diff --git a/.trivyignore b/.trivyignore index 455e620b4..79cd6c4a1 100644 --- a/.trivyignore +++ b/.trivyignore @@ -5,14 +5,28 @@ # none # =========== HIGH ================ +# HIGH - otelcollector +GHSA-m425-mq94-257g +CVE-2023-47108 # HIGH - telegraf GHSA-fr2g-9hjm-wr23 +# HIGH - promconfigvalidator +GHSA-m425-mq94-257g +CVE-2023-47108 +# HIGH - telegraf +GHSA-m425-mq94-257g +CVE-2023-47090 +CVE-2023-46129 # =========== MEDIUM ================ # MEDIUM - otelcollector CVE-2023-40577 +GHSA-jq35-85cj-fj4p # MEDIUM - promconfigvalidator CVE-2023-40577 +GHSA-jq35-85cj-fj4p +# MEDIUM - telegraf +GHSA-jq35-85cj-fj4p # MEDIUM - go vulnerabilities CVE-2023-39325 CVE-2023-3978 diff --git a/otelcollector/configmapparser/default-prom-configs/networkobservabilityCiliumDefaultDs.yml b/otelcollector/configmapparser/default-prom-configs/networkobservabilityCiliumDefaultDs.yml new file mode 100644 index 000000000..40a6df6db --- /dev/null +++ b/otelcollector/configmapparser/default-prom-configs/networkobservabilityCiliumDefaultDs.yml @@ -0,0 +1,30 @@ +scrape_configs: + - job_name: "networkobservability-cilium" + scrape_interval: $$SCRAPE_INTERVAL$$ + kubernetes_sd_configs: + - role: service + scheme: http + relabel_configs: + - source_labels: + [ + __meta_kubernetes_namespace, + __meta_kubernetes_service_name, + __meta_kubernetes_service_port_name, + ] + action: keep + regex: kube-system;network-observability;cilium + + - source_labels: [__address__] + target_label: __address__ + replacement: $$NODE_IP$$ + action: replace + + - source_labels: [__address__, __meta_kubernetes_service_port_number] + action: replace + regex: ([^:]+)(?::\d+)?;(\d+) + replacement: $1:$2 + target_label: __address__ + + - source_labels: [__address__] + replacement: "$$NODE_NAME$$" + target_label: instance diff --git a/otelcollector/configmapparser/default-prom-configs/networkobservabilityHubbleDefaultDs.yml b/otelcollector/configmapparser/default-prom-configs/networkobservabilityHubbleDefaultDs.yml new file mode 100644 index 000000000..d3d5a3416 --- /dev/null +++ b/otelcollector/configmapparser/default-prom-configs/networkobservabilityHubbleDefaultDs.yml @@ -0,0 +1,30 @@ +scrape_configs: + - job_name: "networkobservability-hubble" + scrape_interval: $$SCRAPE_INTERVAL$$ + kubernetes_sd_configs: + - role: service + scheme: http + relabel_configs: + - source_labels: + [ + __meta_kubernetes_namespace, + __meta_kubernetes_service_name, + __meta_kubernetes_service_port_name, + ] + action: keep + regex: kube-system;network-observability;hubble + + - source_labels: [__address__] + target_label: __address__ + replacement: $$NODE_IP$$ + action: replace + + - source_labels: [__address__, __meta_kubernetes_service_port_number] + action: replace + regex: ([^:]+)(?::\d+)?;(\d+) + replacement: $1:$2 + target_label: __address__ + + - source_labels: [__address__] + replacement: "$$NODE_NAME$$" + target_label: instance diff --git a/otelcollector/configmapparser/default-prom-configs/networkobservabilityRetinaDefaultDs.yml b/otelcollector/configmapparser/default-prom-configs/networkobservabilityRetinaDefaultDs.yml new file mode 100644 index 000000000..683123c9a --- /dev/null +++ b/otelcollector/configmapparser/default-prom-configs/networkobservabilityRetinaDefaultDs.yml @@ -0,0 +1,30 @@ +scrape_configs: + - job_name: "networkobservability-retina" + scrape_interval: $$SCRAPE_INTERVAL$$ + kubernetes_sd_configs: + - role: service + scheme: http + relabel_configs: + - source_labels: + [ + __meta_kubernetes_namespace, + __meta_kubernetes_service_name, + __meta_kubernetes_service_port_name, + ] + action: keep + regex: kube-system;network-observability;retina + + - source_labels: [__address__] + target_label: __address__ + replacement: $$NODE_IP$$ + action: replace + + - source_labels: [__address__, __meta_kubernetes_service_port_number] + action: replace + regex: ([^:]+)(?::\d+)?;(\d+) + replacement: $1:$2 + target_label: __address__ + + - source_labels: [__address__] + replacement: "$$NODE_NAME$$" + target_label: instance diff --git a/otelcollector/configmapparser/prometheus-config-merger-with-operator.rb b/otelcollector/configmapparser/prometheus-config-merger-with-operator.rb index ea74ba317..97b3fa73d 100644 --- a/otelcollector/configmapparser/prometheus-config-merger-with-operator.rb +++ b/otelcollector/configmapparser/prometheus-config-merger-with-operator.rb @@ -44,6 +44,11 @@ @windowskubeproxyDefaultRsAdvancedFile = @defaultPromConfigPathPrefix + "windowskubeproxyDefaultRsAdvanced.yml" @kappiebasicDefaultFileDs = @defaultPromConfigPathPrefix + "kappieBasicDefaultDs.yml" +@networkobservabilityRetinaDefaultFileDs = @defaultPromConfigPathPrefix + "networkobservabilityRetinaDefaultDs.yml" +@networkobservabilityHubbleDefaultFileDs = @defaultPromConfigPathPrefix + "networkobservabilityHubbleDefaultDs.yml" +@networkobservabilityCiliumDefaultFileDs = @defaultPromConfigPathPrefix + "networkobservabilityCiliumDefaultDs.yml" + + def parseConfigMap begin # Check to see if config map is created @@ -352,6 +357,68 @@ def populateDefaultPrometheusConfig end end + if !ENV["AZMON_PROMETHEUS_NETWORKOBSERVABILITYRETINA_SCRAPING_ENABLED"].nil? && ENV["AZMON_PROMETHEUS_NETWORKOBSERVABILITYRETINA_SCRAPING_ENABLED"].downcase == "true" + networkobservabilityRetinaMetricsKeepListRegex = @regexHash["NETWORKOBSERVABILITYRETINA_METRICS_KEEP_LIST_REGEX"] + networkobservabilityRetinaScrapeInterval = @intervalHash["NETWORKOBSERVABILITYRETINA_SCRAPE_INTERVAL"] + if (isConfigReaderSidecar || currentControllerType == @replicasetControllerType) + #do nothing -- kappie is not supported to be scrapped automatically outside ds. if needed, customer can disable this ds target, and enable rs scraping thru custom config map + else #networkobservabilityRetina scraping will be turned ON by default only when in MAC/addon mode (for both windows & linux) + if advancedMode == true && !ENV['MAC'].nil? && !ENV['MAC'].empty? && ENV['MAC'].strip.downcase == "true" #&& ENV["OS_TYPE"].downcase == "linux" + UpdateScrapeIntervalConfig(@networkobservabilityRetinaDefaultFileDs, networkobservabilityRetinaScrapeInterval) + if !networkobservabilityRetinaMetricsKeepListRegex.nil? && !networkobservabilityRetinaMetricsKeepListRegex.empty? + AppendMetricRelabelConfig(@networkobservabilityRetinaDefaultFileDs, networkobservabilityRetinaMetricsKeepListRegex) + end + contents = File.read(@networkobservabilityRetinaDefaultFileDs) + contents = contents.gsub("$$NODE_IP$$", ENV["NODE_IP"]) + contents = contents.gsub("$$NODE_NAME$$", ENV["NODE_NAME"]) + File.open(@networkobservabilityRetinaDefaultFileDs, "w") { |file| file.puts contents } + defaultConfigs.push(@networkobservabilityRetinaDefaultFileDs) + end + end + end + + if !ENV["AZMON_PROMETHEUS_NETWORKOBSERVABILITYHUBBLE_SCRAPING_ENABLED"].nil? && ENV["AZMON_PROMETHEUS_NETWORKOBSERVABILITYHUBBLE_SCRAPING_ENABLED"].downcase == "true" + networkobservabilityHubbleMetricsKeepListRegex = @regexHash["NETWORKOBSERVABILITYHUBBLE_METRICS_KEEP_LIST_REGEX"] + networkobservabilityHubbleScrapeInterval = @intervalHash["NETWORKOBSERVABILITYHUBBLE_SCRAPE_INTERVAL"] + if (isConfigReaderSidecar || currentControllerType == @replicasetControllerType) + #do nothing -- kappie is not supported to be scrapped automatically outside ds. if needed, customer can disable this ds target, and enable rs scraping thru custom config map + else #networkobservabilityHubble scraping will be turned ON by default only when in MAC/addon mode (for both windows & linux) + if advancedMode == true && !ENV['MAC'].nil? && !ENV['MAC'].empty? && ENV['MAC'].strip.downcase == "true" && ENV["OS_TYPE"].downcase == "linux" + UpdateScrapeIntervalConfig(@networkobservabilityHubbleDefaultFileDs, networkobservabilityHubbleScrapeInterval) + if !networkobservabilityHubbleMetricsKeepListRegex.nil? && !networkobservabilityHubbleMetricsKeepListRegex.empty? + AppendMetricRelabelConfig(@networkobservabilityHubbleDefaultFileDs, networkobservabilityHubbleMetricsKeepListRegex) + end + contents = File.read(@networkobservabilityHubbleDefaultFileDs) + contents = contents.gsub("$$NODE_IP$$", ENV["NODE_IP"]) + contents = contents.gsub("$$NODE_NAME$$", ENV["NODE_NAME"]) + File.open(@networkobservabilityHubbleDefaultFileDs, "w") { |file| file.puts contents } + defaultConfigs.push(@networkobservabilityHubbleDefaultFileDs) + end + end + end + + if !ENV["AZMON_PROMETHEUS_NETWORKOBSERVABILITYCILIUM_SCRAPING_ENABLED"].nil? && ENV["AZMON_PROMETHEUS_NETWORKOBSERVABILITYCILIUM_SCRAPING_ENABLED"].downcase == "true" + networkobservabilityCiliumMetricsKeepListRegex = @regexHash["NETWORKOBSERVABILITYCILIUM_METRICS_KEEP_LIST_REGEX"] + networkobservabilityCiliumScrapeInterval = @intervalHash["NETWORKOBSERVABILITYCILIUM_SCRAPE_INTERVAL"] + if (isConfigReaderSidecar || currentControllerType == @replicasetControllerType) + #do nothing -- kappie is not supported to be scrapped automatically outside ds. if needed, customer can disable this ds target, and enable rs scraping thru custom config map + else #networkobservabilityCilium scraping will be turned ON by default only when in MAC/addon mode (for both windows & linux) + if advancedMode == true && !ENV['MAC'].nil? && !ENV['MAC'].empty? && ENV['MAC'].strip.downcase == "true" && ENV["OS_TYPE"].downcase == "linux" + UpdateScrapeIntervalConfig(@networkobservabilityCiliumDefaultFileDs, networkobservabilityCiliumScrapeInterval) + if !networkobservabilityCiliumMetricsKeepListRegex.nil? && !networkobservabilityCiliumMetricsKeepListRegex.empty? + AppendMetricRelabelConfig(@networkobservabilityCiliumDefaultFileDs, networkobservabilityCiliumMetricsKeepListRegex) + end + contents = File.read(@networkobservabilityCiliumDefaultFileDs) + contents = contents.gsub("$$NODE_IP$$", ENV["NODE_IP"]) + contents = contents.gsub("$$NODE_NAME$$", ENV["NODE_NAME"]) + File.open(@networkobservabilityCiliumDefaultFileDs, "w") { |file| file.puts contents } + defaultConfigs.push(@networkobservabilityCiliumDefaultFileDs) + end + end + end + + + # Collector health config should be enabled or disabled for both replicaset and daemonset if !ENV["AZMON_PROMETHEUS_COLLECTOR_HEALTH_SCRAPING_ENABLED"].nil? && ENV["AZMON_PROMETHEUS_COLLECTOR_HEALTH_SCRAPING_ENABLED"].downcase == "true" prometheusCollectorHealthInterval = @intervalHash["PROMETHEUS_COLLECTOR_HEALTH_SCRAPE_INTERVAL"] diff --git a/otelcollector/configmapparser/prometheus-config-merger.rb b/otelcollector/configmapparser/prometheus-config-merger.rb index ee353aa37..8153ed024 100644 --- a/otelcollector/configmapparser/prometheus-config-merger.rb +++ b/otelcollector/configmapparser/prometheus-config-merger.rb @@ -42,6 +42,9 @@ @podannotationsDefaultFile = @defaultPromConfigPathPrefix + "podannotationsDefault.yml" @windowskubeproxyDefaultRsAdvancedFile = @defaultPromConfigPathPrefix + "windowskubeproxyDefaultRsAdvanced.yml" @kappiebasicDefaultFileDs = @defaultPromConfigPathPrefix + "kappieBasicDefaultDs.yml" +@networkobservabilityRetinaDefaultFileDs = @defaultPromConfigPathPrefix + "networkobservabilityRetinaDefaultDs.yml" +@networkobservabilityHubbleDefaultFileDs = @defaultPromConfigPathPrefix + "networkobservabilityHubbleDefaultDs.yml" +@networkobservabilityCiliumDefaultFileDs = @defaultPromConfigPathPrefix + "networkobservabilityCiliumDefaultDs.yml" def parseConfigMap begin @@ -335,6 +338,67 @@ def populateDefaultPrometheusConfig end end + if !ENV["AZMON_PROMETHEUS_NETWORKOBSERVABILITYRETINA_SCRAPING_ENABLED"].nil? && ENV["AZMON_PROMETHEUS_NETWORKOBSERVABILITYRETINA_SCRAPING_ENABLED"].downcase == "true" + networkobservabilityRetinaMetricsKeepListRegex = @regexHash["NETWORKOBSERVABILITYRETINA_METRICS_KEEP_LIST_REGEX"] + networkobservabilityRetinaScrapeInterval = @intervalHash["NETWORKOBSERVABILITYRETINA_SCRAPE_INTERVAL"] + if currentControllerType == @replicasetControllerType + #do nothing -- kappie is not supported to be scrapped automatically outside ds. if needed, customer can disable this ds target, and enable rs scraping thru custom config map + else #networkobservabilityRetina scraping will be turned ON by default only when in MAC/addon mode (for both windows & linux) + if advancedMode == true && !ENV['MAC'].nil? && !ENV['MAC'].empty? && ENV['MAC'].strip.downcase == "true" #&& ENV["OS_TYPE"].downcase == "linux" + UpdateScrapeIntervalConfig(@networkobservabilityRetinaDefaultFileDs, networkobservabilityRetinaScrapeInterval) + if !networkobservabilityRetinaMetricsKeepListRegex.nil? && !networkobservabilityRetinaMetricsKeepListRegex.empty? + AppendMetricRelabelConfig(@networkobservabilityRetinaDefaultFileDs, networkobservabilityRetinaMetricsKeepListRegex) + end + contents = File.read(@networkobservabilityRetinaDefaultFileDs) + contents = contents.gsub("$$NODE_IP$$", ENV["NODE_IP"]) + contents = contents.gsub("$$NODE_NAME$$", ENV["NODE_NAME"]) + File.open(@networkobservabilityRetinaDefaultFileDs, "w") { |file| file.puts contents } + defaultConfigs.push(@networkobservabilityRetinaDefaultFileDs) + end + end + end + + if !ENV["AZMON_PROMETHEUS_NETWORKOBSERVABILITYHUBBLE_SCRAPING_ENABLED"].nil? && ENV["AZMON_PROMETHEUS_NETWORKOBSERVABILITYHUBBLE_SCRAPING_ENABLED"].downcase == "true" + networkobservabilityHubbleMetricsKeepListRegex = @regexHash["NETWORKOBSERVABILITYHUBBLE_METRICS_KEEP_LIST_REGEX"] + networkobservabilityHubbleScrapeInterval = @intervalHash["NETWORKOBSERVABILITYHUBBLE_SCRAPE_INTERVAL"] + if currentControllerType == @replicasetControllerType + #do nothing -- kappie is not supported to be scrapped automatically outside ds. if needed, customer can disable this ds target, and enable rs scraping thru custom config map + else #networkobservabilityHubble scraping will be turned ON by default only when in MAC/addon mode (for both windows & linux) + if advancedMode == true && !ENV['MAC'].nil? && !ENV['MAC'].empty? && ENV['MAC'].strip.downcase == "true" && ENV["OS_TYPE"].downcase == "linux" + UpdateScrapeIntervalConfig(@networkobservabilityHubbleDefaultFileDs, networkobservabilityHubbleScrapeInterval) + if !networkobservabilityHubbleMetricsKeepListRegex.nil? && !networkobservabilityHubbleMetricsKeepListRegex.empty? + AppendMetricRelabelConfig(@networkobservabilityHubbleDefaultFileDs, networkobservabilityHubbleMetricsKeepListRegex) + end + contents = File.read(@networkobservabilityHubbleDefaultFileDs) + contents = contents.gsub("$$NODE_IP$$", ENV["NODE_IP"]) + contents = contents.gsub("$$NODE_NAME$$", ENV["NODE_NAME"]) + File.open(@networkobservabilityHubbleDefaultFileDs, "w") { |file| file.puts contents } + defaultConfigs.push(@networkobservabilityHubbleDefaultFileDs) + end + end + end + + if !ENV["AZMON_PROMETHEUS_NETWORKOBSERVABILITYCILIUM_SCRAPING_ENABLED"].nil? && ENV["AZMON_PROMETHEUS_NETWORKOBSERVABILITYCILIUM_SCRAPING_ENABLED"].downcase == "true" + networkobservabilityCiliumMetricsKeepListRegex = @regexHash["NETWORKOBSERVABILITYCILIUM_METRICS_KEEP_LIST_REGEX"] + networkobservabilityCiliumScrapeInterval = @intervalHash["NETWORKOBSERVABILITYCILIUM_SCRAPE_INTERVAL"] + if currentControllerType == @replicasetControllerType + #do nothing -- kappie is not supported to be scrapped automatically outside ds. if needed, customer can disable this ds target, and enable rs scraping thru custom config map + else #networkobservabilityCilium scraping will be turned ON by default only when in MAC/addon mode (for both windows & linux) + if