Skip to content

Commit

Permalink
Release 1.2.0 for joylive-injector
Browse files Browse the repository at this point in the history
  • Loading branch information
@chenzhiguo
chenzhiguo committed Oct 10, 2024
1 parent 75da0c1 commit 861330e
Show file tree
Hide file tree
Showing 6 changed files with 366 additions and 3 deletions.
4 changes: 2 additions & 2 deletions charts/joylive-injector/Chart.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ type: application
# This is the chart version. This version number should be incremented each time you make changes
# to the chart and its templates, including the app version.
# Versions are expected to follow Semantic Versioning (https://semver.org/)
version: 1.1.0
version: 1.2.0

keywords:
- joylive
Expand All @@ -26,4 +26,4 @@ home: https://github.com/jd-opensource/joylive-injector
# incremented each time you make changes to the application. Versions are not expected to
# follow Semantic Versioning. They should reflect the version the application is using.
# It is recommended to use it with quotes.
appVersion: "1.1.0"
appVersion: "1.2.0"
25 changes: 25 additions & 0 deletions charts/joylive-injector/README-zh.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,25 @@
# joylive-injector

[![GitHub repo](https://img.shields.io/badge/GitHub-repo-blue)](https://github.com/jd-opensource/joylive-injector)
[![GitHub release](https://img.shields.io/github/release/jd-opensource/joylive-injector.svg)](https://github.com/jd-opensource/joylive-injector/releases)
[![Slack Status](https://img.shields.io/badge/slack-join_chat-white.svg?logo=slack&style=social)](https://joylivehq.slack.com)

[English](./README.md) | 简体中文

## 介绍
这是一个针对kubernetes的动态准入控制webhook,它可以用于修改`kubernete`资源。
此程序监视`deployments`的CREATE、UPDATE、DELETE事件和`pods`的CREATE事件,并为`POD`添加initContainer、默认增加环境变量`JAVA_TOOL_OPTIONS`、挂载configmap、修改主容器的卷装载等操作。

## 特性
- 支持自动将`joylive-agent`注入Java应用的Pod。
- 支持多版本`joylive-agent`与对应配置管理。
- 支持注入指定版本`joylive-agent`及对应配置。

## 使用方式

因证书签名已按照命名空间为`joylive`预生成,所以须指定安装到对应命名空间。 执行命令:
```bash
helm repo add joylive https://jd-opensource.github.io/joylive-helm-charts
kubectl create namespace joylive
helm install joylive-injector joylive/joylive-injector -n joylive
```
24 changes: 24 additions & 0 deletions charts/joylive-injector/README.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,24 @@
# joylive-injector

[![GitHub repo](https://img.shields.io/badge/GitHub-repo-blue)](https://github.com/jd-opensource/joylive-injector)
[![GitHub release](https://img.shields.io/github/release/jd-opensource/joylive-injector.svg)](https://github.com/jd-opensource/joylive-injector/releases)
[![Slack Status](https://img.shields.io/badge/slack-join_chat-white.svg?logo=slack&style=social)](https://joylivehq.slack.com)

English | [简体中文](./README-zh.md)

## Description
This is a dynamic admission control webhook for kubernetes, it can be used to mutate kubernetes resources.
This program monitors the `CREATE`, `UPDATE`, `DELETE` events for `deployments` and the `CREATE` events for `pods` and adds the initContainer for `Pod` , adds the environment variable `JAVA_TOOL_OPTIONS` by default, mounts the configmap, modifies the volume load for the main container, and so on.

## Features
- Supports automatically injecting `joylive-agent` into Pods of Java applications.
- Supports multi-version `joylive-agent` and corresponding configuration management.
- Support injection of specified version `joylive-agent` and corresponding configuration.

## Used
Since the certificate signature has been pre-generated according to the namespace `joylive`, it is necessary to specify installation to the corresponding namespace. Execute the command:
```bash
helm repo add joylive https://jd-opensource.github.io/joylive-helm-charts
kubectl create namespace joylive
helm install joylive-injector joylive/joylive-injector -n joylive
```
2 changes: 1 addition & 1 deletion charts/joylive-injector/values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ image:
repository: ghcr.m.daocloud.io/jd-opensource/joylive-injector
pullPolicy: Always
# Overrides the image tag whose default is the chart appVersion.
tag: latest
tag: v1.2.0

