default: "" + # + host: "" + + # Specify port for hotrod service. + # Type: integer + # Default: 80 + # + service: + port: 80 + + # PriorityClassName assigned to the Pods to prevent them from evicting. + # Type: string + # priorityClassName: "priorityClassName" + +query: + # Allow disabling create query deployment. + # Type: boolean + # Default: true + # + install: true + + # A docker image to use for query deployment. + # Type: string + # Mandatory: no + # Default: "jaegertracing/jaeger-query:1.33.0" + # + # image: "jaegertracing/jaeger-query:1.33.0" + + # The imagePullPolicy for a container and the tag of the image affect when the kubelet + # attempts to pull (download) the specified image. + # Available value : "IfNotPresent", "Always" and "Never" + # Default: IfNotPresent + # + imagePullPolicy: IfNotPresent + + # Only pods which provide own keys can access the private registry. + # Default: [] + # + imagePullSecrets: [] + + # Replicas spec configuration for query. + # Type: integer + # Mandatory: no + # Default: 1 + # + replicas: 1 + + # Enable query ui config. + # Type: boolean + # Default: false + # + config: false + + ingress: + # Allow disabling create ingress. + # Type: boolean + # Default: false + # + install: false + # FQDN of ingress host. + # Type: string + # Mandatory: yes + # Default: "" + # + host: "" + + # Allow to specify ingressClassName. For example, "nginx". + # You can find the list of IngressClasses with using a command: + # kubectl get ingressclasses + # Type: string + # Mandatory: no + # Default: - + # + # className: "" + + # Configuration for ingress TLS. + # Type: object + # Default: {} + # + tls: {} + + route: + # Allow disabling create route. + # Type: boolean + # Default: false + # + install: false + + # FQDN of ingress host. + # Type: string + # Mandatory: yes + # Default: "" + # + host: "" + + # Query related cmd line opts to be configured on the concerned components. + # Type: object + # Default: [] + # + cmdlineParams: [] + + # Query related extra env vars to be configured on the concerned components. + # Type: object + # Default: [] + # + extraEnv: [] + + # SecurityContext holds pod-level security attributes. + # The parameters are required if a Pod Security Policy is enabled + # for Kubernetes cluster and required if a Security Context Constraints is enabled for Kubernetes cluster. + # Type: object + # Mandatory: no + # + securityContext: {} + + # The UID to run the entrypoint of the container process. + # Defaults to user specified in image metadata if unspecified. + # Type: integer + # Mandatory: no + # + # runAsUser: 2000 + + # A special supplemental group that applies to all containers in a pod. + # Some volume types allow the Kubelet to change the ownership of that volume + # to be owned by the pod: + # 1. The owning GID will be the FSGroup + # 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) + # 3. The permission bits are OR'd with rw-rw---- + # If unset, the Kubelet will not modify the ownership and permissions of any volume. + # Type: integer + # Mandatory: no + # + # fsGroup: 2000 + + # Set mandatory flag to run as non root user + # Type: bool + # Mandatory: no + # + # runAsNonRoot: true + + # Seccomp profile for Pod + # Valid options for type include 'RuntimeDefault', 'Unconfined', and 'Localhost'. + # Type: object + # Mandatory: no + # + # seccompProfileType: RuntimeDefault + + containerSecurityContext: {} + # Controls whether a process can gain more privileges than its parent process. + # This bool directly controls whether the 'no_new_privs' flag gets set on the container process. + # Type: bool + # Mandatory: no + # + # allowPrivilegeEscalation: false + + # Allow to give or drop a process some privileges, but not all the privileges of the root user. + # Type: object + # Mandatory: no + # + # capabilities: + # drop: + # - ALL + + # The resources describe to compute resource requests and limits for single Pods. + # Ref: https://kubernetes.io/docs/user-guide/compute-resources/ + # Type: object + # Mandatory: no + # + resources: + requests: + cpu: 100m + memory: 128Mi + limits: + cpu: 200m + memory: 256Mi + + # If specified, the pod's scheduling constraints + # More info: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.26/#affinity-v1-core + # Type: object + # Mandatory: no + # Default: see below + # + affinity: + podAntiAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: app.kubernetes.io/name + operator: In + values: + - jaeger-query + topologyKey: kubernetes.io/hostname + + # PriorityClassName assigned to the Pods to prevent them from evicting. + # Type: string + # priorityClassName: "priorityClassName" + + # Map of string keys and values that can be used to organize and categorize (scope and select) objects. + # May match selectors of replication controllers and services. + # More info: https://kubernetes.io/docs/user-guide/labels + # Type: map[string]string + # Mandatory: no + # Default: not set + # + labels: {} + # label-key: label-value + + # Annotations is an unstructured key value map stored + # with a resource that may be set by external tools to store and retrieve arbitrary metadata. + # They are not queryable and should be preserved when modifying objects. + # More info: https://kubernetes.io/docs/user-guide/annotations + # Type: map[string]string + # Mandatory: no + # Default: not set + # + annotations: {} + # annotation-key: annotation-value + +integrationTests: + install: false + # image: "ghcr.io/netcracker/jaeger-integration-tests:main" + tags: "smoke" + linkForGenerator: "http://jaeger-collector:9411" + generateCount: 10 + waitingTime: 500ms + resources: + requests: + memory: 64Mi + cpu: 50m + limits: + memory: 256Mi + cpu: 300m + statusWriting: + enabled: false + isShortStatusMessage: true + onlyIntegrationTests: true + customResourcePath: "apps/v1/jaeger/deployments/jaeger-integration-tests-runner" + service: + name: jaeger-integration-tests-runner + serviceAccount: + create: true + name: "jaeger-integration-tests" + # SecurityContext holds pod-level security attributes. + # The parameters are required if a Pod Security Policy is enabled + # for Kubernetes cluster and required if a Security Context Constraints is enabled for Kubernetes cluster. + # Type: object + # Mandatory: no + # + securityContext: {} + + # The UID to run the entrypoint of the container process. + # Defaults to user specified in image metadata if unspecified. + # Type: integer + # Mandatory: no + # + # runAsUser: 2000 + + # A special supplemental group that applies to all containers in a pod. + # Some volume types allow the Kubelet to change the ownership of that volume + # to be owned by the pod: + # 1. The owning GID will be the FSGroup + # 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) + # 3. The permission bits are OR'd with rw-rw---- + # If unset, the Kubelet will not modify the ownership and permissions of any volume. + # Type: integer + # Mandatory: no + # + # fsGroup: 2000 + + # Set mandatory flag to run as non root user + # Type: bool + # Mandatory: no + # + # runAsNonRoot: true + + # Seccomp profile for Pod + # Valid options for type include 'RuntimeDefault', 'Unconfined', and 'Localhost'. + # Type: object + # Mandatory: no + # + # seccompProfileType: RuntimeDefault + + containerSecurityContext: {} + # Controls whether a process can gain more privileges than its parent process. + # This bool directly controls whether the 'no_new_privs' flag gets set on the container process. + # Type: bool + # Mandatory: no + # + # allowPrivilegeEscalation: false + + # Allow to give or drop a process some privileges, but not all the privileges of the root user. + # Type: object + # Mandatory: no + # + # capabilities: + # drop: + # - ALL + + # PriorityClassName assigned to the Pods to prevent them from evicting. + # Type: string + # priorityClassName: "priorityClassName" + +statusProvisioner: + install: true + # image: ghcr.io/netcracker/deployment-status-provisioner:main + lifetimeAfterCompletion: 300 + podReadinessTimeout: 300 + integrationTestsTimeout: 300 + resources: + requests: + memory: "50Mi" + cpu: "50m" + limits: + memory: "100Mi" + cpu: "100m" + # SecurityContext holds pod-level security attributes. + # The parameters are required if a Pod Security Policy is enabled + # for Kubernetes cluster and required if a Security Context Constraints is enabled for Kubernetes cluster. + # Type: object + # Mandatory: no + # + securityContext: {} + + # The UID to run the entrypoint of the container process. + # Defaults to user specified in image metadata if unspecified. + # Type: integer + # Mandatory: no + # + # runAsUser: 2000 + + # A special supplemental group that applies to all containers in a pod. + # Some volume types allow the Kubelet to change the ownership of that volume + # to be owned by the pod: + # 1. The owning GID will be the FSGroup + # 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) + # 3. The permission bits are OR'd with rw-rw---- + # If unset, the Kubelet will not modify the ownership and permissions of any volume. + # Type: integer + # Mandatory: no + # + # fsGroup: 2000 + + # Set mandatory flag to run as non root user + # Type: bool + # Mandatory: no + # + # runAsNonRoot: true + + # Seccomp profile for Pod + # Valid options for type include 'RuntimeDefault', 'Unconfined', and 'Localhost'. + # Type: object + # Mandatory: no + # + # seccompProfileType: RuntimeDefault + + containerSecurityContext: {} + # Controls whether a process can gain more privileges than its parent process. + # This bool directly controls whether the 'no_new_privs' flag gets set on the container process. + # Type: bool + # Mandatory: no + # + # allowPrivilegeEscalation: false + + # Allow to give or drop a process some privileges, but not all the privileges of the root user. + # Type: object + # Mandatory: no + # + # capabilities: + # drop: + # - ALL + + # PriorityClassName assigned to the Pods to prevent them from evicting. + # Type: string + # priorityClassName: "priorityClassName" + +readinessProbe: + install: true + + # A docker image to use for readiness-probe container. + # Type: string + # Mandatory: no + # + # image: "ghcr.io/netcracker/jaeger-readiness-probe:main" + + # The imagePullPolicy for a container and the tag of the image affect when the kubelet + # attempts to pull (download) the specified image. + # Available value : "IfNotPresent", "Always" and "Never" + # Default: IfNotPresent + # + imagePullPolicy: IfNotPresent + + # Command line arguments + # Type: array + # Mandatory: yes + # + # args: + # - "-host=cassandra.cassandra.svc" + # - "-port=9042" + # - "-user=admin" + # - "-password=admin" + # - "-errors=5" + # - "-retries=5" + # - "-timeout=5" + + # The resources describe to compute resource requests and limits for single Pods. + # Ref: https://kubernetes.io/docs/user-guide/compute-resources/ + # Type: object + # Mandatory: no + # + resources: + requests: + cpu: 50m + memory: 50Mi + limits: + cpu: 50m + memory: 50Mi + + containerSecurityContext: {} + # Controls whether a process can gain more privileges than its parent process. + # This bool directly controls whether the 'no_new_privs' flag gets set on the container process. + # Type: bool + # Mandatory: no + # + # allowPrivilegeEscalation: false + + # Allow to give or drop a process some privileges, but not all the privileges of the root user. + # Type: object + # Mandatory: no + # + # capabilities: + # drop: + # - ALL diff --git a/docker-transfer/Dockerfile b/docker-transfer/Dockerfile new file mode 100644 index 0000000..d74645e --- /dev/null +++ b/docker-transfer/Dockerfile @@ -0,0 +1,5 @@ +FROM scratch + +# Collect helm charts and documentation +COPY charts /charts +COPY docs /docs diff --git a/docs/examples/agent-cassandra-values.yaml b/docs/examples/agent-cassandra-values.yaml new file mode 100644 index 0000000..772763a --- /dev/null +++ b/docs/examples/agent-cassandra-values.yaml @@ -0,0 +1,48 @@ +# Default values for jaeger. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. +jaeger: + storage: + type: cassandra + +cassandraSchemaJob: + host: cassandra.cassandra.svc + keyspace: jaeger + password: admin + username: admin + datacenter: dc1 + + # This parameter responsible for with either with SimpleStrategy (without replication) + # or with NetworkReplicationStrategy (with replication): + # * prod - will use NetworkReplicationStrategy + # * test - will use SimpleStrategy + mode: prod + + # This block allow to specify custom settings for Cassandra TTL + # By default all traces store only 2 days, and all dependencies stored forever + ttl: + # two weeks in seconds + trace: 1209600 + # let's store dependencies forever + dependencies: 0 + +collector: + install: true + +query: + install: true + ingress: + install: true + host: query. + +# By default the agent wont' deploy, so need explicitly specify that agent should be deploy. +agent: + install: true + +# This section is optional and allow to deploy a test service to generate some traces +# Useful if you want to verify how Jaeger receive, store and show traces +hotrod: + install: true + ingress: + install: true + host: hotrod. diff --git a/docs/examples/auth/basic-auth-values.yaml b/docs/examples/auth/basic-auth-values.yaml new file mode 100644 index 0000000..4245a5a --- /dev/null +++ b/docs/examples/auth/basic-auth-values.yaml @@ -0,0 +1,45 @@ +# Default values for jaeger. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. +jaeger: + storage: + type: cassandra + +cassandraSchemaJob: + host: cassandra.cassandra.svc + keyspace: jaeger + password: admin + username: admin + datacenter: dc1 + + # This parameter responsible for with either with SimpleStrategy (without replication) + # or with NetworkReplicationStrategy (with replication): + # * prod - will use NetworkReplicationStrategy + # * test - will use SimpleStrategy + mode: prod + +collector: + install: true + +query: + install: true + +proxy: + install: true + + # Enable basic auth type + type: basic + basic: + users: + # Contains string with ":" encoded in base64 + # Some values can be specified during deploy, for example: + # - YWRtaW46YWRtaW4= # admin:admin + # - dGVzdDp0ZXN0 # test:test + - YWRtaW46YWRtaW4= + resources: + limits: + cpu: 100m + memory: 200Mi + requests: + cpu: 50m + memory: 100Mi diff --git a/docs/examples/auth/oauth2-values.yaml b/docs/examples/auth/oauth2-values.yaml new file mode 100644 index 0000000..1d5cf11 --- /dev/null +++ b/docs/examples/auth/oauth2-values.yaml @@ -0,0 +1,45 @@ +# Default values for jaeger. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. +jaeger: + storage: + type: cassandra + +cassandraSchemaJob: + host: cassandra.cassandra.svc + keyspace: jaeger + password: admin + username: admin + datacenter: dc1 + + # This parameter responsible for with either with SimpleStrategy (without replication) + # or with NetworkReplicationStrategy (with replication): + # * prod - will use NetworkReplicationStrategy + # * test - will use SimpleStrategy + mode: prod + +collector: + install: true + +query: + install: true + +proxy: + install: true + + # Enable OAuth2 + type: oauth2 + oauth2: + tokenEndpoint: https://example-url.com/token + authorizationEndpoint: https://example-url.com/auth + clientId: envoy + clientToken: envoy + idpAddress: example-url.com + idpPort: 80 + resources: + limits: + cpu: 100m + memory: 200Mi + requests: + cpu: 50m + memory: 100Mi diff --git a/docs/examples/cassandra/cassandra-cluster-values.yaml b/docs/examples/cassandra/cassandra-cluster-values.yaml new file mode 100644 index 0000000..25d6e5f --- /dev/null +++ b/docs/examples/cassandra/cassandra-cluster-values.yaml @@ -0,0 +1,36 @@ +# Default values for jaeger. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. +jaeger: + storage: + type: cassandra + +cassandraSchemaJob: + host: cassandra.cassandra.svc + keyspace: jaeger + password: admin + username: admin + datacenter: dc1 + + # This parameter responsible for with either with SimpleStrategy (without replication) + # or with NetworkReplicationStrategy (with replication): + # * prod - will use NetworkReplicationStrategy + # * test - will use SimpleStrategy + mode: prod + +collector: + install: true + +query: + install: true + ingress: + install: true + host: query. + +# This section is optional and allow to deploy a test service to generate some traces +# Useful if you want to verify how Jaeger receive, store and show traces +hotrod: + install: true + ingress: + install: true + host: hotrod. diff --git a/docs/examples/cassandra/cassandra-custom-allowed-authenticators.yaml b/docs/examples/cassandra/cassandra-custom-allowed-authenticators.yaml new file mode 100644 index 0000000..2e7a5d3 --- /dev/null +++ b/docs/examples/cassandra/cassandra-custom-allowed-authenticators.yaml @@ -0,0 +1,18 @@ +# Default values for jaeger. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +cassandraSchemaJob: + host: cassandra.cassandra.svc + port: 9043 + username: admin + password: admin + mode: prod + keyspace: jaeger + datacenter: dc1 + + # This section allow to override list of default allowed authenticators during deploy + allowedAuthenticators: + - org.apache.cassandra.auth.PasswordAuthenticator + - com.instaclustr.cassandra.auth.SharedSecretAuthenticator + - com.datastax.bdp.cassandra.auth.DseAuthenticator \ No newline at end of file diff --git a/docs/examples/cassandra/cassandra-custom-security-context.yaml b/docs/examples/cassandra/cassandra-custom-security-context.yaml new file mode 100644 index 0000000..76a05b4 --- /dev/null +++ b/docs/examples/cassandra/cassandra-custom-security-context.yaml @@ -0,0 +1,69 @@ +# Default values for jaeger. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. +jaeger: + storage: + type: cassandra + +cassandraSchemaJob: + host: cassandra.cassandra.svc + keyspace: jaeger + password: admin + username: admin + datacenter: dc1 + + # This parameter responsible for with either with SimpleStrategy (without replication) + # or with NetworkReplicationStrategy (with replication): + # * prod - will use NetworkReplicationStrategy + # * test - will use SimpleStrategy + mode: prod + +collector: + install: true + securityContext: + runAsUser: 2000 + fsGroup: 2000 + runAsNonRoot: true + seccompProfile: + type: RuntimeDefault + containerSecurityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + +query: + install: true + securityContext: + runAsUser: 2000 + fsGroup: 2000 + runAsNonRoot: true + seccompProfile: + type: RuntimeDefault + containerSecurityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + ingress: + install: true + host: query. + +# This section is optional and allow to deploy a test service to generate some traces +# Useful if you want to verify how Jaeger receive, store and show traces +hotrod: + install: true + securityContext: + runAsUser: 2000 + fsGroup: 2000 + runAsNonRoot: true + seccompProfile: + type: RuntimeDefault + containerSecurityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + ingress: + install: true + host: hotrod. diff --git a/docs/examples/cassandra/cassandra-custom-ttl-values.yaml b/docs/examples/cassandra/cassandra-custom-ttl-values.yaml new file mode 100644 index 0000000..8848139 --- /dev/null +++ b/docs/examples/cassandra/cassandra-custom-ttl-values.yaml @@ -0,0 +1,44 @@ +# Default values for jaeger. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. +jaeger: + storage: + type: cassandra + +cassandraSchemaJob: + host: cassandra.cassandra.svc + keyspace: jaeger + password: admin + username: admin + datacenter: dc1 + + # This parameter responsible for with either with SimpleStrategy (without replication) + # or with NetworkReplicationStrategy (with replication): + # * prod - will use NetworkReplicationStrategy + # * test - will use SimpleStrategy + mode: prod + + # This block allow to specify custom settings for Cassandra TTL + # By default all traces store only 2 days, and all dependencies stored forever + ttl: + # two weeks in seconds + trace: 1209600 + # let's store dependencies forever + dependencies: 0 + +collector: + install: true + +query: + install: true + ingress: + install: true + host: query. + +# This section is optional and allow to deploy a test service to generate some traces +# Useful if you want to verify how Jaeger receive, store and show traces +hotrod: + install: true + ingress: + install: true + host: hotrod. diff --git a/docs/examples/cassandra/cassandra-simple-values.yaml b/docs/examples/cassandra/cassandra-simple-values.yaml new file mode 100644 index 0000000..25d6e5f --- /dev/null +++ b/docs/examples/cassandra/cassandra-simple-values.yaml @@ -0,0 +1,36 @@ +# Default values for jaeger. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. +jaeger: + storage: + type: cassandra + +cassandraSchemaJob: + host: cassandra.cassandra.svc + keyspace: jaeger + password: admin + username: admin + datacenter: dc1 + + # This parameter responsible for with either with SimpleStrategy (without replication) + # or with NetworkReplicationStrategy (with replication): + # * prod - will use NetworkReplicationStrategy + # * test - will use SimpleStrategy + mode: prod + +collector: + install: true + +query: + install: true + ingress: + install: true + host: query. + +# This section is optional and allow to deploy a test service to generate some traces +# Useful if you want to verify how Jaeger receive, store and show traces +hotrod: + install: true + ingress: + install: true + host: hotrod. diff --git a/docs/examples/cassandra/cassandra-tls-with-certificates-values.yaml b/docs/examples/cassandra/cassandra-tls-with-certificates-values.yaml new file mode 100644 index 0000000..7f07323 --- /dev/null +++ b/docs/examples/cassandra/cassandra-tls-with-certificates-values.yaml @@ -0,0 +1,53 @@ +# Default values for jaeger. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. +jaeger: + storage: + type: cassandra + +cassandraSchemaJob: + host: cassandra.cassandra.svc + keyspace: jaeger + password: admin + username: admin + datacenter: dc1 + + # This parameter responsible for with either with SimpleStrategy (without replication) + # or with NetworkReplicationStrategy (with replication): + # * prod - will use NetworkReplicationStrategy + # * test - will use SimpleStrategy + mode: prod + + tls: + enabled: true + + commonName: test123 + ca: | + -----BEGIN CERTIFICATE----- + ... + -----END CERTIFICATE----- + key: | + -----BEGIN CERTIFICATE----- + ... + -----END CERTIFICATE----- + cert: | + -----BEGIN RSA PRIVATE KEY----- + ... + -----END RSA PRIVATE KEY----- + +collector: + install: true + +query: + install: true + ingress: + install: true + host: query. + +# This section is optional and allow to deploy a test service to generate some traces +# Useful if you want to verify how Jaeger receive, store and show traces +hotrod: + install: true + ingress: + install: true + host: hotrod. diff --git a/docs/examples/cassandra/cassandra-tls-with-predefined-secret-values.yaml b/docs/examples/cassandra/cassandra-tls-with-predefined-secret-values.yaml new file mode 100644 index 0000000..44bf020 --- /dev/null +++ b/docs/examples/cassandra/cassandra-tls-with-predefined-secret-values.yaml @@ -0,0 +1,40 @@ +# Default values for jaeger. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. +jaeger: + storage: + type: cassandra + +cassandraSchemaJob: + host: cassandra.cassandra.svc + keyspace: jaeger + password: admin + username: admin + datacenter: dc1 + + # This parameter responsible for with either with SimpleStrategy (without replication) + # or with NetworkReplicationStrategy (with replication): + # * prod - will use NetworkReplicationStrategy + # * test - will use SimpleStrategy + mode: prod + + tls: + enabled: true + existingSecret: test-cassandra-secret + +collector: + install: true + +query: + install: true + ingress: + install: true + host: query. + +# This section is optional and allow to deploy a test service to generate some traces +# Useful if you want to verify how Jaeger receive, store and show traces +hotrod: + install: true + ingress: + install: true + host: hotrod. diff --git a/docs/examples/custom-images.yaml b/docs/examples/custom-images.yaml new file mode 100644 index 0000000..25facfa --- /dev/null +++ b/docs/examples/custom-images.yaml @@ -0,0 +1,26 @@ +# Default values for jaeger. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +# This examples show how to specify the custom images to override default images +collector: + image: jaegertracing/jaeger-collector:latest +query: + image: jaegertracing/jaeger-query:latest +proxy: + image: envoyproxy/envoy:v1.25.8 +agent: + image: jaegertracing/jaeger-agent:latest +cassandraSchemaJob: + image: jaegertracing/jaeger-cassandra-schema:latest +hotrod: + image: jaegertracing/example-hotrod:latest +elasticsearch: + indexCleaner: + image: jaegertracing/jaeger-es-index-cleaner:latest + rollover: + image: jaegertracing/jaeger-es-rollover:latest +integrationTests: + image: ghcr.io/netcracker/jaeger-integration-tests:main +statusProvisioner: + image: ghcr.io/netcracker/deployment-status-provisioner:main diff --git a/docs/examples/elasticsearch-example-values.yaml b/docs/examples/elasticsearch-example-values.yaml new file mode 100644 index 0000000..58a33bd --- /dev/null +++ b/docs/examples/elasticsearch-example-values.yaml @@ -0,0 +1,22 @@ +# Default values for jaeger. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. +jaeger: + storage: + type: elasticsearch + +# cassandraSchemaJob will be ignored if jaeger.storage.type is set to elasticsearch. +elasticsearch: + client: + username: admin + password: admin + scheme: https + url: opensearch.opensearch.svc:443 + indexCleaner: + install: true + +collector: + install: true + +query: + install: true diff --git a/docs/examples/ha-deployment-value.yaml b/docs/examples/ha-deployment-value.yaml new file mode 100644 index 0000000..43534c7 --- /dev/null +++ b/docs/examples/ha-deployment-value.yaml @@ -0,0 +1,74 @@ +# Default values for jaeger. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. +jaeger: + storage: + type: cassandra + +cassandraSchemaJob: + host: cassandra.cassandra.svc + keyspace: jaeger + password: admin + username: admin + datacenter: dc1 + + # This parameter responsible for with either with SimpleStrategy (without replication) + # or with NetworkReplicationStrategy (with replication): + # * prod - will use NetworkReplicationStrategy + # * test - will use SimpleStrategy + mode: prod + +collector: + install: true + + # This parameter allow to specify number of jaeger collector service replicas. + # If collector should be run in High Available mode need specify 2 or more replicas. + replicas: 2 + + # Affinity need to tell Kubernetes schedule pod on different nodes and avoid situation when two + # replicas will run on the same node (and both replicas will unavailable with node in disaster case) + affinity: + podAntiAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: app.kubernetes.io/name + operator: In + values: + - jaeger-collector + topologyKey: kubernetes.io/hostname + +query: + install: true + + # This parameter allow to specify number of jaeger query service replicas. + # If collector should be run in High Available mode need specify 2 or more replicas. + # + # But unlike from collector service, the query service need only to see already collected data. + # And it unavailability doesn't affect the process of receiving and store traces. + replicas: 2 + ingress: + install: true + host: query. + + # Affinity need to tell Kubernetes schedule pod on different nodes and avoid situation when two + # replicas will run on the same node (and both replicas will unavailable with node in disaster case) + affinity: + podAntiAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: app.kubernetes.io/name + operator: In + values: + - jaeger-query + topologyKey: kubernetes.io/hostname + + +# This section is optional and allow to deploy a test service to generate some traces +# Useful if you want to verify how Jaeger receive, store and show traces +hotrod: + install: true + ingress: + install: true + host: hotrod. diff --git a/docs/examples/hotord-example-values.yaml b/docs/examples/hotord-example-values.yaml new file mode 100644 index 0000000..ea8c03d --- /dev/null +++ b/docs/examples/hotord-example-values.yaml @@ -0,0 +1,32 @@ +# Default values for jaeger. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. +jaeger: + storage: + type: elasticsearch + +# cassandraSchemaJob will be ignored if jaeger.storage.type is set to elasticsearch. +elasticsearch: + client: + username: admin + password: admin + url: elasticsearch.elasticsearch.svc:9200 + indexCleaner: + install: true + +collector: + install: true + +query: + install: true + route: + install: true + host: query. + +# This section is optional and allow to deploy a test service to generate some traces +# Useful if you want to verify how Jaeger receive, store and show traces +hotrod: + install: true + ingress: + install: true + host: hotrod. diff --git a/docs/examples/ingress/collector-custom-service-name-values.yaml b/docs/examples/ingress/collector-custom-service-name-values.yaml new file mode 100644 index 0000000..5c24b7a --- /dev/null +++ b/docs/examples/ingress/collector-custom-service-name-values.yaml @@ -0,0 +1,18 @@ +# Default values for jaeger. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +collector: + install: true + ingress: + install: true + hosts: + - host: jaeger-collector.test.org + paths: + - prefix: /zipkin + service: + # The "name" parameter allow to set Service name that will use + # By default will use Service name creating during Jaeger deploy + # It usually has a name: jaeger-collector + name: my-awesome-service-name + port: 9411 diff --git a/docs/examples/ingress/collector-multiple-ingresses-values.yaml b/docs/examples/ingress/collector-multiple-ingresses-values.yaml new file mode 100644 index 0000000..4166a00 --- /dev/null +++ b/docs/examples/ingress/collector-multiple-ingresses-values.yaml @@ -0,0 +1,33 @@ +# Default values for jaeger. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +collector: + install: true + ingress: + install: true + hosts: + - host: zipkin.jaeger-collector.test.org + paths: + - prefix: /zipkin + service: + port: 9411 + - host: trift.jaeger-collector.test.org + paths: + - prefix: /thrift/tchannel + service: + port: 14250 + - prefix: /thrift/grpc + service: + port: 14267 + - prefix: /thrift/http + service: + port: 14268 + - host: otel.jaeger-collector.test.org + paths: + - prefix: /otlp/grpc + service: + port: 4317 + - prefix: /otlp/http + service: + port: 4318 diff --git a/docs/examples/ingress/collector-single-ingress-values.yaml b/docs/examples/ingress/collector-single-ingress-values.yaml new file mode 100644 index 0000000..9324c92 --- /dev/null +++ b/docs/examples/ingress/collector-single-ingress-values.yaml @@ -0,0 +1,9 @@ +# Default values for jaeger. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +collector: + install: true + ingress: + install: true + host: jaeger-collector.test.org diff --git a/docs/examples/integration-tests-values.yaml b/docs/examples/integration-tests-values.yaml new file mode 100644 index 0000000..b502e8f --- /dev/null +++ b/docs/examples/integration-tests-values.yaml @@ -0,0 +1,109 @@ +# Default values for jaeger. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. +jaeger: + storage: + type: cassandra + +cassandraSchemaJob: + host: cassandra.cassandra.svc + keyspace: jaeger + password: admin + username: admin + datacenter: dc1 + + # This parameter responsible for with either with SimpleStrategy (without replication) + # or with NetworkReplicationStrategy (with replication): + # * prod - will use NetworkReplicationStrategy + # * test - will use SimpleStrategy + mode: prod + + # This block allow to specify custom settings for Cassandra TTL + # By default all traces store only 2 days, and all dependencies stored forever + ttl: + # two weeks in seconds + trace: 1209600 + # let's store dependencies forever + dependencies: 0 + +collector: + install: true + +query: + install: true + ingress: + install: true + host: query. + +# By default the agent wont' deploy, so need explicitly specify that agent should be deploy. +agent: + install: true + +# This section is optional and allow to deploy a test service to generate some traces +# Useful if you want to verify how Jaeger receive, store and show traces +hotrod: + install: true + ingress: + install: true + host: hotrod. + +integrationTests: + install: true + image: "ghcr.io/netcracker/jaeger-integration-tests:main" + tags: "smokeORha" + linkForGenerator: "https://jaeger-collector-host" + generateCount: 10 + waitingTime: 500ms + resources: + requests: + memory: 256Mi + cpu: 50m + limits: + memory: 256Mi + cpu: 400m + statusWriting: + enabled: true + isShortStatusMessage: true + onlyIntegrationTests: true + customResourcePath: "apps/v1/jaeger/deployments/jaeger-integration-tests-runner" + service: + name: jaeger-integration-tests-runner + serviceAccount: + create: true + name: "jaeger-integration-tests" + securityContext: + runAsUser: 2000 + fsGroup: 2000 + runAsNonRoot: true + seccompProfile: + type: RuntimeDefault + containerSecurityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + +statusProvisioner: + enabled: true + image: ghcr.io/netcracker/deployment-status-provisioner:main + lifetimeAfterCompletion: 300 + podReadinessTimeout: 300 + integrationTestsTimeout: 300 + resources: + requests: + memory: "50Mi" + cpu: "50m" + limits: + memory: "100Mi" + cpu: "100m" + securityContext: + runAsUser: 2000 + fsGroup: 2000 + runAsNonRoot: true + seccompProfile: + type: RuntimeDefault + containerSecurityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL diff --git a/docs/examples/opensearch/opensearch-custom-secuirty-context.yaml b/docs/examples/opensearch/opensearch-custom-secuirty-context.yaml new file mode 100644 index 0000000..ffa4362 --- /dev/null +++ b/docs/examples/opensearch/opensearch-custom-secuirty-context.yaml @@ -0,0 +1,80 @@ +# Default values for jaeger. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. +jaeger: + storage: + type: "elasticsearch" + +# cassandraSchemaJob is ignored if jaeger.storage.type is set to elasticsearch. +elasticsearch: + client: + username: admin + password: admin + scheme: https + url: elasticsearch.elasticsearch.svc:9200 + rollover: + install: true + schedule: "10 0 * * *" + successfulJobsHistoryLimit: 1 + failedJobsHistoryLimit: 1 + securityContext: + runAsUser: 2000 + fsGroup: 2000 + runAsNonRoot: true + seccompProfile: + type: RuntimeDefault + containerSecurityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + +collector: + install: true + securityContext: + runAsUser: 2000 + fsGroup: 2000 + runAsNonRoot: true + seccompProfile: + type: RuntimeDefault + containerSecurityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + +query: + install: true + securityContext: + runAsUser: 2000 + fsGroup: 2000 + runAsNonRoot: true + seccompProfile: + type: RuntimeDefault + containerSecurityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + ingress: + install: true + host: query. + +# This section is optional and allow to deploy a test service to generate some traces +# Useful if you want to verify how Jaeger receive, store and show traces +hotrod: + install: true + securityContext: + runAsUser: 2000 + fsGroup: 2000 + runAsNonRoot: true + seccompProfile: + type: RuntimeDefault + containerSecurityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + ingress: + install: true + host: hotrod. diff --git a/docs/examples/opensearch/opensearch-one-node-values.yaml b/docs/examples/opensearch/opensearch-one-node-values.yaml new file mode 100644 index 0000000..2966b49 --- /dev/null +++ b/docs/examples/opensearch/opensearch-one-node-values.yaml @@ -0,0 +1,52 @@ +# Default values for jaeger. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. +jaeger: + storage: + type: "elasticsearch" + +# cassandraSchemaJob is ignored if jaeger.storage.type is set to elasticsearch. +elasticsearch: + client: + username: admin + password: admin + scheme: https + url: elasticsearch.elasticsearch.svc:9200 + rollover: + install: true + schedule: "10 0 * * *" + successfulJobsHistoryLimit: 1 + failedJobsHistoryLimit: 1 + # These parameters specify how the initial rollout job will create indices + initHook: + extraEnv: + # Specify 0 replicas and 5 shards + - name: REPLICAS + value: "0" + - name: SHARDS + value: "5" + +collector: + install: true + extraEnv: + # Specify 0 replicas + - name: ES_NUM_REPLICAS + value: "0" + +query: + install: true + extraEnv: + # Specify 0 replicas + - name: ES_NUM_REPLICAS + value: "0" + ingress: + install: true + host: query. + +# This section is optional and allow to deploy a test service to generate some traces +# Useful if you want to verify how Jaeger receive, store and show traces +hotrod: + install: true + ingress: + install: true + host: hotrod. diff --git a/docs/examples/opensearch/opensearch-rollover-values.yaml b/docs/examples/opensearch/opensearch-rollover-values.yaml new file mode 100644 index 0000000..01ed100 --- /dev/null +++ b/docs/examples/opensearch/opensearch-rollover-values.yaml @@ -0,0 +1,57 @@ +# Default values for jaeger. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. +jaeger: + storage: + type: "elasticsearch" + +# cassandraSchemaJob is ignored if jaeger.storage.type is set to elasticsearch. +elasticsearch: + client: + username: admin + password: admin + scheme: https + url: elasticsearch.elasticsearch.svc:9200 + rollover: + install: true + initHook: + ttlSecondsAfterFinished: 120 + schedule: "10 0 * * *" + successfulJobsHistoryLimit: 1 + failedJobsHistoryLimit: 1 + resources: + limits: + cpu: 500m + memory: 512Mi + requests: + cpu: 256m + memory: 128Mi + lookback: + install: true + schedule: "5 0 * * *" + successfulJobsHistoryLimit: 1 + failedJobsHistoryLimit: 1 + resources: + limits: + cpu: 500m + memory: 512Mi + requests: + cpu: 256m + memory: 128Mi + +collector: + install: true + +query: + install: true + route: + install: true + host: query. + +# This section is optional and allow to deploy a test service to generate some traces +# Useful if you want to verify how Jaeger receive, store and show traces +hotrod: + install: true + ingress: + install: true + host: hotrod. diff --git a/docs/examples/opensearch/opensearch-simple-values.yaml b/docs/examples/opensearch/opensearch-simple-values.yaml new file mode 100644 index 0000000..76c5aca --- /dev/null +++ b/docs/examples/opensearch/opensearch-simple-values.yaml @@ -0,0 +1,33 @@ +# Default values for jaeger. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. +jaeger: + storage: + type: elasticsearch + +# cassandraSchemaJob is ignored if jaeger.storage.type is set to elasticsearch. +elasticsearch: + client: + username: ...replace by username... + password: ...replace by password... + scheme: https + url: opensearch.opensearch.svc:9200 + indexCleaner: + install: true + +collector: + install: true + +query: + install: true + ingress: + install: true + host: query. + +# This section is optional and allow to deploy a test service to generate some traces +# Useful if you want to verify how Jaeger receive, store and show traces +hotrod: + install: true + ingress: + install: true + host: hotrod. diff --git a/docs/examples/opensearch/opensearch-tls-with-certificates-values.yaml b/docs/examples/opensearch/opensearch-tls-with-certificates-values.yaml new file mode 100644 index 0000000..d2ce8ca --- /dev/null +++ b/docs/examples/opensearch/opensearch-tls-with-certificates-values.yaml @@ -0,0 +1,46 @@ +# Default values for jaeger. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. +jaeger: + storage: + type: elasticsearch + +elasticsearch: + client: + username: admin + password: admin + scheme: https + url: opensearch.opensearch.svc:9200 + tls: + enabled: true + ca: |- + -----BEGIN CERTIFICATE----- + ... + -----END CERTIFICATE----- + cert: |- + -----BEGIN CERTIFICATE----- + ... + -----END CERTIFICATE----- + key: |- + -----BEGIN PRIVATE KEY----- + ... + -----END PRIVATE KEY----- + rollover: + install: true + schedule: "*/10 * * * *" + resources: + limits: + cpu: 500m + memory: 512Mi + requests: + cpu: 256m + memory: 128Mi + +collector: + install: true + +query: + install: true + ingress: + install: true + host: query. diff --git a/docs/examples/opensearch/opensearch-tls-with-insecure-skip-verify-values.yaml b/docs/examples/opensearch/opensearch-tls-with-insecure-skip-verify-values.yaml new file mode 100644 index 0000000..9ac6a09 --- /dev/null +++ b/docs/examples/opensearch/opensearch-tls-with-insecure-skip-verify-values.yaml @@ -0,0 +1,35 @@ +# Default values for jaeger. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. +jaeger: + storage: + type: elasticsearch + +elasticsearch: + client: + username: admin + password: admin + scheme: https + url: opensearch.opensearch.svc:9200 + tls: + enabled: true + insecureSkipVerify: true + rollover: + install: true + schedule: "*/10 * * * *" + resources: + limits: + cpu: 500m + memory: 512Mi + requests: + cpu: 256m + memory: 128Mi + +collector: + install: true + +query: + install: true + ingress: + install: true + host: query. diff --git a/docs/examples/opensearch/opensearch-tls-with-predefined-secret-values.yaml b/docs/examples/opensearch/opensearch-tls-with-predefined-secret-values.yaml new file mode 100644 index 0000000..3b924bd --- /dev/null +++ b/docs/examples/opensearch/opensearch-tls-with-predefined-secret-values.yaml @@ -0,0 +1,35 @@ +# Default values for jaeger. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. +jaeger: + storage: + type: elasticsearch + +elasticsearch: + client: + username: admin + password: admin + scheme: https + url: opensearch.opensearch.svc:9200 + tls: + enabled: true + existingSecret: test-opensearch-secret + rollover: + install: true + schedule: "*/10 * * * *" + resources: + limits: + cpu: 500m + memory: 512Mi + requests: + cpu: 256m + memory: 128Mi + +collector: + install: true + +query: + install: true + ingress: + install: true + host: query. diff --git a/docs/examples/public-clouds/aws-values.yaml b/docs/examples/public-clouds/aws-values.yaml new file mode 100644 index 0000000..58361b0 --- /dev/null +++ b/docs/examples/public-clouds/aws-values.yaml @@ -0,0 +1,37 @@ +# Default values for jaeger. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. +jaeger: + storage: + type: elasticsearch + +# cassandraSchemaJob is ignored if jaeger.storage.type is set to elasticsearch. +elasticsearch: + client: + username: admin + password: admin + scheme: https + url: vpc-test-es-1-3v65i7xkrsq7ucdl25mym4u5om.us-east-1.es.amazonaws.com + indexCleaner: + install: true + lookback: + install: true + rollover: + install: true + +collector: + install: true + +query: + install: true + ingress: + install: true + host: query. + +# This section is optional and allow to deploy a test service to generate some traces +# Useful if you want to verify how Jaeger receive, store and show traces +hotrod: + install: true + ingress: + install: true + host: hotrod. diff --git a/docs/installation.md b/docs/installation.md new file mode 100644 index 0000000..5994312 --- /dev/null +++ b/docs/installation.md @@ -0,0 +1,2077 @@ +This chapter describes the procedure to deploy the Jaeger application in the Kubernetes/OpenShift project. +The deployment includes a collector to collect the data, a query for UI purposes, and an agent in a query pod +for tracing the query. + +# Table of Content + +* [Table of Content](#table-of-content) +* [Prerequisites](#prerequisites) + * [Common](#common) + * [Storage](#storage) + * [Cassandra](#cassandra) + * [OpenSearch/ElasticSearch](#opensearchelasticsearch) + * [Kubernetes](#kubernetes) + * [Azure](#azure) + * [AWS](#aws) + * [Google](#google) +* [Best practices and recommendations](#best-practices-and-recommendations) + * [HWE](#hwe) + * [TLS](#tls) +* [Parameters](#parameters) + * [Jaeger](#jaeger) + * [Collector](#collector) + * [Ingress](#ingress) + * [TLSConfig](#tlsconfig) + * [Query](#query) + * [Readiness probe](#readiness-probe) + * [Agent](#agent) + * [Cassandra](#cassandra-1) + * [ElasticSearch](#elasticsearch) + * [Index Cleaner](#index-cleaner) + * [Rollover](#rollover) + * [Lookback](#lookback) + * [Proxy](#proxy) + * [Hotrod](#hotrod) + * [Integration Tests](#integration-tests) + * [Status Provisioner](#status-provisioner) +* [Installation](#installation) + * [Before you begin](#before-you-begin) + * [Helm](#helm) + * [On-prem](#on-prem) + * [HA scheme](#ha-scheme) + * [Non-HA scheme](#non-ha-scheme) +* [Post Deploy Checks](#post-deploy-checks) + * [Jobs Post Deploy Check](#jobs-post-deploy-check) + * [Smoke test](#smoke-test) +* [Frequently Asked Questions](#frequently-asked-questions) + * [Jaeger Sampling Configuration](#jaeger-sampling-configuration) + +# Prerequisites + +This section describes the prerequisites to deploy Jaeger in the Cloud. + +## Common + +* Kubernetes 1.21+ or OpenShift 4.10+ +* kubectl 1.21+ or oc 4.10+ CLI +* Helm 3.0+ + +## Storage + +### Cassandra + +**Note:** This section is applicable only to cases when Cassandra is used as a store. + +Supported Cassandra versions: + +* 4.x (recommended) +* 3.x + +Depending on the configuration of your Cassandra cluster you can configure different replication strategies +for Jaeger's data. + +If your Cassandra cluster has **2 or more nodes** in the cluster, you can use data replication. It can be configured +using the deployment parameter: + +```yaml +cassandraSchemaJob: + mode: prod +``` + +**Note:** If you want, with 2 or more Cassandra nodes you can use a SimpleStrategy without data replication. + +If your Cassandra cluster has **only 1 node**, you can use a SimpleStrategy without data replication. +It can be configured using the deployment parameter: + +```yaml +cassandraSchemaJob: + mode: test +``` + +**Warning!** The `mode: prod` **can't be used** if you have **only 1** Cassandra node. Jaeger won't allow to create +of a schema and other Jaeger pods won't start with this configuration. + + +[Back to TOC](#table-of-content) + + +### OpenSearch/ElasticSearch + +**Note:** This section applies only to cases when OpenSearch/ElasticSearch is used as a store. + +Selecting between OpenSearch and ElasticSearch we recommended using **OpenSearch**. + +Supported OpenSearch versions: + +* 2.x (recommended) +* 1.x + +Supported ElasticSearch versions: + +* 7.x +* 6.x +* 5.x + + +[Back to TOC](#table-of-content) + + +## Kubernetes + +To deploy Jaeger in the Kubernetes/OpenShift you must have at least a namespace admin role. +You should have at least permissions like the following: + +```yaml +kind: Role +apiVersion: rbac.authorization.k8s.io/v1beta1 +metadata: + namespace: + name: deploy-user-role +rules: +- apiGroups: ["*"] + resources: ["*"] + verbs: ["*"] +``` + +**Note:** It's not a role that you have to create. It's just an example with a minimal list of permissions. + +For Kubernetes 1.25+, it is recommended to deploy Jaeger using `baseline` PSS. Before deploying please make sure +that your namespace has the following labels: + +```yaml +apiVersion: v1 +kind: Namespace +metadata: + name: + labels: + pod-security.kubernetes.io/enforce: baseline + pod-security.kubernetes.io/enforce-version: latest +``` + +For Kubernetes 1.25+ if `restricted` PSS is specified on namespace using +`pod-security.kubernetes.io/enforce: restricted`, then it is necessary to configure +`securityContext` and `containerSecurityContext` appropriately. + +At the pod level, `runAsNonRoot: true` and `seccompProfile.type: "RuntimeDefault"` will be added automatically. +At the container level, `allowPrivilegeEscalation: false` and `capabilities.drop: - ALL` will be added automatically. +It is recommended not to override these values because Kubernetes `restricted`` PSS expects these values. + + +[Back to TOC](#table-of-content) + + +## Azure + +| Azure Managed Service | Jaeger support | +| ----------------------------------------------------------------------------------------------- | -------------- | +| [Azure CosmosDB (Cassandra)](https://azure.microsoft.com/en-in/products/cosmos-db) | ❌ Not Support | +| [Azure Cassandra](https://azure.microsoft.com/en-in/products/managed-instance-apache-cassandra) | ❔ Not Verified | +| Azure OpenSearch | - N/A | + +We almost didn't verify Jaeger working with Azure managed services. But we know about some GitHub issues related +to supporting Azure managed services. So we know that Jaeger doesn't support Azure CosmosDB now. GitHub issue +[Support PaaS Cassandra - Create Schema on Azure CosmosDB](https://github.com/jaegertracing/jaeger/issues/2468). + +There is no Azure managed OpenSearch. You can find only custom solutions in the Azure marketplace from other vendors. + + +[Back to TOC](#table-of-content) + + +## AWS + +| AWS Managed Service | Jaeger support | +| ------------------------- | -------------- | +| AWS Keyspaces (Cassandra) | ❌ Not Support | +| AWS OpenSearch | ✅ Support | + +Jaeger doesn't support AWS Keyspaces because Keyspaces doesn't allow to creation of frozen structures and custom +structures. GitHub issue +[Support for AWS managed Cassandra (aka AWS MCS, Amazon Keyspaces)](https://github.com/jaegertracing/jaeger/issues/2294). + +But Jaeger supports AWS OpenSearch as a managed service. Recommendation for AWS OpenSearch: + +* OpenSearch 1.x and 2.x both supports +* Recommended use OpenSearch with resources not less than: + * CPU: >= 2 cores + * Memory: >= 4-8 GB +* To run Jaeger with AWS OpenSearch recommended using flavors not less than: + * r5.large.search + * m4.large.search + * c6g.large.search + * c5.large.search + * c4.large.search + +Full information on which steps should be executed before deploying in AWS and with AWS OpenSearch can be found in the +user guide [AWS OpenSearch](user-guides/aws-opensearch.md). + + +[Back to TOC](#table-of-content) + + +## Google + +| Google Managed Service | Jaeger support | +| ---------------------- | -------------- | +| Google Cassandra | - N/A | +| Google OpenSearch | - N/A | + +Google has no officially managed Cassandra, OpenSearch or ElasticSearch. You can find only custom solutions +in the Google marketplace from other vendors. + + +[Back to TOC](#table-of-content) + + +# Best practices and recommendations + +## HWE + +The minimal hardware values with which Jaeger can start: + +Collector: + +| Component | CPU Requests | Memory Requests | CPU Limits | Memory Limits | +| --------- | ------------ | --------------- | ---------- | ------------- | +| collector | 50m | 64Mi | 100m | 128Mi | +| query | 100m | 64Mi | 150m | 128Mi | + +For more information about Jaeger's performance, refer to the [Jaeger Service Performance Monitoring](/docs/public/performance.md) +section in the _Cloud Platform Monitoring Guide_. + +**Note**: The above resources are required for starting, not for working under load. For production, the resources +should be increased, also if needed, the collector can be scaled horizontally. + +Disk space for storing Jaeger traces might be calculated in several ways: + +* First of all, trace might contain more than one span, it depends on how many services (APIs) call each request. + If you are able to calculate a number of spans as: + + ```txt + Number of spans per second = number traces in your system(requests) * number of spans per trace + ``` + + Please note not all requests on prod env are sent traces in Jaeger, so you only need to count the traced requests. + After that, you are able to calculate the total number of spans as: + +* If you have installed Jaeger on pre-production or production env you are able to check the number of spans per second + with Jaeger self metrics. See the "span creation rate" panel on the "Jaeger-overview" Grafana dashboard. + Or you can calculate the value in Prometheus\/VMUI: + + ```Promql + sum(rate(jaeger_reporter_spans[1m])) + ``` + + or + + ```Promql + sum(rate(jaeger_collector_spans_received_total{service="jaeger-collector"}[1m]))/60 + ``` + +After that, you can calculate the total number of spans: + +```txt +Total number of spans = Number of spans per second * Retention period in seconds +``` + +**Warning!** TTL for Jaeger's Cassandra tables **can't be changed** during update! +You must set correct TTL values during first deploy! If you didn't do it, please read the +[Maintenance: Change Cassandra TTL](/docs/public/maintenance.md#change-cassandra-ttl). + +To find the retention period see `ttl` for [Cassandra](#cassandra-1) and `numberOfDays` for +[Elasticsearch\/Opensearch](#index-cleaner). + +We have made measurements and found that each 100000 spans requires about 90 Megabytes of disk space +or 0.9kb per span. +Also, 30% of the additional disk space is needed for storage maintenance (e.g. retention). +That means you need to allocate about 120 Megabytes of disk space for each 100k spans. + +Please note that Jaeger by default trace only 1% of all traces(probabilistic sampler type). + +```txt +Disk space usage(in Megabytes) = Total number of spans * 0.0009 * Probabilistic coefficient +``` + +For example: + +Services generate 1500 spans but Jaeger will receive 10%(150 spans per second) and traces will be stored for 7 days. +So the total number of spans will be: + +```txt +1500 * 0.1 * 86400(seconds per day) * 7 = 90 720 000 +``` + +And disk space usage will be: + +```txt +90 720 000 * 0.0009 = 81648Mb or (~80Gb) +80Gb + 30% = 105Gb +``` + +[Back to TOC](#table-of-content) + + +## TLS + +Support matrix Jaeger as third-party: + +| Connection | Support TLS | +| -------------------------- | ------------- | +| Client to Agent | ❌ Not Support | +| Client to Collector | ✅ Support | +| Agent to Collector | ✅ Support | +| Collector/Query to Storage | ✅ Support | +| Browser to UI | ❌ Not Support | + +Detailed information about how to configure TLS and examples of deployment parameters you can find in the user guide +[TLS](user-guides/tls.md). + + +[Back to TOC](#table-of-content) + + +# Parameters + +This section describes parameters that can be used to deploy Jaeger and its components in the Cloud. + +## Jaeger + +It's a common section that contains some generic parameters. + +All parameters in the table below should be specified under the key: + +```yaml +jaeger: + ... +``` + + +| Parameter | Type | Mandatory | Default value | Description | +| ------------------------------- | ------- | --------- | ------------- | -------------------------------------------------------------------------------------- | +| `storage.type` | string | yes | cassandra | Type of storage, available values: `cassandra` and `elasticsearch` | +| `serviceName` | string | no | jaeger | Jaeger base deployment or service name | +| `prometheusMonitoring` | boolean | no | true | Install ServiceMonitors that allow Monitoring collect metrics from Jaeger's components | +| `prometheusMonitoringDashboard` | boolean | no | true | Install the GrafanaDashboard that visualize metrics collect by Monitoring | + + +Examples: + +```yaml +jaeger: + # Use to select type of storage + storage: + type: cassandra + + serviceName: jaeger + + # Use to enable monitoring for Jaeger + prometheusMonitoring: true + prometheusMonitoringDashboard: true +``` + + +[Back to TOC](#table-of-content) + + +## Collector + +`jaeger-collector` receives traces, runs them through a processing pipeline for validation and clean-up/enrichment, +and stores them in a storage backend. Jaeger comes with built-in support for several storage backends, +as well as an extensible plugin framework for implementing custom storage plugins. + +All parameters in the table below should be specified under the key: + +```yaml +collector: + install: true + ... +``` + + +| Parameter | Type | Mandatory | Default value | Description | +| -------------------------- | ----------------------------------------------------------------------------------------------------------------------------- | --------- | ----------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------- | +| `install` | boolean | no | true | Allows enabling/disabling creating collector deployment | +| `image` | string | no | - | Docker image to use for a collector container | +| `name` | string | no | collector | The name of a microservice to deploy with | +| `imagePullPolicy` | string | no | IfNotPresent | `imagePullPolicy` for a container and the tag of the image affects when the `kubelet` attempts to pull (download) the specified image | +| `imagePullSecrets` | object | no | [] | Keys to access the private registry | +| `replicas` | integer | no | 1 | Count of replicas for the collector | +| `zipkinPort` | integer | no | 9411 | Specifies the port of the Zipkin service | +| `cmdlineParams` | object | no | [] | Collector-related cmd line opts to be configured on the concerned components | +| `extraEnv` | object | no | [] | Collector-related extra env vars to be configured on the concerned components | +| `samplingConfig` | boolean | no | false | Enabling/disabling `SAMPLING_STRATEGIES_FILE` | +| `nodeSelector` | map | no | {} | Defining which Nodes the Pods are scheduled on | +| `tolerations` | [core/v1.Toleration](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#toleration-v1-core) | no | {} | Allows the pods to schedule onto nodes with matching taints | +| `resources` | object | no | {requests: {cpu: 100m, memory: 100Mi}, limits: {cpu: 1, memory: 200Mi}} | Describes computing resource requests and limits for single Pods | +| `securityContext` | [core/v1.PodSecurityContext](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#podsecuritycontext-v1-core) | no | {} | Describes pod-level security attributes | +| `containerSecurityContext` | [core/v1.SecurityContext](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#securitycontext-v1-core) | no | {} | Holds container-level security attributes | +| `priorityClassName` | string | no | `-` | PriorityClassName assigned to the Pods to prevent them from evicting. | +| `tlsConfig` | [TLSConfig](#tlsconfig) | no | `{}` | Contains TLS settings for collector. | +| `labels` | map | no | {} | Labels for collector. | +| `annotations` | map | no | {} | Annotations for collector. | + + +Example: + +**Note:** It's just an example of a parameter's format, not recommended parameters. + +```yaml +collector: + install: true + replicas: 1 + name: collector + image: jaegertracing/jaeger-collector:1.62.0 + + imagePullPolicy: IfNotPresent + imagePullSecrets: + - name: jaeger-pull-secret + + resources: + requests: + cpu: 100m + memory: 100Mi + limits: + cpu: 1000m + memory: 200m + securityContext: + runAsUser: 2000 + fsGroup: 2000 + runAsNonRoot: true + seccompProfile: + type: RuntimeDefault + containerSecurityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + + zipkinPort: 9411 + samplingConfig: true + + ingress: + ... + + cmdlineParams: + - '--cassandra.max-retry-attempts=10' + extraEnv: + - name: ES_TIMEOUT + value: 30s + + nodeSelector: + node-role.kubernetes.io/worker: worker + tolerations: + - key: key1 + operator: Equal + value: value1 + effect: NoSchedule + priorityClassName: priority-class + tlsConfig: {} + annotations: + example.annotation/key: example-annotation-value + labels: + example.label/key: example-label-value +``` + + +[Back to TOC](#table-of-content) + + +### Ingress + +This section describes Ingress configuration for `jaeger-collector`. + +All parameters in the table below should be specified under the key: + +```yaml +collector: + ingress: + install: true +``` + + +| Parameter | Type | Mandatory | Default value | Description | +| ------------------------------ | ------- | --------- | ------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `install` | boolean | no | `-` | Name of the pre-existing secret that contains TLS configuration for jaeger-collector. If specified, `generateCerts.enabled` must be set to `false`. The `existingSecret` is expected to contain CA certificate, TLS key and TLS certificate in `ca.crt`, `tls.key` and `tls.crt` fields respectively. | +| `annotations` | map | no | `-` | Annotations for collector Ingress | +| `labels` | map | no | `-` | Labels for collector Ingress | +| `host` | string | no | `-` | DNS name of Ingress host that should be created | +| `hosts` | array | no | `-` | List of hosts | +| `hosts[].host` | string | no | `-` | DNS name of Ingress host that should be created | +| `hosts[].paths` | array | no | `-` | List of paths and endpoints in Ingress | +| `hosts[].paths[].prefix` | string | no | `-` | Endpoint path that will listen and handle by Ingress controller (for example: `/`, `/zipkin`) | +| `hosts[].paths[].service.name` | string | no | `-` | Service name to which will route requests from declared in this section endpoint, by default will use `{{ .jaeger.serviceName }}-collector` (usually will be `jaeger-collector`) | +| `hosts[].paths[].service.port` | integer | no | `-` | Service port to which will route requests from declared in this section endpoint | + + +Example: + +**Note:** It's just an example of a parameter's format, not recommended parameters. + +```yaml +collector: + ingress: + # Enable or disable Ingress deployment + install: true + + annotations: + example.annotation/key: example-annotation-value + labels: + example.label/key: example-label-value + + # An ability to set a single host name, like in other places + host: jaeger-collector.test.org + + # An ability set one or more hosts with custom list of paths + hosts: + - host: otlp.jaeger-collector.test.org + paths: + - prefix: /otlp/grpc + service: + port: 4317 + - prefix: /otlp/http + service: + port: 4318 + - host: other.jaeger-collector.test.org + paths: + - prefix: / + service: + port: 16269 + - prefix: /zipkin + service: + port: 9411 + - prefix: /thrift/tchannel + service: + port: 14250 + - prefix: /thrift/grpc + service: + port: 14267 + - prefix: /thrift/http + service: + port: 14268 +``` + + +[Back to TOC](#table-of-content) + + +### TLSConfig + +This section describes TLS configuration for `jaeger-collector`. + +All parameters in the table below should be specified under the key: + +```yaml +collector: + tlsConfig: + existingSecret: ... +``` + + +| Parameter | Type | Mandatory | Default value | Description | +| ------------------------------------ | ------- | --------- | ----------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `existingSecret` | string | no | `-` | Name of the pre-existing secret that contains TLS configuration for jaeger-collector. If specified, `generateCerts.enabled` must be set to `false`. The `existingSecret` is expected to contain CA certificate, TLS key and TLS certificate in `ca.crt`, `tls.key` and `tls.crt` fields respectively. | +| `newSecretName` | string | no | `jaeger-collector-tls-secret` | Name of the new secret that needs to be created for storing TLS configuration of jaeger-collector. Can be specified if `tlsConfig.existingSecret` is not specified. | +| `generateCerts.enabled` | boolean | no | `true` | Generation of certificate is enabled by default. If `tlsConfig.existingSecret` is specified, `tlsConfig.generateCerts` section will be skipped. If `tlsConfig.otelHttp.enabled` or `tlsConfig.otelgRPC.enabled` or `tlsConfig.jaegerHttp.enabled` or `tlsConfig.jaegergRPC.enabled` or `tlsConfig.zipkin.enabled` is true, `cert-manager` will generate certificate with the name configured using `tlsConfig.newSecretName`, if it doesn't exist already. | +| `generateCerts.clusterIssuerName` | string | no | `-` | Cluster issuer name for generated certificate. If not specified, `jaeger-collector-tls-issuer` will be installed and it will generate certificates. | +| `generateCerts.duration` | integer | no | `365` | Duration in days, until which issued certificate will be valid. | +| `generateCerts.renewBefore` | integer | no | `15` | Number of days before which certificate must be renewed. | +| `createSecret` | object | no | `-` | New secret with the name `tlsConfig.newSecretName` will be created using already known certificate content. If `tlsConfig.existingSecret` is specified, `tlsConfig.createSecret` section will be skipped. | +| `createSecret.ca` | string | no | `-` | Already known CA certificate will be added to newly created secret. | +| `createSecret.key` | string | no | `-` | Already known TLS key will be added to newly created secret. | +| `createSecret.cert` | string | no | `-` | Already known TLS certificate will be added to newly created secret. | +| `otelHttp.enabled` | boolean | no | `false` | Specifies whether TLS must be enabled for OTEL HTTP endpoint. | +| `otelHttp.cipherSuites` | string | no | `-` | Comma-separated list of cipher suites for the server. | +| `otelHttp.maxVersion` | string | no | `-` | Maximum TLS version supported (Possible values: 1.0, 1.1, 1.2, 1.3). | +| `otelHttp.minVersion` | string | no | `-` | Minimum TLS version supported (Possible values: 1.0, 1.1, 1.2, 1.3). | +| `otelHttp.certificateReloadInterval` | string | no | `0s` | The duration after which the certificate will be reloaded (0s means will not be reloaded). | +| `otelgRPC.enabled` | boolean | no | `false` | Specifies whether TLS must be enabled for OTEL GRPC endpoint. | +| `otelgRPC.cipherSuites` | string | no | `-` | Comma-separated list of cipher suites for the server. | +| `otelgRPC.maxVersion` | string | no | `-` | Maximum TLS version supported (Possible values: 1.0, 1.1, 1.2, 1.3). | +| `otelgRPC.minVersion` | string | no | `-` | Minimum TLS version supported (Possible values: 1.0, 1.1, 1.2, 1.3). | +| `otelgRPC.certificateReloadInterval` | string | no | `0s` | The duration after which the certificate will be reloaded (0s means will not be reloaded). | +| `jaegerHttp.enabled` | boolean | no | `false` | Specifies whether TLS must be enabled for Jaeger/Thrift HTTP endpoint. | +| `jaegerHttp.cipherSuites` | string | no | `-` | Comma-separated list of cipher suites for the server. | +| `jaegerHttp.maxVersion` | string | no | `-` | Maximum TLS version supported (Possible values: 1.0, 1.1, 1.2, 1.3). | +| `jaegerHttp.minVersion` | string | no | `-` | Minimum TLS version supported (Possible values: 1.0, 1.1, 1.2, 1.3). | +| `jaegergRPC.enabled` | boolean | no | `false` | Specifies whether TLS must be enabled for Jaeger/Thrift GRPC endpoint. | +| `jaegergRPC.cipherSuites` | string | no | `-` | Comma-separated list of cipher suites for the server. | +| `jaegergRPC.maxVersion` | string | no | `-` | Maximum TLS version supported (Possible values: 1.0, 1.1, 1.2, 1.3). | +| `jaegergRPC.minVersion` | string | no | `-` | Minimum TLS version supported (Possible values: 1.0, 1.1, 1.2, 1.3). | +| `zipkin.enabled` | boolean | no | `false` | Specifies whether TLS must be enabled for Zipkin endpoint. | +| `zipkin.cipherSuites` | string | no | `-` | Comma-separated list of cipher suites for the server. | +| `zipkin.maxVersion` | string | no | `-` | Maximum TLS version supported (Possible values: 1.0, 1.1, 1.2, 1.3). | +| `zipkin.minVersion` | string | no | `-` | Minimum TLS version supported (Possible values: 1.0, 1.1, 1.2, 1.3). | + + +Example: + +**Note:** It's just an example of a parameter's format, not recommended parameters. + +```yaml +collector: + tlsConfig: + #existingSecret: jaeger-collector-tls-secret + newSecretName: jaeger-collector-tls-secret + generateCerts: + enabled: true + clusterIssuerName: "" + duration: 365 + renewBefore: 15 + #createSecret: + # ca: |- + # -----BEGIN CERTIFICATE----- + # ... certificate content ... + # -----END CERTIFICATE----- + # key: |- + # -----BEGIN RSA PRIVATE KEY----- + # ... certificate content ... + # -----END RSA PRIVATE KEY----- + # cert: |- + # -----BEGIN CERTIFICATE----- + # ... certificate content ... + # -----END CERTIFICATE----- + otelHttp: + enabled: true + cipherSuites: TLS_RSA_WITH_RC4_128_SHA,TLS_RSA_WITH_3DES_EDE_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA + maxVersion: 1.2 + minVersion: 1.2 + certificateReloadInterval: 0s + otelgRPC: + enabled: true + maxVersion: 1.2 + minVersion: 1.2 + certificateReloadInterval: 0s + jaegergRPC: + enabled: true + maxVersion: 1.2 + minVersion: 1.2 + jaegerHttp: + enabled: true + maxVersion: 1.2 + minVersion: 1.2 + zipkin: + enabled: true + maxVersion: 1.2 + minVersion: 1.2 +``` + + +[Back to TOC](#table-of-content) + + +## Query + +`jaeger-query` is a service that exposes the APIs for retrieving traces from storage and hosts a Web UI for searching +and analyzing traces. + +All parameters in the table below should be specified under the key: + +```yaml +query: + install: true + ... +``` + + +| Parameter | Type | Mandatory | Default value | Description | +| -------------------------- | ----------------------------------------------------------------------------------------------------------------------------- | --------- | -------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------- | +| `install` | boolean | no | true | Allows enabling/disabling creating query deployment | +| `image` | string | no | - | Docker image to use for a query container | +| `imagePullPolicy` | string | no | IfNotPresent | `imagePullPolicy` for a container and the tag of the image affects when the kubelet attempts to pull (download) the specified image | +| `imagePullSecrets` | object | no | [] | Keys to access the private registry | +| `cmdlineParams` | object | no | [] | Query-related cmd line opts to be configured on the concerned components | +| `extraEnv` | object | no | [] | Query-related extra env vars to be configured on the concerned components | +| `config` | boolean | no | false | Enabling/disabling creating query UI config | +| `ingress.install` | boolean | no | false | Enabling/disabling creating query ingress | +| `ingress.host` | string | no | - | FQDN of the ingress host | +| `route.install` | boolean | no | false | Enabling/disabling creating query route | +| `route.host` | string | no | - | FQDN of the route host | +| `resources` | object | no | {requests: {cpu: 100m, memory: 128Mi}, limits: {cpu: 200m, memory: 256Mi}} | Describes computing resource requests and limits for single Pods | +| `securityContext` | [core/v1.PodSecurityContext](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#podsecuritycontext-v1-core) | no | {} | Describes pod-level security attributes | +| `containerSecurityContext` | [core/v1.SecurityContext](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#securitycontext-v1-core) | no | {} | Holds container-level security attributes | +| `priorityClassName` | string | no | `-` | PriorityClassName assigned to the Pods to prevent them from evicting | +| `labels` | map | no | {} | Labels for query | +| `annotations` | map | no | {} | Annotations for query | + + +**Note:** It's just an example of a parameter's format, not recommended parameters. + +Example of all parameters: + +```yaml +query: + install: true + replicas: 1 + + image: jaegertracing/jaeger-query:1.62.0 + imagePullPolicy: IfNotPresent + imagePullSecrets: + - name: jaeger-pull-secret + + cmdlineParams: + - '--cassandra.max-retry-attempts=10' + extraEnv: + - name: CASSANDRA_TIMEOUT + value: 30s + + # Enable mounting Jaeger UI config + config: true + + # Use in Kubernetes + ingress: + install: true + host: query.cloud.test.org + # Use in OpenShift + route: + install: false + host: query.cloud.test.org + + resources: + requests: + cpu: 100m + memory: 128Mi + limits: + cpu: 200m + memory: 256Mi + securityContext: + runAsUser: 2000 + fsGroup: 2000 + runAsNonRoot: true + seccompProfile: + type: RuntimeDefault + containerSecurityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + priorityClassName: priority-class + annotations: + example.annotation/key: example-annotation-value + labels: + example.label/key: example-label-value +``` + + +[Back to TOC](#table-of-content) + + +## Readiness probe + +`readiness-probe` is a sidecar container in the collector and query services that checks health of volume. + +All parameters in the table below should be specified under the key: + +```yaml +readinessProbe: + ... +``` + + +| Parameter | Type | Mandatory | Default value | Description | +| ----------------- | ------ | --------- | -------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `image` | string | no | - | Docker image to use for a readiness-probe container | +| `imagePullPolicy` | string | no | IfNotPresent | `imagePullPolicy` for a container and the tag of the image affects when the kubelet attempts to pull (download) the specified image | +| `args` | object | yes | [] | Cmd line opts to be configured. More [here](readiness-probe.md) | +| `resources` | object | no | {requests: {cpu: 100m, memory: 128Mi}, limits: {cpu: 200m, memory: 256Mi}} | Describes computing resource requests and limits for single Pods | + + +**Note:** It's just an example of a parameter's format, not recommended parameters. + +Example of all parameters: + +```yaml +readinessProbe: + image: "ghcr.io/netcracker/jaeger-readiness-probe:main" + imagePullPolicy: IfNotPresent + args: + - "-namespace=tracing" + - "-host=cassandra.cassandra.svc" + - "-port=9042" + - "-storage=cassandra" + - "-datacenter=datacenter1" + - "-keyspace=jaeger" + - "-testtable=service_names" + - "-authSecretName=jaeger-cassandra-auth-secret" + - "-tlsEnabled=true" + - "-certsSecretName=jaeger-cassandra-tls-secret" + - "-errors=5" + - "-retries=5" + - "-timeout=5" + - "-shutdownTimeout=5" + - "-servicePort=8080" + resources: + requests: + cpu: 50m + memory: 50Mi + limits: + cpu: 50m + memory: 50Mi +``` + + +[Back to TOC](#table-of-content) + + +## Agent + +**Note:** `jaeger-agent` is **deprecated**. The OpenTelemetry data can be sent directly to the Jaeger backend, +or the OpenTelemetry Collector can be used as an agent. + +`jaeger-agent` is a network daemon that listens for spans sent over UDP, which are batched and sent to the collector. +It is designed to be deployed to all hosts as an infrastructure component. +The agent abstracts the routing and discovery of the collectors away from the client. + +`jaeger-agent` is **not a required** component. For example, when your applications are instrumented with OpenTelemetry, +the SDKs can be configured to forward the trace data directly to the `jaeger-collector`. + +All parameters in the table below should be specified under the key: + +```yaml +agent: + install: true + ... +``` + + +| Parameter | Type | Mandatory | Default value | Description | +| -------------------------- | ----------------------------------------------------------------------------------------------------------------------------- | --------- | ------------------------------------------------------------------------ | ----------------------------------------------------------------------------------------------------------------------------------- | +| `install` | boolean | no | false | Enabling/disabling deploy agent daemon-set | +| `image` | string | no | - | The docker image to use for an agent container | +| `name` | string | no | agent | The name of a microservice to deploy with | +| `imagePullPolicy` | string | no | IfNotPresent | `imagePullPolicy` for a container and the tag of the image affects when the kubelet attempts to pull (download) the specified image | +| `imagePullSecrets` | object | no | [] | Keys to access the private registry | +| `labels` | map | no | {} | Map of string keys and values that can be used to organize and categorize (scope and select) objects | +| `annotations` | map | no | {} | Is an unstructured key-value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata | +| `useHostNetwork` | boolean | no | false | Enabling using the host network | +| `useHostPort` | boolean | no | false | Enabling using a host port | +| `service.zipkinThriftPort` | integer | no | 5775 | Port to accept `zipkin.thrift` over compact thrift protocol | +| `service.compactPort` | integer | no | 6831 | Port to accept `jaeger.thrift` over compact thrift protocol | +| `service.binaryPort` | integer | no | 6832 | Port to accept `jaeger.thrift` over binary thrift protocol | +| `service.samplingPort` | integer | no | 5778 | Port for HTTP serves configs, and sampling strategies | +| `cmdlineParams` | object | no | [] | Agent-related cmd line opts to be configured on the concerned components | +| `extraEnv` | object | no | [] | Agent-related extra env vars to be configured on the concerned components | +| `extraConfigmapMounts` | object | no | [] | Extra configMap mounts for the agent | +| `extraSecretMounts` | object | no | [] | Extra secret mounts for the agent | +| `nodeSelector` | map | no | {} | Defining which Nodes the Pods are scheduled on | +| `tolerations` | [core/v1.Toleration](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#toleration-v1-core) | no | {} | The pods to schedule onto nodes with matching taints | +| `resources` | object | no | {requests: {cpu: 50m, memory: 50Mi}, limits: {cpu: 100m, memory: 100Mi}} | Compute resource requests and limits for single Pods | +| `securityContext` | [core/v1.PodSecurityContext](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#podsecuritycontext-v1-core) | no | {} | Holds pod-level security attributes | +| `containerSecurityContext` | [core/v1.SecurityContext](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#securitycontext-v1-core) | no | {} | Holds container-level security attributes | +| `priorityClassName` | string | no | `-` | PriorityClassName assigned to the Pods to prevent them from evicting. | + + +Examples: + +**Note:** It's just an example of a parameter's format, not recommended parameters. + +```yaml +agent: + install: true + name: agent + + image: jaegertracing/jaeger-agent:1.62.0 + imagePullPolicy: IfNotPresent + imagePullSecrets: + - name: jaeger-pull-secret + + labels: + example.label/key: example-label-value + annotations: + example.annotation/key: example-annotation-value + + useHostNetwork: false + useHostPort: false + + service: + zipkinThriftPort: 5775 + compactPort: 6831 + binaryPort: 6832 + samplingPort: 5778 + + cmdlineParams: + - '--processor.jaeger-compact.server-queue-size=1000' + extraEnv: + - name: LOG_LEVEL + value: info + extraConfigmapMounts: + - name: extra-config-file-name # name of mount in pod + configMap: extra-configmap-name # name of ConfigMap in the Kubernetes + extraSecretMounts: + - name: extra-config-file-name # name of mount in pod + secretMap: extra-secret-name # name of Secret in the Kubernetes + + resources: + requests: + cpu: 100m + memory: 256Mi + limits: + cpu: 500m + memory: 512Mi + securityContext: + runAsUser: 2000 + fsGroup: 2000 + runAsNonRoot: true + seccompProfile: + type: RuntimeDefault + containerSecurityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + + nodeSelector: + node-role.kubernetes.io/worker: worker + tolerations: + - key: key1 + operator: Equal + value: value1 + effect: NoSchedule + priorityClassName: priority-class +``` + + +[Back to TOC](#table-of-content) + + +## Cassandra + +**Note:** Since Jaeger release `1.57.x`, `cassandraSchemaJob.install` parameter has been removed. +`cassandraSchemaJob` will be installed if `jaeger.storage.type` is set to `cassandra`. + +**Warning!** TTL for Jaeger's Cassandra tables **can't be changed** during update! +You must set correct TTL values during first deploy! If you didn't do it, please read the +[Maintenance: Change Cassandra TTL](/docs/public/maintenance.md#change-cassandra-ttl). + +```yaml +cassandraSchemaJob: + name: cassandra-schema-job + ... +``` + + + +| Parameter | Type | Mandatory | Default value | Description | +| -------------------------- | ----------------------------------------------------------------------------------------------------------------------------- | --------- | ----------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `image` | string | no | - | The docker image to use for a `cassandraSchemaJob` container | +| `name` | string | no | cassandra-schema-job | The name of a microservice to deploy with | +| `imagePullPolicy` | string | no | IfNotPresent | `imagePullPolicy` for a container and the tag of the image affects when the `kubelet` attempts to pull (download) the specified image | +| `imagePullSecrets` | object | no | [] | Keys to access the private registry | +| `host` | string | no | - | The host used to connect to Cassandra | +| `port` | string | no | 9042 | The port used to connect to Cassandra | +| `username` | string | no | - | A username for Cassandra with access to HTTP API | +| `password` | string | no | - | A password for Cassandra with access to HTTP API | +| `mode` | string | no | test | The Cassandra mode, and available values - `prod` or `test` | +| `datacenter` | string | no | - | The Cassandra datacenter | +| `keyspace` | string | no | jaeger | The Cassandra keyspace for Jaeger | +| `allowedAuthenticators` | array | no | All values from gocql driver | List of allowed authenticators for gocql driver. Full list of supported authenticators cna be found in the gocql source code [https://github.com/apache/cassandra-gocql-driver/blob/34fdeebefcbf183ed7f916f931aa0586fdaa1b40/conn.go#L27](https://github.com/apache/cassandra-gocql-driver/blob/34fdeebefcbf183ed7f916f931aa0586fdaa1b40/conn.go#L27) | +| `existingSecret` | object | no | - | The name of the existing secret with Cassandra username and password | +| `extraEnv` | object | no | [] | The Cassandra schema job-related extra env vars to be configured on the concerned components | +| `labels` | map | no | {} | Map of string keys and values that can be used to organize and categorize (scope and select) objects | +| `resources` | object | no | {} | Computing resource requests and limits for single Pods | +| `securityContext` | [core/v1.PodSecurityContext](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#podsecuritycontext-v1-core) | no | {} | Holds pod-level security attributes | +| `containerSecurityContext` | [core/v1.SecurityContext](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#securitycontext-v1-core) | no | {} | Holds container-level security attributes | +| `tls.enabled` | boolean | no | false | Enabling or disabling TLS connection to Cassandra | +| `tls.existingSecret` | string | no | - | The name of the existing secret with SSL certificates. If specified, all subsequent parameters in tls section are ignored. | +| `tls.commonName` | string | no | - | The common name - server name protected by the SSL certificate. Ignored if the `existingSecret` is specified. | +| `tls.ca` | string | no | - | CA certificate. It use to provide a list of trusted CA who issued the certificates. The mandatory field when using an SSL connection to Cassandra. Ignored if the `existingSecret`is specified. | +| `tls.key` | string | no | - | The public key of the certificate. The mandatory field when using an SSL connection to Cassandra. Ignored if the `existingSecret` is specified. | +| `tls.cert` | string | no | - | The private part of the certificate. The mandatory field when using an SSL connection to Cassandra. Ignored if the `existingSecret` is specified. | +| `tls.cqlshrc` | string | no | [ssl]
certfile = /cassandra-tls/ca-cert.pem
usercert = /cassandra-tls/client-cert.pem