advancedMode == true && !ENV['MAC'].nil? && !ENV['MAC'].empty? && ENV['MAC'].strip.downcase == "true" && ENV["OS_TYPE"].downcase == "linux" + UpdateScrapeIntervalConfig(@networkobservabilityCiliumDefaultFileDs, networkobservabilityCiliumScrapeInterval) + if !networkobservabilityCiliumMetricsKeepListRegex.nil? && !networkobservabilityCiliumMetricsKeepListRegex.empty? + AppendMetricRelabelConfig(@networkobservabilityCiliumDefaultFileDs, networkobservabilityCiliumMetricsKeepListRegex) + end + contents = File.read(@networkobservabilityCiliumDefaultFileDs) + contents = contents.gsub("$$NODE_IP$$", ENV["NODE_IP"]) + contents = contents.gsub("$$NODE_NAME$$", ENV["NODE_NAME"]) + File.open(@networkobservabilityCiliumDefaultFileDs, "w") { |file| file.puts contents } + defaultConfigs.push(@networkobservabilityCiliumDefaultFileDs) + end + end + end + + # Collector health config should be enabled or disabled for both replicaset and daemonset if !ENV["AZMON_PROMETHEUS_COLLECTOR_HEALTH_SCRAPING_ENABLED"].nil? && ENV["AZMON_PROMETHEUS_COLLECTOR_HEALTH_SCRAPING_ENABLED"].downcase == "true" prometheusCollectorHealthInterval = @intervalHash["PROMETHEUS_COLLECTOR_HEALTH_SCRAPE_INTERVAL"] diff --git a/otelcollector/configmapparser/tomlparser-default-scrape-settings.rb b/otelcollector/configmapparser/tomlparser-default-scrape-settings.rb index dcf22a9bf..84441723f 100644 --- a/otelcollector/configmapparser/tomlparser-default-scrape-settings.rb +++ b/otelcollector/configmapparser/tomlparser-default-scrape-settings.rb @@ -22,6 +22,9 @@ @windowsexporterEnabled = false @windowskubeproxyEnabled = false @kappiebasicEnabled = true +@networkobservabilityRetinaEnabled = true +@networkobservabilityHubbleEnabled = true +@networkobservabilityCiliumEnabled = true @noDefaultsEnabled = false @sendDSUpMetric = false @@ -93,6 +96,18 @@ def populateSettingValuesFromConfigMap(parsedConfig) @kappiebasicEnabled = parsedConfig[:kappiebasic] puts "config::Using configmap scrape settings for kappiebasic: #{@kappiebasicEnabled}" end + if !parsedConfig[:networkobservabilityRetina].nil? + @networkobservabilityRetinaEnabled = parsedConfig[:networkobservabilityRetina] + puts "config::Using configmap scrape settings for networkobservabilityRetina: #{@networkobservabilityRetinaEnabled}" + end + if !parsedConfig[:networkobservabilityHubble].nil? + @networkobservabilityHubbleEnabled = parsedConfig[:networkobservabilityHubble] + puts "config::Using configmap scrape settings for networkobservabilityHubble: #{@networkobservabilityHubbleEnabled}" + end + if !parsedConfig[:networkobservabilityCilium].nil? + @networkobservabilityCiliumEnabled = parsedConfig[:networkobservabilityCilium] + puts "config::Using configmap scrape settings for networkobservabilityCilium: #{@networkobservabilityCiliumEnabled}" + end windowsDaemonset = false if ENV["WINMODE"].nil? && ENV["WINMODE"].strip.downcase == "advanced" @@ -128,7 +143,7 @@ def populateSettingValuesFromConfigMap(parsedConfig) ConfigParseErrorLogger.logSection(LOGGING_PREFIX, "Start default-scrape-settings Processing") # set default targets for MAC mode if !ENV['MAC'].nil? && !ENV['MAC'].empty? && ENV['MAC'].strip.downcase == "true" - ConfigParseErrorLogger.logWarning(LOGGING_PREFIX, "MAC mode is enabled. Only enabling targets kubestate,cadvisor,kubelet,kappiebasic & nodeexporter for linux before config map processing....") + ConfigParseErrorLogger.logWarning(LOGGING_PREFIX, "MAC mode is enabled. Only enabling targets kubestate,cadvisor,kubelet,kappiebasic,networkobservabilityRetina,networkobservabilityHubble,networkobservabilityCilium & nodeexporter for linux before config map processing....") @corednsEnabled = false @kubeproxyEnabled = false @@ -168,10 +183,13 @@ def populateSettingValuesFromConfigMap(parsedConfig) file.write($export + "AZMON_PROMETHEUS_WINDOWSEXPORTER_SCRAPING_ENABLED=#{@windowsexporterEnabled}\n") file.write($export + "AZMON_PROMETHEUS_WINDOWSKUBEPROXY_SCRAPING_ENABLED=#{@windowskubeproxyEnabled}\n") file.write($export + "AZMON_PROMETHEUS_KAPPIEBASIC_SCRAPING_ENABLED=#{@kappiebasicEnabled}\n") + file.write($export + "AZMON_PROMETHEUS_NETWORKOBSERVABILITYRETINA_SCRAPING_ENABLED=#{@networkobservabilityRetinaEnabled}\n") + file.write($export + "AZMON_PROMETHEUS_NETWORKOBSERVABILITYHUBBLE_SCRAPING_ENABLED=#{@networkobservabilityHubbleEnabled}\n") + file.write($export + "AZMON_PROMETHEUS_NETWORKOBSERVABILITYCILIUM_SCRAPING_ENABLED=#{@networkobservabilityCiliumEnabled}\n") file.write($export + "AZMON_PROMETHEUS_POD_ANNOTATION_SCRAPING_ENABLED=#{@podannotationEnabled}\n") # Close file after writing all metric collection setting environment variables file.close else ConfigParseErrorLogger.logError(LOGGING_PREFIX, "Exception while opening file for writing default-scrape-settings config environment variables") end -ConfigParseErrorLogger.logSection(LOGGING_PREFIX, "End default-scrape-settings Processing") \ No newline at end of file +ConfigParseErrorLogger.logSection(LOGGING_PREFIX, "End default-scrape-settings Processing") diff --git a/otelcollector/configmapparser/tomlparser-default-targets-metrics-keep-list.rb