From d2b53779ce91e5fbff2b5ea234c0b1d1a62fcd89 Mon Sep 17 00:00:00 2001 From: Matthias Theuermann Date: Fri, 12 Jan 2024 18:29:29 +0100 Subject: [PATCH] fix: seperated app, observability and otel in correct namespaces --- dapr-distributed-calendar/go/go_events.go | 1 - dapr-distributed-calendar/jaeger/ingress.yaml | 1 + .../jaeger/simplest.yaml | 3 +- .../kubernetes-deploy.sh | 12 +++-- .../kubernetes/appconfig.yaml | 4 +- .../kubernetes/go-events.yaml | 4 +- .../kubernetes/ingress.yaml | 2 +- .../kubernetes/node-controller.yaml | 4 +- .../kubernetes/python-messages.yaml | 5 +- .../kubernetes/redis.yaml | 4 +- .../kubernetes/resiliency.yaml | 2 +- .../kubernetes/secreats.yaml | 46 +++++++++---------- .../otel/otel-collector-values.yaml | 5 +- .../prometheus/ingress.yaml | 1 + .../kube-prometheus-stack-values.yaml | 2 +- 15 files changed, 50 insertions(+), 46 deletions(-) diff --git a/dapr-distributed-calendar/go/go_events.go b/dapr-distributed-calendar/go/go_events.go index 3675d63..29ae948 100644 --- a/dapr-distributed-calendar/go/go_events.go +++ b/dapr-distributed-calendar/go/go_events.go @@ -115,7 +115,6 @@ func deleteEvent(w http.ResponseWriter, r *http.Request) { } deleteURL := stateURL + "/" + eventID.ID - log.Printf("Delete URL: %s", deleteURL) req, err := http.NewRequest(http.MethodDelete, deleteURL, nil) if err != nil { diff --git a/dapr-distributed-calendar/jaeger/ingress.yaml b/dapr-distributed-calendar/jaeger/ingress.yaml index 56cc4bf..b181e1a 100644 --- a/dapr-distributed-calendar/jaeger/ingress.yaml +++ b/dapr-distributed-calendar/jaeger/ingress.yaml @@ -2,6 +2,7 @@ apiVersion: traefik.containo.us/v1alpha1 kind: IngressRoute metadata: name: jaeger-ingress + namespace: observability spec: entryPoints: - web diff --git a/dapr-distributed-calendar/jaeger/simplest.yaml b/dapr-distributed-calendar/jaeger/simplest.yaml index 67b4272..8f1ca78 100644 --- a/dapr-distributed-calendar/jaeger/simplest.yaml +++ b/dapr-distributed-calendar/jaeger/simplest.yaml @@ -1,4 +1,5 @@ apiVersion: jaegertracing.io/v1 kind: Jaeger metadata: - name: simplest \ No newline at end of file + name: simplest + namespace: observability \ No newline at end of file diff --git a/dapr-distributed-calendar/kubernetes-deploy.sh b/dapr-distributed-calendar/kubernetes-deploy.sh index 60d1cc8..a46b666 100755 --- a/dapr-distributed-calendar/kubernetes-deploy.sh +++ b/dapr-distributed-calendar/kubernetes-deploy.sh @@ -1,15 +1,17 @@ #!/bin/sh -# create namespace -# kubectl create namespace 12-factor-app +# create 12-factor-app namespace +kubectl create namespace 12-factor-app # install OTel Operator +kubectl create namespace opentelemetry helm repo add open-telemetry https://open-telemetry.github.io/opentelemetry-helm-charts helm repo update helm install my-opentelemetry-operator open-telemetry/opentelemetry-operator \ --set admissionWebhooks.certManager.enabled=false \ --set admissionWebhooks.certManager.autoGenerateCert.enabled=true \ --set manager.featureGates='operator.autoinstrumentation.go' \ + --namespace opentelemetry \ --wait # create OTel collector and instrumentation @@ -37,7 +39,7 @@ helm repo add prometheus-community https://prometheus-community.github.io/helm-c helm repo update helm install prometheus prometheus-community/kube-prometheus-stack \ --version 51.3.0 \ - --namespace default \ + --namespace observability \ --values prometheus/kube-prometheus-stack-values.yaml \ --wait kubectl apply -f ./prometheus/ingress.yaml @@ -67,10 +69,10 @@ helm install dapr-dashboard dapr/dapr-dashboard --namespace dapr-system --wait # install redis helm repo add bitnami https://charts.bitnami.com/bitnami helm repo update -helm install redis bitnami/redis --wait +helm install redis bitnami/redis --namespace 12-factor-app --wait # deploy the 12-factor-app kubectl apply -f kubernetes/. # get redis password (for manual interactions with the redis cli) OPTIONAL -kubectl get secret