userkey = /cassandra-tls/client-key.pem | An overriding path to certificates which will use `cqlsh` to connect to Cassandra. Ignored if the `existingSecret` is specified | +| `ttl.trace` | integer | no | - | Time to live for traces (in seconds) data | +| `ttl.dependencies` | integer | no | - | Time to live for dependencies (in seconds)data | +| `priorityClassName` | string | no | `-` | PriorityClassName assigned to the Pods to prevent them from evicting. | +| `labels` | map | no | {} | Labels for cassandra schema job. | +| `annotations` | map | no | {} | Annotations for cassandra schema job. | + + + +Examples: + +**Note:** It's just an example of a parameter's format, not recommended parameters. + +```yaml +cassandraSchemaJob: + name: cassandra-schema-job + + image: jaegertracing/jaeger-cassandra-schema:1.62.0 + imagePullPolicy: IfNotPresent + imagePullSecrets: + - name: jaeger-pull-secret + + labels: + example.label/key: example-label-value + + host: cassandra.cassandra.svc + port: 9043 + username: admin + password: admin + mode: prod + keyspace: jaeger + datacenter: dc1 + + allowedAuthenticators: + - org.apache.cassandra.auth.PasswordAuthenticator + - com.instaclustr.cassandra.auth.SharedSecretAuthenticator + - com.datastax.bdp.cassandra.auth.DseAuthenticator + + tls: + enabled: true + commonName: cassandra-server + + # Mutually exclusive with "ca", "cert", "key" parameters + existingSecret: cassandra-certificate-secret + + # Mutually exclusive with "existingSecret" parameter + ca: |- + -----BEGIN CERTIFICATE----- + + -----END CERTIFICATE----- + cert: |- + -----BEGIN CERTIFICATE----- + + -----END CERTIFICATE----- + key: |- + -----EGIN RSA PRIVATE KEY----- + + -----END RSA PRIVATE KEY----- + cqlshrc: |- + [ssl] + certfile = /cassandra-tls/ca-cert.pem + usercert = /cassandra-tls/client-cert.pem + userkey = /cassandra-tls/client-key.pem + + ttl: + trace: 172800 # in seconds + dependencies: 0 # in seconds + + existingSecret: + extraEnv: + - name: CASSANDRA_TIMEOUT + value: 30s + + resources: + requests: + cpu: 100m + memory: 128Mi + limits: + cpu: 100m + memory: 128Mi + securityContext: + runAsUser: 2000 + fsGroup: 2000 + runAsNonRoot: true + seccompProfile: + type: RuntimeDefault + containerSecurityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + priorityClassName: priority-class + annotations: + example.annotation/key: example-annotation-value + labels: + example.label/key: example-label-value +``` + + +[Back to TOC](#table-of-content) + + +## ElasticSearch + +All parameters in the table below should be specified under the key: + +```yaml +elasticsearch: + ... +``` + + +| Parameter | Type | Mandatory | Default value | Description | +| ------------------------------- | ------- | --------- | ------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `existingSecret` | string | no | - | Name of the existing secret with ElasticSearch username and password | +| `indexPrefix` | string | no | - | Index prefix for ElasticSearch | +| `extraEnv` | object | no | [] | Elasticsearch-related extra env vars to be configured on the concerned components | +| `client.url` | string | no | - | The URL with the port used to connect to Elasticsearch | +| `client.username` | string | no | - | Username for Elasticsearch with access to HTTP API | +| `client.password` | string | no | - | Password for Elasticsearch with access to HTTP API | +| `client.scheme` | string | no | http | The scheme for Elasticsearch with access to HTTP API | +| `client.tls.enabled` | false | no | - | Enabling or disabling TLS connection to OpenSearch/ElasticSearch. | +| `client.tls.existingSecret` | string | no | - | The name of the existing secret with SSL certificates. If specified, all subsequent parameters in tls section are ignored. | +| `client.tls.commonName` | string | on | - | The common name - server name protected by the SSL certificate. Ignored if the `existingSecret` is specified. | +| `client.tls.ca` | string | no | - | CA certificate. It use to provide a list of trusted CA who issued the certificates. The mandatory field when using an SSL connection to Cassandra. Ignored if the `existingSecret`is specified. | +| `client.ts.cert` | string | no | - | The private part of the certificate. The mandatory field when using an SSL connection to Cassandra. Ignored if the `existingSecret` is specified. | +| `client.tls.key` | string | no | - | Specifying the public key of the certificate. The mandatory field when using an SSL connection to Cassandra. Ignored if the `existingSecret` is specified. | +| `client.tls.insecureSkipVerify` | boolean | no | - | Disabling certificate validation check for OpenSearch/ElasticSearch TLS connection | + + +Examples: + +**Note:** It's just an example of a parameter's format, not recommended parameters. + +```yaml +elasticsearch: + existingSecret: + indexPrefix: custom- # result name of indexes will be custom-jaeger-spans, custom-jaeger-..... + extraEnv: + - name: ES_TIMEOUT + value: 30s + + client: + url: opensearch.opensearch.svc + username: + password: + scheme: https + + # only in case when schema https + tls: + enabled: true + commonName: opensearch-service + + # Mutually exclusive with "ca", "cert", "key" parameters + existingSecret: es-certificates-secret + + # Mutually exclusive with "existingSecret" parameter + ca: |- + -----BEGIN CERTIFICATE----- + + -----END CERTIFICATE----- + cert: |- + -----BEGIN CERTIFICATE----- + + -----END CERTIFICATE----- + key: |- + -----BEGIN PRIVATE KEY----- + + -----END PRIVATE KEY----- + + # Insecure and strongly doesn't recommended for production + insecureSkipVerify: true +``` + + +[Back to TOC](#table-of-content) + + +### Index Cleaner + +All parameters in the table below should be specified under the key: + +```yaml +elasticsearch: + indexCleaner: + ... +``` + + +| Parameter | Type | Mandatory | Default value | Description | +| ---------------------------- | ----------------------------------------------------------------------------------------------------------------------------- | --------- | -------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------- | +| `install` | boolean | no | false | Enabling or disabling creating indexCleaner CronJob | +| `image` | string | no | - | The docker image to use for an `indexCleaner` container | +| `name` | string | no | index-cleaner | The name of a microservice to deploy with | +| `imagePullPolicy` | string | no | IfNotPresent | The `imagePullPolicy` for a container and the tag of the image affects when the kubelet attempts to pull (download) the specified image | +| `imagePullSecrets` | object | no | [] | Keys to access the private registry | +| `concurrencyPolicy` | string | no | Forbid | Specifies how to treat concurrent executions of a job that is created by this cron job | +| `labels` | map | no | {} | Map of string keys and values that can be used to organize and categorize (scope and select) objects | +| `annotations` | map | no | {} | An unstructured key-value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata | +| `schedule` | string | no | `55 23 * * *` | The scheduled time of its jobs to be created and executed | +| `successfulJobsHistoryLimit` | integer | no | 1 | How many completed jobs should be kept | +| `failedJobsHistoryLimit` | integer | no | 1 | How many failed jobs should be kept | +| `ttlSecondsAfterFinished` | integer | no | 0 | How many seconds after finished job's pod will be available | +| `numberOfDays` | integer | no | 7 | The number of days that the job will be executed | +| `extraEnv` | object | no | [] | An `indexCleaner` related extra env vars to be configured on the concerned components | +| `extraConfigmapMounts` | object | no | [] | Extra configMap mounts for indexCleaner | +| `extraSecretMounts` | object | no | [] | Extra secret mounts for indexCleaner | +| `nodeSelector` | map | no | {} | Defining which Nodes the Pods are scheduled on | +| `tolerations` | [core/v1.Toleration](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#toleration-v1-core) | no | {} | The pods to schedule onto nodes with matching taints | +| `resources` | object | no | {requests: {cpu: 100m, memory: 128Mi}, limits: {cpu: 100m, memory: 128Mi}} | Computing resource requests and limits for single Pods | +| `securityContext` | [core/v1.PodSecurityContext](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#podsecuritycontext-v1-core) | no | {} | Holds pod-level security attributes | +| `containerSecurityContext` | [core/v1.SecurityContext](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#securitycontext-v1-core) | no | {} | Holds container-level security attributes | +| `priorityClassName` | string | no | `-` | PriorityClassName assigned to the Pods to prevent them from evicting. | + + +Examples: + +**Note:** It's just an example of a parameter's format, not recommended parameters. + +```yaml +elasticsearch: + indexCleaner: + install: true + name: index-cleaner + + image: jaegertracing/jaeger-es-index-cleaner:1.62.0 + imagePullPolicy: IfNotPresent + imagePullSecrets: + - name: jaeger-pull-secret + + labels: + example.label/key: example-label-value + annotations: + example.annotation/key: example-annotation-value + + numberOfDays: 7 + + schedule: 55 23 * * * + concurrencyPolicy: Forbid + successfulJobsHistoryLimit: 1 + failedJobsHistoryLimit: 1 + ttlSecondsAfterFinished: 0 + + extraEnv: + - name: ES_TIMEOUT + value: 30s + extraConfigmapMounts: + - name: extra-config-file-name # name of mount in pod + configMap: extra-configmap-name # name of ConfigMap in the Kubernetes + extraSecretMounts: + - name: extra-config-file-name # name of mount in pod + secretMap: extra-secret-name # name of Secret in the Kubernetes + + resources: + requests: + cpu: 100m + memory: 128Mi + limits: + cpu: 100m + memory: 128Mi + securityContext: + runAsUser: 2000 + fsGroup: 2000 + runAsNonRoot: true + seccompProfile: + type: RuntimeDefault + containerSecurityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + + nodeSelector: + node-role.kubernetes.io/worker: worker + tolerations: + - key: key1 + operator: Equal + value: value1 + effect: NoSchedule + priorityClassName: priority-class +``` + + +[Back to TOC](#table-of-content) + + +### Rollover + +Elasticsearch Rollover is an index management strategy that optimizes use of resources allocated to indices. +For example, indices that do not contain any data still allocate shards, and conversely, a single index might contain +significantly more data than the others. +Jaeger by default stores data in daily indices which might not optimally utilize resources. + +One additional part of Elasticsearch Rollover is [Lookback job](#lookback). + +More details about Elasticsearch Rollover can be found by the link +[https://www.jaegertracing.io/docs/latest/deployment/#elasticsearch-rollover](https://www.jaegertracing.io/docs/latest/deployment/#elasticsearch-rollover) + +**Warning!** Do not use Rollover (rollover and lookback) and IndexCleaner together. Need to use only one cleanup strategy! + +All parameters in the table below should be specified under the key: + +```yaml +elasticsearch: + rollover: + install: true + ... +``` + + +| Parameter | Type | Mandatory | Default value | Description | +| ---------------------------------- | ----------------------------------------------------------------------------------------------------------------------------- | --------- | ------------- | --------------------------------------------------------------------------------------------------------------------------------------- | +| `install` | boolean | no | false | Enabling or disabling creating rollover CronJob | +| `image` | string | no | - | Docker image to use for a rollover container | +| `name` | string | no | rollover | The name of a microservice to deploy with | +| `imagePullPolicy` | string | no | IfNotPresent | `imagePullPolicy` for a container and the tag of the image affects when the kubelet attempts to pull (download) the specified image | +| `imagePullSecrets` | list[map] | no | - | List of secret names to access the private registry | +| `concurrencyPolicy` | string | no | Forbid | How to treat concurrent executions of a job that is created by this cron job | +| `labels` | map[string]string | no | {} | Map of string keys and values that can be used to organize and categorize (scope and select) objects | +| `annotations` | map[string]string | no | {} | Map are an unstructured key-value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata | +| `schedule` | string | no | `10 0 * *` | Scheduled time of its jobs to be created and executed (in the [cron](https://en.wikipedia.org/wiki/Cron) format) | +| `successfulJobsHistoryLimit` | integer | no | 1 | How many completed jobs should be kept | +| `failedJobsHistoryLimit` | integer | no | 1 | How many failed jobs should be kept | +| `ttlSecondsAfterFinished` | integer | no | 0 | How many seconds after finished job's pod will be available | +| `nodeSelector` | map | no | {} | Defining which Nodes the Pods are scheduled on | +| `tolerations` | [core/v1.Toleration](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#toleration-v1-core) | no | {} | Allows the pods to schedule onto nodes with matching taints | +| `extraEnv` | object | no | [] | Rollover-related extra env vars to be configured on the concerned components | +| `extraConfigmapMounts` | object | no | [] | Extra configMap mounts for rollover | +| `extraSecretMounts` | object | no | [] | Extra secret mounts for rollover | +| `resources` | object | no | {} | Describes computing resource requests and limits for single Pods | +| `securityContext` | [core/v1.PodSecurityContext](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#podsecuritycontext-v1-core) | no | {} | Describes pod-level security attributes | +| `containerSecurityContext` | [core/v1.SecurityContext](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#securitycontext-v1-core) | no | {} | Holds container-level security attributes | +| `initHook.name` | string | no | rollover-init | The name of a microservice to deploy with | +| `initHook.ttlSecondsAfterFinished` | integer | no | 120 | TTL in seconds after the finished initial job | +| `initHook.extraEnv` | object | no | [] | Rollover-init related extra env vars to be configured on the concerned components | +| `priorityClassName` | string | no | `-` | PriorityClassName assigned to the Pods to prevent them from evicting. | + + +Examples: + +**Note:** It's just an example of a parameter's format, not recommended parameters. + +```yaml +elasticsearch: + rollover: + install: true + name: rollover + image: jaegertracing/jaeger-es-rollover:1.62.0 + + init: + name: rollover-init + ttlSecondsAfterFinished: 120 + extraEnv: + - name: ES_TIMEOUT + value: 30s + + labels: + example.label/key: example-label-value + annotations: + example.annotation/key: example-annotation-value + + imagePullPolicy: IfNotPresent + imagePullSecrets: + - name: jaeger-pull-secret + + schedule: 10 0 * * + concurrencyPolicy: Forbid + successfulJobsHistoryLimit: 1 + failedJobsHistoryLimit: 1 + + extraEnv: + - name: ES_TIMEOUT + value: 30s + extraConfigmapMounts: + - name: extra-config-file-name # name of mount in pod + configMap: extra-configmap-name # name of ConfigMap in the Kubernetes + extraSecretMounts: + - name: extra-config-file-name # name of mount in pod + secretMap: extra-secret-name # name of Secret in the Kubernetes + + resources: + requests: + cpu: 100m + memory: 256Mi + limits: + cpu: 500m + memory: 512Mi + securityContext: + runAsUser: 2000 + fsGroup: 2000 + runAsNonRoot: true + seccompProfile: + type: RuntimeDefault + containerSecurityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + + nodeSelector: + node-role.kubernetes.io/worker: worker + tolerations: + - key: key1 + operator: Equal + value: value1 + effect: NoSchedule + priorityClassName: priority-class +``` + + +[Back to TOC](#table-of-content) + + +### Lookback + +It's a part of [ElasticSearch Rollover](#rollover) to remove old indices from read aliases. +It means that old data will not be available for search. +This imitates the behavior of `--es.max-span-age` flag used in the default index-per-day deployment. +This step could be optional and old indices could be simply removed by index cleaner in the next step. + +**Warning!** Do not use Rollover (rollover and lookback) and IndexCleaner together. Need to use only one cleanup strategy! + +All parameters in the table below should be specified under the key: + +```yaml +elasticsearch: + lookback: + install: true + ... +``` + + +| Parameter | Type | Mandatory | Default value | Description | +| ---------------------------- | ----------------------------------------------------------------------------------------------------------------------------- | --------- | -------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------- | +| `install` | boolean | no | false | Enabling or disabling creating lookback CronJob | +| `name` | string | no | lookback | The name of a microservice to deploy with | +| `imagePullPolicy` | string | no | IfNotPresent | The `imagePullPolicy` for a container and the tag of the image affects when the kubelet attempts to pull (download) the specified image | +| `imagePullSecrets` | object | no | - | Keys to access the private registry | +| `concurrencyPolicy` | object | no | Forbid | Specifies how to treat concurrent executions of a job that is created by this cron job | +| `labels` | map | no | {} | Map of string keys and values that can be used to organize and categorize (scope and select) objects | +| `annotations` | map | no | {} | An unstructured key-value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata | +| `schedule` | string | no | `5 0 * * *` | The scheduled time of its jobs to be created and executed | +| `successfulJobsHistoryLimit` | integer | no | 1 | How many completed jobs should be kept | +| `failedJobsHistoryLimit` | integer | no | 1 | How many failed jobs should be kept | +| `ttlSecondsAfterFinished` | integer | no | 0 | How many seconds after finished job's pod will be available | +| `nodeSelector` | map | no | {} | Defining which Nodes the Pods are scheduled on | +| `tolerations` | [core/v1.Toleration](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#toleration-v1-core) | no | {} | The pods to schedule onto nodes with matching taints | +| `extraEnv` | object | no | [] | Extra env vars to be configured on the concerned components | +| `extraConfigmapMounts` | object | no | [] | Extra configMap mounts for lookback | +| `extraSecretMounts` | object | no | {} | Extra secret mounts for lookback | +| `resources` | object | no | {requests: {cpu: 100m, memory: 128Mi}, limits: {cpu: 100m, memory: 128Mi}} | Computing resource requests and limits for single Pods | +| `securityContext` | [core/v1.PodSecurityContext](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#podsecuritycontext-v1-core) | no | {} | Holds pod-level security attributes | +| `containerSecurityContext` | [core/v1.SecurityContext](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#securitycontext-v1-core) | no | {} | Holds container-level security attributes | +| `priorityClassName` | string | no | `-` | PriorityClassName assigned to the Pods to prevent them from evicting. | + + +Examples: + +**Note:** It's just an example of a parameter's format, not recommended parameters. + +```yaml +elasticsearch: + lookback: + install: true + name: lookback + + image: jaegertracing/jaeger-es-rollover:1.62.0 + imagePullPolicy: IfNotPresent + imagePullSecrets: + - name: jaeger-pull-secret + + labels: + example.label/key: example-label-value + annotations: + example.annotation/key: example-annotation-value + + schedule: 5 0 * * * + concurrencyPolicy: Forbid + successfulJobsHistoryLimit: 1 + failedJobsHistoryLimit: 1 + ttlSecondsAfterFinished: 0 + + extraEnv: + - name: ES_TIMEOUT + value: 30s + extraConfigmapMounts: + - name: extra-config-file-name # name of mount in pod + configMap: extra-configmap-name # name of ConfigMap in the Kubernetes + extraSecretMounts: + - name: extra-config-file-name # name of mount in pod + secretMap: extra-secret-name # name of Secret in the Kubernetes + + resources: + requests: + cpu: 100m + memory: 128Mi + limits: + cpu: 100m + memory: 128Mi + securityContext: + runAsUser: 2000 + fsGroup: 2000 + runAsNonRoot: true + seccompProfile: + type: RuntimeDefault + containerSecurityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + + nodeSelector: + node-role.kubernetes.io/worker: worker + tolerations: + - key: key1 + operator: Equal + value: value1 + effect: NoSchedule + priorityClassName: priority-class +``` + + +[Back to TOC](#table-of-content) + + +## Proxy + +All parameters in the table below should be specified under the key: + +```yaml +proxy: + install: true + ... +``` + + +| Parameter | Type | Mandatory | Default value | Description | +| ------------------------------ | ----------------------------------------------------------------------------------------------------------------------------- | --------- | ------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------- | +| `install` | boolean | no | false | Allows enabling/disabling creating the proxy container | +| `image` | string | no | - | Docker image to use for the proxy container | +| `type` | string | no | basic | Authentication type to be used. Available values - `basic` and `oauth2` | +| `basic.users` | map | no | [] | List of `login:password` in base64 | +| `oauth2.tokenEndpoint` | string | no | - | Endpoint on the authorization server to retrieve the access token. Must contain scheme (`http` or `https`) | +| `oauth2.authorizationEndpoint` | string | no | - | Endpoint redirect for authorization in response to unauthorized requests. Must contain scheme (`http` or `https`) | +| `oauth2.clientId` | string | no | - | The `client_id` to be used in the authorized calls | +| `oauth2.clientToken` | string | no | - | The `client_secret` used to retrieve the access token | +| `oauth2.idpAddress` | string | no | - | The address for this socket | +| `oauth2.idpPort` | string | no | 80 | The listeners will bind to the port | +| `resources` | object | no | {requests: {cpu: 50m, memory: 100Mi}, limits: {cpu: 100m, memory: 200Mi}} | Describes computing resource requests and limits for single Pods | +| `securityContext` | [core/v1.PodSecurityContext](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#podsecuritycontext-v1-core) | no | {} | Describes pod-level security attributes | +| `containerSecurityContext` | [core/v1.SecurityContext](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#securitycontext-v1-core) | no | {} | Holds container-level security attributes | + + +Examples: + +**Note:** It's just an example of a parameter's format, not recommended parameters. + +```yaml +proxy: + install: true + image: envoyproxy/envoy:v1.25.8 + type: oauth2 + + basic: + - YWRtaW46YWRtaW4= # admin:admin encoded in base64 + - dGVzdDp0ZXN0 # test:test encoded in base64 + + oauth2: + tokenEndpoint: https://example-url.com/token + authorizationEndpoint: https://example-url.com/auth + clientId: envoy + clientToken: envoy + idpAddress: example-url.com + idpPort: 80 + + resources: + requests: + cpu: 50m + memory: 100Mi + limits: + cpu: 100m + memory: 200Mi + securityContext: + runAsUser: 2000 + fsGroup: 2000 + runAsNonRoot: true + seccompProfile: + type: RuntimeDefault + containerSecurityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL +``` + + +[Back to TOC](#table-of-content) + + +## Hotrod + +`jaeger-hotrod` is a test service that allows to generate of some traces to verify Jaeger's work. + +All parameters in the table below should be specified under the key: + +```yaml +hotrod: + install: true + ... +``` + + +| Parameter | Type | Mandatory | Default value | Description | +| -------------------------- | ----------------------------------------------------------------------------------------------------------------------------- | --------- | -------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------- | +| `install` | boolean | no | false | Enabling or disabling creating hotrod deployment | +| `image` | string | no | - | The docker image to use for a hotrod container | +| `name` | string | no | hotrod | The name of a microservice to deploy with | +| `imagePullPolicy` | string | no | IfNotPresent | The `imagePullPolicy` for a container and the tag of the image affects when the kubelet attempts to pull (download) the specified image | +| `imagePullSecrets` | object | no | [] | Keys to access the private registry | +| `labels` | map | no | {} | Map of string keys and values that can be used to organize and categorize (scope and select) objects | +| `annotations` | map | no | {} | An unstructured key-value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata | +| `otelExporter.host` | integer | no | - | The host used to connect to Open Telemetry Exporter | +| `otelExporter.port` | integer | no | 14268 | The port used to connect to Open Telemetry Exporter | +| `agent.host` | integer | no | - | The host used to connect to the Jaeger agent. **DEPRECATED** since `1.42.x`, use parameters from the section `hotrtod.otelExporter` | +| `agent.port` | integer | no | 6831 | The port used to connect to the Jaeger agent. **DEPRECATED** since `1.42.x`, use parameters from the section `hotrtod.otelExporter` | +| `nodeSelector` | map | no | {} | Defining which Nodes the Pods are scheduled on | +| `tolerations` | [core/v1.Toleration](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#toleration-v1-core) | no | {} | The pods to schedule onto nodes with matching taints | +| `ingress.install` | boolean | no | false | Enabling or disabling creating a `hotrod` ingress | +| `ingress.host` | string | no | - | The FQDN of the ingress host | +| `ingress.tls` | object | no | {} | TLS configuration for hotrod ingress | +| `route.install` | boolean | no | false | Enabling or disabling creating a `hotrod` route | +| `route.host` | string | no | 0 | The FQDN of the route host | +| `service.port` | integer | no | 80 | The port for hotrod service | +| `resources` | object | no | {requests: {cpu: 100m, memory: 128Mi}, limits: {cpu: 100m, memory: 128Mi}} | Computing resource requests and limits for single Pods | +| `securityContext` | [core/v1.PodSecurityContext](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#podsecuritycontext-v1-core) | no | {} | Holds pod-level security attributes | +| `containerSecurityContext` | [core/v1.SecurityContext](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#securitycontext-v1-core) | no | {} | Holds container-level security attributes | +| `priorityClassName` | string | no | `-` | PriorityClassName assigned to the Pods to prevent them from evicting. | + + +Examples: + +**Note:** It's just an example of a parameter's format, not recommended parameters. + +```yaml +hotrod: + install: true + name: hotrod + + image: jaegertracing/example-hotrod:1.62.0 + imagePullPolicy: IfNotPresent + imagePullSecrets: + - name: jaeger-pull-secret + + annotations: + example.annotation/key: example-annotation-value + labels: + example.label/key: example-label-value + + otelExporter: + host: jaeger-collector + port: 14268 + + agent: + host: jaeger-agent + port: 6831 + + # Use in Kubernetes + ingress: + install: true + host: hotrod.cloud.test.org + # Use in OpenShift + route: + install: false + host: hotrod.cloud.test.org + + resources: + limits: + cpu: 100m + memory: 128Mi + requests: + cpu: 100m + memory: 128Mi + securityContext: + runAsUser: 2000 + fsGroup: 2000 + runAsNonRoot: true + seccompProfile: + type: RuntimeDefault + containerSecurityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + + nodeSelector: + node-role.kubernetes.io/worker: worker + tolerations: + - key: key1 + operator: Equal + value: value1 + effect: NoSchedule + priorityClassName: priority-class +``` + + +[Back to TOC](#table-of-content) + + +## Integration Tests + +`jaeger-integration-tests` is a service that is used to run integration tests. + +All parameters in the table below should be specified under the key: + +```yaml +integrationTests: + install: true + ... +``` + + +| Parameter | Type | Mandatory | Default value | Description | +| ------------------------------------ | ----------------------------------------------------------------------------------------------------------------------------- | --------- | ------------------------------------------------------------------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `install` | boolean | no | false | Enabling or disabling creating integration tests deployment | +| `image` | string | no | - | The docker image to use for integration tests container | +| `tags` | string | no | smoke | Tags combined together with AND, OR and NOT operators that select test cases to run. You can use the "smoke", "generator" and "ha" tags to run the appropriate tests. Or a combination of both, for example smokeORha to run both smoke and ha tests with | +| `linkForGenerator` | string | no | `http://jaeger-collector:9411` | Link to host which can get spans in Zipkin format registry | +| `generateCount` | integer | no | 10 | The number of spans which will be sent, 10 by default | +| `waitingTime` | string | no | 500ms | The waiting time between sending, by default 500ms. | +| `service.name` | string | no | jaeger-integration-tests-runner | The name of the service used to run integration tests. | +| `serviceAccount.create` | boolean | no | true | Specifies whether service account should be created or not. | +| `serviceAccount.name` | string | no | jaeger-integration-tests | The name of the service account used to run integration tests. | +| `resources` | object | no | {requests: {cpu: 50m, memory: 64Mi}, limits: {cpu: 300m, memory: 256Mi}} | Computing resource requests and limits for single Pods | +| `statusWriting.enabled` | boolean | no | false | Parameter to specify whether the status of integration tests results must be written to a custom resource | +| `statusWriting.isShortStatusMessage` | boolean | no | true | If it is set to `true`, the `message` field in the status condition by default contains first line from `result.txt` file. | +| `statusWriting.onlyIntegrationTests` | boolean | no | true | By default, if all tests are passed BDI set `Ready` value to `type` condition field. There is an ability to deploy only integration tests without any component (component was installed before). In this case you should set ONLY_INTEGRATION_TESTS environment variable as true and BDI will set `Successful` as value of `type` condition field. | +| `statusWriting.customResourcePath` | string | no | apps/v1/jaeger/deployments/jaeger-integration-tests-runner | Path of Custom Resource where the status of integration tests must be updated | +| `securityContext` | [core/v1.PodSecurityContext](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#podsecuritycontext-v1-core) | no | {} | Describes pod-level security attributes | +| `containerSecurityContext` | [core/v1.SecurityContext](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#securitycontext-v1-core) | no | {} | Holds container-level security attributes | +| `priorityClassName` | string | no | `-` | PriorityClassName assigned to the Pods to prevent them from evicting. | + + +Examples: + +**Note:** It's just an example of a parameter's format, not a recommended parameters. + +```yaml +integrationTests: + install: true + image: "ghcr.io/netcracker/jaeger-integration-tests:main" + tags: "smokeORha" + linkForGenerator: "https://jaeger-collector-host" + generateCount: 10 + waitingTime: 500ms + resources: + requests: + memory: 256Mi + cpu: 50m + limits: + memory: 256Mi + cpu: 400m + statusWriting: + enabled: false + isShortStatusMessage: true + onlyIntegrationTests: true + customResourcePath: "apps/v1/jaeger/deployments/jaeger-integration-tests-runner" + service: + name: jaeger-integration-tests-runner + serviceAccount: + create: true + name: "jaeger-integration-tests" + securityContext: + runAsUser: 2000 + fsGroup: 2000 + runAsNonRoot: true + seccompProfile: + type: RuntimeDefault + containerSecurityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + priorityClassName: priority-class +``` + + +[Back to TOC](#table-of-content) + + +## Status Provisioner + +`statusProvisioner` is a service that is used to write integration tests results into a job. + +All parameters in the table below should be specified under the key: + +```yaml +statusProvisioner: + install: true + ... +``` + + +| Parameter | Type | Mandatory | Default value | Description | +| -------------------------- | ----------------------------------------------------------------------------------------------------------------------------- | --------- | ------------------------------------------------------------------------ | ---------------------------------------------------------------------------------------------------------------------------- | +| `install` | boolean | no | true | Status provisioner is always expected to be enabled | +| `image` | string | no | - | The docker image to use for deployment status provisioner container | +| `lifetimeAfterCompletion` | integer | no | 300 | Time until which the staus provisioner job remains active | +| `podReadinessTimeout` | integer | no | 300 | Timeout in seconds that the Deployment Status Provisioner waits for each of the monitored resources to be ready or completed | +| `integrationTestsTimeout` | integer | no | 300 | Timeout in seconds that the Deployment Status Provisioner waits for successful or failed status condition | +| `resources` | object | no | {requests: {cpu: 50m, memory: 50Mi}, limits: {cpu: 100m, memory: 100Mi}} | Computing resource requests and limits for single Pods | +| `securityContext` | [core/v1.PodSecurityContext](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#podsecuritycontext-v1-core) | no | {} | Describes pod-level security attributes | +| `containerSecurityContext` | [core/v1.SecurityContext](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#securitycontext-v1-core) | no | {} | Holds container-level security attributes | +| `priorityClassName` | string | no | `-` | PriorityClassName assigned to the Pods to prevent them from evicting. | + + +Examples: + +**Note:** It's just an example of a parameter's format, not a recommended parameters. + +```yaml +statusProvisioner: + install: true + image: ghcr.io/netcracker/deployment-status-provisioner:main + lifetimeAfterCompletion: 300 + podReadinessTimeout: 300 + integrationTestsTimeout: 300 + resources: + requests: + memory: "50Mi" + cpu: "50m" + limits: + memory: "100Mi" + cpu: "100m" + securityContext: + runAsUser: 2000 + fsGroup: 2000 + runAsNonRoot: true + seccompProfile: + type: RuntimeDefault + containerSecurityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + priorityClassName: priority-class +``` + + +[Back to TOC](#table-of-content) + + +# Installation + +This section describes how to install Jaeger to the Kubernetes. + +## Before you begin + +* Make sure that selecting Jaeger storage is alive and operable +* Make sure that you configure expected retention data settings + +### Helm + +For manual installation, you have to specify images manually in `values.yaml` file. + +For example, you can use the following parameters: + +```yaml +collector: + image: jaegertracing/jaeger-collector:1.62.0 +query: + image: jaegertracing/jaeger-query:1.62.0 +proxy: + image: envoyproxy/envoy:v1.25.8 +agent: + image: jaegertracing/jaeger-agent:1.62.0 +cassandraSchemaJob: + image: jaegertracing/jaeger-cassandra-schema:1.62.0 +hotrod: + image: jaegertracing/example-hotrod:1.62.0 +elasticsearch: + indexCleaner: + image: jaegertracing/jaeger-es-index-cleaner:1.62.0 + rollover: + image: jaegertracing/jaeger-es-rollover:1.62.0 +``` + + +[Back to TOC](#table-of-content) + + +## On-prem + +This section contains examples of deployment parameters to deploy on-premise Clouds. + +### HA scheme + +The minimal template for the HA scheme is as follows: + +```yaml +jaeger: + storage: + type: cassandra + +cassandraSchemaJob: + host: cassandra.cassandra.svc + keyspace: jaeger + password: admin + username: admin + datacenter: dc1 + mode: prod + +query: + install: true + replicas: 2 + +collector: + install: true + replicas: 2 +``` + +More information about how to deploy Jaeger in High Availability can be found in the user guide +[High Availability](user-guides/high-availability.md). + + +[Back to TOC](#table-of-content) + + +### Non-HA scheme + +The minimal template for the Non-HA scheme is as follows: + +```yaml +jaeger: + storage: + type: cassandra + +cassandraSchemaJob: + host: cassandra.cassandra.svc + keyspace: jaeger + password: admin + username: admin + datacenter: dc1 + + # This parameter is responsible for with either with SimpleStrategy (without replication) + # or with NetworkReplicationStrategy (with replication). NetworkReplicationStrategy can be used only + # if Cassandra cluster has 2 or more nodes. + # * prod - will use NetworkReplicationStrategy (replication factor = 2) + # * test - will use SimpleStrategy + mode: prod + +query: + install: true + +collector: + install: true +``` + + +[Back to TOC](#table-of-content) + + + +[Back to TOC](#table-of-content) + + +# Post Deploy Checks + +There are some options to check after deploy that Jaeger deployed and working correctly. + + +[Back to TOC](#table-of-content) + + +## Smoke test + +This section contains some steps that can help to check Jaeger's deploy and verify that it has minimal functionality. + +Firstly, check deploy and pod statuses of storage used for Jaeger. For example, you can check at least that +all pods are running and didn't restart. + +```bash +kubectl get pods -n +``` + +**Note:** In case, when storage will use any managed service like AWS OpenSearch, you need to check that +this service is activated in your account and is working now. + +Second, you can check that all components are up using the following command: + +```bash +kubectl get pods -n +``` + +For example, a typical Jaeger deployment contains the following pods: + +```bash +$ kubectl get pods -n tracing +NAME READY STATUS RESTARTS AGE +jaeger-collector-f8c869f8b-jr7tn 1/1 Running 0 4m24s +jaeger-query-7c84bb9c96-cmlh2 1/1 Running 0 4m24s +``` + +Jaeger deployment also can contain some additional pods like `jaeger-agent` or `jaeger-hotrod`, +but they are optional. + +Also, you can see `jaeger-cassandra-schema-job` if execute `kubectl get pods ...` quickly after run deploy. +This job is created by Helm pre-hook and should be removed after successful completion. + +Or you can use the Kubernetes Dashboard to see pods and their statuses in the UI. + +Thirdly, if you want to use `qubership-diagnostic-agent` to send traces from microservices to Jaeger you need to check +that it was deployed in the namespace with an application. + +You can use the command: + +```bash +kubectl get pods -n --selector=app.kubernetes.io/name=qubership-diagnostic-agent +``` + +**Note:** Please pay attention that `qubership-diagnostic-agent` deployment and pod should be not in the namespace +with Jaeger. It should deploy in the namespace with an application. + +If it is presented, you need to check that in environment variables it contains the variable: + +```yaml +- name: JAEGER_COLLECTOR_HOST + value: +``` + +For example: + +```yaml +- name: JAEGER_COLLECTOR_HOST + value: jaeger-collector.jaeger.svc +``` + +To print a list of environment variables you can use the command: + +```bash +kubectl get pods -n --selector=app.kubernetes.io/name=qubership-diagnostic-agent -o yaml +``` + +Or you can use the Kubernetes Dashboard to check `qubership-diagnostic-agent` and its settings. + +Fourth, you can check that Jaeger has collected the traces using the following command: + +```bash +wget -O - http://:16686/api/traces/ +``` + +or + +```bash +curl -X GET http://:16686/api/traces/ +``` + +Or you can use Jaeger UI to check the list of services and traces. +If you don't know any `` you can just try to check that th UI is working now: + +```bash +wget -O - http://:16686 +``` + +or + +```bash +curl -X GET http://:16686 +``` + +Or you can use Jaeger UI to check that it works without any errors. + +If you have deployed a CloudCore-base application, you can try to find any traces of the `gateway` service. +To find it in UI you need: + +* Go to Jaeger UI +* Select `gateway` in the dropdown list of the "Service" parameter +* Click "Find Traces" +* Check that traces collected and available + + +[Back to TOC](#table-of-content) + + +# Frequently Asked Questions + +## Jaeger Sampling Configuration + +Jaeger collector sampling configuration can be configured in the `jaeger.serviceName-sampling-configuration` config map. +For more information, refer to _Collector Sampling Configuration Documentation_ at +[https://www.jaegertracing.io/docs/latest/sampling/#collector-sampling-configuration](https://www.jaegertracing.io/docs/latest/sampling/#collector-sampling-configuration). +You need to manually restart collector pods after updating the config map. Updating Jaeger recreates the config map, +so you have to edit it again. + +**Note**: The application uses collector sampling configuration only if it is configured to use a remote sampler. +In other cases, the configuration is done on the application side. + + +[Back to TOC](#table-of-content) + diff --git a/docs/maintenance.md b/docs/maintenance.md new file mode 100644 index 0000000..d2ddd66 --- /dev/null +++ b/docs/maintenance.md @@ -0,0 +1,132 @@ +This section provides information about Jaeger maintenance issues. + +# Table of Content + +* [Table of Content](#table-of-content) +* [Change Cassandra User/Password](#change-cassandra-userpassword) +* [Scaling Jaeger](#scaling-jaeger) +* [Change Cassandra TTL](#change-cassandra-ttl) +* [Cassandra is reinstalled](#cassandra-is-reinstalled) + +# Change Cassandra User/Password + +To change the Cassandra user/password, you can run the upgrade job with new parameters, for example: + +```yaml +jaeger: + serviceName: jaeger + storage: + type: "cassandra" +cassandraSchemaJob: + password: newpassword + username: newuser +``` + +Alternatively, you can change the `jaeger-cassandra` secret manually. All the values in the secret +must be encoded with base64. + +If you used the existing secret and the `cassandraSchemaJob.existingSecret` parameter when installing the jaeger, then +to change the Cassandra user/password you have to manually edit values in this secret. + +Restart all Jaeger pods manually to apply the new Cassandra credentials. + + +[Back to TOC](#table-of-content) + + +# Scaling Jaeger + +It is possible to update collector replicas, resources, and query resources using the upgrade job. All other parameters +during the upgrade should be the same. +For example: + +```yaml +jaeger: + storage: + type: "cassandra" + +cassandraSchemaJob: + +query: + resources: + requests: + cpu: 200m + memory: 200Mi + limits: + cpu: 200m + memory: 200Mi + +collector: + replicas: 2 + resources: + requests: + cpu: 200m + memory: 200Mi + limits: + cpu: 200m + memory: 200Mi +``` + + +[Back to TOC](#table-of-content) + + +# Change Cassandra TTL + +Cassandra Time To Live (TTL) is set during keyspace creation (first jaeger installation) and **can't be changed** during +jaeger upgrade procedure. + +The default value is 172800 (2 days) for traces and 0 (no TTL) for dependencies. These values +can be changed on first installation using the parameters: + +```yaml +cassandraSchemaJob: + ttl: + trace: 172800 # in seconds + dependencies: 0 # in seconds +``` + +To change the TTL after the keyspace has already been created, you can connect to cassandra and change it manually. + +Example of query to change TTL for trace data: + +```sql +USE jaegerkeyspace; + +ALTER TABLE traces WITH default_time_to_live = 86400; +ALTER TABLE service_names WITH default_time_to_live = 86400; +ALTER TABLE operation_names_v2 WITH default_time_to_live = 86400; +ALTER TABLE service_operation_index WITH default_time_to_live = 86400; +ALTER TABLE service_name_index WITH default_time_to_live = 86400; +ALTER TABLE duration_index WITH default_time_to_live = 86400; +ALTER TABLE tag_index WITH default_time_to_live = 86400; +``` + +Example of query to change TTL for dependencies data: + +```sql +USE jaegerkeyspace; + +ALTER TABLE dependencies_v2 WITH default_time_to_live = 86400; +``` + + +[Back to TOC](#table-of-content) + + +# Cassandra is reinstalled + +In case Cassandra has been reinstalled or cleared, then the keyspace has been removed. Keyspace is required for jaeger +operation, so you need to recreate it. To do this, run the upgrade job. For example: + +```yaml +cassandraSchemaJob: + username: user + password: password +``` + +The keyspace will be recreated and jaeger will work again. + + +[Back to TOC](#table-of-content) + diff --git a/docs/observability.md b/docs/observability.md new file mode 100644 index 0000000..3f3d6d0 --- /dev/null +++ b/docs/observability.md @@ -0,0 +1,1778 @@ +Jaeger itself is a distributed, microservices based system. If you run it in production, +you will likely want to setup adequate monitoring for different components, +e.g. to ensure that the backend is not saturated by too much tracing data. + +# Table of Content + +* [Table of Content](#table-of-content) +* [Monitoring](#monitoring) + * [Integration with PlatformMonitoring](#integration-with-platformmonitoring) +* [Logging](#logging) + * [Audit logs](#audit-logs) + * [Integration with Platform Logging](#integration-with-platform-logging) +* [Traces](#traces) +* [Metrics list](#metrics-list) + * [Collector](#collector) + * [Query](#query) + +# Monitoring + +By default Jaeger microservices expose metrics in Prometheus format. +It is controlled by the following command line options: + +* `--admin.http.host-port` the port number where the HTTP admin server is running +* `--metrics-backend` controls how the measurements are exposed. The default value is prometheus, + another option is expvar, the Go standard mechanism for exposing process level statistics. +* `--metrics-http-route` specifies the name of the HTTP endpoint used to scrape the metrics + (`/metrics` by default). + +Each Jaeger component exposes the metrics scraping endpoint on the admin port: + +| Component | Port | +| ------------------ | ----- | +| `jaeger-agent` | 14271 | +| `jaeger-collector` | 14269 | +| `jaeger-query` | 16687 | +| `jaeger-ingester` | 14270 | +| `all-in-one` | 14269 | + + +[Back to TOC](#table-of-content) + + +## Integration with PlatformMonitoring + +Jaeger can be deployed with necessary Custom Resources (CR) for Platform Monitoring. + +Integration include: + +* ServiceMonitor for collector with name "jaeger-collector" +* ServiceMonitor for query with name "jaeger-query" +* ServiceMonitor for agent with name "jaeger-agent" +* ServiceMonitor for proxy with name "proxy-service-monitor" +* GrafanaDashboard with name "Jaeger-Overview" + +To install these CRs need add in deploy parameters: + +```yaml +jaeger: + prometheusMonitoring: true + prometheusMonitoringDashboard: true +``` + +All necessary configurations will discovery by Prometheus or Grafana automatically. + + +[Back to TOC](#table-of-content) + + +# Logging + +Jaeger components only log to standard out, using structured logging library `go.uber.org/zap` +configured to write log lines as JSON encoded strings, for example: + +```json +... +{"level":"info","ts":1615914981.7914007,"caller":"flags/admin.go:111","msg":"Starting admin HTTP server","http-addr":":14269"} +{"level":"info","ts":1615914981.7914548,"caller":"flags/admin.go:97","msg":"Admin server started","http.host-port":"[::]:14269","health-status":"unavailable"} +... +``` + +The log level can be adjusted via `--log-level` command line switch; default level is `info`. + + +[Back to TOC](#table-of-content) + + +## Audit logs + +Jaeger has no authentication and authorization as a part of application. Instead, Jaeger's authors offer +to use external tools or proxies to add authentication and/or authorization. + +In our solution we are using `Envoy` as proxy to add `Basic Auth` and `OAuth2`. The `Envoy` proxy can be deploy +as a sidecar inside the `jaeger-query`. + +The `Envoy` can generate access logs that can be used for audit. Default pattern for access log: + +```bash +[%START_TIME%] audit_log_type %REQ(:METHOD)% %REQ(X-ENVOY-ORIGINAL-PATH?:PATH)% %PROTOCOL% %RESPONSE_CODE% %RESPONSE_FLAGS% %BYTES_RECEIVED% %BYTES_SENT% %DURATION% %RESP(X-ENVOY-UPSTREAM-SERVICE-TIME)% %REQ(X-FORWARDED-FOR)% %REQ(USER-AGENT)% %REQ(X-REQUEST-ID)% %REQ(:AUTHORITY)% %UPSTREAM_HOST% +``` + +Examples of access log: + +* Failed login: + + ```bash + [2024-08-21T08:58:50.838Z] audit_log_type GET /search HTTP/1.1 401 - 0 12 0 - 1.2.3.4 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 9bd9eaa74df911b9a1ae0cbafedff031 jaeger. - + ``` + + The `Envoy` send the `401 Unauthorized` response. + +* Successful login: + + ```bash + [2024-08-21T08:58:50.838Z] audit_log_type GET /search HTTP/1.1 401 - 0 12 0 - 1.2.3.4 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 9bd9eaa74df911b9a1ae0cbafedff031 jaeger. - + [2024-08-21T08:58:55.248Z] audit_log_type GET /search HTTP/1.1 200 - 0 1980 1 0 1.2.3.4 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 d27418272ca7c56db7109b8215a51900 jaeger. 127.0.0.1:16686 + ``` + + The `Envoy` firstly send the `401 Unauthorized` response and trigger browser to show authentication form, + after send the correct credentials pass user to UI. + +The `Envoy` will log all requests from UI in access logs. + + +[Back to TOC](#table-of-content) + + +## Integration with Platform Logging + +Integration Jaeger with logging doesn't require any specify actions. All works out of the box +if logging agent deployed in Cloud and collect logs from pods. + +In Graylog you can use next queries for find Jaeger logs: + +* Stream "All messages", filter by namespace name: + +```yaml +namespace_name: +# for example: +# namespace_name: tracing +``` + +* Stream "All messages", filter by pod name: + +```yaml +pod_name: +# for example: +# pods_name: jaeger-collector-7bb5bcd6d4-qlqhh +``` + + +[Back to TOC](#table-of-content) + + +# Traces + +Jaeger has the ability to trace some of its own components, namely the requests to the Query +service. For example, if you start `all-in-one` as described in Getting Started, and refresh +the UI screen a few times, you will see `jaeger-query` populated in the Services dropdown. +If you prefer not to see these traces in the Jaeger UI, you can disable them by running +Jaeger backend components with `JAEGER_DISABLED=true` environment variable, for example: + +```bash +docker run -e JAEGER_DISABLED=true -p 16686:16686 jaegertracing/all-in-one:1.33 +``` + + +[Back to TOC](#table-of-content) + + +# Metrics list + +## Collector + +