b/otelcollector/configmapparser/tomlparser-default-targets-metrics-keep-list.rb index e4f7edd56..40ccb1b9f 100644 --- a/otelcollector/configmapparser/tomlparser-default-targets-metrics-keep-list.rb +++ b/otelcollector/configmapparser/tomlparser-default-targets-metrics-keep-list.rb @@ -26,6 +26,9 @@ @windowskubeproxyRegex = "" @podannotationRegex = "" @kappiebasicRegex = "" +@networkobservabilityRetinaRegex = "" +@networkobservabilityHubbleRegex = "" +@networkobservabilityCiliumRegex = "" #This will always be string "true" as we set the string value in the chart for both MAC and non MAC modes @minimalIngestionProfile = ENV["MINIMAL_INGESTION_PROFILE"] @@ -44,6 +47,9 @@ @kubestateRegex_minimal = "kube_horizontalpodautoscaler_spec_min_replicas|kube_horizontalpodautoscaler_status_desired_replicas|kube_job_status_active|kube_node_status_capacity|kube_job_status_succeeded|kube_job_spec_completions|kube_daemonset_status_number_misscheduled|kube_daemonset_status_desired_number_scheduled|kube_daemonset_status_current_number_scheduled|kube_daemonset_status_number_ready|kube_deployment_spec_replicas|kube_deployment_status_replicas_ready|kube_pod_container_status_last_terminated_reason|kube_node_status_condition|kube_pod_container_status_restarts_total|kube_pod_container_resource_requests|kube_pod_status_phase|kube_pod_container_resource_limits|kube_node_status_allocatable|kube_pod_info|kube_pod_owner|kube_resourcequota|kube_statefulset_replicas|kube_statefulset_status_replicas|kube_statefulset_status_replicas_ready|kube_statefulset_status_replicas_current|kube_statefulset_status_replicas_updated|kube_namespace_status_phase|kube_node_info|kube_statefulset_metadata_generation|kube_pod_labels|kube_pod_annotations|kube_horizontalpodautoscaler_status_current_replicas|kube_horizontalpodautoscaler_spec_max_replicas|kube_node_spec_taint|kube_pod_container_status_waiting_reason|kube_job_failed|kube_job_status_start_time|kube_deployment_status_replicas_available|kube_deployment_status_replicas_updated|kube_replicaset_owner|kubernetes_build_info|kube_pod_container_info" @nodeexporterRegex_minimal = "node_filesystem_readonly|node_cpu_seconds_total|node_memory_MemAvailable_bytes|node_memory_Buffers_bytes|node_memory_Cached_bytes|node_memory_MemFree_bytes|node_memory_Slab_bytes|node_memory_MemTotal_bytes|node_netstat_Tcp_RetransSegs|node_netstat_Tcp_OutSegs|node_netstat_TcpExt_TCPSynRetrans|node_load1|node_load5|node_load15|node_disk_read_bytes_total|node_disk_written_bytes_total|node_disk_io_time_seconds_total|node_filesystem_size_bytes|node_filesystem_avail_bytes|node_network_receive_bytes_total|node_network_transmit_bytes_total|node_vmstat_pgmajfault|node_network_receive_drop_total|node_network_transmit_drop_total|node_disk_io_time_weighted_seconds_total|node_exporter_build_info|node_time_seconds|node_uname_info|kubernetes_build_info" @kappiebasicRegex_minimal = "kappie.*" +@networkobservabilityRetinaRegex_minimal = "networkobservability.*" +@networkobservabilityHubbleRegex_minimal = "hubble.*" +@networkobservabilityCiliumRegex_minimal = "cilium_drop.*|cilium_forward.*" @windowsexporterRegex_minimal = "windows_system_system_up_time|windows_cpu_time_total|windows_memory_available_bytes|windows_os_visible_memory_bytes|windows_memory_cache_bytes|windows_memory_modified_page_list_bytes|windows_memory_standby_cache_core_bytes|windows_memory_standby_cache_normal_priority_bytes|windows_memory_standby_cache_reserve_bytes|windows_memory_swap_page_operations_total|windows_logical_disk_read_seconds_total|windows_logical_disk_write_seconds_total|windows_logical_disk_size_bytes|windows_logical_disk_free_bytes|windows_net_bytes_total|windows_net_packets_received_discarded_total|windows_net_packets_outbound_discarded_total|windows_container_available|windows_container_cpu_usage_seconds_total|windows_container_memory_usage_commit_bytes|windows_container_memory_usage_private_working_set_bytes|windows_container_network_receive_bytes_total|windows_container_network_transmit_bytes_total" @windowskubeproxyRegex_minimal = "kubeproxy_sync_proxy_rules_duration_seconds|kubeproxy_sync_proxy_rules_duration_seconds_bucket|kubeproxy_sync_proxy_rules_duration_seconds_sum|kubeproxy_sync_proxy_rules_duration_seconds_count|rest_client_requests_total|rest_client_request_duration_seconds|rest_client_request_duration_seconds_bucket|rest_client_request_duration_seconds_sum|rest_client_request_duration_seconds_count|process_resident_memory_bytes|process_cpu_seconds_total|go_goroutines" @@ -56,6 +62,9 @@ @kubestateRegex_minimal_mac = "kube_job_status_succeeded|kube_job_spec_completions|kube_daemonset_status_desired_number_scheduled|kube_daemonset_status_current_number_scheduled|kube_daemonset_status_number_misscheduled|kube_daemonset_status_number_ready|kube_deployment_status_replicas_ready|kube_pod_container_status_last_terminated_reason|kube_pod_container_status_waiting_reason|kube_pod_container_status_restarts_total|kube_node_status_allocatable|kube_pod_owner|kube_pod_container_resource_requests|kube_pod_status_phase|kube_pod_container_resource_limits|kube_replicaset_owner|kube_resourcequota|kube_namespace_status_phase|kube_node_status_capacity|kube_node_info|kube_pod_info|kube_deployment_spec_replicas|kube_deployment_status_replicas_available|kube_deployment_status_replicas_updated|kube_statefulset_status_replicas_ready|kube_statefulset_status_replicas|kube_statefulset_status_replicas_updated|kube_job_status_start_time|kube_job_status_active|kube_job_failed|kube_horizontalpodautoscaler_status_desired_replicas|kube_horizontalpodautoscaler_status_current_replicas|kube_horizontalpodautoscaler_spec_min_replicas|kube_horizontalpodautoscaler_spec_max_replicas|kubernetes_build_info|kube_node_status_condition|kube_node_spec_taint|kube_pod_container_info|kube_.