redis -o jsonpath='{.data.redis-password}' | base64 --decode \ No newline at end of file +kubectl get secret redis -n 12-factor-app -o jsonpath='{.data.redis-password}' | base64 --decode \ No newline at end of file diff --git a/dapr-distributed-calendar/kubernetes/appconfig.yaml b/dapr-distributed-calendar/kubernetes/appconfig.yaml index 836d727..fe6cfbc 100644 --- a/dapr-distributed-calendar/kubernetes/appconfig.yaml +++ b/dapr-distributed-calendar/kubernetes/appconfig.yaml @@ -2,12 +2,12 @@ apiVersion: dapr.io/v1alpha1 kind: Configuration metadata: name: appconfig - # namespace: 12-factor-app + namespace: 12-factor-app spec: tracing: samplingRate: "1" stdout: true otel: - endpointAddress: otel-dapr-collector:4317 + endpointAddress: otel-dapr-collector.opentelemetry:4317 isSecure: false protocol: grpc diff --git a/dapr-distributed-calendar/kubernetes/go-events.yaml b/dapr-distributed-calendar/kubernetes/go-events.yaml index e9efc41..9985dca 100644 --- a/dapr-distributed-calendar/kubernetes/go-events.yaml +++ b/dapr-distributed-calendar/kubernetes/go-events.yaml @@ -2,7 +2,7 @@ apiVersion: apps/v1 kind: Deployment metadata: name: go-events - # namespace: 12-factor-app + namespace: 12-factor-app labels: app: go-events spec: @@ -35,7 +35,7 @@ spec: - name: DAPR_HTTP_PORT value: "3500" - name: OTEL_EXPORTER_OTLP_ENDPOINT - value: "http://otel-dapr-collector:4317" + value: "http://otel-dapr-collector.opentelemetry:4317" ports: - containerPort: 6000 imagePullPolicy: Always diff --git a/dapr-distributed-calendar/kubernetes/ingress.yaml b/dapr-distributed-calendar/kubernetes/ingress.yaml index 2415030..f3231ce 100644 --- a/dapr-distributed-calendar/kubernetes/ingress.yaml +++ b/dapr-distributed-calendar/kubernetes/ingress.yaml @@ -2,7 +2,7 @@ apiVersion: traefik.containo.us/v1alpha1 kind: IngressRoute metadata: name: controller-ingress - # namespace: 12-factor-app + namespace: 12-factor-app spec: entryPoints: - web diff --git a/dapr-distributed-calendar/kubernetes/node-controller.yaml b/dapr-distributed-calendar/kubernetes/node-controller.yaml index 0c2d930..7ef7756 100644 --- a/dapr-distributed-calendar/kubernetes/node-controller.yaml +++ b/dapr-distributed-calendar/kubernetes/node-controller.yaml @@ -18,7 +18,7 @@ apiVersion: apps/v1 kind: Deployment metadata: name: controller - # namespace: 12-factor-app + namespace: 12-factor-app labels: app: controller spec: @@ -48,7 +48,7 @@ spec: - name: APP_PORT value: "3000" - name: OTEL_EXPORTER_OTLP_ENDPOINT - value: "http://otel-dapr-collector:4317" + value: "http://otel-dapr-collector.opentelemetry:4317" ports: - containerPort: 3000 imagePullPolicy: Always diff --git a/dapr-distributed-calendar/kubernetes/python-messages.yaml b/dapr-distributed-calendar/kubernetes/python-messages.yaml index d7d8125..1fca0a3 100644 --- a/dapr-distributed-calendar/kubernetes/python-messages.yaml +++ b/dapr-distributed-calendar/kubernetes/python-messages.yaml @@ -2,7 +2,7 @@ apiVersion: apps/v1 kind: Deployment metadata: name: messages - # namespace: 12-factor-app + namespace: 12-factor-app labels: app: messages spec: @@ -28,14 +28,13 @@ spec: containers: - name: messages image: mati007thm/dapr-distributed-calendar_messages:manual - # image: mati007thm/dapr-distributed-calendar_messages:woOtel env: - name: "APP_PORT" value: "5000" - name: FLASK_RUN_PORT value: "5000" - name: OTEL_EXPORTER_OTLP_ENDPOINT - value: "http://otel-dapr-collector:4317" + value: "http://otel-dapr-collector.opentelemetry:4317" ports: - containerPort: 5000 imagePullPolicy: Always diff --git a/dapr-distributed-calendar/kubernetes/redis.yaml b/dapr-distributed-calendar/kubernetes/redis.yaml index 1f2e49c..0b98bf1 100644 --- a/dapr-distributed-calendar/kubernetes/redis.yaml +++ b/dapr-distributed-calendar/kubernetes/redis.yaml @@ -2,7 +2,7 @@ apiVersion: dapr.io/v1alpha1 kind: Component metadata: name: events - # namespace: 12-factor-app + namespace: 12-factor-app