+ Collector metrics + + +```prometheus +# HELP go_gc_duration_seconds A summary of the pause duration of garbage collection cycles. +# TYPE go_gc_duration_seconds summary +go_gc_duration_seconds{quantile="0"} 4.233e-05 +go_gc_duration_seconds{quantile="0.25"} 7.7418e-05 +go_gc_duration_seconds{quantile="0.5"} 0.000108891 +go_gc_duration_seconds{quantile="0.75"} 0.000148936 +go_gc_duration_seconds{quantile="1"} 0.001421994 +go_gc_duration_seconds_sum 0.004580071 +go_gc_duration_seconds_count 29 +# HELP go_goroutines Number of goroutines that currently exist. +# TYPE go_goroutines gauge +go_goroutines 98 +# HELP go_info Information about the Go environment. +# TYPE go_info gauge +go_info{version="go1.20.5"} 1 +# HELP go_memstats_alloc_bytes Number of bytes allocated and still in use. +# TYPE go_memstats_alloc_bytes gauge +go_memstats_alloc_bytes 4.717048e+06 +# HELP go_memstats_alloc_bytes_total Total number of bytes allocated, even if freed. +# TYPE go_memstats_alloc_bytes_total counter +go_memstats_alloc_bytes_total 1.00601176e+08 +# HELP go_memstats_buck_hash_sys_bytes Number of bytes used by the profiling bucket hash table. +# TYPE go_memstats_buck_hash_sys_bytes gauge +go_memstats_buck_hash_sys_bytes 1.482038e+06 +# HELP go_memstats_frees_total Total number of frees. +# TYPE go_memstats_frees_total counter +go_memstats_frees_total 1.365496e+06 +# HELP go_memstats_gc_sys_bytes Number of bytes used for garbage collection system metadata. +# TYPE go_memstats_gc_sys_bytes gauge +go_memstats_gc_sys_bytes 8.862624e+06 +# HELP go_memstats_heap_alloc_bytes Number of heap bytes allocated and still in use. +# TYPE go_memstats_heap_alloc_bytes gauge +go_memstats_heap_alloc_bytes 4.717048e+06 +# HELP go_memstats_heap_idle_bytes Number of heap bytes waiting to be used. +# TYPE go_memstats_heap_idle_bytes gauge +go_memstats_heap_idle_bytes 4.521984e+06 +# HELP go_memstats_heap_inuse_bytes Number of heap bytes that are in use. +# TYPE go_memstats_heap_inuse_bytes gauge +go_memstats_heap_inuse_bytes 6.750208e+06 +# HELP go_memstats_heap_objects Number of allocated objects. +# TYPE go_memstats_heap_objects gauge +go_memstats_heap_objects 35753 +# HELP go_memstats_heap_released_bytes Number of heap bytes released to OS. +# TYPE go_memstats_heap_released_bytes gauge +go_memstats_heap_released_bytes 2.097152e+06 +# HELP go_memstats_heap_sys_bytes Number of heap bytes obtained from system. +# TYPE go_memstats_heap_sys_bytes gauge +go_memstats_heap_sys_bytes 1.1272192e+07 +# HELP go_memstats_last_gc_time_seconds Number of seconds since 1970 of last garbage collection. +# TYPE go_memstats_last_gc_time_seconds gauge +go_memstats_last_gc_time_seconds 1.692017462958174e+09 +# HELP go_memstats_lookups_total Total number of pointer lookups. +# TYPE go_memstats_lookups_total counter +go_memstats_lookups_total 0 +# HELP go_memstats_mallocs_total Total number of mallocs. +# TYPE go_memstats_mallocs_total counter +go_memstats_mallocs_total 1.401249e+06 +# HELP go_memstats_mcache_inuse_bytes Number of bytes in use by mcache structures. +# TYPE go_memstats_mcache_inuse_bytes gauge +go_memstats_mcache_inuse_bytes 1200 +# HELP go_memstats_mcache_sys_bytes Number of bytes used for mcache structures obtained from system. +# TYPE go_memstats_mcache_sys_bytes gauge +go_memstats_mcache_sys_bytes 15600 +# HELP go_memstats_mspan_inuse_bytes Number of bytes in use by mspan structures. +# TYPE go_memstats_mspan_inuse_bytes gauge +go_memstats_mspan_inuse_bytes 111520 +# HELP go_memstats_mspan_sys_bytes Number of bytes used for mspan structures obtained from system. +# TYPE go_memstats_mspan_sys_bytes gauge +go_memstats_mspan_sys_bytes 146880 +# HELP go_memstats_next_gc_bytes Number of heap bytes when next garbage collection will take place. +# TYPE go_memstats_next_gc_bytes gauge +go_memstats_next_gc_bytes 8.130136e+06 +# HELP go_memstats_other_sys_bytes Number of bytes used for other system allocations. +# TYPE go_memstats_other_sys_bytes gauge +go_memstats_other_sys_bytes 631170 +# HELP go_memstats_stack_inuse_bytes Number of bytes in use by the stack allocator. +# TYPE go_memstats_stack_inuse_bytes gauge +go_memstats_stack_inuse_bytes 1.31072e+06 +# HELP go_memstats_stack_sys_bytes Number of bytes obtained from system for stack allocator. +# TYPE go_memstats_stack_sys_bytes gauge +go_memstats_stack_sys_bytes 1.31072e+06 +# HELP go_memstats_sys_bytes Number of bytes obtained from system. +# TYPE go_memstats_sys_bytes gauge +go_memstats_sys_bytes 2.3721224e+07 +# HELP go_threads Number of OS threads created. +# TYPE go_threads gauge +go_threads 7 +# HELP jaeger_cassandra_attempts_total attempts +# TYPE jaeger_cassandra_attempts_total counter +jaeger_cassandra_attempts_total{table="duration_index"} 1078 +jaeger_cassandra_attempts_total{table="operation_names"} 1 +jaeger_cassandra_attempts_total{table="service_name_index"} 539 +jaeger_cassandra_attempts_total{table="service_names"} 1 +jaeger_cassandra_attempts_total{table="service_operation_index"} 539 +jaeger_cassandra_attempts_total{table="tag_index"} 3773 +jaeger_cassandra_attempts_total{table="traces"} 540 +# HELP jaeger_cassandra_errors_total errors +# TYPE jaeger_cassandra_errors_total counter +jaeger_cassandra_errors_total{table="duration_index"} 0 +jaeger_cassandra_errors_total{table="operation_names"} 1 +jaeger_cassandra_errors_total{table="service_name_index"} 0 +jaeger_cassandra_errors_total{table="service_names"} 0 +jaeger_cassandra_errors_total{table="service_operation_index"} 0 +jaeger_cassandra_errors_total{table="tag_index"} 0 +jaeger_cassandra_errors_total{table="traces"} 0 +# HELP jaeger_cassandra_inserts_total inserts +# TYPE jaeger_cassandra_inserts_total counter +jaeger_cassandra_inserts_total{table="duration_index"} 1078 +jaeger_cassandra_inserts_total{table="operation_names"} 0 +jaeger_cassandra_inserts_total{table="service_name_index"} 539 +jaeger_cassandra_inserts_total{table="service_names"} 1 +jaeger_cassandra_inserts_total{table="service_operation_index"} 539 +jaeger_cassandra_inserts_total{table="tag_index"} 3773 +jaeger_cassandra_inserts_total{table="traces"} 540 +# HELP jaeger_cassandra_latency_err latency-err +# TYPE jaeger_cassandra_latency_err histogram +jaeger_cassandra_latency_err_bucket{table="duration_index",le="0.005"} 0 +jaeger_cassandra_latency_err_bucket{table="duration_index",le="0.01"} 0 +jaeger_cassandra_latency_err_bucket{table="duration_index",le="0.025"} 0 +jaeger_cassandra_latency_err_bucket{table="duration_index",le="0.05"} 0 +jaeger_cassandra_latency_err_bucket{table="duration_index",le="0.1"} 0 +jaeger_cassandra_latency_err_bucket{table="duration_index",le="0.25"} 0 +jaeger_cassandra_latency_err_bucket{table="duration_index",le="0.5"} 0 +jaeger_cassandra_latency_err_bucket{table="duration_index",le="1"} 0 +jaeger_cassandra_latency_err_bucket{table="duration_index",le="2.5"} 0 +jaeger_cassandra_latency_err_bucket{table="duration_index",le="5"} 0 +jaeger_cassandra_latency_err_bucket{table="duration_index",le="10"} 0 +jaeger_cassandra_latency_err_bucket{table="duration_index",le="+Inf"} 0 +jaeger_cassandra_latency_err_sum{table="duration_index"} 0 +jaeger_cassandra_latency_err_count{table="duration_index"} 0 +jaeger_cassandra_latency_err_bucket{table="operation_names",le="0.005"} 0 +jaeger_cassandra_latency_err_bucket{table="operation_names",le="0.01"} 0 +jaeger_cassandra_latency_err_bucket{table="operation_names",le="0.025"} 0 +jaeger_cassandra_latency_err_bucket{table="operation_names",le="0.05"} 0 +jaeger_cassandra_latency_err_bucket{table="operation_names",le="0.1"} 1 +jaeger_cassandra_latency_err_bucket{table="operation_names",le="0.25"} 1 +jaeger_cassandra_latency_err_bucket{table="operation_names",le="0.5"} 1 +jaeger_cassandra_latency_err_bucket{table="operation_names",le="1"} 1 +jaeger_cassandra_latency_err_bucket{table="operation_names",le="2.5"} 1 +jaeger_cassandra_latency_err_bucket{table="operation_names",le="5"} 1 +jaeger_cassandra_latency_err_bucket{table="operation_names",le="10"} 1 +jaeger_cassandra_latency_err_bucket{table="operation_names",le="+Inf"} 1 +jaeger_cassandra_latency_err_sum{table="operation_names"} 0.088707462 +jaeger_cassandra_latency_err_count{table="operation_names"} 1 +jaeger_cassandra_latency_err_bucket{table="service_name_index",le="0.005"} 0 +jaeger_cassandra_latency_err_bucket{table="service_name_index",le="0.01"} 0 +jaeger_cassandra_latency_err_bucket{table="service_name_index",le="0.025"} 0 +jaeger_cassandra_latency_err_bucket{table="service_name_index",le="0.05"} 0 +jaeger_cassandra_latency_err_bucket{table="service_name_index",le="0.1"} 0 +jaeger_cassandra_latency_err_bucket{table="service_name_index",le="0.25"} 0 +jaeger_cassandra_latency_err_bucket{table="service_name_index",le="0.5"} 0 +jaeger_cassandra_latency_err_bucket{table="service_name_index",le="1"} 0 +jaeger_cassandra_latency_err_bucket{table="service_name_index",le="2.5"} 0 +jaeger_cassandra_latency_err_bucket{table="service_name_index",le="5"} 0 +jaeger_cassandra_latency_err_bucket{table="service_name_index",le="10"} 0 +jaeger_cassandra_latency_err_bucket{table="service_name_index",le="+Inf"} 0 +jaeger_cassandra_latency_err_sum{table="service_name_index"} 0 +jaeger_cassandra_latency_err_count{table="service_name_index"} 0 +jaeger_cassandra_latency_err_bucket{table="service_names",le="0.005"} 0 +jaeger_cassandra_latency_err_bucket{table="service_names",le="0.01"} 0 +jaeger_cassandra_latency_err_bucket{table="service_names",le="0.025"} 0 +jaeger_cassandra_latency_err_bucket{table="service_names",le="0.05"} 0 +jaeger_cassandra_latency_err_bucket{table="service_names",le="0.1"} 0 +jaeger_cassandra_latency_err_bucket{table="service_names",le="0.25"} 0 +jaeger_cassandra_latency_err_bucket{table="service_names",le="0.5"} 0 +jaeger_cassandra_latency_err_bucket{table="service_names",le="1"} 0 +jaeger_cassandra_latency_err_bucket{table="service_names",le="2.5"} 0 +jaeger_cassandra_latency_err_bucket{table="service_names",le="5"} 0 +jaeger_cassandra_latency_err_bucket{table="service_names",le="10"} 0 +jaeger_cassandra_latency_err_bucket{table="service_names",le="+Inf"} 0 +jaeger_cassandra_latency_err_sum{table="service_names"} 0 +jaeger_cassandra_latency_err_count{table="service_names"} 0 +jaeger_cassandra_latency_err_bucket{table="service_operation_index",le="0.005"} 0 +jaeger_cassandra_latency_err_bucket{table="service_operation_index",le="0.01"} 0 +jaeger_cassandra_latency_err_bucket{table="service_operation_index",le="0.025"} 0 +jaeger_cassandra_latency_err_bucket{table="service_operation_index",le="0.05"} 0 +jaeger_cassandra_latency_err_bucket{table="service_operation_index",le="0.1"} 0 +jaeger_cassandra_latency_err_bucket{table="service_operation_index",le="0.25"} 0 +jaeger_cassandra_latency_err_bucket{table="service_operation_index",le="0.5"} 0 +jaeger_cassandra_latency_err_bucket{table="service_operation_index",le="1"} 0 +jaeger_cassandra_latency_err_bucket{table="service_operation_index",le="2.5"} 0 +jaeger_cassandra_latency_err_bucket{table="service_operation_index",le="5"} 0 +jaeger_cassandra_latency_err_bucket{table="service_operation_index",le="10"} 0 +jaeger_cassandra_latency_err_bucket{table="service_operation_index",le="+Inf"} 0 +jaeger_cassandra_latency_err_sum{table="service_operation_index"} 0 +jaeger_cassandra_latency_err_count{table="service_operation_index"} 0 +jaeger_cassandra_latency_err_bucket{table="tag_index",le="0.005"} 0 +jaeger_cassandra_latency_err_bucket{table="tag_index",le="0.01"} 0 +jaeger_cassandra_latency_err_bucket{table="tag_index",le="0.025"} 0 +jaeger_cassandra_latency_err_bucket{table="tag_index",le="0.05"} 0 +jaeger_cassandra_latency_err_bucket{table="tag_index",le="0.1"} 0 +jaeger_cassandra_latency_err_bucket{table="tag_index",le="0.25"} 0 +jaeger_cassandra_latency_err_bucket{table="tag_index",le="0.5"} 0 +jaeger_cassandra_latency_err_bucket{table="tag_index",le="1"} 0 +jaeger_cassandra_latency_err_bucket{table="tag_index",le="2.5"} 0 +jaeger_cassandra_latency_err_bucket{table="tag_index",le="5"} 0 +jaeger_cassandra_latency_err_bucket{table="tag_index",le="10"} 0 +jaeger_cassandra_latency_err_bucket{table="tag_index",le="+Inf"} 0 +jaeger_cassandra_latency_err_sum{table="tag_index"} 0 +jaeger_cassandra_latency_err_count{table="tag_index"} 0 +jaeger_cassandra_latency_err_bucket{table="traces",le="0.005"} 0 +jaeger_cassandra_latency_err_bucket{table="traces",le="0.01"} 0 +jaeger_cassandra_latency_err_bucket{table="traces",le="0.025"} 0 +jaeger_cassandra_latency_err_bucket{table="traces",le="0.05"} 0 +jaeger_cassandra_latency_err_bucket{table="traces",le="0.1"} 0 +jaeger_cassandra_latency_err_bucket{table="traces",le="0.25"} 0 +jaeger_cassandra_latency_err_bucket{table="traces",le="0.5"} 0 +jaeger_cassandra_latency_err_bucket{table="traces",le="1"} 0 +jaeger_cassandra_latency_err_bucket{table="traces",le="2.5"} 0 +jaeger_cassandra_latency_err_bucket{table="traces",le="5"} 0 +jaeger_cassandra_latency_err_bucket{table="traces",le="10"} 0 +jaeger_cassandra_latency_err_bucket{table="traces",le="+Inf"} 0 +jaeger_cassandra_latency_err_sum{table="traces"} 0 +jaeger_cassandra_latency_err_count{table="traces"} 0 +# HELP jaeger_cassandra_latency_ok latency-ok +# TYPE jaeger_cassandra_latency_ok histogram +jaeger_cassandra_latency_ok_bucket{table="duration_index",le="0.005"} 536 +jaeger_cassandra_latency_ok_bucket{table="duration_index",le="0.01"} 794 +jaeger_cassandra_latency_ok_bucket{table="duration_index",le="0.025"} 996 +jaeger_cassandra_latency_ok_bucket{table="duration_index",le="0.05"} 1054 +jaeger_cassandra_latency_ok_bucket{table="duration_index",le="0.1"} 1077 +jaeger_cassandra_latency_ok_bucket{table="duration_index",le="0.25"} 1077 +jaeger_cassandra_latency_ok_bucket{table="duration_index",le="0.5"} 1078 +jaeger_cassandra_latency_ok_bucket{table="duration_index",le="1"} 1078 +jaeger_cassandra_latency_ok_bucket{table="duration_index",le="2.5"} 1078 +jaeger_cassandra_latency_ok_bucket{table="duration_index",le="5"} 1078 +jaeger_cassandra_latency_ok_bucket{table="duration_index",le="10"} 1078 +jaeger_cassandra_latency_ok_bucket{table="duration_index",le="+Inf"} 1078 +jaeger_cassandra_latency_ok_sum{table="duration_index"} 10.333384656000003 +jaeger_cassandra_latency_ok_count{table="duration_index"} 1078 +jaeger_cassandra_latency_ok_bucket{table="operation_names",le="0.005"} 0 +jaeger_cassandra_latency_ok_bucket{table="operation_names",le="0.01"} 0 +jaeger_cassandra_latency_ok_bucket{table="operation_names",le="0.025"} 0 +jaeger_cassandra_latency_ok_bucket{table="operation_names",le="0.05"} 0 +jaeger_cassandra_latency_ok_bucket{table="operation_names",le="0.1"} 0 +jaeger_cassandra_latency_ok_bucket{table="operation_names",le="0.25"} 0 +jaeger_cassandra_latency_ok_bucket{table="operation_names",le="0.5"} 0 +jaeger_cassandra_latency_ok_bucket{table="operation_names",le="1"} 0 +jaeger_cassandra_latency_ok_bucket{table="operation_names",le="2.5"} 0 +jaeger_cassandra_latency_ok_bucket{table="operation_names",le="5"} 0 +jaeger_cassandra_latency_ok_bucket{table="operation_names",le="10"} 0 +jaeger_cassandra_latency_ok_bucket{table="operation_names",le="+Inf"} 0 +jaeger_cassandra_latency_ok_sum{table="operation_names"} 0 +jaeger_cassandra_latency_ok_count{table="operation_names"} 0 +jaeger_cassandra_latency_ok_bucket{table="service_name_index",le="0.005"} 133 +jaeger_cassandra_latency_ok_bucket{table="service_name_index",le="0.01"} 356 +jaeger_cassandra_latency_ok_bucket{table="service_name_index",le="0.025"} 517 +jaeger_cassandra_latency_ok_bucket{table="service_name_index",le="0.05"} 531 +jaeger_cassandra_latency_ok_bucket{table="service_name_index",le="0.1"} 538 +jaeger_cassandra_latency_ok_bucket{table="service_name_index",le="0.25"} 539 +jaeger_cassandra_latency_ok_bucket{table="service_name_index",le="0.5"} 539 +jaeger_cassandra_latency_ok_bucket{table="service_name_index",le="1"} 539 +jaeger_cassandra_latency_ok_bucket{table="service_name_index",le="2.5"} 539 +jaeger_cassandra_latency_ok_bucket{table="service_name_index",le="5"} 539 +jaeger_cassandra_latency_ok_bucket{table="service_name_index",le="10"} 539 +jaeger_cassandra_latency_ok_bucket{table="service_name_index",le="+Inf"} 539 +jaeger_cassandra_latency_ok_sum{table="service_name_index"} 5.694438255999998 +jaeger_cassandra_latency_ok_count{table="service_name_index"} 539 +jaeger_cassandra_latency_ok_bucket{table="service_names",le="0.005"} 0 +jaeger_cassandra_latency_ok_bucket{table="service_names",le="0.01"} 0 +jaeger_cassandra_latency_ok_bucket{table="service_names",le="0.025"} 0 +jaeger_cassandra_latency_ok_bucket{table="service_names",le="0.05"} 0 +jaeger_cassandra_latency_ok_bucket{table="service_names",le="0.1"} 0 +jaeger_cassandra_latency_ok_bucket{table="service_names",le="0.25"} 0 +jaeger_cassandra_latency_ok_bucket{table="service_names",le="0.5"} 0 +jaeger_cassandra_latency_ok_bucket{table="service_names",le="1"} 0 +jaeger_cassandra_latency_ok_bucket{table="service_names",le="2.5"} 1 +jaeger_cassandra_latency_ok_bucket{table="service_names",le="5"} 1 +jaeger_cassandra_latency_ok_bucket{table="service_names",le="10"} 1 +jaeger_cassandra_latency_ok_bucket{table="service_names",le="+Inf"} 1 +jaeger_cassandra_latency_ok_sum{table="service_names"} 1.048394961 +jaeger_cassandra_latency_ok_count{table="service_names"} 1 +jaeger_cassandra_latency_ok_bucket{table="service_operation_index",le="0.005"} 228 +jaeger_cassandra_latency_ok_bucket{table="service_operation_index",le="0.01"} 406 +jaeger_cassandra_latency_ok_bucket{table="service_operation_index",le="0.025"} 525 +jaeger_cassandra_latency_ok_bucket{table="service_operation_index",le="0.05"} 537 +jaeger_cassandra_latency_ok_bucket{table="service_operation_index",le="0.1"} 538 +jaeger_cassandra_latency_ok_bucket{table="service_operation_index",le="0.25"} 539 +jaeger_cassandra_latency_ok_bucket{table="service_operation_index",le="0.5"} 539 +jaeger_cassandra_latency_ok_bucket{table="service_operation_index",le="1"} 539 +jaeger_cassandra_latency_ok_bucket{table="service_operation_index",le="2.5"} 539 +jaeger_cassandra_latency_ok_bucket{table="service_operation_index",le="5"} 539 +jaeger_cassandra_latency_ok_bucket{table="service_operation_index",le="10"} 539 +jaeger_cassandra_latency_ok_bucket{table="service_operation_index",le="+Inf"} 539 +jaeger_cassandra_latency_ok_sum{table="service_operation_index"} 4.4824353589999975 +jaeger_cassandra_latency_ok_count{table="service_operation_index"} 539 +jaeger_cassandra_latency_ok_bucket{table="tag_index",le="0.005"} 2352 +jaeger_cassandra_latency_ok_bucket{table="tag_index",le="0.01"} 3164 +jaeger_cassandra_latency_ok_bucket{table="tag_index",le="0.025"} 3671 +jaeger_cassandra_latency_ok_bucket{table="tag_index",le="0.05"} 3742 +jaeger_cassandra_latency_ok_bucket{table="tag_index",le="0.1"} 3770 +jaeger_cassandra_latency_ok_bucket{table="tag_index",le="0.25"} 3773 +jaeger_cassandra_latency_ok_bucket{table="tag_index",le="0.5"} 3773 +jaeger_cassandra_latency_ok_bucket{table="tag_index",le="1"} 3773 +jaeger_cassandra_latency_ok_bucket{table="tag_index",le="2.5"} 3773 +jaeger_cassandra_latency_ok_bucket{table="tag_index",le="5"} 3773 +jaeger_cassandra_latency_ok_bucket{table="tag_index",le="10"} 3773 +jaeger_cassandra_latency_ok_bucket{table="tag_index",le="+Inf"} 3773 +jaeger_cassandra_latency_ok_sum{table="tag_index"} 25.012430945999984 +jaeger_cassandra_latency_ok_count{table="tag_index"} 3773 +jaeger_cassandra_latency_ok_bucket{table="traces",le="0.005"} 5 +jaeger_cassandra_latency_ok_bucket{table="traces",le="0.01"} 232 +jaeger_cassandra_latency_ok_bucket{table="traces",le="0.025"} 477 +jaeger_cassandra_latency_ok_bucket{table="traces",le="0.05"} 534 +jaeger_cassandra_latency_ok_bucket{table="traces",le="0.1"} 537 +jaeger_cassandra_latency_ok_bucket{table="traces",le="0.25"} 538 +jaeger_cassandra_latency_ok_bucket{table="traces",le="0.5"} 538 +jaeger_cassandra_latency_ok_bucket{table="traces",le="1"} 540 +jaeger_cassandra_latency_ok_bucket{table="traces",le="2.5"} 540 +jaeger_cassandra_latency_ok_bucket{table="traces",le="5"} 540 +jaeger_cassandra_latency_ok_bucket{table="traces",le="10"} 540 +jaeger_cassandra_latency_ok_bucket{table="traces",le="+Inf"} 540 +jaeger_cassandra_latency_ok_sum{table="traces"} 9.093478506999991 +jaeger_cassandra_latency_ok_count{table="traces"} 540 +# HELP jaeger_cassandra_tag_index_skipped_total tag_index_skipped +# TYPE jaeger_cassandra_tag_index_skipped_total counter +jaeger_cassandra_tag_index_skipped_total 0 +# HELP jaeger_collector_batch_size batch-size +# TYPE jaeger_collector_batch_size gauge +jaeger_collector_batch_size{host="jaeger-collector-7ff95f55cf-mkt75"} 2 +# HELP jaeger_collector_build_info build_info +# TYPE jaeger_collector_build_info gauge +jaeger_collector_build_info{build_date="2023-07-06T20:38:11Z",revision="ee6cc41ef62ba8f04de8a16431b43b620bdf571c",version="v1.62.0"} 1 +# HELP jaeger_collector_http_request_duration Duration of HTTP requests +# TYPE jaeger_collector_http_request_duration histogram +jaeger_collector_http_request_duration_bucket{method="POST",path="/api/traces",status="202",le="0.005"} 271 +jaeger_collector_http_request_duration_bucket{method="POST",path="/api/traces",status="202",le="0.01"} 271 +jaeger_collector_http_request_duration_bucket{method="POST",path="/api/traces",status="202",le="0.025"} 271 +jaeger_collector_http_request_duration_bucket{method="POST",path="/api/traces",status="202",le="0.05"} 271 +jaeger_collector_http_request_duration_bucket{method="POST",path="/api/traces",status="202",le="0.1"} 271 +jaeger_collector_http_request_duration_bucket{method="POST",path="/api/traces",status="202",le="0.25"} 271 +jaeger_collector_http_request_duration_bucket{method="POST",path="/api/traces",status="202",le="0.5"} 271 +jaeger_collector_http_request_duration_bucket{method="POST",path="/api/traces",status="202",le="1"} 271 +jaeger_collector_http_request_duration_bucket{method="POST",path="/api/traces",status="202",le="2.5"} 271 +jaeger_collector_http_request_duration_bucket{method="POST",path="/api/traces",status="202",le="5"} 271 +jaeger_collector_http_request_duration_bucket{method="POST",path="/api/traces",status="202",le="10"} 271 +jaeger_collector_http_request_duration_bucket{method="POST",path="/api/traces",status="202",le="+Inf"} 271 +jaeger_collector_http_request_duration_sum{method="POST",path="/api/traces",status="202"} 0.038305274999999965 +jaeger_collector_http_request_duration_count{method="POST",path="/api/traces",status="202"} 271 +jaeger_collector_http_request_duration_bucket{method="other",path="other",status="other",le="0.005"} 0 +jaeger_collector_http_request_duration_bucket{method="other",path="other",status="other",le="0.01"} 0 +jaeger_collector_http_request_duration_bucket{method="other",path="other",status="other",le="0.025"} 0 +jaeger_collector_http_request_duration_bucket{method="other",path="other",status="other",le="0.05"} 0 +jaeger_collector_http_request_duration_bucket{method="other",path="other",status="other",le="0.1"} 0 +jaeger_collector_http_request_duration_bucket{method="other",path="other",status="other",le="0.25"} 0 +jaeger_collector_http_request_duration_bucket{method="other",path="other",status="other",le="0.5"} 0 +jaeger_collector_http_request_duration_bucket{method="other",path="other",status="other",le="1"} 0 +jaeger_collector_http_request_duration_bucket{method="other",path="other",status="other",le="2.5"} 0 +jaeger_collector_http_request_duration_bucket{method="other",path="other",status="other",le="5"} 0 +jaeger_collector_http_request_duration_bucket{method="other",path="other",status="other",le="10"} 0 +jaeger_collector_http_request_duration_bucket{method="other",path="other",status="other",le="+Inf"} 0 +jaeger_collector_http_request_duration_sum{method="other",path="other",status="other"} 0 +jaeger_collector_http_request_duration_count{method="other",path="other",status="other"} 0 +# HELP jaeger_collector_http_server_errors_total http-server.errors +# TYPE jaeger_collector_http_server_errors_total counter +jaeger_collector_http_server_errors_total{source="all",status="4xx"} 0 +jaeger_collector_http_server_errors_total{source="collector-proxy",status="5xx"} 0 +jaeger_collector_http_server_errors_total{source="proto",status="5xx"} 0 +jaeger_collector_http_server_errors_total{source="thrift",status="5xx"} 0 +jaeger_collector_http_server_errors_total{source="write",status="5xx"} 0 +# HELP jaeger_collector_http_server_requests_total http-server.requests +# TYPE jaeger_collector_http_server_requests_total counter +jaeger_collector_http_server_requests_total{type="baggage"} 0 +jaeger_collector_http_server_requests_total{type="sampling"} 0 +jaeger_collector_http_server_requests_total{type="sampling-legacy"} 0 +# HELP jaeger_collector_in_queue_latency in-queue-latency +# TYPE jaeger_collector_in_queue_latency histogram +jaeger_collector_in_queue_latency_bucket{host="jaeger-collector-7ff95f55cf-mkt75",le="0.005"} 0 +jaeger_collector_in_queue_latency_bucket{host="jaeger-collector-7ff95f55cf-mkt75",le="0.01"} 0 +jaeger_collector_in_queue_latency_bucket{host="jaeger-collector-7ff95f55cf-mkt75",le="0.025"} 0 +jaeger_collector_in_queue_latency_bucket{host="jaeger-collector-7ff95f55cf-mkt75",le="0.05"} 12 +jaeger_collector_in_queue_latency_bucket{host="jaeger-collector-7ff95f55cf-mkt75",le="0.1"} 355 +jaeger_collector_in_queue_latency_bucket{host="jaeger-collector-7ff95f55cf-mkt75",le="0.25"} 534 +jaeger_collector_in_queue_latency_bucket{host="jaeger-collector-7ff95f55cf-mkt75",le="0.5"} 538 +jaeger_collector_in_queue_latency_bucket{host="jaeger-collector-7ff95f55cf-mkt75",le="1"} 539 +jaeger_collector_in_queue_latency_bucket{host="jaeger-collector-7ff95f55cf-mkt75",le="2.5"} 539 +jaeger_collector_in_queue_latency_bucket{host="jaeger-collector-7ff95f55cf-mkt75",le="5"} 540 +jaeger_collector_in_queue_latency_bucket{host="jaeger-collector-7ff95f55cf-mkt75",le="10"} 540 +jaeger_collector_in_queue_latency_bucket{host="jaeger-collector-7ff95f55cf-mkt75",le="+Inf"} 540 +jaeger_collector_in_queue_latency_sum{host="jaeger-collector-7ff95f55cf-mkt75"} 56.111491801 +jaeger_collector_in_queue_latency_count{host="jaeger-collector-7ff95f55cf-mkt75"} 540 +# HELP jaeger_collector_queue_capacity queue-capacity +# TYPE jaeger_collector_queue_capacity gauge +jaeger_collector_queue_capacity{host="jaeger-collector-7ff95f55cf-mkt75"} 2000 +# HELP jaeger_collector_queue_length queue-length +# TYPE jaeger_collector_queue_length gauge +jaeger_collector_queue_length{host="jaeger-collector-7ff95f55cf-mkt75"} 0 +# HELP jaeger_collector_save_latency save-latency +# TYPE jaeger_collector_save_latency histogram +jaeger_collector_save_latency_bucket{host="jaeger-collector-7ff95f55cf-mkt75",le="0.005"} 0 +jaeger_collector_save_latency_bucket{host="jaeger-collector-7ff95f55cf-mkt75",le="0.01"} 0 +jaeger_collector_save_latency_bucket{host="jaeger-collector-7ff95f55cf-mkt75",le="0.025"} 0 +jaeger_collector_save_latency_bucket{host="jaeger-collector-7ff95f55cf-mkt75",le="0.05"} 12 +jaeger_collector_save_latency_bucket{host="jaeger-collector-7ff95f55cf-mkt75",le="0.1"} 359 +jaeger_collector_save_latency_bucket{host="jaeger-collector-7ff95f55cf-mkt75",le="0.25"} 534 +jaeger_collector_save_latency_bucket{host="jaeger-collector-7ff95f55cf-mkt75",le="0.5"} 538 +jaeger_collector_save_latency_bucket{host="jaeger-collector-7ff95f55cf-mkt75",le="1"} 539 +jaeger_collector_save_latency_bucket{host="jaeger-collector-7ff95f55cf-mkt75",le="2.5"} 539 +jaeger_collector_save_latency_bucket{host="jaeger-collector-7ff95f55cf-mkt75",le="5"} 540 +jaeger_collector_save_latency_bucket{host="jaeger-collector-7ff95f55cf-mkt75",le="10"} 540 +jaeger_collector_save_latency_bucket{host="jaeger-collector-7ff95f55cf-mkt75",le="+Inf"} 540 +jaeger_collector_save_latency_sum{host="jaeger-collector-7ff95f55cf-mkt75"} 55.93221145900002 +jaeger_collector_save_latency_count{host="jaeger-collector-7ff95f55cf-mkt75"} 540 +# HELP jaeger_collector_spans_bytes spans.bytes +# TYPE jaeger_collector_spans_bytes gauge +jaeger_collector_spans_bytes{host="jaeger-collector-7ff95f55cf-mkt75"} 0 +# HELP jaeger_collector_spans_dropped_total spans.dropped +# TYPE jaeger_collector_spans_dropped_total counter +jaeger_collector_spans_dropped_total{host="jaeger-collector-7ff95f55cf-mkt75"} 0 +# HELP jaeger_collector_spans_received_total received +# TYPE jaeger_collector_spans_received_total counter +jaeger_collector_spans_received_total{debug="false",format="jaeger",svc="frontend",transport="http"} 540 +jaeger_collector_spans_received_total{debug="false",format="jaeger",svc="other-services",transport="grpc"} 0 +jaeger_collector_spans_received_total{debug="false",format="jaeger",svc="other-services",transport="http"} 0 +jaeger_collector_spans_received_total{debug="false",format="jaeger",svc="other-services",transport="unknown"} 0 +jaeger_collector_spans_received_total{debug="false",format="proto",svc="other-services",transport="grpc"} 0 +jaeger_collector_spans_received_total{debug="false",format="proto",svc="other-services",transport="http"} 0 +jaeger_collector_spans_received_total{debug="false",format="proto",svc="other-services",transport="unknown"} 0 +jaeger_collector_spans_received_total{debug="false",format="unknown",svc="other-services",transport="grpc"} 0 +jaeger_collector_spans_received_total{debug="false",format="unknown",svc="other-services",transport="http"} 0 +jaeger_collector_spans_received_total{debug="false",format="unknown",svc="other-services",transport="unknown"} 0 +jaeger_collector_spans_received_total{debug="false",format="zipkin",svc="other-services",transport="grpc"} 0 +jaeger_collector_spans_received_total{debug="false",format="zipkin",svc="other-services",transport="http"} 0 +jaeger_collector_spans_received_total{debug="false",format="zipkin",svc="other-services",transport="unknown"} 0 +jaeger_collector_spans_received_total{debug="true",format="jaeger",svc="other-services",transport="grpc"} 0 +jaeger_collector_spans_received_total{debug="true",format="jaeger",svc="other-services",transport="http"} 0 +jaeger_collector_spans_received_total{debug="true",format="jaeger",svc="other-services",transport="unknown"} 0 +jaeger_collector_spans_received_total{debug="true",format="proto",svc="other-services",transport="grpc"} 0 +jaeger_collector_spans_received_total{debug="true",format="proto",svc="other-services",transport="http"} 0 +jaeger_collector_spans_received_total{debug="true",format="proto",svc="other-services",transport="unknown"} 0 +jaeger_collector_spans_received_total{debug="true",format="unknown",svc="other-services",transport="grpc"} 0 +jaeger_collector_spans_received_total{debug="true",format="unknown",svc="other-services",transport="http"} 0 +jaeger_collector_spans_received_total{debug="true",format="unknown",svc="other-services",transport="unknown"} 0 +jaeger_collector_spans_received_total{debug="true",format="zipkin",svc="other-services",transport="grpc"} 0 +jaeger_collector_spans_received_total{debug="true",format="zipkin",svc="other-services",transport="http"} 0 +jaeger_collector_spans_received_total{debug="true",format="zipkin",svc="other-services",transport="unknown"} 0 +# HELP jaeger_collector_spans_rejected_total rejected +# TYPE jaeger_collector_spans_rejected_total counter +jaeger_collector_spans_rejected_total{debug="false",format="jaeger",svc="other-services",transport="grpc"} 0 +jaeger_collector_spans_rejected_total{debug="false",format="jaeger",svc="other-services",transport="http"} 0 +jaeger_collector_spans_rejected_total{debug="false",format="jaeger",svc="other-services",transport="unknown"} 0 +jaeger_collector_spans_rejected_total{debug="false",format="proto",svc="other-services",transport="grpc"} 0 +jaeger_collector_spans_rejected_total{debug="false",format="proto",svc="other-services",transport="http"} 0 +jaeger_collector_spans_rejected_total{debug="false",format="proto",svc="other-services",transport="unknown"} 0 +jaeger_collector_spans_rejected_total{debug="false",format="unknown",svc="other-services",transport="grpc"} 0 +jaeger_collector_spans_rejected_total{debug="false",format="unknown",svc="other-services",transport="http"} 0 +jaeger_collector_spans_rejected_total{debug="false",format="unknown",svc="other-services",transport="unknown"} 0 +jaeger_collector_spans_rejected_total{debug="false",format="zipkin",svc="other-services",transport="grpc"} 0 +jaeger_collector_spans_rejected_total{debug="false",format="zipkin",svc="other-services",transport="http"} 0 +jaeger_collector_spans_rejected_total{debug="false",format="zipkin",svc="other-services",transport="unknown"} 0 +jaeger_collector_spans_rejected_total{debug="true",format="jaeger",svc="other-services",transport="grpc"} 0 +jaeger_collector_spans_rejected_total{debug="true",format="jaeger",svc="other-services",transport="http"} 0 +jaeger_collector_spans_rejected_total{debug="true",format="jaeger",svc="other-services",transport="unknown"} 0 +jaeger_collector_spans_rejected_total{debug="true",format="proto",svc="other-services",transport="grpc"} 0 +jaeger_collector_spans_rejected_total{debug="true",format="proto",svc="other-services",transport="http"} 0 +jaeger_collector_spans_rejected_total{debug="true",format="proto",svc="other-services",transport="unknown"} 0 +jaeger_collector_spans_rejected_total{debug="true",format="unknown",svc="other-services",transport="grpc"} 0 +jaeger_collector_spans_rejected_total{debug="true",format="unknown",svc="other-services",transport="http"} 0 +jaeger_collector_spans_rejected_total{debug="true",format="unknown",svc="other-services",transport="unknown"} 0 +jaeger_collector_spans_rejected_total{debug="true",format="zipkin",svc="other-services",transport="grpc"} 0 +jaeger_collector_spans_rejected_total{debug="true",format="zipkin",svc="other-services",transport="http"} 0 +jaeger_collector_spans_rejected_total{debug="true",format="zipkin",svc="other-services",transport="unknown"} 0 +# HELP jaeger_collector_spans_saved_by_svc_total saved-by-svc +# TYPE jaeger_collector_spans_saved_by_svc_total counter +jaeger_collector_spans_saved_by_svc_total{debug="false",result="err",svc="frontend"} 1 +jaeger_collector_spans_saved_by_svc_total{debug="false",result="err",svc="other-services"} 0 +jaeger_collector_spans_saved_by_svc_total{debug="false",result="ok",svc="frontend"} 539 +jaeger_collector_spans_saved_by_svc_total{debug="false",result="ok",svc="other-services"} 0 +jaeger_collector_spans_saved_by_svc_total{debug="true",result="err",svc="other-services"} 0 +jaeger_collector_spans_saved_by_svc_total{debug="true",result="ok",svc="other-services"} 0 +# HELP jaeger_collector_spans_serviceNames spans.serviceNames +# TYPE jaeger_collector_spans_serviceNames gauge +jaeger_collector_spans_serviceNames{host="jaeger-collector-7ff95f55cf-mkt75"} 0 +# HELP jaeger_collector_traces_received_total received +# TYPE jaeger_collector_traces_received_total counter +jaeger_collector_traces_received_total{debug="false",format="jaeger",sampler_type="const",svc="other-services",transport="grpc"} 0 +jaeger_collector_traces_received_total{debug="false",format="jaeger",sampler_type="const",svc="other-services",transport="http"} 0 +jaeger_collector_traces_received_total{debug="false",format="jaeger",sampler_type="const",svc="other-services",transport="unknown"} 0 +jaeger_collector_traces_received_total{debug="false",format="jaeger",sampler_type="lowerbound",svc="other-services",transport="grpc"} 0 +jaeger_collector_traces_received_total{debug="false",format="jaeger",sampler_type="lowerbound",svc="other-services",transport="http"} 0 +jaeger_collector_traces_received_total{debug="false",format="jaeger",sampler_type="lowerbound",svc="other-services",transport="unknown"} 0 +jaeger_collector_traces_received_total{debug="false",format="jaeger",sampler_type="probabilistic",svc="other-services",transport="grpc"} 0 +jaeger_collector_traces_received_total{debug="false",format="jaeger",sampler_type="probabilistic",svc="other-services",transport="http"} 0 +jaeger_collector_traces_received_total{debug="false",format="jaeger",sampler_type="probabilistic",svc="other-services",transport="unknown"} 0 +jaeger_collector_traces_received_total{debug="false",format="jaeger",sampler_type="ratelimiting",svc="other-services",transport="grpc"} 0 +jaeger_collector_traces_received_total{debug="false",format="jaeger",sampler_type="ratelimiting",svc="other-services",transport="http"} 0 +jaeger_collector_traces_received_total{debug="false",format="jaeger",sampler_type="ratelimiting",svc="other-services",transport="unknown"} 0 +jaeger_collector_traces_received_total{debug="false",format="jaeger",sampler_type="unknown",svc="frontend",transport="http"} 540 +jaeger_collector_traces_received_total{debug="false",format="jaeger",sampler_type="unknown",svc="other-services",transport="grpc"} 0 +jaeger_collector_traces_received_total{debug="false",format="jaeger",sampler_type="unknown",svc="other-services",transport="http"} 0 +jaeger_collector_traces_received_total{debug="false",format="jaeger",sampler_type="unknown",svc="other-services",transport="unknown"} 0 +jaeger_collector_traces_received_total{debug="false",format="proto",sampler_type="const",svc="other-services",transport="grpc"} 0 +jaeger_collector_traces_received_total{debug="false",format="proto",sampler_type="const",svc="other-services",transport="http"} 0 +jaeger_collector_traces_received_total{debug="false",format="proto",sampler_type="const",svc="other-services",transport="unknown"} 0 +jaeger_collector_traces_received_total{debug="false",format="proto",sampler_type="lowerbound",svc="other-services",transport="grpc"} 0 +jaeger_collector_traces_received_total{debug="false",format="proto",sampler_type="lowerbound",svc="other-services",transport="http"} 0 +jaeger_collector_traces_received_total{debug="false",format="proto",sampler_type="lowerbound",svc="other-services",transport="unknown"} 0 +jaeger_collector_traces_received_total{debug="false",format="proto",sampler_type="probabilistic",svc="other-services",transport="grpc"} 0 +jaeger_collector_traces_received_total{debug="false",format="proto",sampler_type="probabilistic",svc="other-services",transport="http"} 0 +jaeger_collector_traces_received_total{debug="false",format="proto",sampler_type="probabilistic",svc="other-services",transport="unknown"} 0 +jaeger_collector_traces_received_total{debug="false",format="proto",sampler_type="ratelimiting",svc="other-services",transport="grpc"} 0 +jaeger_collector_traces_received_total{debug="false",format="proto",sampler_type="ratelimiting",svc="other-services",transport="http"} 0 +jaeger_collector_traces_received_total{debug="false",format="proto",sampler_type="ratelimiting",svc="other-services",transport="unknown"} 0 +jaeger_collector_traces_received_total{debug="false",format="proto",sampler_type="unknown",svc="other-services",transport="grpc"} 0 +jaeger_collector_traces_received_total{debug="false",format="proto",sampler_type="unknown",svc="other-services",transport="http"} 0 +jaeger_collector_traces_received_total{debug="false",format="proto",sampler_type="unknown",svc="other-services",transport="unknown"} 0 +jaeger_collector_traces_received_total{debug="false",format="unknown",sampler_type="const",svc="other-services",transport="grpc"} 0 +jaeger_collector_traces_received_total{debug="false",format="unknown",sampler_type="const",svc="other-services",transport="http"} 0 +jaeger_collector_traces_received_total{debug="false",format="unknown",sampler_type="const",svc="other-services",transport="unknown"} 0 +jaeger_collector_traces_received_total{debug="false",format="unknown",sampler_type="lowerbound",svc="other-services",transport="grpc"} 0 +jaeger_collector_traces_received_total{debug="false",format="unknown",sampler_type="lowerbound",svc="other-services",transport="http"} 0 +jaeger_collector_traces_received_total{debug="false",format="unknown",sampler_type="lowerbound",svc="other-services",transport="unknown"} 0 +jaeger_collector_traces_received_total{debug="false",format="unknown",sampler_type="probabilistic",svc="other-services",transport="grpc"} 0 +jaeger_collector_traces_received_total{debug="false",format="unknown",sampler_type="probabilistic",svc="other-services",transport="http"} 0 +jaeger_collector_traces_received_total{debug="false",format="unknown",sampler_type="probabilistic",svc="other-services",transport="unknown"} 0 +jaeger_collector_traces_received_total{debug="false",format="unknown",sampler_type="ratelimiting",svc="other-services",transport="grpc"} 0 +jaeger_collector_traces_received_total{debug="false",format="unknown",sampler_type="ratelimiting",svc="other-services",transport="http"} 0 +jaeger_collector_traces_received_total{debug="false",format="unknown",sampler_type="ratelimiting",svc="other-services",transport="unknown"} 0 +jaeger_collector_traces_received_total{debug="false",format="unknown",sampler_type="unknown",svc="other-services",transport="grpc"} 0 +jaeger_collector_traces_received_total{debug="false",format="unknown",sampler_type="unknown",svc="other-services",transport="http"} 0 +jaeger_collector_traces_received_total{debug="false",format="unknown",sampler_type="unknown",svc="other-services",transport="unknown"} 0 +jaeger_collector_traces_received_total{debug="false",format="zipkin",sampler_type="const",svc="other-services",transport="grpc"} 0 +jaeger_collector_traces_received_total{debug="false",format="zipkin",sampler_type="const",svc="other-services",transport="http"} 0 +jaeger_collector_traces_received_total{debug="false",format="zipkin",sampler_type="const",svc="other-services",transport="unknown"} 0 +jaeger_collector_traces_received_total{debug="false",format="zipkin",sampler_type="lowerbound",svc="other-services",transport="grpc"} 0 +jaeger_collector_traces_received_total{debug="false",format="zipkin",sampler_type="lowerbound",svc="other-services",transport="http"} 0 +jaeger_collector_traces_received_total{debug="false",format="zipkin",sampler_type="lowerbound",svc="other-services",transport="unknown"} 0 +jaeger_collector_traces_received_total{debug="false",format="zipkin",sampler_type="probabilistic",svc="other-services",transport="grpc"} 0 +jaeger_collector_traces_received_total{debug="false",format="zipkin",sampler_type="probabilistic",svc="other-services",transport="http"} 0 +jaeger_collector_traces_received_total{debug="false",format="zipkin",sampler_type="probabilistic",svc="other-services",transport="unknown"} 0 +jaeger_collector_traces_received_total{debug="false",format="zipkin",sampler_type="ratelimiting",svc="other-services",transport="grpc"} 0 +jaeger_collector_traces_received_total{debug="false",format="zipkin",sampler_type="ratelimiting",svc="other-services",transport="http"} 0 +jaeger_collector_traces_received_total{debug="false",format="zipkin",sampler_type="ratelimiting",svc="other-services",transport="unknown"} 0 +jaeger_collector_traces_received_total{debug="false",format="zipkin",sampler_type="unknown",svc="other-services",transport="grpc"} 0 +jaeger_collector_traces_received_total{debug="false",format="zipkin",sampler_type="unknown",svc="other-services",transport="http"} 0 +jaeger_collector_traces_received_total{debug="false",format="zipkin",sampler_type="unknown",svc="other-services",transport="unknown"} 0 +jaeger_collector_traces_received_total{debug="true",format="jaeger",sampler_type="const",svc="other-services",transport="grpc"} 0 +jaeger_collector_traces_received_total{debug="true",format="jaeger",sampler_type="const",svc="other-services",transport="http"} 0 +jaeger_collector_traces_received_total{debug="true",format="jaeger",sampler_type="const",svc="other-services",transport="unknown"} 0 +jaeger_collector_traces_received_total{debug="true",format="jaeger",sampler_type="lowerbound",svc="other-services",transport="grpc"} 0 +jaeger_collector_traces_received_total{debug="true",format="jaeger",sampler_type="lowerbound",svc="other-services",transport="http"} 0 +jaeger_collector_traces_received_total{debug="true",format="jaeger",sampler_type="lowerbound",svc="other-services",transport="unknown"} 0 +jaeger_collector_traces_received_total{debug="true",format="jaeger",sampler_type="probabilistic",svc="other-services",transport="grpc"} 0 +jaeger_collector_traces_received_total{debug="true",format="jaeger",sampler_type="probabilistic",svc="other-services",transport="http"} 0 +jaeger_collector_traces_received_total{debug="true",format="jaeger",sampler_type="probabilistic",svc="other-services",transport="unknown"} 0 +jaeger_collector_traces_received_total{debug="true",format="jaeger",sampler_type="ratelimiting",svc="other-services",transport="grpc"} 0 +jaeger_collector_traces_received_total{debug="true",format="jaeger",sampler_type="ratelimiting",svc="other-services",transport="http"} 0 +jaeger_collector_traces_received_total{debug="true",format="jaeger",sampler_type="ratelimiting",svc="other-services",transport="unknown"} 0 +jaeger_collector_traces_received_total{debug="true",format="jaeger",sampler_type="unknown",svc="other-services",transport="grpc"} 0 +jaeger_collector_traces_received_total{debug="true",format="jaeger",sampler_type="unknown",svc="other-services",transport="http"} 0 +jaeger_collector_traces_received_total{debug="true",format="jaeger",sampler_type="unknown",svc="other-services",transport="unknown"} 0 +jaeger_collector_traces_received_total{debug="true",format="proto",sampler_type="const",svc="other-services",transport="grpc"} 0 +jaeger_collector_traces_received_total{debug="true",format="proto",sampler_type="const",svc="other-services",transport="http"} 0 +jaeger_collector_traces_received_total{debug="true",format="proto",sampler_type="const",svc="other-services",transport="unknown"} 0 +jaeger_collector_traces_received_total{debug="true",format="proto",sampler_type="lowerbound",svc="other-services",transport="grpc"} 0 +jaeger_collector_traces_received_total{debug="true",format="proto",sampler_type="lowerbound",svc="other-services",transport="http"} 0 +jaeger_collector_traces_received_total{debug="true",format="proto",sampler_type="lowerbound",svc="other-services",transport="unknown"} 0 +jaeger_collector_traces_received_total{debug="true",format="proto",sampler_type="probabilistic",svc="other-services",transport="grpc"} 0 +jaeger_collector_traces_received_total{debug="true",format="proto",sampler_type="probabilistic",svc="other-services",transport="http"} 0 +jaeger_collector_traces_received_total{debug="true",format="proto",sampler_type="probabilistic",svc="other-services",transport="unknown"} 0 +jaeger_collector_traces_received_total{debug="true",format="proto",sampler_type="ratelimiting",svc="other-services",transport="grpc"} 0 +jaeger_collector_traces_received_total{debug="true",format="proto",sampler_type="ratelimiting",svc="other-services",transport="http"} 0 +jaeger_collector_traces_received_total{debug="true",format="proto",sampler_type="ratelimiting",svc="other-services",transport="unknown"} 0 +jaeger_collector_traces_received_total{debug="true",format="proto",sampler_type="unknown",svc="other-services",transport="grpc"} 0 +jaeger_collector_traces_received_total{debug="true",format="proto",sampler_type="unknown",svc="other-services",transport="http"} 0 +jaeger_collector_traces_received_total{debug="true",format="proto",sampler_type="unknown",svc="other-services",transport="unknown"} 0 +jaeger_collector_traces_received_total{debug="true",format="unknown",sampler_type="const",svc="other-services",transport="grpc"} 0 +jaeger_collector_traces_received_total{debug="true",format="unknown",sampler_type="const",svc="other-services",transport="http"} 0 +jaeger_collector_traces_received_total{debug="true",format="unknown",sampler_type="const",svc="other-services",transport="unknown"} 0 +jaeger_collector_traces_received_total{debug="true",format="unknown",sampler_type="lowerbound",svc="other-services",transport="grpc"} 0 +jaeger_collector_traces_received_total{debug="true",format="unknown",sampler_type="lowerbound",svc="other-services",transport="http"} 0 +jaeger_collector_traces_received_total{debug="true",format="unknown",sampler_type="lowerbound",svc="other-services",transport="unknown"} 0 +jaeger_collector_traces_received_total{debug="true",format="unknown",sampler_type="probabilistic",svc="other-services",transport="grpc"} 0 +jaeger_collector_traces_received_total{debug="true",format="unknown",sampler_type="probabilistic",svc="other-services",transport="http"} 0 +jaeger_collector_traces_received_total{debug="true",format="unknown",sampler_type="probabilistic",svc="other-services",transport="unknown"} 0 +jaeger_collector_traces_received_total{debug="true",format="unknown",sampler_type="ratelimiting",svc="other-services",transport="grpc"} 0 +jaeger_collector_traces_received_total{debug="true",format="unknown",sampler_type="ratelimiting",svc="other-services",transport="http"} 0 +jaeger_collector_traces_received_total{debug="true",format="unknown",sampler_type="ratelimiting",svc="other-services",transport="unknown"} 0 +jaeger_collector_traces_received_total{debug="true",format="unknown",sampler_type="unknown",svc="other-services",transport="grpc"} 0 +jaeger_collector_traces_received_total{debug="true",format="unknown",sampler_type="unknown",svc="other-services",transport="http"} 0 +jaeger_collector_traces_received_total{debug="true",format="unknown",sampler_type="unknown",svc="other-services",transport="unknown"} 0 +jaeger_collector_traces_received_total{debug="true",format="zipkin",sampler_type="const",svc="other-services",transport="grpc"} 0 +jaeger_collector_traces_received_total{debug="true",format="zipkin",sampler_type="const",svc="other-services",transport="http"} 0 +jaeger_collector_traces_received_total{debug="true",format="zipkin",sampler_type="const",svc="other-services",transport="unknown"} 0 +jaeger_collector_traces_received_total{debug="true",format="zipkin",sampler_type="lowerbound",svc="other-services",transport="grpc"} 0 +jaeger_collector_traces_received_total{debug="true",format="zipkin",sampler_type="lowerbound",svc="other-services",transport="http"} 0 +jaeger_collector_traces_received_total{debug="true",format="zipkin",sampler_type="lowerbound",svc="other-services",transport="unknown"} 0 +jaeger_collector_traces_received_total{debug="true",format="zipkin",sampler_type="probabilistic",svc="other-services",transport="grpc"} 0 +jaeger_collector_traces_received_total{debug="true",format="zipkin",sampler_type="probabilistic",svc="other-services",transport="http"} 0 +jaeger_collector_traces_received_total{debug="true",format="zipkin",sampler_type="probabilistic",svc="other-services",transport="unknown"} 0 +jaeger_collector_traces_received_total{debug="true",format="zipkin",sampler_type="ratelimiting",svc="other-services",transport="grpc"} 0 +jaeger_collector_traces_received_total{debug="true",format="zipkin",sampler_type="ratelimiting",svc="other-services",transport="http"} 0 +jaeger_collector_traces_received_total{debug="true",format="zipkin",sampler_type="ratelimiting",svc="other-services",transport="unknown"} 0 +jaeger_collector_traces_received_total{debug="true",format="zipkin",sampler_type="unknown",svc="other-services",transport="grpc"} 0 +jaeger_collector_traces_received_total{debug="true",format="zipkin",sampler_type="unknown",svc="other-services",transport="http"} 0 +jaeger_collector_traces_received_total{debug="true",format="zipkin",sampler_type="unknown",svc="other-services",transport="unknown"} 0 +# HELP jaeger_collector_traces_rejected_total rejected +# TYPE jaeger_collector_traces_rejected_total counter +jaeger_collector_traces_rejected_total{debug="false",format="jaeger",sampler_type="const",svc="other-services",transport="grpc"} 0 +jaeger_collector_traces_rejected_total{debug="false",format="jaeger",sampler_type="const",svc="other-services",transport="http"} 0 +jaeger_collector_traces_rejected_total{debug="false",format="jaeger",sampler_type="const",svc="other-services",transport="unknown"} 0 +jaeger_collector_traces_rejected_total{debug="false",format="jaeger",sampler_type="lowerbound",svc="other-services",transport="grpc"} 0 +jaeger_collector_traces_rejected_total{debug="false",format="jaeger",sampler_type="lowerbound",svc="other-services",transport="http"} 0 +jaeger_collector_traces_rejected_total{debug="false",format="jaeger",sampler_type="lowerbound",svc="other-services",transport="unknown"} 0 +jaeger_collector_traces_rejected_total{debug="false",format="jaeger",sampler_type="probabilistic",svc="other-services",transport="grpc"} 0 +jaeger_collector_traces_rejected_total{debug="false",format="jaeger",sampler_type="probabilistic",svc="other-services",transport="http"} 0 +jaeger_collector_traces_rejected_total{debug="false",format="jaeger",sampler_type="probabilistic",svc="other-services",transport="unknown"} 0 +jaeger_collector_traces_rejected_total{debug="false",format="jaeger",sampler_type="ratelimiting",svc="other-services",transport="grpc"} 0 +jaeger_collector_traces_rejected_total{debug="false",format="jaeger",sampler_type="ratelimiting",svc="other-services",transport="http"} 0 +jaeger_collector_traces_rejected_total{debug="false",format="jaeger",sampler_type="ratelimiting",svc="other-services",transport="unknown"} 0 +jaeger_collector_traces_rejected_total{debug="false",format="jaeger",sampler_type="unknown",svc="other-services",transport="grpc"} 0 +jaeger_collector_traces_rejected_total{debug="false",format="jaeger",sampler_type="unknown",svc="other-services",transport="http"} 0 +jaeger_collector_traces_rejected_total{debug="false",format="jaeger",sampler_type="unknown",svc="other-services",transport="unknown"} 0 +jaeger_collector_traces_rejected_total{debug="false",format="proto",sampler_type="const",svc="other-services",transport="grpc"} 0 +jaeger_collector_traces_rejected_total{debug="false",format="proto",sampler_type="const",svc="other-services",transport="http"} 0 +jaeger_collector_traces_rejected_total{debug="false",format="proto",sampler_type="const",svc="other-services",transport="unknown"} 0 +jaeger_collector_traces_rejected_total{debug="false",format="proto",sampler_type="lowerbound",svc="other-services",transport="grpc"} 0 +jaeger_collector_traces_rejected_total{debug="false",format="proto",sampler_type="lowerbound",svc="other-services",transport="http"} 0 +jaeger_collector_traces_rejected_total{debug="false",format="proto",sampler_type="lowerbound",svc="other-services",transport="unknown"} 0 +jaeger_collector_traces_rejected_total{debug="false",format="proto",sampler_type="probabilistic",svc="other-services",transport="grpc"} 0 +jaeger_collector_traces_rejected_total{debug="false",format="proto",sampler_type="probabilistic",svc="other-services",transport="http"} 0 +jaeger_collector_traces_rejected_total{debug="false",format="proto",sampler_type="probabilistic",svc="other-services",transport="unknown"} 0 +jaeger_collector_traces_rejected_total{debug="false",format="proto",sampler_type="ratelimiting",svc="other-services",transport="grpc"} 0 +jaeger_collector_traces_rejected_total{debug="false",format="proto",sampler_type="ratelimiting",svc="other-services",transport="http"} 0 +jaeger_collector_traces_rejected_total{debug="false",format="proto",sampler_type="ratelimiting",svc="other-services",transport="unknown"} 0 +jaeger_collector_traces_rejected_total{debug="false",format="proto",sampler_type="unknown",svc="other-services",transport="grpc"} 0 +jaeger_collector_traces_rejected_total{debug="false",format="proto",sampler_type="unknown",svc="other-services",transport="http"} 0 +jaeger_collector_traces_rejected_total{debug="false",format="proto",sampler_type="unknown",svc="other-services",transport="unknown"} 0 +jaeger_collector_traces_rejected_total{debug="false",format="unknown",sampler_type="const",svc="other-services",transport="grpc"} 0 +jaeger_collector_traces_rejected_total{debug="false",format="unknown",sampler_type="const",svc="other-services",transport="http"} 0 +jaeger_collector_traces_rejected_total{debug="false",format="unknown",sampler_type="const",svc="other-services",transport="unknown"} 0 +jaeger_collector_traces_rejected_total{debug="false",format="unknown",sampler_type="lowerbound",svc="other-services",transport="grpc"} 0 +jaeger_collector_traces_rejected_total{debug="false",format="unknown",sampler_type="lowerbound",svc="other-services",transport="http"} 0 +jaeger_collector_traces_rejected_total{debug="false",format="unknown",sampler_type="lowerbound",svc="other-services",transport="unknown"} 0 +jaeger_collector_traces_rejected_total{debug="false",format="unknown",sampler_type="probabilistic",svc="other-services",transport="grpc"} 0 +jaeger_collector_traces_rejected_total{debug="false",format="unknown",sampler_type="probabilistic",svc="other-services",transport="http"} 0 +jaeger_collector_traces_rejected_total{debug="false",format="unknown",sampler_type="probabilistic",svc="other-services",transport="unknown"} 0 +jaeger_collector_traces_rejected_total{debug="false",format="unknown",sampler_type="ratelimiting",svc="other-services",transport="grpc"} 0 +jaeger_collector_traces_rejected_total{debug="false",format="unknown",sampler_type="ratelimiting",svc="other-services",transport="http"} 0 +jaeger_collector_traces_rejected_total{debug="false",format="unknown",sampler_type="ratelimiting",svc="other-services",transport="unknown"} 0 +jaeger_collector_traces_rejected_total{debug="false",format="unknown",sampler_type="unknown",svc="other-services",transport="grpc"} 0 +jaeger_collector_traces_rejected_total{debug="false",format="unknown",sampler_type="unknown",svc="other-services",transport="http"} 0 +jaeger_collector_traces_rejected_total{debug="false",format="unknown",sampler_type="unknown",svc="other-services",transport="unknown"} 0 +jaeger_collector_traces_rejected_total{debug="false",format="zipkin",sampler_type="const",svc="other-services",transport="grpc"} 0 +jaeger_collector_traces_rejected_total{debug="false",format="zipkin",sampler_type="const",svc="other-services",transport="http"} 0 +jaeger_collector_traces_rejected_total{debug="false",format="zipkin",sampler_type="const",svc="other-services",transport="unknown"} 0 +jaeger_collector_traces_rejected_total{debug="false",format="zipkin",sampler_type="lowerbound",svc="other-services",transport="grpc"} 0 +jaeger_collector_traces_rejected_total{debug="false",format="zipkin",sampler_type="lowerbound",svc="other-services",transport="http"} 0 +jaeger_collector_traces_rejected_total{debug="false",format="zipkin",sampler_type="lowerbound",svc="other-services",transport="unknown"} 0 +jaeger_collector_traces_rejected_total{debug="false",format="zipkin",sampler_type="probabilistic",svc="other-services",transport="grpc"} 0 +jaeger_collector_traces_rejected_total{debug="false",format="zipkin",sampler_type="probabilistic",svc="other-services",transport="http"} 0 +jaeger_collector_traces_rejected_total{debug="false",format="zipkin",sampler_type="probabilistic",svc="other-services",transport="unknown"} 0 +jaeger_collector_traces_rejected_total{debug="false",format="zipkin",sampler_type="ratelimiting",svc="other-services",transport="grpc"} 0 +jaeger_collector_traces_rejected_total{debug="false",format="zipkin",sampler_type="ratelimiting",svc="other-services",transport="http"} 0 +jaeger_collector_traces_rejected_total{debug="false",format="zipkin",sampler_type="ratelimiting",svc="other-services",transport="unknown"} 0 +jaeger_collector_traces_rejected_total{debug="false",format="zipkin",sampler_type="unknown",svc="other-services",transport="grpc"} 0 +jaeger_collector_traces_rejected_total{debug="false",format="zipkin",sampler_type="unknown",svc="other-services",transport="http"} 0 +jaeger_collector_traces_rejected_total{debug="false",format="zipkin",sampler_type="unknown",svc="other-services",transport="unknown"} 0 +jaeger_collector_traces_rejected_total{debug="true",format="jaeger",sampler_type="const",svc="other-services",transport="grpc"} 0 +jaeger_collector_traces_rejected_total{debug="true",format="jaeger",sampler_type="const",svc="other-services",transport="http"} 0 +jaeger_collector_traces_rejected_total{debug="true",format="jaeger",sampler_type="const",svc="other-services",transport="unknown"} 0 +jaeger_collector_traces_rejected_total{debug="true",format="jaeger",sampler_type="lowerbound",svc="other-services",transport="grpc"} 0 +jaeger_collector_traces_rejected_total{debug="true",format="jaeger",sampler_type="lowerbound",svc="other-services",transport="http"} 0 +jaeger_collector_traces_rejected_total{debug="true",format="jaeger",sampler_type="lowerbound",svc="other-services",transport="unknown"} 0 +jaeger_collector_traces_rejected_total{debug="true",format="jaeger",sampler_type="probabilistic",svc="other-services",transport="grpc"} 0 +jaeger_collector_traces_rejected_total{debug="true",format="jaeger",sampler_type="probabilistic",svc="other-services",transport="http"} 0 +jaeger_collector_traces_rejected_total{debug="true",format="jaeger",sampler_type="probabilistic",svc="other-services",transport="unknown"} 0 +jaeger_collector_traces_rejected_total{debug="true",format="jaeger",sampler_type="ratelimiting",svc="other-services",transport="grpc"} 0 +jaeger_collector_traces_rejected_total{debug="true",format="jaeger",sampler_type="ratelimiting",svc="other-services",transport="http"} 0 +jaeger_collector_traces_rejected_total{debug="true",format="jaeger",sampler_type="ratelimiting",svc="other-services",transport="unknown"} 0 +jaeger_collector_traces_rejected_total{debug="true",format="jaeger",sampler_type="unknown",svc="other-services",transport="grpc"} 0 +jaeger_collector_traces_rejected_total{debug="true",format="jaeger",sampler_type="unknown",svc="other-services",transport="http"} 0 +jaeger_collector_traces_rejected_total{debug="true",format="jaeger",sampler_type="unknown",svc="other-services",transport="unknown"} 0 +jaeger_collector_traces_rejected_total{debug="true",format="proto",sampler_type="const",svc="other-services",transport="grpc"} 0 +jaeger_collector_traces_rejected_total{debug="true",format="proto",sampler_type="const",svc="other-services",transport="http"} 0 +jaeger_collector_traces_rejected_total{debug="true",format="proto",sampler_type="const",svc="other-services",transport="unknown"} 0 +jaeger_collector_traces_rejected_total{debug="true",format="proto",sampler_type="lowerbound",svc="other-services",transport="grpc"} 0 +jaeger_collector_traces_rejected_total{debug="true",format="proto",sampler_type="lowerbound",svc="other-services",transport="http"} 0 +jaeger_collector_traces_rejected_total{debug="true",format="proto",sampler_type="lowerbound",svc="other-services",transport="unknown"} 0 +jaeger_collector_traces_rejected_total{debug="true",format="proto",sampler_type="probabilistic",svc="other-services",transport="grpc"} 0 +jaeger_collector_traces_rejected_total{debug="true",format="proto",sampler_type="probabilistic",svc="other-services",transport="http"} 0 +jaeger_collector_traces_rejected_total{debug="true",format="proto",sampler_type="probabilistic",svc="other-services",transport="unknown"} 0 +jaeger_collector_traces_rejected_total{debug="true",format="proto",sampler_type="ratelimiting",svc="other-services",transport="grpc"} 0 +jaeger_collector_traces_rejected_total{debug="true",format="proto",sampler_type="ratelimiting",svc="other-services",transport="http"} 0 +jaeger_collector_traces_rejected_total{debug="true",format="proto",sampler_type="ratelimiting",svc="other-services",transport="unknown"} 0 +jaeger_collector_traces_rejected_total{debug="true",format="proto",sampler_type="unknown",svc="other-services",transport="grpc"} 0 +jaeger_collector_traces_rejected_total{debug="true",format="proto",sampler_type="unknown",svc="other-services",transport="http"} 0 +jaeger_collector_traces_rejected_total{debug="true",format="proto",sampler_type="unknown",svc="other-services",transport="unknown"} 0 +jaeger_collector_traces_rejected_total{debug="true",format="unknown",sampler_type="const",svc="other-services",transport="grpc"} 0 +jaeger_collector_traces_rejected_total{debug="true",format="unknown",sampler_type="const",svc="other-services",transport="http"} 0 +jaeger_collector_traces_rejected_total{debug="true",format="unknown",sampler_type="const",svc="other-services",transport="unknown"} 0 +jaeger_collector_traces_rejected_total{debug="true",format="unknown",sampler_type="lowerbound",svc="other-services",transport="grpc"} 0 +jaeger_collector_traces_rejected_total{debug="true",format="unknown",sampler_type="lowerbound",svc="other-services",transport="http"} 0 +jaeger_collector_traces_rejected_total{debug="true",format="unknown",sampler_type="lowerbound",svc="other-services",transport="unknown"} 0 +jaeger_collector_traces_rejected_total{debug="true",format="unknown",sampler_type="probabilistic",svc="other-services",transport="grpc"} 0 +jaeger_collector_traces_rejected_total{debug="true",format="unknown",sampler_type="probabilistic",svc="other-services",transport="http"} 0 +jaeger_collector_traces_rejected_total{debug="true",format="unknown",sampler_type="probabilistic",svc="other-services",transport="unknown"} 0 +jaeger_collector_traces_rejected_total{debug="true",format="unknown",sampler_type="ratelimiting",svc="other-services",transport="grpc"} 0 +jaeger_collector_traces_rejected_total{debug="true",format="unknown",sampler_type="ratelimiting",svc="other-services",transport="http"} 0 +jaeger_collector_traces_rejected_total{debug="true",format="unknown",sampler_type="ratelimiting",svc="other-services",transport="unknown"} 0 +jaeger_collector_traces_rejected_total{debug="true",format="unknown",sampler_type="unknown",svc="other-services",transport="grpc"} 0 +jaeger_collector_traces_rejected_total{debug="true",format="unknown",sampler_type="unknown",svc="other-services",transport="http"} 0 +jaeger_collector_traces_rejected_total{debug="true",format="unknown",sampler_type="unknown",svc="other-services",transport="unknown"} 0 +jaeger_collector_traces_rejected_total{debug="true",format="zipkin",sampler_type="const",svc="other-services",transport="grpc"} 0 +jaeger_collector_traces_rejected_total{debug="true",format="zipkin",sampler_type="const",svc="other-services",transport="http"} 0 +jaeger_collector_traces_rejected_total{debug="true",format="zipkin",sampler_type="const",svc="other-services",transport="unknown"} 0 +jaeger_collector_traces_rejected_total{debug="true",format="zipkin",sampler_type="lowerbound",svc="other-services",transport="grpc"} 0 +jaeger_collector_traces_rejected_total{debug="true",format="zipkin",sampler_type="lowerbound",svc="other-services",transport="http"} 0 +jaeger_collector_traces_rejected_total{debug="true",format="zipkin",sampler_type="lowerbound",svc="other-services",transport="unknown"} 0 +jaeger_collector_traces_rejected_total{debug="true",format="zipkin",sampler_type="probabilistic",svc="other-services",transport="grpc"} 0 +jaeger_collector_traces_rejected_total{debug="true",format="zipkin",sampler_type="probabilistic",svc="other-services",transport="http"} 0 +jaeger_collector_traces_rejected_total{debug="true",format="zipkin",sampler_type="probabilistic",svc="other-services",transport="unknown"} 0 +jaeger_collector_traces_rejected_total{debug="true",format="zipkin",sampler_type="ratelimiting",svc="other-services",transport="grpc"} 0 +jaeger_collector_traces_rejected_total{debug="true",format="zipkin",sampler_type="ratelimiting",svc="other-services",transport="http"} 0 +jaeger_collector_traces_rejected_total{debug="true",format="zipkin",sampler_type="ratelimiting",svc="other-services",transport="unknown"} 0 +jaeger_collector_traces_rejected_total{debug="true",format="zipkin",sampler_type="unknown",svc="other-services",transport="grpc"} 0 +jaeger_collector_traces_rejected_total{debug="true",format="zipkin",sampler_type="unknown",svc="other-services",transport="http"} 0 +jaeger_collector_traces_rejected_total{debug="true",format="zipkin",sampler_type="unknown",svc="other-services",transport="unknown"} 0 +# HELP jaeger_collector_traces_saved_by_svc_total saved-by-svc +# TYPE jaeger_collector_traces_saved_by_svc_total counter +jaeger_collector_traces_saved_by_svc_total{debug="false",result="err",sampler_type="const",svc="other-services"} 0 +jaeger_collector_traces_saved_by_svc_total{debug="false",result="err",sampler_type="lowerbound",svc="other-services"} 0 +jaeger_collector_traces_saved_by_svc_total{debug="false",result="err",sampler_type="probabilistic",svc="other-services"} 0 +jaeger_collector_traces_saved_by_svc_total{debug="false",result="err",sampler_type="ratelimiting",svc="other-services"} 0 +jaeger_collector_traces_saved_by_svc_total{debug="false",result="err",sampler_type="unknown",svc="frontend"} 1 +jaeger_collector_traces_saved_by_svc_total{debug="false",result="err",sampler_type="unknown",svc="other-services"} 0 +jaeger_collector_traces_saved_by_svc_total{debug="false",result="ok",sampler_type="const",svc="other-services"} 0 +jaeger_collector_traces_saved_by_svc_total{debug="false",result="ok",sampler_type="lowerbound",svc="other-services"} 0 +jaeger_collector_traces_saved_by_svc_total{debug="false",result="ok",sampler_type="probabilistic",svc="other-services"} 0 +jaeger_collector_traces_saved_by_svc_total{debug="false",result="ok",sampler_type="ratelimiting",svc="other-services"} 0 +jaeger_collector_traces_saved_by_svc_total{debug="false",result="ok",sampler_type="unknown",svc="frontend"} 539 +jaeger_collector_traces_saved_by_svc_total{debug="false",result="ok",sampler_type="unknown",svc="other-services"} 0 +jaeger_collector_traces_saved_by_svc_total{debug="true",result="err",sampler_type="const",svc="other-services"} 0 +jaeger_collector_traces_saved_by_svc_total{debug="true",result="err",sampler_type="lowerbound",svc="other-services"} 0 +jaeger_collector_traces_saved_by_svc_total{debug="true",result="err",sampler_type="probabilistic",svc="other-services"} 0 +jaeger_collector_traces_saved_by_svc_total{debug="true",result="err",sampler_type="ratelimiting",svc="other-services"} 0 +jaeger_collector_traces_saved_by_svc_total{debug="true",result="err",sampler_type="unknown",svc="other-services"} 0 +jaeger_collector_traces_saved_by_svc_total{debug="true",result="ok",sampler_type="const",svc="other-services"} 0 +jaeger_collector_traces_saved_by_svc_total{debug="true",result="ok",sampler_type="lowerbound",svc="other-services"} 0 +jaeger_collector_traces_saved_by_svc_total{debug="true",result="ok",sampler_type="probabilistic",svc="other-services"} 0 +jaeger_collector_traces_saved_by_svc_total{debug="true",result="ok",sampler_type="ratelimiting",svc="other-services"} 0 +jaeger_collector_traces_saved_by_svc_total{debug="true",result="ok",sampler_type="unknown",svc="other-services"} 0 +# HELP jaeger_internal_downsampling_ratio downsampling.ratio +# TYPE jaeger_internal_downsampling_ratio gauge +jaeger_internal_downsampling_ratio 1 +# HELP jaeger_internal_span_storage_type_cassandra span-storage-type-cassandra +# TYPE jaeger_internal_span_storage_type_cassandra gauge +jaeger_internal_span_storage_type_cassandra 1 +# HELP process_cpu_seconds_total Total user and system CPU time spent in seconds. +# TYPE process_cpu_seconds_total counter +process_cpu_seconds_total 7.61 +# HELP process_max_fds Maximum number of open file descriptors. +# TYPE process_max_fds gauge +process_max_fds 1.048576e+06 +# HELP process_open_fds Number of open file descriptors. +# TYPE process_open_fds gauge +process_open_fds 26 +# HELP process_resident_memory_bytes Resident memory size in bytes. +# TYPE process_resident_memory_bytes gauge +process_resident_memory_bytes 2.52928e+07 +# HELP process_start_time_seconds Start time of the process since unix epoch in seconds. +# TYPE process_start_time_seconds gauge +process_start_time_seconds 1.69201479512e+09 +# HELP process_virtual_memory_bytes Virtual memory size in bytes. +# TYPE process_virtual_memory_bytes gauge +process_virtual_memory_bytes 7.63445248e+08 +# HELP process_virtual_memory_max_bytes Maximum amount of virtual memory available in bytes. +# TYPE process_virtual_memory_max_bytes gauge +process_virtual_memory_max_bytes 1.8446744073709552e+19 +``` + + +
+ +## Query + +
+ Query metrics + + +```prometheus +# HELP go_gc_duration_seconds A summary of the pause duration of garbage collection cycles. +# TYPE go_gc_duration_seconds summary +go_gc_duration_seconds{quantile="0"} 2.9114e-05 +go_gc_duration_seconds{quantile="0.25"} 7.3604e-05 +go_gc_duration_seconds{quantile="0.5"} 9.1003e-05 +go_gc_duration_seconds{quantile="0.75"} 0.000113846 +go_gc_duration_seconds{quantile="1"} 0.000175166 +go_gc_duration_seconds_sum 0.002503905 +go_gc_duration_seconds_count 27 +# HELP go_goroutines Number of goroutines that currently exist. +# TYPE go_goroutines gauge +go_goroutines 55 +# HELP go_info Information about the Go environment. +# TYPE go_info gauge +go_info{version="go1.20.5"} 1 +# HELP go_memstats_alloc_bytes Number of bytes allocated and still in use. +# TYPE go_memstats_alloc_bytes gauge +go_memstats_alloc_bytes 3.470208e+06 +# HELP go_memstats_alloc_bytes_total Total number of bytes allocated, even if freed. +# TYPE go_memstats_alloc_bytes_total counter +go_memstats_alloc_bytes_total 4.25048e+07 +# HELP go_memstats_buck_hash_sys_bytes Number of bytes used by the profiling bucket hash table. +# TYPE go_memstats_buck_hash_sys_bytes gauge +go_memstats_buck_hash_sys_bytes 1.461647e+06 +# HELP go_memstats_frees_total Total number of frees. +# TYPE go_memstats_frees_total counter +go_memstats_frees_total 480897 +# HELP go_memstats_gc_sys_bytes Number of bytes used for garbage collection system metadata. +# TYPE go_memstats_gc_sys_bytes gauge +go_memstats_gc_sys_bytes 8.593376e+06 +# HELP go_memstats_heap_alloc_bytes Number of heap bytes allocated and still in use. +# TYPE go_memstats_heap_alloc_bytes gauge +go_memstats_heap_alloc_bytes 3.470208e+06 +# HELP go_memstats_heap_idle_bytes Number of heap bytes waiting to be used. +# TYPE go_memstats_heap_idle_bytes gauge +go_memstats_heap_idle_bytes 2.277376e+06 +# HELP go_memstats_heap_inuse_bytes Number of heap bytes that are in use. +# TYPE go_memstats_heap_inuse_bytes gauge +go_memstats_heap_inuse_bytes 4.898816e+06 +# HELP go_memstats_heap_objects Number of allocated objects. +# TYPE go_memstats_heap_objects gauge +go_memstats_heap_objects 17956 +# HELP go_memstats_heap_released_bytes Number of heap bytes released to OS. +# TYPE go_memstats_heap_released_bytes gauge +go_memstats_heap_released_bytes 1.572864e+06 +# HELP go_memstats_heap_sys_bytes Number of heap bytes obtained from system. +# TYPE go_memstats_heap_sys_bytes gauge +go_memstats_heap_sys_bytes 7.176192e+06 +# HELP go_memstats_last_gc_time_seconds Number of seconds since 1970 of last garbage collection. +# TYPE go_memstats_last_gc_time_seconds gauge +go_memstats_last_gc_time_seconds 1.6920175691250587e+09 +# HELP go_memstats_lookups_total Total number of pointer lookups. +# TYPE go_memstats_lookups_total counter +go_memstats_lookups_total 0 +# HELP go_memstats_mallocs_total Total number of mallocs. +# TYPE go_memstats_mallocs_total counter +go_memstats_mallocs_total 498853 +# HELP go_memstats_mcache_inuse_bytes Number of bytes in use by mcache structures. +# TYPE go_memstats_mcache_inuse_bytes gauge +go_memstats_mcache_inuse_bytes 1200 +# HELP go_memstats_mcache_sys_bytes Number of bytes used for mcache structures obtained from system. +# TYPE go_memstats_mcache_sys_bytes gauge +go_memstats_mcache_sys_bytes 15600 +# HELP go_memstats_mspan_inuse_bytes Number of bytes in use by mspan structures. +# TYPE go_memstats_mspan_inuse_bytes gauge +go_memstats_mspan_inuse_bytes 75680 +# HELP go_memstats_mspan_sys_bytes Number of bytes used for mspan structures obtained from system. +# TYPE go_memstats_mspan_sys_bytes gauge +go_memstats_mspan_sys_bytes 81600 +# HELP go_memstats_next_gc_bytes Number of heap bytes when next garbage collection will take place. +# TYPE go_memstats_next_gc_bytes gauge +go_memstats_next_gc_bytes 6.474992e+06 +# HELP go_memstats_other_sys_bytes Number of bytes used for other system allocations. +# TYPE go_memstats_other_sys_bytes gauge +go_memstats_other_sys_bytes 986089 +# HELP go_memstats_stack_inuse_bytes Number of bytes in use by the stack allocator. +# TYPE go_memstats_stack_inuse_bytes gauge +go_memstats_stack_inuse_bytes 1.212416e+06 +# HELP go_memstats_stack_sys_bytes Number of bytes obtained from system for stack allocator. +# TYPE go_memstats_stack_sys_bytes gauge +go_memstats_stack_sys_bytes 1.212416e+06 +# HELP go_memstats_sys_bytes Number of bytes obtained from system. +# TYPE go_memstats_sys_bytes gauge +go_memstats_sys_bytes 1.952692e+07 +# HELP go_threads Number of OS threads created. +# TYPE go_threads gauge +go_threads 7 +# HELP jaeger_cassandra_attempts_total attempts +# TYPE jaeger_cassandra_attempts_total counter +jaeger_cassandra_attempts_total{table="dependencies"} 0 +jaeger_cassandra_attempts_total{table="operation_names"} 0 +jaeger_cassandra_attempts_total{table="service_names"} 0 +# HELP jaeger_cassandra_errors_total errors +# TYPE jaeger_cassandra_errors_total counter +jaeger_cassandra_errors_total{table="dependencies"} 0 +jaeger_cassandra_errors_total{table="operation_names"} 0 +jaeger_cassandra_errors_total{table="service_names"} 0 +# HELP jaeger_cassandra_inserts_total inserts +# TYPE jaeger_cassandra_inserts_total counter +jaeger_cassandra_inserts_total{table="dependencies"} 0 +jaeger_cassandra_inserts_total{table="operation_names"} 0 +jaeger_cassandra_inserts_total{table="service_names"} 0 +# HELP jaeger_cassandra_latency_err latency-err +# TYPE jaeger_cassandra_latency_err histogram +jaeger_cassandra_latency_err_bucket{table="dependencies",le="0.005"} 0 +jaeger_cassandra_latency_err_bucket{table="dependencies",le="0.01"} 0 +jaeger_cassandra_latency_err_bucket{table="dependencies",le="0.025"} 0 +jaeger_cassandra_latency_err_bucket{table="dependencies",le="0.05"} 0 +jaeger_cassandra_latency_err_bucket{table="dependencies",le="0.1"} 0 +jaeger_cassandra_latency_err_bucket{table="dependencies",le="0.25"} 0 +jaeger_cassandra_latency_err_bucket{table="dependencies",le="0.5"} 0 +jaeger_cassandra_latency_err_bucket{table="dependencies",le="1"} 0 +jaeger_cassandra_latency_err_bucket{table="dependencies",le="2.5"} 0 +jaeger_cassandra_latency_err_bucket{table="dependencies",le="5"} 0 +jaeger_cassandra_latency_err_bucket{table="dependencies",le="10"} 0 +jaeger_cassandra_latency_err_bucket{table="dependencies",le="+Inf"} 0 +jaeger_cassandra_latency_err_sum{table="dependencies"} 0 +jaeger_cassandra_latency_err_count{table="dependencies"} 0 +jaeger_cassandra_latency_err_bucket{table="operation_names",le="0.005"} 0 +jaeger_cassandra_latency_err_bucket{table="operation_names",le="0.01"} 0 +jaeger_cassandra_latency_err_bucket{table="operation_names",le="0.025"} 0 +jaeger_cassandra_latency_err_bucket{table="operation_names",le="0.05"} 0 +jaeger_cassandra_latency_err_bucket{table="operation_names",le="0.1"} 0 +jaeger_cassandra_latency_err_bucket{table="operation_names",le="0.25"} 0 +jaeger_cassandra_latency_err_bucket{table="operation_names",le="0.5"} 0 +jaeger_cassandra_latency_err_bucket{table="operation_names",le="1"} 0 +jaeger_cassandra_latency_err_bucket{table="operation_names",le="2.5"} 0 +jaeger_cassandra_latency_err_bucket{table="operation_names",le="5"} 0 +jaeger_cassandra_latency_err_bucket{table="operation_names",le="10"} 0 +jaeger_cassandra_latency_err_bucket{table="operation_names",le="+Inf"} 0 +jaeger_cassandra_latency_err_sum{table="operation_names"} 0 +jaeger_cassandra_latency_err_count{table="operation_names"} 0 +jaeger_cassandra_latency_err_bucket{table="service_names",le="0.005"} 0 +jaeger_cassandra_latency_err_bucket{table="service_names",le="0.01"} 0 +jaeger_cassandra_latency_err_bucket{table="service_names",le="0.025"} 0 +jaeger_cassandra_latency_err_bucket{table="service_names",le="0.05"} 0 +jaeger_cassandra_latency_err_bucket{table="service_names",le="0.1"} 0 +jaeger_cassandra_latency_err_bucket{table="service_names",le="0.25"} 0 +jaeger_cassandra_latency_err_bucket{table="service_names",le="0.5"} 0 +jaeger_cassandra_latency_err_bucket{table="service_names",le="1"} 0 +jaeger_cassandra_latency_err_bucket{table="service_names",le="2.5"} 0 +jaeger_cassandra_latency_err_bucket{table="service_names",le="5"} 0 +jaeger_cassandra_latency_err_bucket{table="service_names",le="10"} 0 +jaeger_cassandra_latency_err_bucket{table="service_names",le="+Inf"} 0 +jaeger_cassandra_latency_err_sum{table="service_names"} 0 +jaeger_cassandra_latency_err_count{table="service_names"} 0 +# HELP jaeger_cassandra_latency_ok latency-ok +# TYPE jaeger_cassandra_latency_ok histogram +jaeger_cassandra_latency_ok_bucket{table="dependencies",le="0.005"} 0 +jaeger_cassandra_latency_ok_bucket{table="dependencies",le="0.01"} 0 +jaeger_cassandra_latency_ok_bucket{table="dependencies",le="0.025"} 0 +jaeger_cassandra_latency_ok_bucket{table="dependencies",le="0.05"} 0 +jaeger_cassandra_latency_ok_bucket{table="dependencies",le="0.1"} 0 +jaeger_cassandra_latency_ok_bucket{table="dependencies",le="0.25"} 0 +jaeger_cassandra_latency_ok_bucket{table="dependencies",le="0.5"} 0 +jaeger_cassandra_latency_ok_bucket{table="dependencies",le="1"} 0 +jaeger_cassandra_latency_ok_bucket{table="dependencies",le="2.5"} 0 +jaeger_cassandra_latency_ok_bucket{table="dependencies",le="5"} 0 +jaeger_cassandra_latency_ok_bucket{table="dependencies",le="10"} 0 +jaeger_cassandra_latency_ok_bucket{table="dependencies",le="+Inf"} 0 +jaeger_cassandra_latency_ok_sum{table="dependencies"} 0 +jaeger_cassandra_latency_ok_count{table="dependencies"} 0 +jaeger_cassandra_latency_ok_bucket{table="operation_names",le="0.005"} 0 +jaeger_cassandra_latency_ok_bucket{table="operation_names",le="0.01"} 0 +jaeger_cassandra_latency_ok_bucket{table="operation_names",le="0.025"} 0 +jaeger_cassandra_latency_ok_bucket{table="operation_names",le="0.05"} 0 +jaeger_cassandra_latency_ok_bucket{table="operation_names",le="0.1"} 0 +jaeger_cassandra_latency_ok_bucket{table="operation_names",le="0.25"} 0 +jaeger_cassandra_latency_ok_bucket{table="operation_names",le="0.5"} 0 +jaeger_cassandra_latency_ok_bucket{table="operation_names",le="1"} 0 +jaeger_cassandra_latency_ok_bucket{table="operation_names",le="2.5"} 0 +jaeger_cassandra_latency_ok_bucket{table="operation_names",le="5"} 0 +jaeger_cassandra_latency_ok_bucket{table="operation_names",le="10"} 0 +jaeger_cassandra_latency_ok_bucket{table="operation_names",le="+Inf"} 0 +jaeger_cassandra_latency_ok_sum{table="operation_names"} 0 +jaeger_cassandra_latency_ok_count{table="operation_names"} 0 +jaeger_cassandra_latency_ok_bucket{table="service_names",le="0.005"} 0 +jaeger_cassandra_latency_ok_bucket{table="service_names",le="0.01"} 0 +jaeger_cassandra_latency_ok_bucket{table="service_names",le="0.025"} 0 +jaeger_cassandra_latency_ok_bucket{table="service_names",le="0.05"} 0 +jaeger_cassandra_latency_ok_bucket{table="service_names",le="0.1"} 0 +jaeger_cassandra_latency_ok_bucket{table="service_names",le="0.25"} 0 +jaeger_cassandra_latency_ok_bucket{table="service_names",le="0.5"} 0 +jaeger_cassandra_latency_ok_bucket{table="service_names",le="1"} 0 +jaeger_cassandra_latency_ok_bucket{table="service_names",le="2.5"} 0 +jaeger_cassandra_latency_ok_bucket{table="service_names",le="5"} 0 +jaeger_cassandra_latency_ok_bucket{table="service_names",le="10"} 0 +jaeger_cassandra_latency_ok_bucket{table="service_names",le="+Inf"} 0 +jaeger_cassandra_latency_ok_sum{table="service_names"} 0 +jaeger_cassandra_latency_ok_count{table="service_names"} 0 +# HELP jaeger_cassandra_read_attempts_total attempts +# TYPE jaeger_cassandra_read_attempts_total counter +jaeger_cassandra_read_attempts_total{table="duration_index"} 0 +jaeger_cassandra_read_attempts_total{table="query_traces"} 0 +jaeger_cassandra_read_attempts_total{table="read_traces"} 0 +jaeger_cassandra_read_attempts_total{table="service_name_index"} 0 +jaeger_cassandra_read_attempts_total{table="service_operation_index"} 0 +jaeger_cassandra_read_attempts_total{table="tag_index"} 0 +# HELP jaeger_cassandra_read_errors_total errors +# TYPE jaeger_cassandra_read_errors_total counter +jaeger_cassandra_read_errors_total{table="duration_index"} 0 +jaeger_cassandra_read_errors_total{table="query_traces"} 0 +jaeger_cassandra_read_errors_total{table="read_traces"} 0 +jaeger_cassandra_read_errors_total{table="service_name_index"} 0 +jaeger_cassandra_read_errors_total{table="service_operation_index"} 0 +jaeger_cassandra_read_errors_total{table="tag_index"} 0 +# HELP jaeger_cassandra_read_inserts_total inserts +# TYPE jaeger_cassandra_read_inserts_total counter +jaeger_cassandra_read_inserts_total{table="duration_index"} 0 +jaeger_cassandra_read_inserts_total{table="query_traces"} 0 +jaeger_cassandra_read_inserts_total{table="read_traces"} 0 +jaeger_cassandra_read_inserts_total{table="service_name_index"} 0 +jaeger_cassandra_read_inserts_total{table="service_operation_index"} 0 +jaeger_cassandra_read_inserts_total{table="tag_index"} 0 +# HELP jaeger_cassandra_read_latency_err latency-err +# TYPE jaeger_cassandra_read_latency_err histogram +jaeger_cassandra_read_latency_err_bucket{table="duration_index",le="0.005"} 0 +jaeger_cassandra_read_latency_err_bucket{table="duration_index",le="0.01"} 0 +jaeger_cassandra_read_latency_err_bucket{table="duration_index",le="0.025"} 0 +jaeger_cassandra_read_latency_err_bucket{table="duration_index",le="0.05"} 0 +jaeger_cassandra_read_latency_err_bucket{table="duration_index",le="0.1"} 0 +jaeger_cassandra_read_latency_err_bucket{table="duration_index",le="0.25"} 0 +jaeger_cassandra_read_latency_err_bucket{table="duration_index",le="0.5"} 0 +jaeger_cassandra_read_latency_err_bucket{table="duration_index",le="1"} 0 +jaeger_cassandra_read_latency_err_bucket{table="duration_index",le="2.5"} 0 +jaeger_cassandra_read_latency_err_bucket{table="duration_index",le="5"} 0 +jaeger_cassandra_read_latency_err_bucket{table="duration_index",le="10"} 0 +jaeger_cassandra_read_latency_err_bucket{table="duration_index",le="+Inf"} 0 +jaeger_cassandra_read_latency_err_sum{table="duration_index"} 0 +jaeger_cassandra_read_latency_err_count{table="duration_index"} 0 +jaeger_cassandra_read_latency_err_bucket{table="query_traces",le="0.005"} 0 +jaeger_cassandra_read_latency_err_bucket{table="query_traces",le="0.01"} 0 +jaeger_cassandra_read_latency_err_bucket{table="query_traces",le="0.025"} 0 +jaeger_cassandra_read_latency_err_bucket{table="query_traces",le="0.05"} 0 +jaeger_cassandra_read_latency_err_bucket{table="query_traces",le="0.1"} 0 +jaeger_cassandra_read_latency_err_bucket{table="query_traces",le="0.25"} 0 +jaeger_cassandra_read_latency_err_bucket{table="query_traces",le="0.5"} 0 +jaeger_cassandra_read_latency_err_bucket{table="query_traces",le="1"} 0 +jaeger_cassandra_read_latency_err_bucket{table="query_traces",le="2.5"} 0 +jaeger_cassandra_read_latency_err_bucket{table="query_traces",le="5"} 0 +jaeger_cassandra_read_latency_err_bucket{table="query_traces",le="10"} 0 +jaeger_cassandra_read_latency_err_bucket{table="query_traces",le="+Inf"} 0 +jaeger_cassandra_read_latency_err_sum{table="query_traces"} 0 +jaeger_cassandra_read_latency_err_count{table="query_traces"} 0 +jaeger_cassandra_read_latency_err_bucket{table="read_traces",le="0.005"} 0 +jaeger_cassandra_read_latency_err_bucket{table="read_traces",le="0.01"} 0 +jaeger_cassandra_read_latency_err_bucket{table="read_traces",le="0.025"} 0 +jaeger_cassandra_read_latency_err_bucket{table="read_traces",le="0.05"} 0 +jaeger_cassandra_read_latency_err_bucket{table="read_traces",le="0.1"} 0 +jaeger_cassandra_read_latency_err_bucket{table="read_traces",le="0.25"} 0 +jaeger_cassandra_read_latency_err_bucket{table="read_traces",le="0.5"} 0 +jaeger_cassandra_read_latency_err_bucket{table="read_traces",le="1"} 0 +jaeger_cassandra_read_latency_err_bucket{table="read_traces",le="2.5"} 0 +jaeger_cassandra_read_latency_err_bucket{table="read_traces",le="5"} 0 +jaeger_cassandra_read_latency_err_bucket{table="read_traces",le="10"} 0 +jaeger_cassandra_read_latency_err_bucket{table="read_traces",le="+Inf"} 0 +jaeger_cassandra_read_latency_err_sum{table="read_traces"} 0 +jaeger_cassandra_read_latency_err_count{table="read_traces"} 0 +jaeger_cassandra_read_latency_err_bucket{table="service_name_index",le="0.005"} 0 +jaeger_cassandra_read_latency_err_bucket{table="service_name_index",le="0.01"} 0 +jaeger_cassandra_read_latency_err_bucket{table="service_name_index",le="0.025"} 0 +jaeger_cassandra_read_latency_err_bucket{table="service_name_index",le="0.05"} 0 +jaeger_cassandra_read_latency_err_bucket{table="service_name_index",le="0.1"} 0 +jaeger_cassandra_read_latency_err_bucket{table="service_name_index",le="0.25"} 0 +jaeger_cassandra_read_latency_err_bucket{table="service_name_index",le="0.5"} 0 +jaeger_cassandra_read_latency_err_bucket{table="service_name_index",le="1"} 0 +jaeger_cassandra_read_latency_err_bucket{table="service_name_index",le="2.5"} 0 +jaeger_cassandra_read_latency_err_bucket{table="service_name_index",le="5"} 0 +jaeger_cassandra_read_latency_err_bucket{table="service_name_index",le="10"} 0 +jaeger_cassandra_read_latency_err_bucket{table="service_name_index",le="+Inf"} 0 +jaeger_cassandra_read_latency_err_sum{table="service_name_index"} 0 +jaeger_cassandra_read_latency_err_count{table="service_name_index"} 0 +jaeger_cassandra_read_latency_err_bucket{table="service_operation_index",le="0.005"} 0 +jaeger_cassandra_read_latency_err_bucket{table="service_operation_index",le="0.01"} 0 +jaeger_cassandra_read_latency_err_bucket{table="service_operation_index",le="0.025"} 0 +jaeger_cassandra_read_latency_err_bucket{table="service_operation_index",le="0.05"} 0 +jaeger_cassandra_read_latency_err_bucket{table="service_operation_index",le="0.1"} 0 +jaeger_cassandra_read_latency_err_bucket{table="service_operation_index",le="0.25"} 0 +jaeger_cassandra_read_latency_err_bucket{table="service_operation_index",le="0.5"} 0 +jaeger_cassandra_read_latency_err_bucket{table="service_operation_index",le="1"} 0 +jaeger_cassandra_read_latency_err_bucket{table="service_operation_index",le="2.5"} 0 +jaeger_cassandra_read_latency_err_bucket{table="service_operation_index",le="5"} 0 +jaeger_cassandra_read_latency_err_bucket{table="service_operation_index",le="10"} 0 +jaeger_cassandra_read_latency_err_bucket{table="service_operation_index",le="+Inf"} 0 +jaeger_cassandra_read_latency_err_sum{table="service_operation_index"} 0 +jaeger_cassandra_read_latency_err_count{table="service_operation_index"} 0 +jaeger_cassandra_read_latency_err_bucket{table="tag_index",le="0.005"} 0 +jaeger_cassandra_read_latency_err_bucket{table="tag_index",le="0.01"} 0 +jaeger_cassandra_read_latency_err_bucket{table="tag_index",le="0.025"} 0 +jaeger_cassandra_read_latency_err_bucket{table="tag_index",le="0.05"} 0 +jaeger_cassandra_read_latency_err_bucket{table="tag_index",le="0.1"} 0 +jaeger_cassandra_read_latency_err_bucket{table="tag_index",le="0.25"} 0 +jaeger_cassandra_read_latency_err_bucket{table="tag_index",le="0.5"} 0 +jaeger_cassandra_read_latency_err_bucket{table="tag_index",le="1"} 0 +jaeger_cassandra_read_latency_err_bucket{table="tag_index",le="2.5"} 0 +jaeger_cassandra_read_latency_err_bucket{table="tag_index",le="5"} 0 +jaeger_cassandra_read_latency_err_bucket{table="tag_index",le="10"} 0 +jaeger_cassandra_read_latency_err_bucket{table="tag_index",le="+Inf"} 0 +jaeger_cassandra_read_latency_err_sum{table="tag_index"} 0 +jaeger_cassandra_read_latency_err_count{table="tag_index"} 0 +# HELP jaeger_cassandra_read_latency_ok latency-ok +# TYPE jaeger_cassandra_read_latency_ok histogram +jaeger_cassandra_read_latency_ok_bucket{table="duration_index",le="0.005"} 0 +jaeger_cassandra_read_latency_ok_bucket{table="duration_index",le="0.01"} 0 +jaeger_cassandra_read_latency_ok_bucket{table="duration_index",le="0.025"} 0 +jaeger_cassandra_read_latency_ok_bucket{table="duration_index",le="0.05"} 0 +jaeger_cassandra_read_latency_ok_bucket{table="duration_index",le="0.1"} 0 +jaeger_cassandra_read_latency_ok_bucket{table="duration_index",le="0.25"} 0 +jaeger_cassandra_read_latency_ok_bucket{table="duration_index",le="0.5"} 0 +jaeger_cassandra_read_latency_ok_bucket{table="duration_index",le="1"} 0 +jaeger_cassandra_read_latency_ok_bucket{table="duration_index",le="2.5"} 0 +jaeger_cassandra_read_latency_ok_bucket{table="duration_index",le="5"} 0 +jaeger_cassandra_read_latency_ok_bucket{table="duration_index",le="10"} 0 +jaeger_cassandra_read_latency_ok_bucket{table="duration_index",le="+Inf"} 0 +jaeger_cassandra_read_latency_ok_sum{table="duration_index"} 0 +jaeger_cassandra_read_latency_ok_count{table="duration_index"} 0 +jaeger_cassandra_read_latency_ok_bucket{table="query_traces",le="0.005"} 0 +jaeger_cassandra_read_latency_ok_bucket{table="query_traces",le="0.01"} 0 +jaeger_cassandra_read_latency_ok_bucket{table="query_traces",le="0.025"} 0 +jaeger_cassandra_read_latency_ok_bucket{table="query_traces",le="0.05"} 0 +jaeger_cassandra_read_latency_ok_bucket{table="query_traces",le="0.1"} 0 +jaeger_cassandra_read_latency_ok_bucket{table="query_traces",le="0.25"} 0 +jaeger_cassandra_read_latency_ok_bucket{table="query_traces",le="0.5"} 0 +jaeger_cassandra_read_latency_ok_bucket{table="query_traces",le="1"} 0 +jaeger_cassandra_read_latency_ok_bucket{table="query_traces",le="2.5"} 0 +jaeger_cassandra_read_latency_ok_bucket{table="query_traces",le="5"} 0 +jaeger_cassandra_read_latency_ok_bucket{table="query_traces",le="10"} 0 +jaeger_cassandra_read_latency_ok_bucket{table="query_traces",le="+Inf"} 0 +jaeger_cassandra_read_latency_ok_sum{table="query_traces"} 0 +jaeger_cassandra_read_latency_ok_count{table="query_traces"} 0 +jaeger_cassandra_read_latency_ok_bucket{table="read_traces",le="0.005"} 0 +jaeger_cassandra_read_latency_ok_bucket{table="read_traces",le="0.01"} 0 +jaeger_cassandra_read_latency_ok_bucket{table="read_traces",le="0.025"} 0 +jaeger_cassandra_read_latency_ok_bucket{table="read_traces",le="0.05"} 0 +jaeger_cassandra_read_latency_ok_bucket{table="read_traces",le="0.1"} 0 +jaeger_cassandra_read_latency_ok_bucket{table="read_traces",le="0.25"} 0 +jaeger_cassandra_read_latency_ok_bucket{table="read_traces",le="0.5"} 0 +jaeger_cassandra_read_latency_ok_bucket{table="read_traces",le="1"} 0 +jaeger_cassandra_read_latency_ok_bucket{table="read_traces",le="2.5"} 0 +jaeger_cassandra_read_latency_ok_bucket{table="read_traces",le="5"} 0 +jaeger_cassandra_read_latency_ok_bucket{table="read_traces",le="10"} 0 +jaeger_cassandra_read_latency_ok_bucket{table="read_traces",le="+Inf"} 0 +jaeger_cassandra_read_latency_ok_sum{table="read_traces"} 0 +jaeger_cassandra_read_latency_ok_count{table="read_traces"} 0 +jaeger_cassandra_read_latency_ok_bucket{table="service_name_index",le="0.005"} 0 +jaeger_cassandra_read_latency_ok_bucket{table="service_name_index",le="0.01"} 0 +jaeger_cassandra_read_latency_ok_bucket{table="service_name_index",le="0.025"} 0 +jaeger_cassandra_read_latency_ok_bucket{table="service_name_index",le="0.05"} 0 +jaeger_cassandra_read_latency_ok_bucket{table="service_name_index",le="0.1"} 0 +jaeger_cassandra_read_latency_ok_bucket{table="service_name_index",le="0.25"} 0 +jaeger_cassandra_read_latency_ok_bucket{table="service_name_index",le="0.5"} 0 +jaeger_cassandra_read_latency_ok_bucket{table="service_name_index",le="1"} 0 +jaeger_cassandra_read_latency_ok_bucket{table="service_name_index",le="2.5"} 0 +jaeger_cassandra_read_latency_ok_bucket{table="service_name_index",le="5"} 0 +jaeger_cassandra_read_latency_ok_bucket{table="service_name_index",le="10"} 0 +jaeger_cassandra_read_latency_ok_bucket{table="service_name_index",le="+Inf"} 0 +jaeger_cassandra_read_latency_ok_sum{table="service_name_index"} 0 +jaeger_cassandra_read_latency_ok_count{table="service_name_index"} 0 +jaeger_cassandra_read_latency_ok_bucket{table="service_operation_index",le="0.005"} 0 +jaeger_cassandra_read_latency_ok_bucket{table="service_operation_index",le="0.01"} 0 +jaeger_cassandra_read_latency_ok_bucket{table="service_operation_index",le="0.025"} 0 +jaeger_cassandra_read_latency_ok_bucket{table="service_operation_index",le="0.05"} 0 +jaeger_cassandra_read_latency_ok_bucket{table="service_operation_index",le="0.1"} 0 +jaeger_cassandra_read_latency_ok_bucket{table="service_operation_index",le="0.25"} 0 +jaeger_cassandra_read_latency_ok_bucket{table="service_operation_index",le="0.5"} 0 +jaeger_cassandra_read_latency_ok_bucket{table="service_operation_index",le="1"} 0 +jaeger_cassandra_read_latency_ok_bucket{table="service_operation_index",le="2.5"} 0 +jaeger_cassandra_read_latency_ok_bucket{table="service_operation_index",le="5"} 0 +jaeger_cassandra_read_latency_ok_bucket{table="service_operation_index",le="10"} 0 +jaeger_cassandra_read_latency_ok_bucket{table="service_operation_index",le="+Inf"} 0 +jaeger_cassandra_read_latency_ok_sum{table="service_operation_index"} 0 +jaeger_cassandra_read_latency_ok_count{table="service_operation_index"} 0 +jaeger_cassandra_read_latency_ok_bucket{table="tag_index",le="0.005"} 0 +jaeger_cassandra_read_latency_ok_bucket{table="tag_index",le="0.01"} 0 +jaeger_cassandra_read_latency_ok_bucket{table="tag_index",le="0.025"} 0 +jaeger_cassandra_read_latency_ok_bucket{table="tag_index",le="0.05"} 0 +jaeger_cassandra_read_latency_ok_bucket{table="tag_index",le="0.1"} 0 +jaeger_cassandra_read_latency_ok_bucket{table="tag_index",le="0.25"} 0 +jaeger_cassandra_read_latency_ok_bucket{table="tag_index",le="0.5"} 0 +jaeger_cassandra_read_latency_ok_bucket{table="tag_index",le="1"} 0 +jaeger_cassandra_read_latency_ok_bucket{table="tag_index",le="2.5"} 0 +jaeger_cassandra_read_latency_ok_bucket{table="tag_index",le="5"} 0 +jaeger_cassandra_read_latency_ok_bucket{table="tag_index",le="10"} 0 +jaeger_cassandra_read_latency_ok_bucket{table="tag_index",le="+Inf"} 0 +jaeger_cassandra_read_latency_ok_sum{table="tag_index"} 0 +jaeger_cassandra_read_latency_ok_count{table="tag_index"} 0 +# HELP jaeger_internal_downsampling_ratio downsampling.ratio +# TYPE jaeger_internal_downsampling_ratio gauge +jaeger_internal_downsampling_ratio 1 +# HELP jaeger_internal_span_storage_type_cassandra span-storage-type-cassandra +# TYPE jaeger_internal_span_storage_type_cassandra gauge +jaeger_internal_span_storage_type_cassandra 1 +# HELP jaeger_query_build_info build_info +# TYPE jaeger_query_build_info gauge +jaeger_query_build_info{build_date="2023-07-06T20:38:11Z",revision="ee6cc41ef62ba8f04de8a16431b43b620bdf571c",version="v1.62.0"} 1 +# HELP jaeger_query_latency latency +# TYPE jaeger_query_latency histogram +jaeger_query_latency_bucket{operation="find_trace_ids",result="err",le="0.005"} 0 +jaeger_query_latency_bucket{operation="find_trace_ids",result="err",le="0.01"} 0 +jaeger_query_latency_bucket{operation="find_trace_ids",result="err",le="0.025"} 0 +jaeger_query_latency_bucket{operation="find_trace_ids",result="err",le="0.05"} 0 +jaeger_query_latency_bucket{operation="find_trace_ids",result="err",le="0.1"} 0 +jaeger_query_latency_bucket{operation="find_trace_ids",result="err",le="0.25"} 0 +jaeger_query_latency_bucket{operation="find_trace_ids",result="err",le="0.5"} 0 +jaeger_query_latency_bucket{operation="find_trace_ids",result="err",le="1"} 0 +jaeger_query_latency_bucket{operation="find_trace_ids",result="err",le="2.5"} 0 +jaeger_query_latency_bucket{operation="find_trace_ids",result="err",le="5"} 0 +jaeger_query_latency_bucket{operation="find_trace_ids",result="err",le="10"} 0 +jaeger_query_latency_bucket{operation="find_trace_ids",result="err",le="+Inf"} 0 +jaeger_query_latency_sum{operation="find_trace_ids",result="err"} 0 +jaeger_query_latency_count{operation="find_trace_ids",result="err"} 0 +jaeger_query_latency_bucket{operation="find_trace_ids",result="ok",le="0.005"} 0 +jaeger_query_latency_bucket{operation="find_trace_ids",result="ok",le="0.01"} 0 +jaeger_query_latency_bucket{operation="find_trace_ids",result="ok",le="0.025"} 0 +jaeger_query_latency_bucket{operation="find_trace_ids",result="ok",le="0.05"} 0 +jaeger_query_latency_bucket{operation="find_trace_ids",result="ok",le="0.1"} 0 +jaeger_query_latency_bucket{operation="find_trace_ids",result="ok",le="0.25"} 0 +jaeger_query_latency_bucket{operation="find_trace_ids",result="ok",le="0.5"} 0 +jaeger_query_latency_bucket{operation="find_trace_ids",result="ok",le="1"} 0 +jaeger_query_latency_bucket{operation="find_trace_ids",result="ok",le="2.5"} 0 +jaeger_query_latency_bucket{operation="find_trace_ids",result="ok",le="5"} 0 +jaeger_query_latency_bucket{operation="find_trace_ids",result="ok",le="10"} 0 +jaeger_query_latency_bucket{operation="find_trace_ids",result="ok",le="+Inf"} 0 +jaeger_query_latency_sum{operation="find_trace_ids",result="ok"} 0 +jaeger_query_latency_count{operation="find_trace_ids",result="ok"} 0 +jaeger_query_latency_bucket{operation="find_traces",result="err",le="0.005"} 0 +jaeger_query_latency_bucket{operation="find_traces",result="err",le="0.01"} 0 +jaeger_query_latency_bucket{operation="find_traces",result="err",le="0.025"} 0 +jaeger_query_latency_bucket{operation="find_traces",result="err",le="0.05"} 0 +jaeger_query_latency_bucket{operation="find_traces",result="err",le="0.1"} 0 +jaeger_query_latency_bucket{operation="find_traces",result="err",le="0.25"} 0 +jaeger_query_latency_bucket{operation="find_traces",result="err",le="0.5"} 0 +jaeger_query_latency_bucket{operation="find_traces",result="err",le="1"} 0 +jaeger_query_latency_bucket{operation="find_traces",result="err",le="2.5"} 0 +jaeger_query_latency_bucket{operation="find_traces",result="err",le="5"} 0 +jaeger_query_latency_bucket{operation="find_traces",result="err",le="10"} 0 +jaeger_query_latency_bucket{operation="find_traces",result="err",le="+Inf"} 0 +jaeger_query_latency_sum{operation="find_traces",result="err"} 0 +jaeger_query_latency_count{operation="find_traces",result="err"} 0 +jaeger_query_latency_bucket{operation="find_traces",result="ok",le="0.005"} 0 +jaeger_query_latency_bucket{operation="find_traces",result="ok",le="0.01"} 0 +jaeger_query_latency_bucket{operation="find_traces",result="ok",le="0.025"} 0 +jaeger_query_latency_bucket{operation="find_traces",result="ok",le="0.05"} 0 +jaeger_query_latency_bucket{operation="find_traces",result="ok",le="0.1"} 0 +jaeger_query_latency_bucket{operation="find_traces",result="ok",le="0.25"} 0 +jaeger_query_latency_bucket{operation="find_traces",result="ok",le="0.5"} 0 +jaeger_query_latency_bucket{operation="find_traces",result="ok",le="1"} 0 +jaeger_query_latency_bucket{operation="find_traces",result="ok",le="2.5"} 0 +jaeger_query_latency_bucket{operation="find_traces",result="ok",le="5"} 0 +jaeger_query_latency_bucket{operation="find_traces",result="ok",le="10"} 0 +jaeger_query_latency_bucket{operation="find_traces",result="ok",le="+Inf"} 0 +jaeger_query_latency_sum{operation="find_traces",result="ok"} 0 +jaeger_query_latency_count{operation="find_traces",result="ok"} 0 +jaeger_query_latency_bucket{operation="get_call_rates",result="err",le="0.005"} 0 +jaeger_query_latency_bucket{operation="get_call_rates",result="err",le="0.01"} 0 +jaeger_query_latency_bucket{operation="get_call_rates",result="err",le="0.025"} 0 +jaeger_query_latency_bucket{operation="get_call_rates",result="err",le="0.05"} 0 +jaeger_query_latency_bucket{operation="get_call_rates",result="err",le="0.1"} 0 +jaeger_query_latency_bucket{operation="get_call_rates",result="err",le="0.25"} 0 +jaeger_query_latency_bucket{operation="get_call_rates",result="err",le="0.5"} 0 +jaeger_query_latency_bucket{operation="get_call_rates",result="err",le="1"} 0 +jaeger_query_latency_bucket{operation="get_call_rates",result="err",le="2.5"} 0 +jaeger_query_latency_bucket{operation="get_call_rates",result="err",le="5"} 0 +jaeger_query_latency_bucket{operation="get_call_rates",result="err",le="10"} 0 +jaeger_query_latency_bucket{operation="get_call_rates",result="err",le="+Inf"} 0 +jaeger_query_latency_sum{operation="get_call_rates",result="err"} 0 +jaeger_query_latency_count{operation="get_call_rates",result="err"} 0 +jaeger_query_latency_bucket{operation="get_call_rates",result="ok",le="0.005"} 0 +jaeger_query_latency_bucket{operation="get_call_rates",result="ok",le="0.01"} 0 +jaeger_query_latency_bucket{operation="get_call_rates",result="ok",le="0.025"} 0 +jaeger_query_latency_bucket{operation="get_call_rates",result="ok",le="0.05"} 0 +jaeger_query_latency_bucket{operation="get_call_rates",result="ok",le="0.1"} 0 +jaeger_query_latency_bucket{operation="get_call_rates",result="ok",le="0.25"} 0 +jaeger_query_latency_bucket{operation="get_call_rates",result="ok",le="0.5"} 0 +jaeger_query_latency_bucket{operation="get_call_rates",result="ok",le="1"} 0 +jaeger_query_latency_bucket{operation="get_call_rates",result="ok",le="2.5"} 0 +jaeger_query_latency_bucket{operation="get_call_rates",result="ok",le="5"} 0 +jaeger_query_latency_bucket{operation="get_call_rates",result="ok",le="10"} 0 +jaeger_query_latency_bucket{operation="get_call_rates",result="ok",le="+Inf"} 0 +jaeger_query_latency_sum{operation="get_call_rates",result="ok"} 0 +jaeger_query_latency_count{operation="get_call_rates",result="ok"} 0 +jaeger_query_latency_bucket{operation="get_error_rates",result="err",le="0.005"} 0 +jaeger_query_latency_bucket{operation="get_error_rates",result="err",le="0.01"} 0 +jaeger_query_latency_bucket{operation="get_error_rates",result="err",le="0.025"} 0 +jaeger_query_latency_bucket{operation="get_error_rates",result="err",le="0.05"} 0 +jaeger_query_latency_bucket{operation="get_error_rates",result="err",le="0.1"} 0 +jaeger_query_latency_bucket{operation="get_error_rates",result="err",le="0.25"} 0 +jaeger_query_latency_bucket{operation="get_error_rates",result="err",le="0.5"} 0 +jaeger_query_latency_bucket{operation="get_error_rates",result="err",le="1"} 0 +jaeger_query_latency_bucket{operation="get_error_rates",result="err",le="2.5"} 0 +jaeger_query_latency_bucket{operation="get_error_rates",result="err",le="5"} 0 +jaeger_query_latency_bucket{operation="get_error_rates",result="err",le="10"} 0 +jaeger_query_latency_bucket{operation="get_error_rates",result="err",le="+Inf"} 0 +jaeger_query_latency_sum{operation="get_error_rates",result="err"} 0 +jaeger_query_latency_count{operation="get_error_rates",result="err"} 0 +jaeger_query_latency_bucket{operation="get_error_rates",result="ok",le="0.005"} 0 +jaeger_query_latency_bucket{operation="get_error_rates",result="ok",le="0.01"} 0 +jaeger_query_latency_bucket{operation="get_error_rates",result="ok",le="0.025"} 0 +jaeger_query_latency_bucket{operation="get_error_rates",result="ok",le="0.05"} 0 +jaeger_query_latency_bucket{operation="get_error_rates",result="ok",le="0.1"} 0 +jaeger_query_latency_bucket{operation="get_error_rates",result="ok",le="0.25"} 0 +jaeger_query_latency_bucket{operation="get_error_rates",result="ok",le="0.5"} 0 +jaeger_query_latency_bucket{operation="get_error_rates",result="ok",le="1"} 0 +jaeger_query_latency_bucket{operation="get_error_rates",result="ok",le="2.5"} 0 +jaeger_query_latency_bucket{operation="get_error_rates",result="ok",le="5"} 0 +jaeger_query_latency_bucket{operation="get_error_rates",result="ok",le="10"} 0 +jaeger_query_latency_bucket{operation="get_error_rates",result="ok",le="+Inf"} 0 +jaeger_query_latency_sum{operation="get_error_rates",result="ok"} 0 +jaeger_query_latency_count{operation="get_error_rates",result="ok"} 0 +jaeger_query_latency_bucket{operation="get_latencies",result="err",le="0.005"} 0 +jaeger_query_latency_bucket{operation="get_latencies",result="err",le="0.01"} 0 +jaeger_query_latency_bucket{operation="get_latencies",result="err",le="0.025"} 0 +jaeger_query_latency_bucket{operation="get_latencies",result="err",le="0.05"} 0 +jaeger_query_latency_bucket{operation="get_latencies",result="err",le="0.1"} 0 +jaeger_query_latency_bucket{operation="get_latencies",result="err",le="0.25"} 0 +jaeger_query_latency_bucket{operation="get_latencies",result="err",le="0.5"} 0 +jaeger_query_latency_bucket{operation="get_latencies",result="err",le="1"} 0 +jaeger_query_latency_bucket{operation="get_latencies",result="err",le="2.5"} 0 +jaeger_query_latency_bucket{operation="get_latencies",result="err",le="5"} 0 +jaeger_query_latency_bucket{operation="get_latencies",result="err",le="10"} 0 +jaeger_query_latency_bucket{operation="get_latencies",result="err",le="+Inf"} 0 +jaeger_query_latency_sum{operation="get_latencies",result="err"} 0 +jaeger_query_latency_count{operation="get_latencies",result="err"} 0 +jaeger_query_latency_bucket{operation="get_latencies",result="ok",le="0.005"} 0 +jaeger_query_latency_bucket{operation="get_latencies",result="ok",le="0.01"} 0 +jaeger_query_latency_bucket{operation="get_latencies",result="ok",le="0.025"} 0 +jaeger_query_latency_bucket{operation="get_latencies",result="ok",le="0.05"} 0 +jaeger_query_latency_bucket{operation="get_latencies",result="ok",le="0.1"} 0 +jaeger_query_latency_bucket{operation="get_latencies",result="ok",le="0.25"} 0 +jaeger_query_latency_bucket{operation="get_latencies",result="ok",le="0.5"} 0 +jaeger_query_latency_bucket{operation="get_latencies",result="ok",le="1"} 0 +jaeger_query_latency_bucket{operation="get_latencies",result="ok",le="2.5"} 0 +jaeger_query_latency_bucket{operation="get_latencies",result="ok",le="5"} 0 +jaeger_query_latency_bucket{operation="get_latencies",result="ok",le="10"} 0 +jaeger_query_latency_bucket{operation="get_latencies",result="ok",le="+Inf"} 0 +jaeger_query_latency_sum{operation="get_latencies",result="ok"} 0 +jaeger_query_latency_count{operation="get_latencies",result="ok"} 0 +jaeger_query_latency_bucket{operation="get_min_step_duration",result="err",le="0.005"} 0 +jaeger_query_latency_bucket{operation="get_min_step_duration",result="err",le="0.01"} 0 +jaeger_query_latency_bucket{operation="get_min_step_duration",result="err",le="0.025"} 0 +jaeger_query_latency_bucket{operation="get_min_step_duration",result="err",le="0.05"} 0 +jaeger_query_latency_bucket{operation="get_min_step_duration",result="err",le="0.1"} 0 +jaeger_query_latency_bucket{operation="get_min_step_duration",result="err",le="0.25"} 0 +jaeger_query_latency_bucket{operation="get_min_step_duration",result="err",le="0.5"} 0 +jaeger_query_latency_bucket{operation="get_min_step_duration",result="err",le="1"} 0 +jaeger_query_latency_bucket{operation="get_min_step_duration",result="err",le="2.5"} 0 +jaeger_query_latency_bucket{operation="get_min_step_duration",result="err",le="5"} 0 +jaeger_query_latency_bucket{operation="get_min_step_duration",result="err",le="10"} 0 +jaeger_query_latency_bucket{operation="get_min_step_duration",result="err",le="+Inf"} 0 +jaeger_query_latency_sum{operation="get_min_step_duration",result="err"} 0 +jaeger_query_latency_count{operation="get_min_step_duration",result="err"} 0 +jaeger_query_latency_bucket{operation="get_min_step_duration",result="ok",le="0.005"} 0 +jaeger_query_latency_bucket{operation="get_min_step_duration",result="ok",le="0.01"} 0 +jaeger_query_latency_bucket{operation="get_min_step_duration",result="ok",le="0.025"} 0 +jaeger_query_latency_bucket{operation="get_min_step_duration",result="ok",le="0.05"} 0 +jaeger_query_latency_bucket{operation="get_min_step_duration",result="ok",le="0.1"} 0 +jaeger_query_latency_bucket{operation="get_min_step_duration",result="ok",le="0.25"} 0 +jaeger_query_latency_bucket{operation="get_min_step_duration",result="ok",le="0.5"} 0 +jaeger_query_latency_bucket{operation="get_min_step_duration",result="ok",le="1"} 0 +jaeger_query_latency_bucket{operation="get_min_step_duration",result="ok",le="2.5"} 0 +jaeger_query_latency_bucket{operation="get_min_step_duration",result="ok",le="5"} 0 +jaeger_query_latency_bucket{operation="get_min_step_duration",result="ok",le="10"} 0 +jaeger_query_latency_bucket{operation="get_min_step_duration",result="ok",le="+Inf"} 0 +jaeger_query_latency_sum{operation="get_min_step_duration",result="ok"} 0 +jaeger_query_latency_count{operation="get_min_step_duration",result="ok"} 0 +jaeger_query_latency_bucket{operation="get_operations",result="err",le="0.005"} 0 +jaeger_query_latency_bucket{operation="get_operations",result="err",le="0.01"} 0 +jaeger_query_latency_bucket{operation="get_operations",result="err",le="0.025"} 0 +jaeger_query_latency_bucket{operation="get_operations",result="err",le="0.05"} 0 +jaeger_query_latency_bucket{operation="get_operations",result="err",le="0.1"} 0 +jaeger_query_latency_bucket{operation="get_operations",result="err",le="0.25"} 0 +jaeger_query_latency_bucket{operation="get_operations",result="err",le="0.5"} 0 +jaeger_query_latency_bucket{operation="get_operations",result="err",le="1"} 0 +jaeger_query_latency_bucket{operation="get_operations",result="err",le="2.5"} 0 +jaeger_query_latency_bucket{operation="get_operations",result="err",le="5"} 0 +jaeger_query_latency_bucket{operation="get_operations",result="err",le="10"} 0 +jaeger_query_latency_bucket{operation="get_operations",result="err",le="+Inf"} 0 +jaeger_query_latency_sum{operation="get_operations",result="err"} 0 +jaeger_query_latency_count{operation="get_operations",result="err"} 0 +jaeger_query_latency_bucket{operation="get_operations",result="ok",le="0.005"} 0 +jaeger_query_latency_bucket{operation="get_operations",result="ok",le="0.01"} 0 +jaeger_query_latency_bucket{operation="get_operations",result="ok",le="0.025"} 0 +jaeger_query_latency_bucket{operation="get_operations",result="ok",le="0.05"} 0 +jaeger_query_latency_bucket{operation="get_operations",result="ok",le="0.1"} 0 +jaeger_query_latency_bucket{operation="get_operations",result="ok",le="0.25"} 0 +jaeger_query_latency_bucket{operation="get_operations",result="ok",le="0.5"} 0 +jaeger_query_latency_bucket{operation="get_operations",result="ok",le="1"} 0 +jaeger_query_latency_bucket{operation="get_operations",result="ok",le="2.5"} 0 +jaeger_query_latency_bucket{operation="get_operations",result="ok",le="5"} 0 +jaeger_query_latency_bucket{operation="get_operations",result="ok",le="10"} 0 +jaeger_query_latency_bucket{operation="get_operations",result="ok",le="+Inf"} 0 +jaeger_query_latency_sum{operation="get_operations",result="ok"} 0 +jaeger_query_latency_count{operation="get_operations",result="ok"} 0 +jaeger_query_latency_bucket{operation="get_services",result="err",le="0.005"} 0 +jaeger_query_latency_bucket{operation="get_services",result="err",le="0.01"} 0 +jaeger_query_latency_bucket{operation="get_services",result="err",le="0.025"} 0 +jaeger_query_latency_bucket{operation="get_services",result="err",le="0.05"} 0 +jaeger_query_latency_bucket{operation="get_services",result="err",le="0.1"} 0 +jaeger_query_latency_bucket{operation="get_services",result="err",le="0.25"} 0 +jaeger_query_latency_bucket{operation="get_services",result="err",le="0.5"} 0 +jaeger_query_latency_bucket{operation="get_services",result="err",le="1"} 0 +jaeger_query_latency_bucket{operation="get_services",result="err",le="2.5"} 0 +jaeger_query_latency_bucket{operation="get_services",result="err",le="5"} 0 +jaeger_query_latency_bucket{operation="get_services",result="err",le="10"} 0 +jaeger_query_latency_bucket{operation="get_services",result="err",le="+Inf"} 0 +jaeger_query_latency_sum{operation="get_services",result="err"} 0 +jaeger_query_latency_count{operation="get_services",result="err"} 0 +jaeger_query_latency_bucket{operation="get_services",result="ok",le="0.005"} 0 +jaeger_query_latency_bucket{operation="get_services",result="ok",le="0.01"} 0 +jaeger_query_latency_bucket{operation="get_services",result="ok",le="0.025"} 0 +jaeger_query_latency_bucket{operation="get_services",result="ok",le="0.05"} 0 +jaeger_query_latency_bucket{operation="get_services",result="ok",le="0.1"} 0 +jaeger_query_latency_bucket{operation="get_services",result="ok",le="0.25"} 0 +jaeger_query_latency_bucket{operation="get_services",result="ok",le="0.5"} 0 +jaeger_query_latency_bucket{operation="get_services",result="ok",le="1"} 0 +jaeger_query_latency_bucket{operation="get_services",result="ok",le="2.5"} 0 +jaeger_query_latency_bucket{operation="get_services",result="ok",le="5"} 0 +jaeger_query_latency_bucket{operation="get_services",result="ok",le="10"} 0 +jaeger_query_latency_bucket{operation="get_services",result="ok",le="+Inf"} 0 +jaeger_query_latency_sum{operation="get_services",result="ok"} 0 +jaeger_query_latency_count{operation="get_services",result="ok"} 0 +jaeger_query_latency_bucket{operation="get_trace",result="err",le="0.005"} 0 +jaeger_query_latency_bucket{operation="get_trace",result="err",le="0.01"} 0 +jaeger_query_latency_bucket{operation="get_trace",result="err",le="0.025"} 0 +jaeger_query_latency_bucket{operation="get_trace",result="err",le="0.05"} 0 +jaeger_query_latency_bucket{operation="get_trace",result="err",le="0.1"} 0 +jaeger_query_latency_bucket{operation="get_trace",result="err",le="0.25"} 0 +jaeger_query_latency_bucket{operation="get_trace",result="err",le="0.5"} 0 +jaeger_query_latency_bucket{operation="get_trace",result="err",le="1"} 0 +jaeger_query_latency_bucket{operation="get_trace",result="err",le="2.5"} 0 +jaeger_query_latency_bucket{operation="get_trace",result="err",le="5"} 0 +jaeger_query_latency_bucket{operation="get_trace",result="err",le="10"} 0 +jaeger_query_latency_bucket{operation="get_trace",result="err",le="+Inf"} 0 +jaeger_query_latency_sum{operation="get_trace",result="err"} 0 +jaeger_query_latency_count{operation="get_trace",result="err"} 0 +jaeger_query_latency_bucket{operation="get_trace",result="ok",le="0.005"} 0 +jaeger_query_latency_bucket{operation="get_trace",result="ok",le="0.01"} 0 +jaeger_query_latency_bucket{operation="get_trace",result="ok",le="0.025"} 0 +jaeger_query_latency_bucket{operation="get_trace",result="ok",le="0.05"} 0 +jaeger_query_latency_bucket{operation="get_trace",result="ok",le="0.1"} 0 +jaeger_query_latency_bucket{operation="get_trace",result="ok",le="0.25"} 0 +jaeger_query_latency_bucket{operation="get_trace",result="ok",le="0.5"} 0 +jaeger_query_latency_bucket{operation="get_trace",result="ok",le="1"} 0 +jaeger_query_latency_bucket{operation="get_trace",result="ok",le="2.5"} 0 +jaeger_query_latency_bucket{operation="get_trace",result="ok",le="5"} 0 +jaeger_query_latency_bucket{operation="get_trace",result="ok",le="10"} 0 +jaeger_query_latency_bucket{operation="get_trace",result="ok",le="+Inf"} 0 +jaeger_query_latency_sum{operation="get_trace",result="ok"} 0 +jaeger_query_latency_count{operation="get_trace",result="ok"} 0 +# HELP jaeger_query_requests_total requests +# TYPE jaeger_query_requests_total counter +jaeger_query_requests_total{operation="find_trace_ids",result="err"} 0 +jaeger_query_requests_total{operation="find_trace_ids",result="ok"} 0 +jaeger_query_requests_total{operation="find_traces",result="err"} 0 +jaeger_query_requests_total{operation="find_traces",result="ok"} 0 +jaeger_query_requests_total{operation="get_call_rates",result="err"} 0 +jaeger_query_requests_total{operation="get_call_rates",result="ok"} 0 +jaeger_query_requests_total{operation="get_error_rates",result="err"} 0 +jaeger_query_requests_total{operation="get_error_rates",result="ok"} 0 +jaeger_query_requests_total{operation="get_latencies",result="err"} 0 +jaeger_query_requests_total{operation="get_latencies",result="ok"} 0 +jaeger_query_requests_total{operation="get_min_step_duration",result="err"} 0 +jaeger_query_requests_total{operation="get_min_step_duration",result="ok"} 0 +jaeger_query_requests_total{operation="get_operations",result="err"} 0 +jaeger_query_requests_total{operation="get_operations",result="ok"} 0 +jaeger_query_requests_total{operation="get_services",result="err"} 0 +jaeger_query_requests_total{operation="get_services",result="ok"} 0 +jaeger_query_requests_total{operation="get_trace",result="err"} 0 +jaeger_query_requests_total{operation="get_trace",result="ok"} 0 +# HELP jaeger_query_responses responses +# TYPE jaeger_query_responses histogram +jaeger_query_responses_bucket{operation="find_trace_ids",le="0.005"} 0 +jaeger_query_responses_bucket{operation="find_trace_ids",le="0.01"} 0 +jaeger_query_responses_bucket{operation="find_trace_ids",le="0.025"} 0 +jaeger_query_responses_bucket{operation="find_trace_ids",le="0.05"} 0 +jaeger_query_responses_bucket{operation="find_trace_ids",le="0.1"} 0 +jaeger_query_responses_bucket{operation="find_trace_ids",le="0.25"} 0 +jaeger_query_responses_bucket{operation="find_trace_ids",le="0.5"} 0 +jaeger_query_responses_bucket{operation="find_trace_ids",le="1"} 0 +jaeger_query_responses_bucket{operation="find_trace_ids",le="2.5"} 0 +jaeger_query_responses_bucket{operation="find_trace_ids",le="5"} 0 +jaeger_query_responses_bucket{operation="find_trace_ids",le="10"} 0 +jaeger_query_responses_bucket{operation="find_trace_ids",le="+Inf"} 0 +jaeger_query_responses_sum{operation="find_trace_ids"} 0 +jaeger_query_responses_count{operation="find_trace_ids"} 0 +jaeger_query_responses_bucket{operation="find_traces",le="0.005"} 0 +jaeger_query_responses_bucket{operation="find_traces",le="0.01"} 0 +jaeger_query_responses_bucket{operation="find_traces",le="0.025"} 0 +jaeger_query_responses_bucket{operation="find_traces",le="0.05"} 0 +jaeger_query_responses_bucket{operation="find_traces",le="0.1"} 0 +jaeger_query_responses_bucket{operation="find_traces",le="0.25"} 0 +jaeger_query_responses_bucket{operation="find_traces",le="0.5"} 0 +jaeger_query_responses_bucket{operation="find_traces",le="1"} 0 +jaeger_query_responses_bucket{operation="find_traces",le="2.5"} 0 +jaeger_query_responses_bucket{operation="find_traces",le="5"} 0 +jaeger_query_responses_bucket{operation="find_traces",le="10"} 0 +jaeger_query_responses_bucket{operation="find_traces",le="+Inf"} 0 +jaeger_query_responses_sum{operation="find_traces"} 0 +jaeger_query_responses_count{operation="find_traces"} 0 +jaeger_query_responses_bucket{operation="get_operations",le="0.005"} 0 +jaeger_query_responses_bucket{operation="get_operations",le="0.01"} 0 +jaeger_query_responses_bucket{operation="get_operations",le="0.025"} 0 +jaeger_query_responses_bucket{operation="get_operations",le="0.05"} 0 +jaeger_query_responses_bucket{operation="get_operations",le="0.1"} 0 +jaeger_query_responses_bucket{operation="get_operations",le="0.25"} 0 +jaeger_query_responses_bucket{operation="get_operations",le="0.5"} 0 +jaeger_query_responses_bucket{operation="get_operations",le="1"} 0 +jaeger_query_responses_bucket{operation="get_operations",le="2.5"} 0 +jaeger_query_responses_bucket{operation="get_operations",le="5"} 0 +jaeger_query_responses_bucket{operation="get_operations",le="10"} 0 +jaeger_query_responses_bucket{operation="get_operations",le="+Inf"} 0 +jaeger_query_responses_sum{operation="get_operations"} 0 +jaeger_query_responses_count{operation="get_operations"} 0 +jaeger_query_responses_bucket{operation="get_services",le="0.005"} 0 +jaeger_query_responses_bucket{operation="get_services",le="0.01"} 0 +jaeger_query_responses_bucket{operation="get_services",le="0.025"} 0 +jaeger_query_responses_bucket{operation="get_services",le="0.05"} 0 +jaeger_query_responses_bucket{operation="get_services",le="0.1"} 0 +jaeger_query_responses_bucket{operation="get_services",le="0.25"} 0 +jaeger_query_responses_bucket{operation="get_services",le="0.5"} 0 +jaeger_query_responses_bucket{operation="get_services",le="1"} 0 +jaeger_query_responses_bucket{operation="get_services",le="2.5"} 0 +jaeger_query_responses_bucket{operation="get_services",le="5"} 0 +jaeger_query_responses_bucket{operation="get_services",le="10"} 0 +jaeger_query_responses_bucket{operation="get_services",le="+Inf"} 0 +jaeger_query_responses_sum{operation="get_services"} 0 +jaeger_query_responses_count{operation="get_services"} 0 +jaeger_query_responses_bucket{operation="get_trace",le="0.005"} 0 +jaeger_query_responses_bucket{operation="get_trace",le="0.01"} 0 +jaeger_query_responses_bucket{operation="get_trace",le="0.025"} 0 +jaeger_query_responses_bucket{operation="get_trace",le="0.05"} 0 +jaeger_query_responses_bucket{operation="get_trace",le="0.1"} 0 +jaeger_query_responses_bucket{operation="get_trace",le="0.25"} 0 +jaeger_query_responses_bucket{operation="get_trace",le="0.5"} 0 +jaeger_query_responses_bucket{operation="get_trace",le="1"} 0 +jaeger_query_responses_bucket{operation="get_trace",le="2.5"} 0 +jaeger_query_responses_bucket{operation="get_trace",le="5"} 0 +jaeger_query_responses_bucket{operation="get_trace",le="10"} 0 +jaeger_query_responses_bucket{operation="get_trace",le="+Inf"} 0 +jaeger_query_responses_sum{operation="get_trace"} 0 +jaeger_query_responses_count{operation="get_trace"} 0 +# HELP jaeger_tracer_baggage_restrictions_updates_total Number of times baggage restrictions were successfully updated +# TYPE jaeger_tracer_baggage_restrictions_updates_total counter +jaeger_tracer_baggage_restrictions_updates_total{result="err"} 0 +jaeger_tracer_baggage_restrictions_updates_total{result="ok"} 0 +# HELP jaeger_tracer_baggage_truncations_total Number of times baggage was truncated as per baggage restrictions +# TYPE jaeger_tracer_baggage_truncations_total counter +jaeger_tracer_baggage_truncations_total 0 +# HELP jaeger_tracer_baggage_updates_total Number of times baggage was successfully written or updated on spans +# TYPE jaeger_tracer_baggage_updates_total counter +jaeger_tracer_baggage_updates_total{result="err"} 0 +jaeger_tracer_baggage_updates_total{result="ok"} 0 +# HELP jaeger_tracer_finished_spans_total Number of sampled spans finished by this tracer +# TYPE jaeger_tracer_finished_spans_total counter +jaeger_tracer_finished_spans_total{sampled="delayed"} 0 +jaeger_tracer_finished_spans_total{sampled="n"} 0 +jaeger_tracer_finished_spans_total{sampled="y"} 0 +# HELP jaeger_tracer_reporter_queue_length Current number of spans in the reporter queue +# TYPE jaeger_tracer_reporter_queue_length gauge +jaeger_tracer_reporter_queue_length 0 +# HELP jaeger_tracer_reporter_spans_total Number of spans successfully reported +# TYPE jaeger_tracer_reporter_spans_total counter +jaeger_tracer_reporter_spans_total{result="dropped"} 0 +jaeger_tracer_reporter_spans_total{result="err"} 0 +jaeger_tracer_reporter_spans_total{result="ok"} 0 +# HELP jaeger_tracer_sampler_queries_total Number of times the Sampler succeeded to retrieve sampling strategy +# TYPE jaeger_tracer_sampler_queries_total counter +jaeger_tracer_sampler_queries_total{result="err"} 0 +jaeger_tracer_sampler_queries_total{result="ok"} 0 +# HELP jaeger_tracer_sampler_updates_total Number of times the Sampler succeeded to retrieve and update sampling strategy +# TYPE jaeger_tracer_sampler_updates_total counter +jaeger_tracer_sampler_updates_total{result="err"} 0 +jaeger_tracer_sampler_updates_total{result="ok"} 0 +# HELP jaeger_tracer_span_context_decoding_errors_total Number of errors decoding tracing context +# TYPE jaeger_tracer_span_context_decoding_errors_total counter +jaeger_tracer_span_context_decoding_errors_total 0 +# HELP jaeger_tracer_started_spans_total Number of spans started by this tracer as sampled +# TYPE jaeger_tracer_started_spans_total counter +jaeger_tracer_started_spans_total{sampled="delayed"} 0 +jaeger_tracer_started_spans_total{sampled="n"} 0 +jaeger_tracer_started_spans_total{sampled="y"} 0 +# HELP jaeger_tracer_throttled_debug_spans_total Number of times debug spans were throttled +# TYPE jaeger_tracer_throttled_debug_spans_total counter +jaeger_tracer_throttled_debug_spans_total 0 +# HELP jaeger_tracer_throttler_updates_total Number of times throttler successfully updated +# TYPE jaeger_tracer_throttler_updates_total counter +jaeger_tracer_throttler_updates_total{result="err"} 0 +jaeger_tracer_throttler_updates_total{result="ok"} 0 +# HELP jaeger_tracer_traces_total Number of traces started by this tracer as sampled +# TYPE jaeger_tracer_traces_total counter +jaeger_tracer_traces_total{sampled="n",state="joined"} 0 +jaeger_tracer_traces_total{sampled="n",state="started"} 0 +jaeger_tracer_traces_total{sampled="y",state="joined"} 0 +jaeger_tracer_traces_total{sampled="y",state="started"} 0 +# HELP process_cpu_seconds_total Total user and system CPU time spent in seconds. +# TYPE process_cpu_seconds_total counter +process_cpu_seconds_total 4.09 +# HELP process_max_fds Maximum number of open file descriptors. +# TYPE process_max_fds gauge +process_max_fds 1.048576e+06 +# HELP process_open_fds Number of open file descriptors. +# TYPE process_open_fds gauge +process_open_fds 26 +# HELP process_resident_memory_bytes Resident memory size in bytes. +# TYPE process_resident_memory_bytes gauge +process_resident_memory_bytes 2.0004864e+07 +# HELP process_start_time_seconds Start time of the process since unix epoch in seconds. +# TYPE process_start_time_seconds gauge +process_start_time_seconds 1.69201479849e+09 +# HELP process_virtual_memory_bytes Virtual memory size in bytes. +# TYPE process_virtual_memory_bytes gauge +process_virtual_memory_bytes 7.64690432e+08 +# HELP process_virtual_memory_max_bytes Maximum amount of virtual memory available in bytes. +# TYPE process_virtual_memory_max_bytes gauge +process_virtual_memory_max_bytes 1.8446744073709552e+19 +``` + + +
