[release-4.18] Enable RTE metrics to be scraped securely by Prometheus #1141
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
* Enabled metrics by default by setting --metrics-mode=httptls. * Added an RTE metrics package and associated manifests. Currently, this includes only the Service manifest. * The Service manifest includes a special annotation monitored by the Service CA operator. This operator generates the tls.key and tls.crt files in the rte-metrics-service-cert secret, which is consumed by the RTE worker container. * Updated the DaemonSet configuration to include the required volume and volumeMount for accessing the metrics secret. * Deployment of this Service is required for metrics functionality. Signed-off-by: Ronny Baturov <[email protected]>
As part of enabling metrics for RTE, a Service resource is created during the deployment of the RTE metrics manifests by the operator. This commit grants the operator pod the necessary permissions to deploy the Service CR. Signed-off-by: Ronny Baturov <[email protected]>
* Integrating RTE metrics manifests to be deployed by the operator * This adds unit test for metrics components creation Signed-off-by: Ronny Baturov <[email protected]>
Signed-off-by: Ronny Baturov <[email protected]>
Introduce higher-level objectstate/rte Manifests object to enable future integration between deployer manifests and operator-specific RTE metrics manifests. This change only create room for the future integration adding a higher level object. No changes in behavior besides required API changes. Signed-off-by: Francesco Romani <[email protected]>
Incorporate the operator-specific metrics manifests in the newly introduced higher level objectstate Manifests. This enables us to remove all the custom code. Signed-off-by: Francesco Romani <[email protected]>
add coding shortcuts to remove the repetitive code. No intended changes in behavior. Signed-off-by: Francesco Romani <[email protected]>
make sure to render the Service manifests in render mode. Signed-off-by: Francesco Romani <[email protected]>
rbaturov
changed the title
swatisehgal
reviewed
Jan 7, 2025
There was a problem hiding this comment.
/lgtm
Let's capture in the PR description that we are backporting #1130 as well.
Thanks @swatisehgal. |
|
/approve |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: ffromani, rbaturov The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
openshift-ci
bot
added
the
approved
openshift-merge-bot
bot
merged commit 68c494c
into
openshift-kni:release-4.18
15 checks passed
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This is a combined backport PR for #1107 and #1130.
This PR encompasses and integrates all the needed infrastructure to enable secured communication for scraping metrics by Prometheus, now for RTE.
To validate that this PR is functioning correctly, please follow these steps:
make docker-build docker-push)make deployoc exec -it prometheus-k8s-0 -n openshift-monitoring /bin/bash