spec: type: state.redis version: v1 @@ -21,7 +21,7 @@ apiVersion: dapr.io/v1alpha1 kind: Component metadata: name: pubsub - # namespace: 12-factor-app + namespace: 12-factor-app spec: type: pubsub.redis version: v1 diff --git a/dapr-distributed-calendar/kubernetes/resiliency.yaml b/dapr-distributed-calendar/kubernetes/resiliency.yaml index 6fed3d6..940f411 100644 --- a/dapr-distributed-calendar/kubernetes/resiliency.yaml +++ b/dapr-distributed-calendar/kubernetes/resiliency.yaml @@ -2,7 +2,7 @@ apiVersion: dapr.io/v1alpha1 kind: Resiliency metadata: name: myresiliency - # namespace: 12-factor-app + namespace: 12-factor-app # similar to subscription and configuration specs, scopes lists the Dapr App IDs that this # resiliency spec can be used by. scopes: diff --git a/dapr-distributed-calendar/kubernetes/secreats.yaml b/dapr-distributed-calendar/kubernetes/secreats.yaml index 1d860b7..2b6a01c 100644 --- a/dapr-distributed-calendar/kubernetes/secreats.yaml +++ b/dapr-distributed-calendar/kubernetes/secreats.yaml @@ -1,23 +1,23 @@ -# --- -# apiVersion: rbac.authorization.k8s.io/v1 -# kind: Role -# metadata: -# name: secret-reader -# namespace: 12-factor-app -# rules: -# - apiGroups: [""] -# resources: ["secrets"] -# verbs: ["get", "list"] -# --- -# kind: RoleBinding -# apiVersion: rbac.authorization.k8s.io/v1 -# metadata: -# name: dapr-secret-reader -# namespace: 12-factor-app -# subjects: -# - kind: ServiceAccount -# name: default -# roleRef: -# kind: Role -# name: secret-reader -# apiGroup: rbac.authorization.k8s.io +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: secret-reader + namespace: 12-factor-app +rules: +- apiGroups: [""] + resources: ["secrets"] + verbs: ["get", "list"] +--- +kind: RoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: dapr-secret-reader + namespace: 12-factor-app +subjects: +- kind: ServiceAccount + name: default +roleRef: + kind: Role + name: secret-reader + apiGroup: rbac.authorization.k8s.io diff --git a/dapr-distributed-calendar/otel/otel-collector-values.yaml b/dapr-distributed-calendar/otel/otel-collector-values.yaml index 2e8fb9b..87d90e9 100644 --- a/dapr-distributed-calendar/otel/otel-collector-values.yaml +++ b/dapr-distributed-calendar/otel/otel-collector-values.yaml @@ -2,6 +2,7 @@ apiVersion: opentelemetry.io/v1alpha1 kind: OpenTelemetryCollector metadata: name: otel-dapr + namespace: opentelemetry annotations: dapr_collector_demo: "true" spec: @@ -17,7 +18,7 @@ spec: - job_name: otel-collector scrape_interval: 5s static_configs: - - targets: [controller-dapr:9090, messages-dapr:9090, go-events-dapr:9090] + - targets: [controller-dapr.12-factor-app:9090, messages-dapr.12-factor-app:9090, go-events-dapr.12-factor-app:9090] processors: memory_limiter: @@ -33,7 +34,7 @@ spec: debug: verbosity: detailed otlp/jaeger: - endpoint: simplest-collector:4317 + endpoint: simplest-collector.observability:4317 tls: insecure: true prometheus: diff --git a/dapr-distributed-calendar/prometheus/ingress.yaml b/dapr-distributed-calendar/prometheus/ingress.yaml index af56d23..2ed7e54 100644 --- a/dapr-distributed-calendar/prometheus/ingress.yaml +++ b/dapr-distributed-calendar/prometheus/ingress.yaml @@ -2,6 +2,7 @@ apiVersion: traefik.containo.us/v1alpha1 kind: IngressRoute metadata: name: prometheus-ingress + namespace: observability spec: entryPoints: - web diff --git a/dapr-distributed-calendar/prometheus/kube-prometheus-stack-values.yaml b/dapr-distributed-calendar/prometheus/kube-prometheus-stack-values.yaml index 67e40bc..0608ccf 100644 --- a/dapr-distributed-calendar/prometheus/kube-prometheus-stack-values.yaml +++ b/dapr-distributed-calendar/prometheus/kube-prometheus-stack-values.yaml @@ -12,7 +12,7 @@ prometheus: - role: pod namespaces: own_namespace: true - # names: [12-factor-app] + names: [opentelemetry] relabel_configs: - source_labels: [__meta_kubernetes_pod_annotation_dapr_collector_demo] action: keep