*_labels|kube_.*_annotations|kube_service_info|kube_pod_container_status_running|kube_pod_container_status_waiting|kube_pod_container_status_terminated|kube_pod_container_state_started|kube_pod_created|kube_pod_start_time|kube_pod_init_container_info|kube_pod_init_container_status_terminated|kube_pod_init_container_status_terminated_reason|kube_pod_init_container_status_ready|kube_pod_init_container_resource_limits|kube_pod_init_container_status_running|kube_pod_init_container_status_waiting|kube_pod_init_container_status_restarts_total" @nodeexporterRegex_minimal_mac = "node_filesystem_readonly|node_memory_MemTotal_bytes|node_cpu_seconds_total|node_memory_MemAvailable_bytes|node_memory_Buffers_bytes|node_memory_Cached_bytes|node_memory_MemFree_bytes|node_memory_Slab_bytes|node_filesystem_avail_bytes|node_filesystem_size_bytes|node_time_seconds|node_exporter_build_info|node_load1|node_vmstat_pgmajfault|node_network_receive_bytes_total|node_network_transmit_bytes_total|node_network_receive_drop_total|node_network_transmit_drop_total|node_disk_io_time_seconds_total|node_disk_io_time_weighted_seconds_total|node_load5|node_load15|node_disk_read_bytes_total|node_disk_written_bytes_total|node_uname_info|kubernetes_build_info|node_boot_time_seconds" @kappiebasicRegex_minimal_mac = "kappie.*" +@networkobservabilityRetinaRegex_minimal_mac = "networkobservability.*" +@networkobservabilityHubbleRegex_minimal_mac = "hubble.*" +@networkobservabilityCiliumRegex_minimal_mac = "cilium_drop.*|cilium_forward.*" @windowsexporterRegex_minimal_mac = "windows_system_system_up_time|windows_cpu_time_total|windows_memory_available_bytes|windows_os_visible_memory_bytes|windows_memory_cache_bytes|windows_memory_modified_page_list_bytes|windows_memory_standby_cache_core_bytes|windows_memory_standby_cache_normal_priority_bytes|windows_memory_standby_cache_reserve_bytes|windows_memory_swap_page_operations_total|windows_logical_disk_read_seconds_total|windows_logical_disk_write_seconds_total|windows_logical_disk_size_bytes|windows_logical_disk_free_bytes|windows_net_bytes_total|windows_net_packets_received_discarded_total|windows_net_packets_outbound_discarded_total|windows_container_available|windows_container_cpu_usage_seconds_total|windows_container_memory_usage_commit_bytes|windows_container_memory_usage_private_working_set_bytes|windows_container_network_receive_bytes_total|windows_container_network_transmit_bytes_total" @windowskubeproxyRegex_minimal_mac = "kubeproxy_sync_proxy_rules_duration_seconds|kubeproxy_sync_proxy_rules_duration_seconds_bucket|kubeproxy_sync_proxy_rules_duration_seconds_sum|kubeproxy_sync_proxy_rules_duration_seconds_count|rest_client_requests_total|rest_client_request_duration_seconds|rest_client_request_duration_seconds_bucket|rest_client_request_duration_seconds_sum|rest_client_request_duration_seconds_count|process_resident_memory_bytes|process_cpu_seconds_total|go_goroutines" @@ -191,6 +200,50 @@ def populateSettingValuesFromConfigMap(parsedConfig) ConfigParseErrorLogger.logError(LOGGING_PREFIX, "kappiebasicRegex either not specified or not of type string") end + networkobservabilityRetinaRegex = parsedConfig[:networkobservabilityRetina] + if !networkobservabilityRetinaRegex.nil? && networkobservabilityRetinaRegex.kind_of?(String) + if !networkobservabilityRetinaRegex.empty? + if isValidRegex(networkobservabilityRetinaRegex) == true + @networkobservabilityRetinaRegex = networkobservabilityRetinaRegex + ConfigParseErrorLogger.log(LOGGING_PREFIX, "Using configmap metrics keep list regex for networkobservabilityRetina") + else + ConfigParseErrorLogger.logError(LOGGING_PREFIX, "Invalid keep list regex for networkobservabilityRetina") + end + end + else + ConfigParseErrorLogger.logError(LOGGING_PREFIX, "networkobservabilityRetinaRegex either not specified or not of type string") + end + + networkobservabilityHubbleRegex = parsedConfig[:networkobservabilityHubble] + if !networkobservabilityHubbleRegex.nil? && networkobservabilityHubbleRegex.kind_of?(String) + if !networkobservabilityHubbleRegex.empty? + if isValidRegex(networkobservabilityHubbleRegex) == true + @networkobservabilityHubbleRegex = networkobservabilityHubbleRegex + ConfigParseErrorLogger.log(LOGGING_PREFIX, "Using configmap metrics keep list regex for networkobservabilityHubble") + else + ConfigParseErrorLogger.logError(LOGGING_PREFIX, "Invalid keep list regex for networkobservabilityHubble") + end + end + else + ConfigParseErrorLogger.logError(LOGGING_PREFIX, "networkobservabilityHubbleRegex either not specified or not of type string") + end + + networkobservabilityCiliumRegex = parsedConfig[:networkobservabilityCilium] + if !networkobservabilityCiliumRegex.nil? && networkobservabilityCiliumRegex.kind_of?