diff --git a/docs/performance.md b/docs/performance.md new file mode 100644 index 0000000..45764fc --- /dev/null +++ b/docs/performance.md @@ -0,0 +1,34 @@ +Jaeger collector performance can be affected by many factors. + +When you are using Jaeger under high load, you must consider the following: + +* **Cassandra resources** - Jaeger can put Cassandra under high load, especially in the `prod` mode. +* **Jaeger Collector resources** - Increasing Jaeger collector resources can also increase Jaeger ability + to receive spans. However, it should be noted that Cassandra can work better with parallel writes, for example, + increasing the number of Jaeger replicas. Increasing the collector resources may not always result in more successfully + processed spans. +* **Jaeger Number of collector Replicas** - Increasing the collector replicas proportionally increases Jaeger's + ability to receive spans, as long as Cassandra can receive them. +* **Network connection and client configuration** - Client configuration can increase the amount of spans Jaeger + is able to receive and process. For more information, refer to + [https://www.jaegertracing.io/docs/1.20/performance-tuning/#modify-the-batched-spans-flush-interval](https://www.jaegertracing.io/docs/1.20/performance-tuning/#modify-the-batched-spans-flush-interval). +* **Collector inner configuration** - Some parameters can be configured within the Jaeger collector itself + (currently not possible with Jaeger Helm charts). For example, it is possible to configure collector + queue size or use Kafka in the deployment schema. By the default values that are used in this deployment, + the queue size is 2000. + +# Jaeger Performance Metrics + +Jaeger exposes Prometheus metrics. To install the service monitor, you can use the `jaeger.prometheusMonitoring` parameter. + +The following is a list of useful Prometheus metrics to check the Jaeger performance: + +* **sum(rate(jaeger_collector_spans_received_total[1m]))** - Displays the average number of received spans per second + in the last minute. +* **sum(rate(jaeger_collector_spans_dropped_total[1m]))** - Displays the average number of dropped spans per second + in the last minute. +* **jaeger_collector_queue_length** - Displays the queue collector queue length. The collector starts dropping spans + if this metric reaches 2000. + +For more information about Jaeger performance tuning, refer to +[https://www.jaegertracing.io/docs/latest/performance-tuning/](https://www.jaegertracing.io/docs/latest/performance-tuning/). diff --git a/docs/readiness-probe.md b/docs/readiness-probe.md new file mode 100644 index 0000000..db646aa --- /dev/null +++ b/docs/readiness-probe.md @@ -0,0 +1,54 @@ +# Table of Content + +* [Table of Content](#table-of-content) +* [Parameters](#parameters) +* [HWE and Limits](#hwe-and-limits) +* [Command line arguments](#command-line-arguments) + +## Parameters + +Probe is installed in Kubernetes as a sidecar for extending its probe. + + +| Parameter | Type | Mandatory | Default value | Description | +|-----------------------|--------| --------- | ---------------------- | --------------------------------------------------------------------------------------------- | +| `namespace` | String | False | `tracing` | The name of the namespace for deploying liveness probe | +| `host` | String | True | `-` | The host address (`protocol://host:port`) for checking liveness probe | +| `port` | Int | False | `-` | The port (`protocol://host:port`) for checking liveness probe | +| `authSecretName` | String | True | `-` | The name of the secret with username and password fields for authorization to access endpoint | +| `caPath` | String | False | `-` | The path for ca-cert.pem file | +| `crtPath` | String | False | `-` | The path for client-cert.pem file | +| `keyPath` | String | False | `-` | The path for client-key.pem file | +| `tlsEnabled` | String | False | `-` | Enabling TLS for connection to the storage | +| `insecureSkipVerify` | String | False | `-` | Disabling host verification for TLS | +| `retries` | Int | False | `5` | The number of retries for checking liveness probe | +| `errors` | Int | False | `5` | The number of allowed errors for checking liveness probe | +| `timeout` | Int | False | `5` | The number of seconds for failing liveness probe by timeout | +| `storage` | String | False | `cassandra` | The type of storage in the endpoint, possible values: `cassandra`, `opensearch` | +| `servicePort` | Int | False | `8080` | The port for running liveness-probe container | +| `shutdownTimeout` | Int | False | `5` | The number of seconds for graceful shutdown before connections are cancelled | +| `datacenter` | String | False | `datacenter1` | Data center for the Cassandra database | +| `keyspace` | String | False | `jaeger` | Keyspace for the Cassandra database | +| `testtable` | String | False | `service_names` | Table name for getting test data from the Cassandra database | + + +Example: + +```shell +/app/probe -endpoint=http://localhost:8080 -authSecretName=auth-secret +``` + +## HWE and Limits + +Probe is installed in Kubernetes as a sidecar container in the pod. + +It requires: + +* CPU: till 50 millicores +* RAM: till 64 MiB + +But usually will use much much less + +## Command line arguments + +The entrypoint of is `/app/probe`. diff --git a/docs/troubleshooting.md b/docs/troubleshooting.md new file mode 100644 index 0000000..4a909b1 --- /dev/null +++ b/docs/troubleshooting.md @@ -0,0 +1,348 @@ +This section describes in detail some failover scenarios. + +# Table of Content + +* [Table of Content](#table-of-content) +* [Deployment Issues](#deployment-issues) + * [Jaeger collector, query, cassandra schema job can't start/failed](#jaeger-collector-query-cassandra-schema-job-cant-startfailed) + * [no matches for kind "Ingress" in version "networking.k8s.io/v1beta1"](#no-matches-for-kind-ingress-in-version-networkingk8siov1beta1) + * [Labels and Annotations validation error](#labels-and-annotations-validation-error) +* [Runtime Issues](#runtime-issues) + * [Jaeger lost connection to Cassandra after Cassandra's restart](#jaeger-lost-connection-to-cassandra-after-cassandras-restart) + * [gocql: no host available in the pool](#gocql-no-host-available-in-the-pool) + * [connection: no route to host](#connection-no-route-to-host) + * [Error reading `` from storage: table `` does not exist](#error-reading-name-from-storage-table-name-does-not-exist) + * [Ingress fails with 502 Bad Gateway error](#ingress-fails-with-502-bad-gateway-error) + +# Deployment Issues + +## Jaeger collector, query, cassandra schema job can't start/failed + +If the `Jaeger` cassandra schema job fails to complete, with different errors related to the Cassandra connection, +the issue may be related to connection issues or problems with Cassandra. + +**Solution:** + +Check the following: + +* Cassandra connection string is valid, and Cassandra running and operable +* Cassandra's `user` and `password` are valid +* Cassandra `datacenter` is valid for you Cassandra cluster +* Keyspace can be created in Cassandra +* You configure TLS parameters if TLS enabled and required for Cassandra +* Cassandra must have at least 2 nodes (better >= 3 nodes) if Jaeger is installed in the `prod` mode + +View the errors from the Cassandra logs if they exist. + + +[Back to TOC](#table-of-content) + + +## no matches for kind "Ingress" in version "networking.k8s.io/v1beta1" + +We are using Helm to deploy Jaeger. Helm tracks all resources that it created in special secrets with names: + +```bash +sh.helm.release... +``` + +In this secret, it stores all objects that it created or updated during the previous deployment. + +Before upgrading to the new version Helm always checks already existing objects in your Cloud. +Because previously Helm created Ingress with API version: + +```bash +networking.k8s.io/v1beta1 +``` + +it wants to get this object from Kubernetes. + +Since the Kubernetes 1.22 team who develop Kubernetes removed a lot of deprecated APIs: +[https://kubernetes.io/docs/reference/using-api/deprecation-guide/#v1-22](https://kubernetes.io/docs/reference/using-api/deprecation-guide/#v1-22) + +And particularly old Ingresses APIs +[https://kubernetes.io/docs/reference/using-api/deprecation-guide/#ingress-v122](https://kubernetes.io/docs/reference/using-api/deprecation-guide/#ingress-v122) + +You can face this issue in the case if you first upgrade Kubernetes to version >= 1.22 +and only next want to upgrade Jaeger deployment. Helm wants to get an object for the old API which +already doesn't exist in Kubernetes and failed. + +**Solution:** + +If the service doesn't support migration by APIs or you already made a mistake and upgraded Kubernetes, +you have only two options: + +* Make a clean install of Jaeger +* Remove all secrets with names: + + ```bash + sh.helm.release... + ``` + +**How to avoid this issue:** + +If services support migration to new Kubernetes the correct way to upgrade it is: + +1. Before upgrading Kubernetes, need to upgrade the Service to the new version which can work in the new Kubernetes +2. Only after it upgrades Kubernetes to the new version + + +[Back to TOC](#table-of-content) + + +## Labels and Annotations validation error + +Helm doesn't allow a resource to be owned by more than one deployment. During jaeger upgrade it's possible you create +resources that already existed and created outside of Helm. In such cases you may see error related to labels and +annotation validation. For more details please refer +[article](https://stackoverflow.com/questions/62964532/helm-not-creating-the-resources) + +**Solution** + +To add and use correct values for following labels and annotations: + +```yaml +labels: + app.kubernetes.io/managed-by: Helm +annotations: + meta.helm.sh/release-name: + meta.helm.sh/release-namespace: +``` + +This solution is proposed in [document](https://github.com/helm/helm/pull/7649) + + +[Back to TOC](#table-of-content) + + +# Runtime Issues + +## Jaeger lost connection to Cassandra after Cassandra's restart + +Now we know about the two most often issues related to Cassandra's connections. Both issues and ways to solve them +are described above. + +### gocql: no host available in the pool + +Jaeger during the use of Cassandra as a storage has by default used a +[SimpleRetryPolicy](https://pkg.go.dev/github.com/gocql/gocql#SimpleRetryPolicy) from the Gocql module. +It means that when Jaeger can't execute a query, it will retry the query with the following rules: + +* Will retry the specified number of retries +* Will wait the specified time between retries + +By default, Jaeger will do `3` retries and wait `1m` between retries. So total it will retry `3 minutes`. +If Jaeger can't successfully retry the query for `3 minutes` it will mark Cassandra's host as not available and +won't use next. + +As a typical symptom of this issue, in collector and query logs (or even in Query UI) you can find the following logs: + +```yaml +error reading service_names from storage: gocql: no hosts available in the pool +... +``` + +**Solution:** + +You have to execute the following steps: + +* Verify that Cassandra is available and operable now +* Restart the collector and query pods + +**How to avoid this issue:** + +**Warning!** Before you execute the steps below, please read about the next problem in the section +[connection: no route to host](#connection-no-route-to-host) and apply a solution for the described problem. +In cases of using Cassandra cluster with one node, its **IP always will be changed** after Cassandra's restart. +Even in cases of using Cassandra cluster with 3 or more nodes might occur a situation when all nodes +can restart and change their IPs. + +The values of the retry count and wait interval can be specified using the CLI arguments or ENV variables: + +* CLI arguments + * `--cassandra.reconnect-interval` (default `1m`) - Reconnect interval to retry connecting to downed hosts + * `--cassandra.max-retry-attempts` (default `3`) - The number of attempts when reading from Cassandra +* ENV variable + * `CASSANDRA_RECONNECT_INTERVAL` (default `1m`) - Reconnect interval to retry connecting to downed hosts + * `CASSANDRA_MAX_RETRY_ATTEMPTS` (default `3`) - The number of attempts when reading from Cassandra + +If you expect that Cassandra may not be available, you can try to increase the retry count or wait interval. + +For example, you can specify these parameters as follows: + +```yaml +# Example for using CLI arguments +collector: + cmdlineParams: + - '--cassandra.max-retry-attempts=10' + +# Example for using ENV variables +query: + extraEnv: + - name: CASSANDRA_RECONNECT_INTERVAL + value: 2m +``` + + +[Back to TOC](#table-of-content) + + +### connection: no route to host + +Now Jaeger during start resolving the IP address of the Cassandra node by DNS service name. Also Jaeger during the start +ask Cassandra about other nodes in the Cassandra cluster and add them to the pool. IPs from this pool will be used to +connect to the cluster during work. + +Obviously in the Cloud using IPs may lead to big problems if Cassandra's cluster is not stable and nodes regularly +restart (for any reason). + +For example, if you are using a Cassandra with only one node, after restarting this node Jaeger will lose connection +with it and can't restore it without Jaeger's restart. It may occur because Jaeger will resolve the IP of +the Cassandra node, but after restart this IP will change. + +As a typical symptom of this issue, in collector and query logs you can find the following logs: + +```bash +2023/08/18 09:41:46 gocql: unable to dial control conn 10.0.0.11:9042: dial tcp 10.0.0.11:9042: connect: no route to host +2023/08/18 09:41:46 gocql: control unable to register events: dial tcp 10.0.0.11:9042: connect: no route to host +2023/08/18 09:41:50 gocql: unable to dial control conn 10.0.0.12:9042: dial tcp 10.0.0.12:9042: connect: no route to host +2023/08/18 09:41:53 gocql: unable to dial control conn 10.0.0.14:9042: dial tcp 10.0.0.14:9042: connect: no route to host +2023/08/18 09:41:56 gocql: unable to dial control conn 10.0.0.11:9042: dial tcp 10.0.0.11:9042: connect: no route to host +... +``` + +**Solution:** + +If you are using a Cassandra cluster from 2 or more nodes and will restart nodes one by one +(i.e. all nodes never will be unavailable) you should face such an issue. + +If you are using a Cassandra with only 1 node, you can face such errors after restarting the Cassandra node. +In this case, you have to restart Jaeger pods (collector and query) to return Jaeger to operable mode. + +**How to avoid this issue with one Cassandra node:** + +**Note:** In some cases may be useful to increase the reconnect interval and count for Cassandra as described in related +problem [gocql: no host available in the pool](#gocql-no-host-available-in-the-pool). + +Now platform Cassandra deployment uses a Service without load-balancing and which has no Service IP. So Jaeger +using the service DNS name will directly resolve Cassandra pod IPs. + +To avoid it and resolve Service IP (that won't change after Cassandra's pods restart) you can create a new Service +in the Cassandra namespace. + +For example, using the following Service YAML manifest: + +```yaml +kind: Service +apiVersion: v1 +metadata: + name: cassandra-lb +spec: + ports: + - name: icarus + protocol: TCP + port: 4567 + targetPort: 4567 + - name: cql-port + protocol: TCP + port: 9042 + targetPort: 9042 + - name: tcp-upd-port + protocol: TCP + port: 8778 + targetPort: 8778 + - name: reaper + protocol: TCP + port: 8080 + targetPort: 8080 + selector: + service: cassandra-cluster + type: ClusterIP +``` + +This Service will have its own IP that won't change and that will use Jaeger to connect. + +To configure Jaeger use it needs to change `host` parameter: + +```yaml +cassandraSchemaJob: + host: cassandra-lb..svc +``` + + +[Back to TOC](#table-of-content) + + +## Error reading `` from storage: table `` does not exist + +For this error, you usually can see in `collector` and `query` pods logs as follows: + +```bash +"error":"error reading operation_names from storage: table operation_names does not exist" +``` + +or + +```bash +"query":"[query statement=\"INSERT INTO operation_names(service_name, operation_name) VALUES (?, ?)\" values=[app-service XHR /api/v1/orderManagement/salesOrder/123/bulkOperation] consistency=LOCAL_ONE]","error":"table operation_names does not exist" +``` + +**Note:** Table names and queries can be different. + +It means that the configured Cassandra has no necessary tables. + +Jaeger has no logic that allows it to remove any tables or keyspaces in Cassandra. So this issue can occur only +in cases when somebody manually dropped some tables or executed any other operations with Cassandra that led +to removing any tables in Jaeger. + +Also, Jaeger has no logic to restore keyspace or its tables in runtime. Jaeger's schema initializes before it starts +during deployment. It has a special Cassandra schema job to create its schemas in Cassandra. + +**Solution:** + +**How to avoid this issue:** + +You have to redeploy Jaeger. All data, that could be kept in Cassandra after any manual actions, will be kept. + +**Never** manually remove Jaeger's keyspace or any tables in Jaeger's keyspace. And didn't execute any actions +with Cassandra that could lead to removing tables. + +Also, if you used a Cassandra cluster with 3 or more nodes and want to scale down it to 1 node, you can't +just remove or disable two nodes in the cluster. It may lead to data loss (and to lost Jaeger's data). +In this case, you have to use Cassandra `nodetool` to remove some nodes from the Cassandra cluster and re-balance +data on nodes. + + +[Back to TOC](#table-of-content) + + +## Ingress fails with 502 Bad Gateway error + +When Jaeger UI is opened via Ingress URL, it is possible that it shows `502 Bad Gateway` error. +The ingress-nginx-controller's logs may show an error as follows: + +```bash +upstream sent too big header while reading response header from upstream, client: 10.0.0.15, server: jaeger-query.cloud.test.org +``` + +To solve this problem, it is necessary to add following annotation to the ingress configuration. + +```bash +nginx.ingress.kubernetes.io/proxy-buffer-size: 256k +``` + +During deploy, following parameters can be used to supply annotations. + +```yaml +query: + ... + ingress: + install: true + host: jaeger-query.cloud.test.org + annotations: + nginx.ingress.kubernetes.io/proxy-buffer-size: 256k +``` + + +[Back to TOC](#table-of-content) + \ No newline at end of file diff --git a/integration-tests/Dockerfile b/integration-tests/Dockerfile new file mode 100644 index 0000000..925f492 --- /dev/null +++ b/integration-tests/Dockerfile @@ -0,0 +1,27 @@ +# Based on python:3.10.14-alpine3.20 +FROM ghcr.io/netcracker/qubership-docker-integration-tests:main + +# User with UID=1000 already added in ghcr.io/netcracker/qubership-docker-integration-tests image +ENV USER_UID=1000 \ + ROBOT_OUTPUT=/opt/robot/output \ + SERVICE_CHECKER_SCRIPT=${ROBOT_HOME}/jaeger_pods_checker.py + +# Copy configuration for pip +COPY pip.conf /etc/pip.conf + +# Copy tests source code +COPY requirements.txt ${ROBOT_HOME}/requirements.txt +COPY robot ${ROBOT_HOME} + +RUN \ + # Install requirements + python3 -m pip install -r ${ROBOT_HOME}/requirements.txt \ + # Cleanup pip cache + && rm -rf /var/cache/apk/* \ + # Create output directory for test results + && mkdir -p ${ROBOT_OUTPUT} + +USER ${USER_UID} + +EXPOSE 8080 +VOLUME ["${ROBOT_OUTPUT}"] diff --git a/integration-tests/README.md b/integration-tests/README.md new file mode 100644 index 0000000..d563198 --- /dev/null +++ b/integration-tests/README.md @@ -0,0 +1,202 @@ +* [Introduction](#introduction) +* [Prerequisites](#prerequisites) +* [Test cases](#test-cases) + * [Shared file](#shared-file) +* [Deployment](#deployment) + * [Configuration](#configuration) + * [Jaeger Integration Tests Parameters](#jaeger-integration-tests-parameters) + * [Manual Deployment](#manual-deployment) + * [Installation](#installation) + * [Uninstalling](#uninstalling) + +# Introduction + +This guide covers the necessary steps to install and execute Jaeger service tests on Kubernetes/Openshift using Helm. +The chart installs Jaeger Integration Tests service and pod in Kubernetes/Openshift. + +# Prerequisites + +* Kubernetes 1.18+ or OpenShift 3.11+ +* `kubectl` 1.18+ or `oc` 3.11+ CLI +* Helm 3.0+ + +# Test cases + +1. [Smoke tests](/jaeger-integration-tests/integration-tests/robot/tests/smoke/smoke.robot) + + * Check Deployments + This is test check that indicated namespace hasn't inactive deployments for Collector and Query deployments. + + * Check Collector Pods Are Running + This is test check that all pods from Collector deployment has been running state. + + * Check Query Pods Are Running + This is test check that all pods from Query deployment are in the running state. + + * Jaeger can serve spans + This test check health status from Jaeger and send POST request with generated spans (template of the span can be found + [here](/jaeger-integration-tests/integration-tests/robot/tests/libs/resources/spans.json)). + After that will be checked that span was added to Jaeger (Will be sent GET request to Jaeger). + +2. [Spans generator](/jaeger-integration-tests/integration-tests/robot/tests/spans_generator/generate.robot) + + * Send spans + This test provides sending a lot of same spans (with different timestamp only) to Jaeger. + In deployment parameters you need to indicate host for get spans, count for sending and time between sending. + +3. [HA tests](/jaeger-integration-tests/integration-tests/robot/tests/tests_ha/ha.robot) + + * Reboot query pod + This test check the integrity of the spans if there is a loss of Query Pod. + + * Reboot collector pods + This test check the availability of sending spans to Jaeger if there is a failure of some Collector pods. + The Collector pods will be reboot one by one. + +4. [Hardcoded Images](/jaeger/integration-tests/robot/tests/image_tests/image_tests.robot) + * Test Hardcoded Images + This test compare images in pods with images from MF. Included in the `smoke` tag + +## Shared file + +The `shared.robot` [file](jaeger-integration-tests/integration-tests/robot/tests/shared/shared.robot) +contains main keywords and main settings. For example, settings for retries and time between retries, +connection parameters, convectors, etc. + +# Deployment + +Jaeger integration tests installation is based on Helm Chart directory. + +## Configuration + +This section provides the list of parameters required for Jaeger Integration Tests installation and execution. + +### Jaeger Integration Tests Parameters + +The `integrationTests.service.name` parameter specifies the name of Jaeger Integration Tests service. + +The `integrationTests.serviceAccount.create` parameter specifies whether service account for Jaeger Integration Tests +is to be deployed or not. + +The `integrationTests.serviceAccount.name` parameter specifies the name of the service account that is used to deploy +Jaeger Integration Tests. If this +parameter is empty, the service account, the required role, role binding are +created automatically with default names (`jaeger-integration-tests`). + +The `integrationTests.install` parameter specifies the whether Jaeger Integration Tests Service should be +installed or not. + +The `integrationTests.image` parameter specifies the Docker image of Jaeger Integration Tests Service. + +The `integrationTests.tags` parameter specifies the tags combined together with `AND`, `OR` and `NOT` operators +that select test cases to run. +You can use the "smoke", "generator" and "ha" tags to run the appropriate tests. Or a combination of both, +for example `smokeORha` to run both smoke and ha tests + +The `integrationTests.linkForGenerator` parameter specifies the link to host which can get spans in Zipkin format + +The `integrationTests.generateCount` parameter specifies the number of spans which will be sent, 10 by default + +The `integrationTests.waitingTime` parameter specifies the waiting time between sending, by default 500ms. +Time format can be found in [official robot documentation](https://robotframework.org/robotframework/latest/libraries/BuiltIn.html#Sleep) + +The `integrationTests.resources.requests.memory` parameter specifies the minimum amount of memory +the container should use. The value can be specified with SI suffixes (E, P, T, G, M, K, m) or +their power-of-two-equivalents (Ei, Pi, Ti, Gi, Mi, Ki). The default value is `256Mi.` + +The `integrationTests.resources.requests.cpu` parameter specifies the minimum number of CPUs the container +should use. The default value is `50m.` + +The `integrationTests.resources.limits.memory` parameter specifies the maximum amount of memory the container can use. +The value can be specified with SI suffixes (E, P, T, G, M, K, m) or +their power-of-two-equivalents (Ei, Pi, Ti, Gi, Mi, Ki). The default value is `256Mi`. + +The `integrationTests.resources.limits.cpu` parameter specifies the maximum number of CPUs the container can use. +The default value is `400m.` + +The `integrationTests.affinity` parameter specifies the affinity scheduling rules. +The value should be specified in json format. The parameter can be empty. + +The `integrationTests.statusWriting.enabled` parameter specifies whether to write status to custom resource. + +The `integrationTests.statusWriting.isShortStatusMessage` parameter specifies the size of integration test status +message. + +The `integrationTests.statusWriting.onlyIntegrationTests` parameter specifies to deploy only integration tests +without any component (component was installed before). + +The `integrationTests.statusWriting.customResourcePath` parameter specifies path to Custom Resource +that should be used to write status of integration-tests execution. The value is a field from k8s entity +selfLink without `apis` prefix and `namespace` part. The path should be composed according to the following template: +`////` + +## Manual Deployment + +### Installation + +To deploy Jaeger integration tests with Helm you need to customize the `values.yaml` file. For example: + +```yaml +integrationTests: + install: true + image: "ghcr.io/netcracker/jaeger-integration-tests:main" + tags: "smokeORha" + linkForGenerator: "https://jaeger-collector-host" + generateCount: 10 + waitingTime: 500ms + resources: + requests: + memory: 256Mi + cpu: 50m + limits: + memory: 256Mi + cpu: 400m + service: + name: jaeger-integration-tests-runner + serviceAccount: + create: true + name: "jaeger-integration-tests" +``` + +To deploy the service you need to execute the following command: + +```bash +helm install ${RELEASE_NAME} ./jaeger-integration-tests -n ${NAMESPACE} +``` + +where: + +* `${RELEASE_NAME}` is the Helm Chart release name and the name of the Jaeger integration tests. +For example, `jaeger-integration-tests`. +* `${NAMESPACE}` is the Kubernetes namespace or Openshift workspace to deploy Jaeger service integration tests. +For example, `jaeger`. + +You can monitor the deployment process in the Kubernetes/Openshift dashboard or using `kubectl`/`oc` in the command line: + +```bash +kubectl get pods +``` + +OR + +```bash +oc get pod +``` + +### Uninstalling + +To uninstall Jaeger integration tests from Kubernetes/Openshift you need to execute the following command: + +```bash +helm delete ${RELEASE_NAME} -n ${NAMESPACE} +``` + +where: + +* `${RELEASE_NAME}` is the Helm Chart release name and the name of the Jaeger integration tests. +For example, `jaeger-integration-tests`. +* `${NAMESPACE}` is the Kubernetes namespace or Openshift workspace to deploy Jaeger service integration tests. +For example, `jaeger`. + +The command uninstalls all the Kubernetes resources associated with the chart and deletes the release. + diff --git a/integration-tests/alpine-repositories b/integration-tests/alpine-repositories new file mode 100644 index 0000000..e69de29 diff --git a/integration-tests/analyze_result.py b/integration-tests/analyze_result.py new file mode 100644 index 0000000..cae1bf2 --- /dev/null +++ b/integration-tests/analyze_result.py @@ -0,0 +1,108 @@ +from datetime import datetime +from enum import Enum +import logging + +from robot.api import ExecutionResult +from robot.model import TestSuite + +space = "\n**********************************************************************************************************\n" + +class Status(str, Enum): + PASS = "PASS" + FAIL = "FAIL" + +def analyze_result(): + try: + result = ExecutionResult("./output/output.xml") + except Exception as e: + logging.error("Exception occurred while open tests result file: {}".format(str(e))) + return + + logging.debug("Start parsing the robotframework test result") + file_write = open('./output/result.txt', 'w') + main_suite = result.suite + result_str = "Main Test Suite: {}\t|\tPassed: {}\t|\tFailed: {}\n".format(main_suite.name, + main_suite.statistics.passed, + main_suite.statistics.failed) + if main_suite.suites: + result_str += space + result_str += print_suite(main_suite.suites) + result_str += space + if main_suite.status == Status.FAIL: + result_str += "RESULT: TESTS FAILED\n" + else: + result_str += "RESULT: TESTS PASSED\n" + file_write.write(result_str) + file_write.close() + logging.debug("The result file has been saved") + + +def get_keywords(entity): + keywords = [] + if entity.has_setup: + keywords.append(entity.setup) + if not isinstance(entity, TestSuite): + keywords.extend(entity.body.filter(keywords=True)) + if entity.has_teardown: + keywords.append(entity.teardown) + return keywords + + +def print_test_cases(test_cases, level=0): + result_str = "" + for test_case in test_cases: + start_time = datetime.strptime(test_case.starttime, "%Y%m%d %H:%M:%S.%f") + end_time = datetime.strptime(test_case.endtime, "%Y%m%d %H:%M:%S.%f") + duration = int((end_time - start_time).total_seconds() * 1000) # Total time in milliseconds + result_str += "{}{}\t|\tStatus: '{}'|\tDuration: {}\n".format("\t" * level, test_case.name, test_case.status, duration) + if test_case.status != Status.PASS: + keywords = get_keywords(test_case) + if keywords: + result_str += "{}Keywords:\n".format("\t" * level) + result_str += print_keywords(keywords, level + 1) + result_str += "\n" + return result_str + + +def print_keywords(keywords, level=0): + result_str = "" + for keyword in keywords: + result_str += "{}{}\t|\tStatus: '{}'\n".format("\t" * level, keyword.kwname, keyword.status) + if keyword.status == Status.FAIL: + if keyword.messages: + result_str += "{}Messages:\n".format("\t" * level) + result_str += print_messages(keyword.messages, level + 1) + nested_keywords = get_keywords(keyword) + if nested_keywords: + result_str += "{}Keywords:\n".format("\t" * level) + result_str += print_keywords(nested_keywords, level + 1) + return result_str + + +def print_messages(messages, level=0): + result_str = "" + for message in messages: + result_str += "{}{}\t|\tLevel: '{}'\n".format("\t" * level, message.message.replace("\n", ""), message.level) + return result_str + + +def print_suite(suites): + result_str = "" + for suite in suites: + result_str += "Suite: {}\t|\tPassed: {}\t|\tFailed: {}\n".format(suite.name, + suite.statistics.passed, + suite.statistics.failed) + keywords = get_keywords(suite) + if keywords: + result_str += "Keywords:\n" + result_str += print_keywords(keywords, 1) + if suite.tests: + result_str += "Test cases:\n" + result_str += print_test_cases(suite.tests, 1) + if suite.suites: + result_str += print_suite(suite.suites) + result_str += space + return result_str + + +analyze_result() diff --git a/integration-tests/build.sh b/integration-tests/build.sh new file mode 100644 index 0000000..cc6878d --- /dev/null +++ b/integration-tests/build.sh @@ -0,0 +1,33 @@ +#!/bin/bash + +log() { + echo "==> $1"; +} + +################################################################################################## +# Constants # +################################################################################################## + +TARGET_DIR="target" +CHARTS_NAME="jaeger-tests-helm-charts" +DOCKER_FILE="Dockerfile" + +mkdir -p ${TARGET_DIR} + +################################################################################################### +# Build # +################################################################################################### + +log "Build docker image" +for docker_image_name in ${DOCKER_NAMES}; do + log "Docker image name: $docker_image_name" + + docker build \ + --file=${DOCKER_FILE} \ + --pull \ + -t ${docker_image_name} \ + . +done + +log "Archive artifacts" +zip -r ${TARGET_DIR}/${CHARTS_NAME}.zip robot/tests diff --git a/integration-tests/docker-entrypoint.sh b/integration-tests/docker-entrypoint.sh new file mode 100644 index 0000000..1962ae1 --- /dev/null +++ b/integration-tests/docker-entrypoint.sh @@ -0,0 +1,115 @@ +#!/bin/bash + +export ROBOT_OPTIONS="--loglevel=info --outputdir output" +export ROBOT_SYSLOG_FILE=./output/syslog.txt +export ROBOT_SYSLOG_LEVEL=DEBUG + +if [[ "$READONLY_CONTAINER_FILE_SYSTEM_ENABLED" == "true" ]]; then + echo "Read-only file system configuration enabled, copying test files from temp directory..." + TMP_FOLDER_READ_FS="/opt/robot_tmp" + cp -r "${TMP_FOLDER_READ_FS}/." "${ROBOT_HOME}/" +fi + +if [[ "$DEBUG" == true ]]; then + set -x + printenv +fi + +run_ttyd() { + if [[ -z "$TTYD_PORT" ]]; then + TTYD_PORT=8080 + fi + + exec ttyd -p ${TTYD_PORT} bash +} + +run_custom_script() { + if [[ -n "$CUSTOM_ENTRYPOINT_SCRIPT" ]]; then + ${CUSTOM_ENTRYPOINT_SCRIPT} + fi +} + +create_tags_resolver_array() { + tags_resolver_script="robot_tags_resolver.py" + if [[ -n "$TAGS_RESOLVER_SCRIPT" ]]; then + tags_resolver_script=${TAGS_RESOLVER_SCRIPT} + fi + tags_resolver_array=() + while IFS=";"; read -d ";" line; do + tags_resolver_array+=($line) + done < <(python ${tags_resolver_script}) +} + +# Process some known arguments to run integration tests +case $1 in + custom) + run_custom_script + ;; + run-robot) + status_writing_script="write_status.py" + if [[ ${STATUS_WRITING_ENABLED} == "true" ]]; then + if [[ -n "$WRITE_STATUS_SCRIPT" ]]; then + status_writing_script=${WRITE_STATUS_SCRIPT} + fi + if ! python "$status_writing_script" "in_progress"; then + echo "Can not set in progress status for integration tests" + fi + fi + + if [[ -n "$SERVICE_CHECKER_SCRIPT" ]]; then + timeout=300 + if [[ -n "$SERVICE_CHECKER_SCRIPT_TIMEOUT" ]]; then + timeout=${SERVICE_CHECKER_SCRIPT_TIMEOUT} + fi + python ${SERVICE_CHECKER_SCRIPT} ${timeout} + if [[ $? -ne 0 ]]; then + echo "Service is not ready at least $timeout seconds or some exception occurred" + exit 1 + fi + fi + + excluded_tags="" + if [[ ${IS_TAGS_RESOLVER_ENABLED} == "true" ]]; then + create_tags_resolver_array + echo "Excluded tags: ${tags_resolver_array[0]}" + echo ${tags_resolver_array[1]} # print all excluded tags with matched reason + excluded_tags=${tags_resolver_array[0]} + fi + + if [[ -z "$TAGS" ]]; then + robot ${excluded_tags} ./tests + else + robot -i ${TAGS} ${excluded_tags} ./tests + fi + robot_result=$? + if [[ ${robot_result} -ne 0 ]]; then + touch ./output/result.txt + echo "Robot framework process was interrupted with code - ${robot_result}" + fi + + analyze_result_script="analyze_result.py" + if [[ ${IS_ANALYZER_RESULT_ENABLED} == "true" ]]; then + if [[ -n "$ANALYZE_RESULT_SCRIPT" ]]; then + analyze_result_script=${ANALYZE_RESULT_SCRIPT} + fi + python "${analyze_result_script}" + fi + + if [[ ${STATUS_WRITING_ENABLED} == "true" ]]; then + if [[ ${IS_ANALYZER_RESULT_ENABLED} != "true" ]]; then + python "${analyze_result_script}" + fi + + if ! python "$status_writing_script" "update"; then + echo "Can not update status for integration tests" + fi + fi + run_ttyd + ;; + run-ttyd) + run_ttyd + ;; +esac + +# Otherwise just run the specified command +exec "$@" diff --git a/integration-tests/pip.conf b/integration-tests/pip.conf new file mode 100644 index 0000000..488f610 --- /dev/null +++ b/integration-tests/pip.conf @@ -0,0 +1 @@ +[global] diff --git a/integration-tests/requirements.txt b/integration-tests/requirements.txt new file mode 100644 index 0000000..be4f9e5 --- /dev/null +++ b/integration-tests/requirements.txt @@ -0,0 +1,18 @@ +robotframework-requests==0.9.7 +websocket-client==1.3.3 +urllib3==2.2.2 +requests==2.32.0 +google-auth==2.10.0 +cachetools==5.0.0 +pyyaml==6.0.1 +certifi==2024.07.04 +wrapt==1.14.1 +robotframework==6.0.1 +kubernetes==12.0.1 +openshift==0.12.1 +requests_oauthlib==1.3.0 +pyjwt==2.4.0 +deprecated==1.2.13 +boto3==1.35.79 +botocore==1.35.79 +idna==3.7 diff --git a/integration-tests/robot/jaeger_pods_checker.py b/integration-tests/robot/jaeger_pods_checker.py new file mode 100644 index 0000000..2b5b6a4 --- /dev/null +++ b/integration-tests/robot/jaeger_pods_checker.py @@ -0,0 +1,46 @@ +import os +import time + +from PlatformLibrary import PlatformLibrary + +environ = os.environ +namespace = environ.get("JAEGER_NAMESPACE") +service = environ.get("JAEGER_SERVICE_NAME") +jaeger_query = f"{service}-query" +jaeger_collector = f"{service}-collector" +timeout = 300 + + +if __name__ == '__main__': + print('Start Jaeger pods checker script') + time.sleep(5) + + try: + k8s_lib = PlatformLibrary("true") + except Exception as e: + print(e) + exit(1) + + timeout_start = time.time() + while time.time() < timeout_start + timeout: + try: + jaeger_query_deployments = k8s_lib.get_deployment_entities_count_for_service(namespace, jaeger_query, 'name') + jaeger_query_ready_deployments = k8s_lib.get_active_deployment_entities_count_for_service(namespace, jaeger_query, 'name') + print(f'[Check status] Query deployments: {jaeger_query_deployments}, ready deployments: {jaeger_query_ready_deployments}') + + jaeger_collector_deployments = k8s_lib.get_deployment_entities_count_for_service(namespace, jaeger_collector, 'name') + jaeger_collector_ready_deployments = k8s_lib.get_active_deployment_entities_count_for_service(namespace, jaeger_collector, 'name') + print(f'[Check status] Collector deployments: {jaeger_collector_deployments}, ready deployments: {jaeger_collector_ready_deployments}') + except Exception as e: + print(e) + continue + + if jaeger_query_deployments == jaeger_query_ready_deployments and jaeger_query_deployments != 0 and jaeger_collector_deployments == jaeger_collector_ready_deployments and jaeger_collector_deployments != 0: + print("Jaeger query and collector deployments are ready") + time.sleep(10) + exit(0) + + time.sleep(10) + + print(f'Jaeger query and collector deployments are not ready at least {timeout} seconds') + exit(1) diff --git a/integration-tests/robot/tests/image_tests/image_tests.robot b/integration-tests/robot/tests/image_tests/image_tests.robot new file mode 100644 index 0000000..64bd2c2 --- /dev/null +++ b/integration-tests/robot/tests/image_tests/image_tests.robot @@ -0,0 +1,8 @@ +*** Settings *** +Library String +Library Collections +Library PlatformLibrary managed_by_operator=true + +*** Variables *** +${NAMESPACE} %{JAEGER_NAMESPACE} + diff --git a/integration-tests/robot/tests/libs/JaegerLibrary.py b/integration-tests/robot/tests/libs/JaegerLibrary.py new file mode 100644 index 0000000..6175f80 --- /dev/null +++ b/integration-tests/robot/tests/libs/JaegerLibrary.py @@ -0,0 +1,41 @@ +import json +import random +from datetime import timezone +import datetime + + +def generate_trace(): + with open('./tests/libs/resources/spans.json') as f: + data = json.load(f) + + dt = datetime.datetime.now(timezone.utc) + + utc_time = dt.replace(tzinfo=timezone.utc) + timestamp = utc_time.timestamp() + parent_id = _generate_id(16) + # child_id = _generate_id(16) + + fs = data[0] + fs['traceId'] = parent_id + fs['id'] = parent_id + fs['timestamp'] = _format_tmstmp(timestamp) + fs['annotations'][0]['timestamp'] = _format_tmstmp(timestamp) + fs['annotations'][1]['timestamp'] = _format_tmstmp(timestamp + 0.014861) + # ss = data[1] + # ss['traceId'] = parent_id + # ss['parentId'] = parent_id + # ss['id'] = child_id + # ss['timestamp'] = _format_tmstmp(timestamp + 0.000895) + # ss['annotations'][0]['timestamp'] = _format_tmstmp(timestamp + 0.000895) + # ss['annotations'][1]['timestamp'] = _format_tmstmp(timestamp + 0.002993) + # ss['annotations'][2]['timestamp'] = _format_tmstmp(timestamp + 0.004255) + # ss['annotations'][3]['timestamp'] = _format_tmstmp(timestamp + 0.004289) + return data + + +def _format_tmstmp(timestamp, ch_count=16): + return int(''.join(str(timestamp).split('.'))[:ch_count]) + + +def _generate_id(n): + return ''.join(random.choices('0123456789abcdef', k=n)) diff --git a/integration-tests/robot/tests/libs/resources/spans.json b/integration-tests/robot/tests/libs/resources/spans.json new file mode 100644 index 0000000..42a13f5 --- /dev/null +++ b/integration-tests/robot/tests/libs/resources/spans.json @@ -0,0 +1,23 @@ +[ + { + "traceId":"e6ea7a4d7580a96d", + "id":"e6ea7a4d7580a96d", + "name":"get /", + "timestamp":1554738032206736, + "duration":14861, + "localEndpoint":{ + "serviceName":"first_service", + "ipv4":"10.0.2.15" + }, + "annotations":[ + { + "timestamp":1554738032206736, + "value":"sr" + }, + { + "timestamp":1554738032221597, + "value":"ss" + } + ] + } +] diff --git a/integration-tests/robot/tests/shared/shared.robot b/integration-tests/robot/tests/shared/shared.robot new file mode 100644 index 0000000..3578504 --- /dev/null +++ b/integration-tests/robot/tests/shared/shared.robot @@ -0,0 +1,100 @@ +*** Variables *** +${JAEGER_NAMESPACE} %{JAEGER_NAMESPACE} +${JAEGER_SERVICE_NAME} %{JAEGER_SERVICE_NAME} +${MANAGED_BY_OPERATOR} true +${COUNT_OF_RETRY} 20x +${RETRY_INTERVAL} 5s +${COUNT_OF_RETRY_FOR_TRACE} 10x +${RETRY_INTERVAL_FOR_TRACE} 2s +${GENERATE_COUNT} %{GENERATE_COUNT} +${LINK_FOR_GENERATOR} %{LINK_FOR_GENERATOR} +${WAITING_TIME} %{WAITING_TIME} + + +*** Settings *** +Library String +Library Collections +Library RequestsLibrary +Library PlatformLibrary managed_by_operator=${MANAGED_BY_OPERATOR} +Library ../libs/JaegerLibrary.py + + +*** Keywords *** +Preparation + ${headers} = Create Dictionary Content-Type=application/json + Set Global Variable ${headers} + Create Session jaeger-query-session http://${JAEGER_SERVICE_NAME}-query.${JAEGER_NAMESPACE}:16686 + Create Session jaeger-collector-session http://${JAEGER_SERVICE_NAME}-collector.${JAEGER_NAMESPACE}:9411 + Create Session healthcheck http://${JAEGER_SERVICE_NAME}-collector.