(String) + if !networkobservabilityCiliumRegex.empty? + if isValidRegex(networkobservabilityCiliumRegex) == true + @networkobservabilityCiliumRegex = networkobservabilityCiliumRegex + ConfigParseErrorLogger.log(LOGGING_PREFIX, "Using configmap metrics keep list regex for networkobservabilityCilium") + else + ConfigParseErrorLogger.logError(LOGGING_PREFIX, "Invalid keep list regex for networkobservabilityCilium") + end + end + else + ConfigParseErrorLogger.logError(LOGGING_PREFIX, "networkobservabilityCiliumRegex either not specified or not of type string") + end + + + windowsexporterRegex = parsedConfig[:windowsexporter] if !windowsexporterRegex.nil? && windowsexporterRegex.kind_of?(String) if !windowsexporterRegex.empty? @@ -264,6 +317,9 @@ def populateRegexValuesWithMinimalIngestionProfile @kubestateRegex = @kubestateRegex + "|" + @kubestateRegex_minimal_mac @nodeexporterRegex = @nodeexporterRegex + "|" + @nodeexporterRegex_minimal_mac @kappiebasicRegex = @kappiebasicRegex + "|" + @kappiebasicRegex_minimal_mac + @networkobservabilityRetinaRegex = @networkobservabilityRetinaRegex + "|" + @networkobservabilityRetinaRegex_minimal_mac + @networkobservabilityHubbleRegex = @networkobservabilityHubbleRegex + "|" + @networkobservabilityHubbleRegex_minimal_mac + @networkobservabilityCiliumRegex = @networkobservabilityCiliumRegex + "|" + @networkobservabilityCiliumRegex_minimal_mac @windowsexporterRegex = @windowsexporterRegex + "|" + @windowsexporterRegex_minimal_mac @windowskubeproxyRegex = @windowskubeproxyRegex + "|" + @windowskubeproxyRegex_minimal_mac else @@ -276,6 +332,9 @@ def populateRegexValuesWithMinimalIngestionProfile @kubestateRegex = @kubestateRegex + "|" + @kubestateRegex_minimal @nodeexporterRegex = @nodeexporterRegex + "|" + @nodeexporterRegex_minimal @kappiebasicRegex = @kappiebasicRegex + "|" + @kappiebasicRegex_minimal + @networkobservabilityRetinaRegex = @networkobservabilityRetinaRegex + "|" + @networkobservabilityRetinaRegex_minimal + @networkobservabilityHubbleRegex = @networkobservabilityHubbleRegex + "|" + @networkobservabilityHubbleRegex_minimal + @networkobservabilityCiliumRegex = @networkobservabilityCiliumRegex + "|" + @networkobservabilityCiliumRegex_minimal @windowsexporterRegex = @windowsexporterRegex + "|" + @windowsexporterRegex_minimal @windowskubeproxyRegex = @windowskubeproxyRegex + "|" + @windowskubeproxyRegex_minimal end @@ -318,6 +377,9 @@ def populateRegexValuesWithMinimalIngestionProfile regexHash["WINDOWSKUBEPROXY_METRICS_KEEP_LIST_REGEX"] = @windowskubeproxyRegex regexHash["POD_ANNOTATION_METRICS_KEEP_LIST_REGEX"] = @podannotationRegex regexHash["KAPPIEBASIC_METRICS_KEEP_LIST_REGEX"] = @kappiebasicRegex +regexHash["NETWORKOBSERVABILITYRETINA_METRICS_KEEP_LIST_REGEX"] = @networkobservabilityRetinaRegex +regexHash["NETWORKOBSERVABILITYHUBBLE_METRICS_KEEP_LIST_REGEX"] = @networkobservabilityHubbleRegex +regexHash["NETWORKOBSERVABILITYCILIUM_METRICS_KEEP_LIST_REGEX"] = @networkobservabilityCiliumRegex if !file.nil? # Close file after writing regex keep list hash diff --git a/otelcollector/configmapparser/tomlparser-scrape-interval.rb b/otelcollector/configmapparser/tomlparser-scrape-interval.rb index 8362ac232..d7cbbce3d 100644 --- a/otelcollector/configmapparser/tomlparser-scrape-interval.rb +++ b/otelcollector/configmapparser/tomlparser-scrape-interval.rb @@ -27,6 +27,9 @@ @prometheusCollectorHealthInterval = "30s" @podannotationScrapeInterval = "30s" @kappiebasicScrapeInterval = "30s" +@networkobservabilityRetinaScrapeInterval = "30s" +@networkobservabilityHubbleScrapeInterval = "30s" +@networkobservabilityCiliumScrapeInterval = "30s" # Use parser to parse the configmap toml file to a ruby structure def parseConfigMap @@ -208,6 +211,54 @@ def populateSettingValuesFromConfigMap(parsedConfig) ConfigParseErrorLogger.log(LOGGING_PREFIX, "kappiebasicScrapeInterval override not specified in configmap") end + networkobservabilityRetinaScrapeInterval = parsedConfig[:networkobservabilityRetina] + if !networkobservabilityRetinaScrapeInterval.nil? + matched = MATCHER.match(networkobservabilityRetinaScrapeInterval) + if !matched + # set default scrape interval to 30s if its not in the proper format + networkobservabilityRetinaScrapeInterval = "30s" + @networkobservabilityRetinaScrapeInterval = networkobservabilityRetinaScrapeInterval + ConfigParseErrorLogger.log(LOGGING_PREFIX, "Incorrect regex pattern for duration, set default scrape interval to 30s for networkobservabilityRetina") + else + @networkobservabilityRetinaScrapeInterval = networkobservabilityRetinaScrapeInterval + ConfigParseErrorLogger.log(LOGGING_PREFIX, "Using configmap scrape settings for networkobservabilityRetinaScrapeInterval") + end + else + ConfigParseErrorLogger.log(LOGGING_PREFIX, "networkobservabilityRetinaScrapeInterval override not specified in configmap") + end + + networkobservabilityHubbleScrapeInterval = parsedConfig[:networkobservabilityHubble] + if !networkobservabilityHubbleScrapeInterval.nil? + matched = MATCHER.match(networkobservabilityHubbleScrapeInterval) + if !matched + # set default scrape interval to 30s if its not in the proper format + networkobservabilityHubbleScrapeInterval = "30s" + @networkobservabilityHubbleScrapeInterval = networkobservabilityHubbleScrapeInterval + ConfigParseErrorLogger.log(LOGGING_PREFIX, "Incorrect regex pattern for duration, set default scrape interval to 30s for networkobservabilityRetina") + else + @networkobservabilityHubbleScrapeInterval = networkobservabilityHubbleScrapeInterval + ConfigParseErrorLogger.log(LOGGING_PREFIX, "Using configmap scrape settings for networkobservabilityHubbleScrapeInterval") + end + else + ConfigParseErrorLogger.log(LOGGING_PREFIX, "networkobservabilityHubbleScrapeInterval override not specified in configmap") + end + + networkobservabilityCiliumScrapeInterval = parsedConfig[:networkobservabilityCilium] + if !networkobservabilityCiliumScrapeInterval.nil? + matched = MATCHER.match(networkobservabilityCiliumScrapeInterval) + if !matched + # set default scrape interval to 30s if its not in the proper format + networkobservabilityCiliumScrapeInterval = "30s" + @networkobservabilityCiliumScrapeInterval = networkobservabilityCiliumScrapeInterval + ConfigParseErrorLogger.log(LOGGING_PREFIX, "Incorrect regex pattern for duration, set default scrape interval to 30s for networkobservabilityCilium") + else + @networkobservabilityCiliumScrapeInterval = networkobservabilityCiliumScrapeInterval + ConfigParseErrorLogger.log(LOGGING_PREFIX, "Using configmap scrape settings for networkobservabilityCiliumScrapeInterval") + end + else + ConfigParseErrorLogger.log(LOGGING_PREFIX, "networkobservabilityCiliumScrapeInterval override not specified in configmap") + end + prometheusCollectorHealthInterval = parsedConfig[:prometheuscollectorhealth] if !prometheusCollectorHealthInterval.nil? matched = MATCHER.match(prometheusCollectorHealthInterval) @@ -270,6 +321,10 @@ def populateSettingValuesFromConfigMap(parsedConfig) intervalHash["PROMETHEUS_COLLECTOR_HEALTH_SCRAPE_INTERVAL"] = @prometheusCollectorHealthInterval intervalHash["POD_ANNOTATION_SCRAPE_INTERVAL"] = @podannotationScrapeInterval intervalHash["KAPPIEBASIC_SCRAPE_INTERVAL"] = @kappiebasicScrapeInterval +intervalHash["NETWORKOBSERVABILITYRETINA_SCRAPE_INTERVAL"] = @networkobservabilityRetinaScrapeInterval +intervalHash["NETWORKOBSERVABILITYHUBBLE_SCRAPE_INTERVAL"] = @networkobservabilityHubbleScrapeInterval +intervalHash["NETWORKOBSERVABILITYCILIUM_SCRAPE_INTERVAL"] = @networkobservabilityCiliumScrapeInterval + if !file.nil? # Close file after writing scrape interval list hash diff --git a/otelcollector/configmaps/ama-metrics-settings-configmap.yaml b/otelcollector/configmaps/ama-metrics-settings-configmap.yaml index 55c1e81fe..79e1da1cb 100644 --- a/otelcollector/configmaps/ama-metrics-settings-configmap.yaml +++ b/otelcollector/configmaps/ama-metrics-settings-configmap.yaml @@ -20,6 +20,9 @@ data: windowsexporter = false windowskubeproxy = false kappiebasic = true + networkobservabilityRetina = true + networkobservabilityHubble = true + networkobservabilityCilium = true prometheuscollectorhealth = false # Regex for which namespaces to scrape through pod annotation based scraping. # This is none by default. Use '.*' to scrape all namespaces of annotated pods. @@ -37,6 +40,9 @@ data: windowskubeproxy = "" podannotations = "" kappiebasic = "" + networkobservabilityRetina = "" + networkobservabilityHubble = "" + networkobservabilityCilium = "" minimalingestionprofile = true default-targets-scrape-interval-settings: |- kubelet = "30s" @@ -49,6 +55,9 @@ data: windowsexporter = "30s" windowskubeproxy = "30s" kappiebasic = "30s" + networkobservabilityRetina = "30s" + networkobservabilityHubble = "30s" + networkobservabilityCilium = "30s" prometheuscollectorhealth = "30s" podannotations = "30s" debug-mode: |- diff --git a/otelcollector/telegraf/telegraf-prometheus-collector.conf b/otelcollector/telegraf/telegraf-prometheus-collector.conf index 49f4ffd1e..bb1259f54 100644 --- a/otelcollector/telegraf/telegraf-prometheus-collector.conf +++ b/otelcollector/telegraf/telegraf-prometheus-collector.conf @@ -175,6 +175,9 @@ defaultscrapepodannotations = "$AZMON_PROMETHEUS_POD_ANNOTATION_SCRAPING_ENABLED" podannotationns = "$AZMON_PROMETHEUS_POD_ANNOTATION_NAMESPACES_REGEX" defaultscrapekappiebasic = "$AZMON_PROMETHEUS_KAPPIEBASIC_SCRAPING_ENABLED" + defaultscrapenetworkobservabilityRetina = "$AZMON_PROMETHEUS_NETWORKOBSERVABILITYRETINA_SCRAPING_ENABLED" + defaultscrapenetworkobservabilityHubble = "$AZMON_PROMETHEUS_NETWORKOBSERVABILITYHUBBLE_SCRAPING_ENABLED" + defaultscrapenetworkobservabilityCilium = "$AZMON_PROMETHEUS_NETWORKOBSERVABILITYCILIUM_SCRAPING_ENABLED" nodeexportertargetport= "$NODE_EXPORTER_TARGETPORT" nodeexportername = "$NODE_EXPORTER_NAME" kubestatename = "$KUBE_STATE_NAME"