${JAEGER_NAMESPACE}:14269 + Create Session for-generator ${LINK_FOR_GENERATOR} + +Convert Json ${json} To Type + ${json_dictionary} = Evaluate json.loads('''${json}''') json + [Return] ${json_dictionary} + +Check Inactive Deployments + ${count_inactive_collectors} = Get Inactive Deployment Entities Count For Service ${JAEGER_NAMESPACE} ${JAEGER_SERVICE_NAME}-collector + ${count_inactive_query} = Get Inactive Deployment Entities Count For Service ${JAEGER_NAMESPACE} ${JAEGER_SERVICE_NAME}-query + Should Be Equal ${count_inactive_collectors} ${0} Found Inactive Collectors + Should Be Equal ${count_inactive_query} ${0} Found Inactive Query + +Check Deployment State + [Arguments] ${name} + ${deployments_in_namespace} = Get Active Deployment Entities For Service ${JAEGER_NAMESPACE} ${name} label=app.kubernetes.io/name + ${list_len}= Get Length ${deployments_in_namespace} + ${flag} = Run Keyword And Return Status Should Be True ${list_len} != 0 + [Return] ${flag} + +Check Jaeger Alive + ${resp} = GET On Session healthcheck / timeout=10 + Should Be Equal As Integers ${resp.status_code} 200 + ${resp_json} = Convert Json ${resp.content} To Type + Dictionary Should Contain Value ${resp_json} Server available + +Post Random Spans + [Arguments] ${trace} + ${json_trace}= Evaluate json.dumps(${trace}) json + ${resp} = POST On Session jaeger-collector-session /api/v2/spans data=${json_trace} headers=${headers} timeout=30 + Should Be Equal As Strings ${resp.status_code} 202 + Log To Console \nSpan was add to Jaeger + +Post Random Spans As Generator + [Arguments] ${trace} + ${json_trace}= Evaluate json.dumps(${trace}) json + ${resp} = POST On Session for-generator /api/v2/spans data=${json_trace} headers=${headers} timeout=30 + Should Be Equal As Strings ${resp.status_code} 202 + Log To Console \nSpan was add to Jaeger + +Get Trace From Jaeger + [Arguments] ${traceId} + ${resp} = GET On Session jaeger-query-session /api/traces/${traceId} timeout=10 + Should Be Equal As Strings ${resp.status_code} 200 + ${services} = GET On Session jaeger-query-session /api/services timeout=10 + Should Be Equal As Strings ${services.status_code} 200 + ${service_dict} = Convert Json ${services.content} To Type + Should Contain ${service_dict['data']} first_service + +Get Trace From Jaeger With Attempts + [Arguments] ${traceId} + Wait Until Keyword Succeeds ${COUNT_OF_RETRY_FOR_TRACE} ${RETRY_INTERVAL_FOR_TRACE} + ... Get Trace From Jaeger ${traceId} + +Check Query Pod + ${pods_running} = Check Deployment State ${JAEGER_SERVICE_NAME}-query + Should Be True ${pods_running} == True + +Check Collector Pods + ${pods_running} = Check Deployment State ${JAEGER_SERVICE_NAME}-collector + Should Be True ${pods_running} == True + +Get List Pod Names For Deployment Entity + [Arguments] ${component} + @{list_pods} = Get Pod Names For Deployment Entity ${JAEGER_SERVICE_NAME}-${component} ${JAEGER_NAMESPACE} + Log to console LIST_PODS on Deployment: @{list_pods} + Set Suite Variable @{list_pods} + +Get Active Deployment Replicas + [Arguments] ${component} + ${ACTIVE_POD} = Get Length ${list_pods} + Log to console Find ${component} pod: ${ACTIVE_POD} + Set Suite Variable ${ACTIVE_POD} diff --git a/integration-tests/robot/tests/smoke/smoke.robot b/integration-tests/robot/tests/smoke/smoke.robot new file mode 100644 index 0000000..1ae8cf4 --- /dev/null +++ b/integration-tests/robot/tests/smoke/smoke.robot @@ -0,0 +1,29 @@ +*** Variables *** +${OPERATION_RETRY_COUNT} 30x +${OPERATION_RETRY_INTERVAL} 5s + +*** Settings *** +Resource ../shared/shared.robot +Suite Setup Preparation + + +*** Test Cases *** +Check Deployments + [Tags] smoke + Check Inactive Deployments + +Check Collector Pods Are Running + [Tags] smoke + Check Collector Pods + +Check Query Pods Are Running + [Tags] smoke + Wait Until Keyword Succeeds ${OPERATION_RETRY_COUNT} ${OPERATION_RETRY_INTERVAL} + ... Check Query Pod + +Jaeger can serve spans + [Tags] smoke + Check Jaeger Alive + ${trace} = JaegerLibrary.generate_trace + Post Random Spans ${trace} + Get Trace From Jaeger With Attempts ${trace[0]['traceId']} diff --git a/integration-tests/robot/tests/spans_generator/generate.robot b/integration-tests/robot/tests/spans_generator/generate.robot new file mode 100644 index 0000000..e4d9480 --- /dev/null +++ b/integration-tests/robot/tests/spans_generator/generate.robot @@ -0,0 +1,13 @@ +*** Settings *** +Resource ../shared/shared.robot +Suite Setup Preparation + + +*** Test Cases *** +Send spans + [Tags] generator + FOR ${i} IN RANGE ${GENERATE_COUNT} + ${trace} = JaegerLibrary.generate_trace + Post Random Spans As Generator ${trace} + sleep ${WAITING_TIME} + END diff --git a/integration-tests/robot/tests/tests_ha/ha.robot b/integration-tests/robot/tests/tests_ha/ha.robot new file mode 100644 index 0000000..16cf37c --- /dev/null +++ b/integration-tests/robot/tests/tests_ha/ha.robot @@ -0,0 +1,42 @@ +*** Settings *** +Resource ../shared/shared.robot +Suite Setup Preparation + + +*** Test Cases *** +Reboot query pod + [Tags] ha query + Check Jaeger Alive + ${component} = Set Variable query + ${trace} = JaegerLibrary.generate_trace + Post Random Spans ${trace} + Get Trace From Jaeger With Attempts ${trace[0]['traceId']} + Get List Pod Names For Deployment Entity ${component} + Get Active Deployment Replicas ${component} + FOR ${pod} IN @{list_pods} + Delete Pod By Pod Name ${pod} ${JAEGER_NAMESPACE} + Log To Console Delete ${pod} + Sleep 1s + END + Get Trace From Jaeger With Attempts ${trace[0]['traceId']} + [Teardown] Set Replicas For Deployment Entity ${JAEGER_SERVICE_NAME}-${component} ${JAEGER_NAMESPACE} replicas=${ACTIVE_POD} + +Reboot collector pods + [Tags] ha collector + Check Jaeger Alive + ${component} = Set Variable collector + ${trace} = JaegerLibrary.generate_trace + Post Random Spans ${trace} + Get Trace From Jaeger With Attempts ${trace[0]['traceId']} + Get List Pod Names For Deployment Entity ${component} + Get Active Deployment Replicas ${component} + FOR ${pod} IN @{list_pods} + Delete Pod By Pod Name ${pod} ${JAEGER_NAMESPACE} + Log To Console Delete ${pod} + Sleep 2s + ${trace} = JaegerLibrary.generate_trace + Wait Until Keyword Succeeds ${COUNT_OF_RETRY} ${RETRY_INTERVAL} + ... Post Random Spans ${trace} + Get Trace From Jaeger With Attempts ${trace[0]['traceId']} + END + [Teardown] Set Replicas For Deployment Entity ${JAEGER_SERVICE_NAME}-${component} ${JAEGER_NAMESPACE} replicas=${ACTIVE_POD} diff --git a/integration-tests/robot_tags_resolver.py b/integration-tests/robot_tags_resolver.py new file mode 100644 index 0000000..6ac51cc --- /dev/null +++ b/integration-tests/robot_tags_resolver.py @@ -0,0 +1,43 @@ +import os +import importlib.util + + +def create_exclude_tags_robot_command(tags: list) -> str: + return f'-e {"OR".join(tags)}' if tags else "" + + +def create_exclude_tags_description(tags: dict) -> str: + if not tags: + return "" + title = "The following tags will be excluded with provided reason\n" + description_list = [] + for tag in tags.items(): + description_list.append(f'{tag[0]}: {tag[1]}') + tags_with_description = "\n".join(description_list) + return f'{title}{tags_with_description}' + + +def resolve_robot_tags(start_directory="./tests", tags_resolver_module="tags_exclusion.py"): + tags = [] + tags_with_description = {} + environ = os.environ + for root, dirs, files in os.walk(start_directory): + for file in files: + if file == tags_resolver_module: + spec = importlib.util.spec_from_file_location(file[:-3], location=os.path.join(root, file)) + foo = importlib.util.module_from_spec(spec) + spec.loader.exec_module(foo) + new_tags = foo.get_excluded_tags(environ) + if isinstance(new_tags, dict): + tags += list(new_tags.keys()) + tags_with_description.update(new_tags) + if isinstance(new_tags, list): + tags += new_tags + tags = set(tags) + excluded_tags_line = create_exclude_tags_robot_command(tags) + excluded_tags_description = create_exclude_tags_description(tags_with_description) + print(f'{excluded_tags_line};{excluded_tags_description};') + + +resolve_robot_tags() + diff --git a/integration-tests/write_status.py b/integration-tests/write_status.py new file mode 100644 index 0000000..f0c34cf --- /dev/null +++ b/integration-tests/write_status.py @@ -0,0 +1,144 @@ +from PlatformLibrary import PlatformLibrary +from datetime import datetime +from enum import Enum +import os +import sys +import re + +class CustomResourceStatusResolver: + def __init__(self, **kwargs): + self.path = os.getenv("STATUS_CUSTOM_RESOURCE_PATH") + if self.path is None: + self.group = os.getenv("STATUS_CUSTOM_RESOURCE_GROUP") + self.version = os.getenv("STATUS_CUSTOM_RESOURCE_VERSION") + self.namespace = os.getenv("STATUS_CUSTOM_RESOURCE_NAMESPACE") + self.plural = os.getenv("STATUS_CUSTOM_RESOURCE_PLURAL") + self.name = os.getenv("STATUS_CUSTOM_RESOURCE_NAME") + else: + self.resolve_custom_resource_by_path() + + def resolve_custom_resource_by_path(self): + parts = self.path.split("/") + if len(parts) != 5: + raise Exception(f'Path to custom resource must contain exactly five parts, {len(parts)} given') + self.group = parts[0] + self.version = parts[1] + self.namespace = parts[2] + self.plural = parts[3] + self.name = parts[4] + + def check_cr_path(self): + errors = [] + for attr, value in self.__dict__.items(): + if attr != "path" and not value: + errors.append(attr) + if errors: + raise Exception(f'{",".join(errors)} attribute{"s" if len(errors) > 1 else ""} must not be empty to find ' + f'custom resource for status update') + + def update_custom_resource_status_condition(self, condition): + self.check_cr_path() + client = PlatformLibrary(managed_by_operator="true") + status_obj = client.get_namespaced_custom_object_status(self.group, + self.version, + self.namespace, + self.plural, + self.name) + status = status_obj.get('status') + conditions = [] + if status is not None: + conditions = status.get('conditions') + else: + status = {} + status_obj['status'] = status + is_presented = False + for i, con in enumerate(conditions): + if con['reason'] == "IntegrationTestsExecutionStatus": + conditions[i] = condition + is_presented = True + break + if not is_presented: + conditions.append(condition) + + status['conditions'] = conditions + client.custom_objects_api.patch_namespaced_custom_object_status(self.group, + self.version, + self.namespace, + self.plural, + self.name, + status_obj) + + +class ConditionType(Enum): + SUCCESSFUL = "Successful" + FAILED = "Failed" + IN_PROGRESS = 'In Progress' + READY = 'Ready' + + +class ConditionStatus(Enum): + TRUE = "True" + FALSE = "False" + UNKNOWN = "Unknown" + + +def str2bool(v): + return v.lower() in ("yes", "true", "t", "1") + +class Condition: + def __init__(self, + is_in_progress: bool = False, + message: str = None, + reason: str = None, + status: ConditionStatus = None, + type: ConditionType = None): + self.is_in_progress = is_in_progress + self.message = message + self.reason = reason if reason is not None else "IntegrationTestsExecutionStatus" + self.status = status if status is not None else ConditionStatus.UNKNOWN + self.type = type if type is not None else ConditionType.READY + + def get_condition_body(self): + status_value = self.status.value + if str2bool(os.getenv("IS_STATUS_BOOLEAN", "false")): + status_value = str2bool(status_value) + return {"message": self.message, + "reason": self.reason, + "status": status_value, + "type": self.type.value, + "lastTransitionTime": datetime.utcnow().isoformat()[:-3]+'Z'} + + def generate_condition_state(self): + if self.is_in_progress: + self.generate_in_progress_condition_state() + return + with open('./output/result.txt', 'r') as file: + self.message = file.read() + if "RESULT: TESTS PASSED" in self.message: + self.status = ConditionStatus.TRUE + if os.getenv("ONLY_INTEGRATION_TESTS") and os.getenv("ONLY_INTEGRATION_TESTS").lower() == "true": + self.type = ConditionType.SUCCESSFUL + else: + self.type = ConditionType.READY + else: + self.status = ConditionStatus.FALSE + self.type = ConditionType.FAILED + if os.getenv("IS_SHORT_STATUS_MESSAGE", "true").lower() == "true": + result_str = self.message.split("\n")[0] + self.message = re.sub(r'\t', " ", result_str) + + def generate_in_progress_condition_state(self): + self.message = "Service in progress" + self.type = ConditionType.IN_PROGRESS + self.status = ConditionStatus.FALSE + + +if __name__ == '__main__': + argv = sys.argv[1:] + is_in_progress = False if len(argv) < 1 or argv[0] != "in_progress" else True + + condition = Condition(is_in_progress=is_in_progress) + condition.generate_condition_state() + condition_body = condition.get_condition_body() + status_resolver = CustomResourceStatusResolver() + status_resolver.update_custom_resource_status_condition(condition_body) diff --git a/readiness-probe/.gitignore b/readiness-probe/.gitignore new file mode 100644 index 0000000..da0c4eb --- /dev/null +++ b/readiness-probe/.gitignore @@ -0,0 +1 @@ +probe diff --git a/readiness-probe/Dockerfile b/readiness-probe/Dockerfile new file mode 100644 index 0000000..497faca --- /dev/null +++ b/readiness-probe/Dockerfile @@ -0,0 +1,37 @@ +# Build the manager binary +FROM golang:1.23.4-alpine3.21 AS builder +ARG GOPROXY="" +ENV GOSUMDB=off \ + GO111MODULE=on + +WORKDIR /workspace + +COPY go.mod go.mod +COPY go.sum go.sum + +# cache deps before building and copying source so that we don't need to re-download as much +# and so that source changes don't invalidate our downloaded layer +RUN go mod download -x + +# Copy the go source +COPY main.go main.go + +RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -a -o probe . + +# Main container +FROM alpine:3.21.0 + +ENV USER_UID=2001 \ + USER_NAME=probe \ + GROUP_NAME=probe + +WORKDIR /app/ + +COPY --from=builder --chown=${USER_UID} /workspace/probe /app/ + +RUN addgroup ${GROUP_NAME} \ + && adduser -D -G ${GROUP_NAME} -u ${USER_UID} ${USER_NAME} + +USER ${USER_UID} + +CMD ["/app/probe"] diff --git a/readiness-probe/README.md b/readiness-probe/README.md new file mode 100644 index 0000000..b016486 --- /dev/null +++ b/readiness-probe/README.md @@ -0,0 +1,50 @@ +# Readiness probe + +* [Readiness Probe](#readiness-probe) + * [Overview](#overview) + * [Documents](#documents) + * [How to start](#how-to-start) + * [Build](#build) + * [Smoke tests](#smoke-tests) + * [How to debug](#how-to-debug) + * [How to troubleshoot](#how-to-troubleshoot) + +## Overview + +Readiness probe is used for executing checks and provide custom readiness probe for Jaeger. + +## Documents + +* [Installation](/docs/public/installation.md) + +## How to start + +### Build + +#### Local build + +1. Use WSL or Linux VM +2. Run commands: + + ```bash + ./build.sh + ``` + +### Deploy to k8s + +#### Helm + +Not applicable because the readiness probe is expected to be deployed along with Jaeger. +For more details, see [Jaeger's Installation Guide: Readiness Probe](/docs/public/installation.md#readiness-probe). + +### Smoke tests + +There are no smoke tests. + +### How to debug + +Readiness probe is a simple application to check if Jaeger is ready. It may be useful to check logs to debug issues. + +### How to troubleshoot + +Readiness probe issues can be troubleshooted by mostly checking logs from the pods' containers. diff --git a/readiness-probe/build.sh b/readiness-probe/build.sh new file mode 100644 index 0000000..1850486 --- /dev/null +++ b/readiness-probe/build.sh @@ -0,0 +1,12 @@ +#!/bin/bash +set -e + +ARTIFACT_NAME="readiness-probe" + +cd $(dirname "$0") + +docker build -t ${ARTIFACT_NAME} ./ + +for id in ${DOCKER_NAMES}; do + docker tag ${ARTIFACT_NAME} "$id" +done diff --git a/readiness-probe/go.mod b/readiness-probe/go.mod new file mode 100644 index 0000000..2dc3610 --- /dev/null +++ b/readiness-probe/go.mod @@ -0,0 +1,69 @@ +module tracing-readiness-probe + +go 1.22.0 + +toolchain go1.22.2 + +require ( + github.com/gocql/gocql v1.6.0 + k8s.io/api v0.30.0 + k8s.io/apimachinery v0.30.0 + k8s.io/client-go v0.30.0 + sigs.k8s.io/controller-runtime v0.18.0 +) + +require ( + github.com/beorn7/perks v1.0.1 // indirect + github.com/cespare/xxhash/v2 v2.2.0 // indirect + github.com/davecgh/go-spew v1.1.1 // indirect + github.com/emicklei/go-restful/v3 v3.11.0 // indirect + github.com/evanphx/json-patch/v5 v5.9.0 // indirect + github.com/fsnotify/fsnotify v1.7.0 // indirect + github.com/go-logr/logr v1.4.1 // indirect + github.com/go-openapi/jsonpointer v0.19.6 // indirect + github.com/go-openapi/jsonreference v0.20.2 // indirect + github.com/go-openapi/swag v0.22.3 // indirect + github.com/gogo/protobuf v1.3.2 // indirect + github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect + github.com/golang/protobuf v1.5.4 // indirect + github.com/golang/snappy v0.0.3 // indirect + github.com/google/gnostic-models v0.6.8 // indirect + github.com/google/go-cmp v0.6.0 // indirect + github.com/google/gofuzz v1.2.0 // indirect + github.com/google/uuid v1.3.0 // indirect + github.com/hailocab/go-hostpool v0.0.0-20160125115350-e80d13ce29ed // indirect + github.com/imdario/mergo v0.3.6 // indirect + github.com/josharian/intern v1.0.0 // indirect + github.com/json-iterator/go v1.1.12 // indirect + github.com/mailru/easyjson v0.7.7 // indirect + github.com/matttproud/golang_protobuf_extensions v1.0.4 // indirect + github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect + github.com/modern-go/reflect2 v1.0.2 // indirect + github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect + github.com/pkg/errors v0.9.1 // indirect + github.com/prometheus/client_golang v1.16.0 // indirect + github.com/prometheus/client_model v0.4.0 // indirect + github.com/prometheus/common v0.44.0 // indirect + github.com/prometheus/procfs v0.12.0 // indirect + github.com/spf13/pflag v1.0.5 // indirect + golang.org/x/exp v0.0.0-20220722155223-a9213eeb770e // indirect + golang.org/x/net v0.23.0 // indirect + golang.org/x/oauth2 v0.12.0 // indirect + golang.org/x/sys v0.18.0 // indirect + golang.org/x/term v0.18.0 // indirect + golang.org/x/text v0.14.0 // indirect + golang.org/x/time v0.3.0 // indirect + gomodules.xyz/jsonpatch/v2 v2.4.0 // indirect + google.golang.org/appengine v1.6.7 // indirect + google.golang.org/protobuf v1.33.0 // indirect + gopkg.in/inf.v0 v0.9.1 // indirect + gopkg.in/yaml.v2 v2.4.0 // indirect + gopkg.in/yaml.v3 v3.0.1 // indirect + k8s.io/apiextensions-apiserver v0.30.0 // indirect + k8s.io/klog/v2 v2.120.1 // indirect + k8s.io/kube-openapi v0.0.0-20240228011516-70dd3763d340 // indirect + k8s.io/utils v0.0.0-20230726121419-3b25d923346b // indirect + sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect + sigs.k8s.io/structured-merge-diff/v4 v4.4.1 // indirect + sigs.k8s.io/yaml v1.3.0 // indirect +) diff --git a/readiness-probe/go.sum b/readiness-probe/go.sum new file mode 100644 index 0000000..0a96fa0 --- /dev/null +++ b/readiness-probe/go.sum @@ -0,0 +1,205 @@ +github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM= +github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw= +github.com/bitly/go-hostpool v0.0.0-20171023180738-a3a6125de932 h1:mXoPYz/Ul5HYEDvkta6I8/rnYM5gSdSV2tJ6XbZuEtY= +github.com/bitly/go-hostpool v0.0.0-20171023180738-a3a6125de932/go.mod h1:NOuUCSz6Q9T7+igc/hlvDOUdtWKryOrtFyIVABv/p7k= +github.com/bmizerany/assert v0.0.0-20160611221934-b7ed37b82869 h1:DDGfHa7BWjL4YnC6+E63dPcxHo2sUxDIu8g3QgEJdRY= +github.com/bmizerany/assert v0.0.0-20160611221934-b7ed37b82869/go.mod h1:Ekp36dRnpXw/yCqJaO+ZrUyxD+3VXMFFr56k5XYrpB4= +github.com/cespare/xxhash/v2 v2.2.0 h1:DC2CZ1Ep5Y4k3ZQ899DldepgrayRUGE6BBZ/cd9Cj44= +github.com/cespare/xxhash/v2 v2.2.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= +github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= +github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= +github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/emicklei/go-restful/v3 v3.11.0 h1:rAQeMHw1c7zTmncogyy8VvRZwtkmkZ4FxERmMY4rD+g= +github.com/emicklei/go-restful/v3 v3.11.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= +github.com/evanphx/json-patch v4.12.0+incompatible h1:4onqiflcdA9EOZ4RxV643DvftH5pOlLGNtQ5lPWQu84= +github.com/evanphx/json-patch v4.12.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= +github.com/evanphx/json-patch/v5 v5.9.0 h1:kcBlZQbplgElYIlo/n1hJbls2z/1awpXxpRi0/FOJfg= +github.com/evanphx/json-patch/v5 v5.9.0/go.mod h1:VNkHZ/282BpEyt/tObQO8s5CMPmYYq14uClGH4abBuQ= +github.com/fsnotify/fsnotify v1.7.0 h1:8JEhPFa5W2WU7YfeZzPNqzMP6Lwt7L2715Ggo0nosvA= +github.com/fsnotify/fsnotify v1.7.0/go.mod h1:40Bi/Hjc2AVfZrqy+aj+yEI+/bRxZnMJyTJwOpGvigM= +github.com/go-logr/logr v1.4.1 h1:pKouT5E8xu9zeFC39JXRDukb6JFQPXM5p5I91188VAQ= +github.com/go-logr/logr v1.4.1/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= +github.com/go-logr/zapr v1.3.0 h1:XGdV8XW8zdwFiwOA2Dryh1gj2KRQyOOoNmBy4EplIcQ= +github.com/go-logr/zapr v1.3.0/go.mod h1:YKepepNBd1u/oyhd/yQmtjVXmm9uML4IXUgMOwR8/Gg= +github.com/go-openapi/jsonpointer v0.19.6 h1:eCs3fxoIi3Wh6vtgmLTOjdhSpiqphQ+DaPn38N2ZdrE= +github.com/go-openapi/jsonpointer v0.19.6/go.mod h1:osyAmYz/mB/C3I+WsTTSgw1ONzaLJoLCyoi6/zppojs= +github.com/go-openapi/jsonreference v0.20.2 h1:3sVjiK66+uXK/6oQ8xgcRKcFgQ5KXa2KvnJRumpMGbE= +github.com/go-openapi/jsonreference v0.20.2/go.mod h1:Bl1zwGIM8/wsvqjsOQLJ/SH+En5Ap4rVB5KVcIDZG2k= +github.com/go-openapi/swag v0.22.3 h1:yMBqmnQ0gyZvEb/+KzuWZOXgllrXT4SADYbvDaXHv/g= +github.com/go-openapi/swag v0.22.3/go.mod h1:UzaqsxGiab7freDnrUUra0MwWfN/q7tE4j+VcZ0yl14= +github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 h1:tfuBGBXKqDEevZMzYi5KSi8KkcZtzBcTgAUUtapy0OI= +github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572/go.mod h1:9Pwr4B2jHnOSGXyyzV8ROjYa2ojvAY6HCGYYfMoC3Ls= +github.com/gocql/gocql v1.6.0 h1:IdFdOTbnpbd0pDhl4REKQDM+Q0SzKXQ1Yh+YZZ8T/qU= +github.com/gocql/gocql v1.6.0/go.mod h1:3gM2c4D3AnkISwBxGnMMsS8Oy4y2lhbPRsH4xnJrHG8= +github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= +github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= +github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da h1:oI5xCqsCo564l8iNU+DwB5epxmsaqB+rhGL0m5jtYqE= +github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= +github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= +github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= +github.com/golang/protobuf v1.5.4 h1:i7eJL8qZTpSEXOPTxNKhASYpMn+8e5Q6AdndVa1dWek= +github.com/golang/protobuf v1.5.4/go.mod h1:lnTiLA8Wa4RWRcIUkrtSVa5nRhsEGBg48fD6rSs7xps= +github.com/golang/snappy v0.0.3 h1:fHPg5GQYlCeLIPB9BZqMVR5nR9A+IM5zcgeTdjMYmLA= +github.com/golang/snappy v0.0.3/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q= +github.com/google/gnostic-models v0.6.8 h1:yo/ABAfM5IMRsS1VnXjTBvUb61tFIHozhlYvRgGre9I= +github.com/google/gnostic-models v0.6.8/go.mod h1:5n7qKqH0f5wFt+aWF8CW6pZLLNOfYuF5OpfBSENuI8U= +github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= +github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI= +github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= +github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= +github.com/google/gofuzz v1.2.0 h1:xRy4A+RhZaiKjJ1bPfwQ8sedCA+YS2YcCHW6ec7JMi0= +github.com/google/gofuzz v1.2.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= +github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1 h1:K6RDEckDVWvDI9JAJYCmNdQXq6neHJOYx3V6jnqNEec= +github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= +github.com/google/uuid v1.3.0 h1:t6JiXgmwXMjEs8VusXIJk2BXHsn+wx8BZdTaoZ5fu7I= +github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= +github.com/hailocab/go-hostpool v0.0.0-20160125115350-e80d13ce29ed h1:5upAirOpQc1Q53c0bnx2ufif5kANL7bfZWcc6VJWJd8= +github.com/hailocab/go-hostpool v0.0.0-20160125115350-e80d13ce29ed/go.mod h1:tMWxXQ9wFIaZeTI9F+hmhFiGpFmhOHzyShyFUhRm0H4= +github.com/imdario/mergo v0.3.6 h1:xTNEAn+kxVO7dTZGu0CegyqKZmoWFI0rF8UxjlB2d28= +github.com/imdario/mergo v0.3.6/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA= +github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8HmY= +github.com/josharian/intern v1.0.0/go.mod h1:5DoeVV0s6jJacbCEi61lwdGj/aVlrQvzHFFd8Hwg//Y= +github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM= +github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo= +github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= +github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= +github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= +github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= +github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE= +github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk= +github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= +github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= +github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= +github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= +github.com/mailru/easyjson v0.7.7 h1:UGYAvKxe3sBsEDzO8ZeWOSlIQfWFlxbzLZe7hwFURr0= +github.com/mailru/easyjson v0.7.7/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc= +github.com/matttproud/golang_protobuf_extensions v1.0.4 h1:mmDVorXM7PCGKw94cs5zkfA9PSy5pEvNWRP0ET0TIVo= +github.com/matttproud/golang_protobuf_extensions v1.0.4/go.mod h1:BSXmuO+STAnVfrANrmjBb36TMTDstsz7MSK+HVaYKv4= +github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= +github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg= +github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= +github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9Gz0M= +github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk= +github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq1c1nUAm88MOHcQC9l5mIlSMApZMrHA= +github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= +github.com/onsi/ginkgo/v2 v2.17.1 h1:V++EzdbhI4ZV4ev0UTIj0PzhzOcReJFyJaLjtSF55M8= +github.com/onsi/ginkgo/v2 v2.17.1/go.mod h1:llBI3WDLL9Z6taip6f33H76YcWtJv+7R3HigUjbIBOs= +github.com/onsi/gomega v1.32.0 h1:JRYU78fJ1LPxlckP6Txi/EYqJvjtMrDC04/MM5XRHPk= +github.com/onsi/gomega v1.32.0/go.mod h1:a4x4gW6Pz2yK1MAmvluYme5lvYTn61afQ2ETw/8n4Lg= +github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= +github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= +github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= +github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= +github.com/prometheus/client_golang v1.16.0 h1:yk/hx9hDbrGHovbci4BY+pRMfSuuat626eFsHb7tmT8= +github.com/prometheus/client_golang v1.16.0/go.mod h1:Zsulrv/L9oM40tJ7T815tM89lFEugiJ9HzIqaAx4LKc= +github.com/prometheus/client_model v0.4.0 h1:5lQXD3cAg1OXBf4Wq03gTrXHeaV0TQvGfUooCfx1yqY= +github.com/prometheus/client_model v0.4.0/go.mod h1:oMQmHW1/JoDwqLtg57MGgP/Fb1CJEYF2imWWhWtMkYU= +github.com/prometheus/common v0.44.0 h1:+5BrQJwiBB9xsMygAB3TNvpQKOwlkc25LbISbrdOOfY= +github.com/prometheus/common v0.44.0/go.mod h1:ofAIvZbQ1e/nugmZGz4/qCb9Ap1VoSTIO7x0VV9VvuY= +github.com/prometheus/procfs v0.12.0 h1:jluTpSng7V9hY0O2R9DzzJHYb2xULk9VTR1V1R/k6Bo= +github.com/prometheus/procfs v0.12.0/go.mod h1:pcuDEFsWDnvcgNzo4EEweacyhjeA9Zk3cnaOZAZEfOo= +github.com/rogpeppe/go-internal v1.10.0 h1:TMyTOH3F/DB16zRVcYyreMH6GnZZrwQVAoYjRBZyWFQ= +github.com/rogpeppe/go-internal v1.10.0/go.mod h1:UQnix2H7Ngw/k4C5ijL5+65zddjncjaFoBhdsK/akog= +github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= +github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= +github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= +github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= +github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= +github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= +github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= +github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= +github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= +github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk= +github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= +github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= +github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= +go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto= +go.uber.org/goleak v1.3.0/go.mod h1:CoHD4mav9JJNrW/WLlf7HGZPjdw8EucARQHekz1X6bE= +go.uber.org/multierr v1.11.0 h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0= +go.uber.org/multierr v1.11.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y= +go.uber.org/zap v1.26.0 h1:sI7k6L95XOKS281NhVKOFCUNIvv9e0w4BF8N3u+tCRo= +go.uber.org/zap v1.26.0/go.mod h1:dtElttAiwGvoJ/vj4IwHBS/gXsEu/pZ50mUIRWuG0so= +golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= +golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= +golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= +golang.org/x/exp v0.0.0-20220722155223-a9213eeb770e h1:+WEEuIdZHnUeJJmEUjyYC2gfUMj69yZXw17EnHg/otA= +golang.org/x/exp v0.0.0-20220722155223-a9213eeb770e/go.mod h1:Kr81I6Kryrl9sr8s2FK3vxD90NdsKWRuOIl2O4CvYbA= +golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= +golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= +golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= +golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks= +golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= +golang.org/x/net v0.23.0 h1:7EYJ93RZ9vYSZAIb2x3lnuvqO5zneoD6IvWjuhfxjTs= +golang.org/x/net v0.23.0/go.mod h1:JKghWKKOSdJwpW2GEx0Ja7fmaKnMsbu+MWVZTokSYmg= +golang.org/x/oauth2 v0.12.0 h1:smVPGxink+n1ZI5pkQa8y6fZT0RW0MgCO5bFpepy4B4= +golang.org/x/oauth2 v0.12.0/go.mod h1:A74bZ3aGXgCY0qaIC9Ahg6Lglin4AMAco8cIv9baba4= +golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.18.0 h1:DBdB3niSjOA/O0blCZBqDefyWNYveAYMNF1Wum0DYQ4= +golang.org/x/sys v0.18.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/term v0.18.0 h1:FcHjZXDMxI8mM3nwhX9HlKop4C0YQvCVCdwYl2wOtE8= +golang.org/x/term v0.18.0/go.mod h1:ILwASektA3OnRv7amZ1xhE/KTR+u50pbXfZ03+6Nx58= +golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= +golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= +golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= +golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ= +golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= +golang.org/x/time v0.3.0 h1:rg5rLMjNzMS1RkNLzCG38eapWhnYLFYXDXj2gOlr8j4= +golang.org/x/time v0.3.0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= +golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= +golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= +golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= +golang.org/x/tools v0.18.0 h1:k8NLag8AGHnn+PHbl7g43CtqZAwG60vZkLqgyZgIHgQ= +golang.org/x/tools v0.18.0/go.mod h1:GL7B4CwcLLeo59yx/9UWWuNOW1n3VZ4f5axWfML7Lcg= +golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +gomodules.xyz/jsonpatch/v2 v2.4.0 h1:Ci3iUJyx9UeRx7CeFN8ARgGbkESwJK+KB9lLcWxY/Zw= +gomodules.xyz/jsonpatch/v2 v2.4.0/go.mod h1:AH3dM2RI6uoBZxn3LVrfvJ3E0/9dG4cSrbuBJT4moAY= +google.golang.org/appengine v1.6.7 h1:FZR1q0exgwxzPzp/aF+VccGrSfxfPpkBqjIIEq3ru6c= +google.golang.org/appengine v1.6.7/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= +google.golang.org/protobuf v1.33.0 h1:uNO2rsAINq/JlFpSdYEKIZ0uKD/R9cpdv0T+yoGwGmI= +google.golang.org/protobuf v1.33.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos= +gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= +gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= +gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc= +gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= +gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY= +gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= +gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= +gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= +gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= +k8s.io/api v0.30.0 h1:siWhRq7cNjy2iHssOB9SCGNCl2spiF1dO3dABqZ8niA= +k8s.io/api v0.30.0/go.mod h1:OPlaYhoHs8EQ1ql0R/TsUgaRPhpKNxIMrKQfWUp8QSE= +k8s.io/apiextensions-apiserver v0.30.0 h1:jcZFKMqnICJfRxTgnC4E+Hpcq8UEhT8B2lhBcQ+6uAs= +k8s.io/apiextensions-apiserver v0.30.0/go.mod h1:N9ogQFGcrbWqAY9p2mUAL5mGxsLqwgtUce127VtRX5Y= +k8s.io/apimachinery v0.30.0 h1:qxVPsyDM5XS96NIh9Oj6LavoVFYff/Pon9cZeDIkHHA= +k8s.io/apimachinery v0.30.0/go.mod h1:iexa2somDaxdnj7bha06bhb43Zpa6eWH8N8dbqVjTUc= +k8s.io/client-go v0.30.0 h1:sB1AGGlhY/o7KCyCEQ0bPWzYDL0pwOZO4vAtTSh/gJQ= +k8s.io/client-go v0.30.0/go.mod h1:g7li5O5256qe6TYdAMyX/otJqMhIiGgTapdLchhmOaY= +k8s.io/klog/v2 v2.120.1 h1:QXU6cPEOIslTGvZaXvFWiP9VKyeet3sawzTOvdXb4Vw= +k8s.io/klog/v2 v2.120.1/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE= +k8s.io/kube-openapi v0.0.0-20240228011516-70dd3763d340 h1:BZqlfIlq5YbRMFko6/PM7FjZpUb45WallggurYhKGag= +k8s.io/kube-openapi v0.0.0-20240228011516-70dd3763d340/go.mod h1:yD4MZYeKMBwQKVht279WycxKyM84kkAx2DPrTXaeb98= +k8s.io/utils v0.0.0-20230726121419-3b25d923346b h1:sgn3ZU783SCgtaSJjpcVVlRqd6GSnlTLKgpAAttJvpI= +k8s.io/utils v0.0.0-20230726121419-3b25d923346b/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= +sigs.k8s.io/controller-runtime v0.18.0 h1:Z7jKuX784TQSUL1TIyeuF7j8KXZ4RtSX0YgtjKcSTME= +sigs.k8s.io/controller-runtime v0.18.0/go.mod h1:tuAt1+wbVsXIT8lPtk5RURxqAnq7xkpv2Mhttslg7Hw= +sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd h1:EDPBXCAspyGV4jQlpZSudPeMmr1bNJefnuqLsRAsHZo= +sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd/go.mod h1:B8JuhiUyNFVKdsE8h686QcCxMaH6HrOAZj4vswFpcB0= +sigs.k8s.io/structured-merge-diff/v4 v4.4.1 h1:150L+0vs/8DA78h1u02ooW1/fFq/Lwr+sGiqlzvrtq4= +sigs.k8s.io/structured-merge-diff/v4 v4.4.1/go.mod h1:N8hJocpFajUSSeSJ9bOZ77VzejKZaXsTtZo4/u7Io08= +sigs.k8s.io/yaml v1.3.0 h1:a2VclLzOGrwOHDiV8EfBGhvjHvP46CtW5j6POvhYGGo= +sigs.k8s.io/yaml v1.3.0/go.mod h1:GeOyir5tyXNByN85N/dRIT9es5UQNerPYEKK56eTBm8= diff --git a/readiness-probe/main.go b/readiness-probe/main.go new file mode 100644 index 0000000..200a211 --- /dev/null +++ b/readiness-probe/main.go @@ -0,0 +1,367 @@ +package main + +import ( + "context" + "crypto/tls" + "crypto/x509" + "flag" + "fmt" + "io" + "log/slog" + "net/http" + "os" + "os/signal" + "strconv" + "strings" + "time" + + v1 "k8s.io/api/core/v1" + metaV1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/client-go/kubernetes" + ctrl "sigs.k8s.io/controller-runtime" + + "github.com/gocql/gocql" +) + +var Logger = slog.New(slog.NewJSONHandler(os.Stdout, &slog.HandlerOptions{Level: slog.LevelInfo})) + +type HttpClient struct { + client http.Client + user string + password string +} + +type Server struct { + endpoint string + errorsCount int + retryCount int + storage string + servicePort int + shutdownTimeout time.Duration + tlsEnabled bool + opensearch *HttpClient + cassandra *gocql.Session + keyspace string + testTable string +} + +const ( + cassandra string = "cassandra" +) + +func main() { + slog.SetDefault(Logger) + slog.Info("Starting the service") + s := initServer() + host := "0.0.0.0:" + strconv.Itoa(s.servicePort) + mux := http.NewServeMux() + mux.HandleFunc("/health", s.readinessProbe) + mux.HandleFunc("/", s.livenessProbe) + + ctx, stop := signal.NotifyContext(context.Background(), os.Interrupt) + defer stop() + + server := &http.Server{ + Addr: host, + Handler: mux, + } + + go func() { + slog.Info(fmt.Sprintf("The service is listening on 0.0.0.0:%d", s.servicePort)) + if err := server.ListenAndServe(); err != nil { + if err != http.ErrServerClosed { + slog.Error(err.Error()) + os.Exit(1) + } + } + }() + + <-ctx.Done() + + stop() + slog.Info("Shutting down gracefully, press Ctrl+C again to force") + + timeoutCtx, cancel := context.WithTimeout(context.Background(), 5*time.Second) + defer cancel() + + go func() { + if err := server.Shutdown(timeoutCtx); err != nil { + slog.Error(err.Error()) + os.Exit(1) + } + os.Exit(0) + }() +} + +func initServer() *Server { + // Probe service parameters + servicePort := flag.Int("servicePort", 8080, "The number of port for running service") + shutdownTimeout := flag.Int("shutdownTimeout", 5, "The number of seconds for graceful shutdown before connections are cancelled") + + // Common parameters + storage := flag.String("storage", "cassandra", "The type of storage for checking probe") + host := flag.String("host", "", "The host for probe") + port := flag.Int("port", 0, "The port for probe") + errors := flag.Int("errors", 5, "The number of retries for checking probe") + retries := flag.Int("retries", 5, "The number of allowed errors for checking probe") + timeout := flag.Int("timeout", 5, "The number of seconds for failing probe by timeout") + tlsEnabled := flag.Bool("tlsEnabled", false, "Enabling TLS for connection to the storage") + insecureSkipVerify := flag.Bool("insecureSkipVerify", false, "Disabling host verification for TLS") + + // Parameters to fetch information from the Secret + namespace := flag.String("namespace", "tracing", "Namespace for service with probe") + authSecretName := flag.String("authSecretName", "", "Secret name with username and password values") + ca := flag.String("caPath", "", "The path for ca-cert.pem file") + crt := flag.String("crtPath", "", "The path for client-cert.pem file") + key := flag.String("keyPath", "", "The path for client-key.pem file") + + // Cassandra specific parameters + keyspace := flag.String("keyspace", "jaeger", "Keyspace for the Cassandra database") + datacenter := flag.String("datacenter", "datacenter1", "Datacenter for the Cassandra database") + testtable := flag.String("testtable", "service_names", "Table name for getting test data from the Cassandra database") + + var user, pass string + flag.Parse() + if *host == "" { + slog.Error("Missing required argument -host") + os.Exit(1) + } else if *authSecretName == "" { + slog.Error("Missing required argument -authSecretName") + os.Exit(1) + } else if *tlsEnabled { + if !*insecureSkipVerify && (*ca == "" || *crt == "" || *key == "") { + slog.Error("Missing one of the required arguments -caPath, -crtPath, -keyPath") + os.Exit(1) + } + } + secret := readSecret(*namespace, *authSecretName) + user = readFromSecret(secret, v1.BasicAuthUsernameKey) + pass = readFromSecret(secret, v1.BasicAuthPasswordKey) + endpoint := *host + if *port != 0 { + endpoint += ":" + strconv.Itoa(*port) + } + var opensearchClient *HttpClient + var cassandraClient *gocql.Session + if *storage == "opensearch" { + opensearchClient = createHttpClient(user, pass, *tlsEnabled, *ca, *crt, *key, *insecureSkipVerify, time.Duration(*timeout)) + } else { + cassandraClient = createCassandraClient(*host, *port, user, pass, *tlsEnabled, *ca, *crt, *key, *insecureSkipVerify, time.Duration(*timeout), *datacenter, *keyspace) + } + return &Server{ + endpoint: endpoint, + tlsEnabled: *tlsEnabled, + retryCount: *errors, + errorsCount: *retries, + storage: *storage, + servicePort: *servicePort, + shutdownTimeout: time.Duration(*shutdownTimeout), + opensearch: opensearchClient, + cassandra: cassandraClient, + testTable: *testtable, + keyspace: *keyspace, + } +} + +func readSecret(namespace string, secretName string) *v1.Secret { + config, err := ctrl.GetConfig() + if err != nil { + slog.Error(err.Error()) + } + k8sClient, err := kubernetes.NewForConfig(config) + if err != nil { + slog.Error(err.Error()) + } + secret, err := k8sClient.CoreV1().Secrets(namespace).Get(context.TODO(), secretName, metaV1.GetOptions{}) + if err != nil { + slog.Error(err.Error()) + } + return secret +} + +func readFromSecret(secret *v1.Secret, key string) string { + value := string(secret.Data[key]) + if value == "" { + slog.Error(fmt.Sprintf("Can't read the field '%s' from the secret '%s/%s'", key, secret.Namespace, secret.Name)) + os.Exit(1) + } + return value +} + +func createCassandraClient(host string, port int, user string, password string, tlsEnabled bool, ca string, crt string, key string, verification bool, timeout time.Duration, datacenter string, keyspace string) *gocql.Session { + cluster := gocql.NewCluster(host) + cluster.Port = port + cluster.Keyspace = keyspace + cluster.ConnectTimeout = time.Second * timeout + cluster.NumConns = 1 + if tlsEnabled { + if verification { + cluster.SslOpts.Config.InsecureSkipVerify = true + cluster.SslOpts = &gocql.SslOptions{ + EnableHostVerification: !verification, + } + } else { + cluster.SslOpts.Config.InsecureSkipVerify = false + cluster.SslOpts = &gocql.SslOptions{ + CertPath: crt, + CaPath: ca, + KeyPath: key, + EnableHostVerification: !verification, + } + } + } + cluster.Authenticator = gocql.PasswordAuthenticator{ + Username: user, + Password: password, + } + cluster.PoolConfig.HostSelectionPolicy = gocql.DCAwareRoundRobinPolicy(datacenter) + cluster.ProtoVersion = 4 + cluster.Consistency = gocql.Quorum + cluster.DisableInitialHostLookup = true + session, err := cluster.CreateSession() + if err != nil { + slog.Error(fmt.Sprintf("Can't create session: %s", err.Error())) + } + return session +} + +func createHttpClient(user string, password string, tlsEnabled bool, ca string, crt string, key string, verification bool, timeout time.Duration) *HttpClient { + client := http.Client{Timeout: timeout * time.Second} + if tlsEnabled { + tlsConfig := &tls.Config{ + InsecureSkipVerify: verification, + } + if !verification { + // load tls certificates + clientTLSCert, err := tls.LoadX509KeyPair(crt, key) + if err != nil { + slog.Error(fmt.Sprintf("Error loading certificate and key files: %v", err)) + } + // Configure the client to trust TLS server certs issued by a CA. + certPool, err := x509.SystemCertPool() + if err != nil { + slog.Error(err.Error()) + } + if caCertPEM, err := os.ReadFile(ca); err != nil { + slog.Error(err.Error()) + } else if ok := certPool.AppendCertsFromPEM(caCertPEM); !ok { + slog.Error("Invalid cert in CA PEM") + } + tlsConfig = &tls.Config{ + RootCAs: certPool, + Certificates: []tls.Certificate{clientTLSCert}, + InsecureSkipVerify: verification, + } + } + client.Transport = &http.Transport{ + IdleConnTimeout: timeout * time.Second, + TLSClientConfig: tlsConfig, + } + } + return &HttpClient{ + client: client, + user: user, + password: password, + } +} + +func (s *Server) livenessProbe(w http.ResponseWriter, _ *http.Request) { + w.WriteHeader(http.StatusOK) + w.Header().Set("Content-Type", "application/text") + _, err := io.WriteString(w, http.StatusText(http.StatusOK)) + if err != nil { + slog.Error("Can't send response") + } +} + +func (s *Server) readinessProbe(w http.ResponseWriter, _ *http.Request) { + if s.isHealth() { + w.WriteHeader(http.StatusOK) + w.Header().Set("Content-Type", "application/text") + _, err := io.WriteString(w, http.StatusText(http.StatusOK)) + if err != nil { + slog.Error("Can't send response") + } + } else { + slog.Error("Readiness probe failed") + w.WriteHeader(http.StatusInternalServerError) + } +} + +func (s *Server) isHealth() bool { + if strings.EqualFold(s.storage, cassandra) { + return s.cassandraHealth() + } + return s.opensearchHealth() +} + +func (s *Server) cassandraHealth() bool { + errors := 0 + for errors < s.errorsCount { + if s.cassandra != nil { + query := s.cassandra.Query(fmt.Sprintf("SELECT * FROM %s.%s limit 1;", s.keyspace, s.testTable)) + if query != nil { + err := query.Exec() + if err != nil { + slog.Error("Can't select from table. The error from server: ", "error", err.Error()) + } else { + return true + } + } + } + errors += 1 + slog.Info(fmt.Sprintf("Remaining attempts: %d", s.errorsCount-errors)) + if errors >= s.errorsCount { + return false + } + slog.Info("Sleep for 10 sec and try again") + time.Sleep(10 * time.Second) + } + return false +} + +func (s *Server) opensearchHealth() bool { + req, _ := http.NewRequest(http.MethodGet, s.endpoint, http.NoBody) + req.SetBasicAuth(s.opensearch.user, s.opensearch.password) + + errors := 0 + for errors < s.errorsCount { + res, err := s.opensearch.client.Do(req) + for (err != nil) && (errors < s.errorsCount) { + errors += 1 + slog.Error(fmt.Sprintf("Catch an error: %s, remaining attempts: %d", err.Error(), s.errorsCount-errors)) + res, err = s.opensearch.client.Do(req) + } + if err != nil { + slog.Error(err.Error()) + return false + } + res.Body.Close() + retries := 0 + for retries < s.retryCount { + if res.StatusCode == 200 { + return true + } else { + slog.Info(fmt.Sprintf("Get response code: %d", res.StatusCode)) + if res.StatusCode == http.StatusTooManyRequests { + if retries < s.retryCount { + slog.Info("Sleep for 60 sec and try again") + time.Sleep(60 * time.Second) + } else { + slog.Error("Can't get response from opensearch for a long time") + return false + } + } else { + slog.Info(fmt.Sprintf("Remaining attempts: %d", s.retryCount-retries)) + } + retries += 1 + res, err = s.opensearch.client.Do(req) + if err != nil { + slog.Error(err.Error()) + return false + } + } + } + } + return false +}