configMapName: joylive-injector-config

Expand Down
12 changes: 12 additions & 0 deletions examples/joylive-injector/injector_v1_agentversion.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
apiVersion: injector.joylive.io/v1
kind: AgentVersion
metadata:
labels:
app.kubernetes.io/name: joylive-injector
app.kubernetes.io/managed-by: joylive-injector
name: agentversion-1.0.0-e979a2d-amd64
namespace: joylive
spec:
version: 1.0.0-e979a2d-AMD64
configMapName: joylive-agent-config-1.0.0-e979a2d-amd64
enable: true
302 changes: 302 additions & 0 deletions examples/joylive-injector/injector_v1_agentversion_configmap.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,302 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: joylive-agent-config-1.0.0-e979a2d-amd64
namespace: joylive
labels:
app.kubernetes.io/name: joylive-injector
app.kubernetes.io/instance: joylive-injector
app: joylive-injector
data:
bootstrap.properties: |
app.name=${APPLICATION_NAME}
app.service.name=${APPLICATION_SERVICE_NAME:${APPLICATION_NAME}}
app.service.namespace=${APPLICATION_SERVICE_NAMESPACE:default}
app.service.group=${APPLICATION_SERVICE_GROUP:default}
app.service.gateway=${APPLICATION_SERVICE_GATEWAY:NONE}
app.location.region=${APPLICATION_LOCATION_REGION}
app.location.zone=${APPLICATION_LOCATION_ZONE}
app.location.liveSpaceId=${APPLICATION_LOCATION_LIVESPACE_ID:${CONFIG_LIVESPACE_ID}}
app.location.unitRuleId=${APPLICATION_LOCATION_UNIT_RULE_ID}
app.location.unit=${APPLICATION_LOCATION_UNIT}
app.location.cell=${APPLICATION_LOCATION_CELL}
app.location.laneSpaceId=${APPLICATION_LOCATION_LANESPACE_ID}
app.location.lane=${APPLICATION_LOCATION_LANE}
agent.enhance.shutdownOnError=${CONFIG_ENHANCE_SHUTDOWN_ON_ERROR:true}
classloader.contextLoaderEnabled=${CLASSLOADER_CONTEXT_LOADER_ENABLED:true}
classloader.core.configExtensions=yaml,yml,xml,json,properties
#classloader.core.parentResources=
classloader.core.parentPrefixes=com.jd.live.agent.bootstrap,java.,javax.,sun.
#classloader.core.isolationResources=
classloader.core.isolationPrefixes=META-INF/services/com.jd.live.agent
#classloader.coreImpl.parentResources=
classloader.coreImpl.parentPrefixes=com.jd.live.agent.bootstrap.,com.jd.live.agent.core.,com.jd.live.agent.governance.,java.,javax.,sun.
classloader.coreImpl.isolationResources=
classloader.coreImpl.isolationPrefixes=
#classloader.plugin.parentResources=
classloader.plugin.parentPrefixes=com.jd.live.agent.bootstrap.,com.jd.live.agent.core.,com.jd.live.agent.governance.,java.,javax.,sun.
#classloader.plugin.isolationResources=
#classloader.plugin.isolationPrefixes=
config.yaml: |
agent:
enhance:
javaVersion: '[,1.8);[1.8.0_60,]'
retransformEnabled: true
loggerEnabled: true
exporterEnabled: false
excludePrefixes: null
excludeTypes: null
excludeInterfaces: null
excludeClassLoaders:
- com.jd.jr.sgm.agent.loader.ClientLibClassLoader
- com.jd.pfinder.profiler.load.InterceptorClassLoader
- com.jd.pfinder.profiler.utils.ModuleClassLoader
- com.jd.pfinder.profiler.load.ModuleInterceptorClassLoader
- io.opentelemetry.javaagent.bootstrap.AgentClassLoader
- org.apache.skywalking.apm.agent.core.plugin.loader.AgentClassLoader
- org.apache.skywalking.apm.agent.core.plugin.loader.PluginClassLoader
- com.navercorp.pinpoint.bootstrap.classloader.AgentClassLoader
- com.navercorp.pinpoint.bootstrap.classloader.PluginClassLoader
- com.huaweicloud.sermant.core.classloader.FrameworkClassLoader
- com.huaweicloud.sermant.core.plugin.classloader.PluginClassLoader
- com.huaweicloud.sermant.core.plugin.classloader.ServiceClassLoader
- com.alipay.sofa.ark.container.service.classloader.PluginClassLoader
publisher:
configs:
traffic:
capacity: 20000
plugin:
systems:
- system
statics:
- dubbo
- grpc
- httpclient
- jdk
- jmq
- jsf
- kafka
- okhttp
- netty
- phevos
- rocketmq
- shenyu
- sofarpc
- spring
- mariadb
- mongodb
- opengauss
- postgresql
- redis
disables: null
dynamics: null
passives: null
profiles:
test: null
production: null
profile: null
sync:
liveSpace:
type: multilive # [file,multilive]
url: ${CONFIG_LIVE_SPACE_API_URL:http://11.159.56.136:30305/v1}
#spacesUrl: ${CONFIG_LIVE_SPACE_API_URL}/workspaces
#spaceUrl: ${CONFIG_LIVE_SPACE_API_URL}/workspaces/${space_id}/version/${space_version}
#serviceUrl: ${CONFIG_LIVE_SPACE_API_URL}/services/${service_name}/version/${service_version}
service: true
interval: 5000
timeout: 3000
initialTimeout: 20000
delay: 0
fault: 5000
headers: ${CONFIG_LIVE_SPACE_API_HEADERS}
laneSpace:
type: file
microservice:
enabled: true
type: file
url: ${CONFIG_SERVICE_API_URL:http://api.jmsf.local:8080/v1}
headers: ${CONFIG_SERVICE_API_HEADERS}
watchdog:
enabled: true
delay: 5000
interval: 100
timeout: 5000
switch:
live:
enabled: ${CONFIG_LIVE_ENABLED:true}
dubbo: true
sofarpc: true
jsf: true
spring: true
phevos: true
lane:
enabled: ${CONFIG_LANE_ENABLED:true}
transmission:
enabled: ${CONFIG_TRANSMISSION_ENABLED:true}
threadpool: ${CONFIG_TRANSMISSION_THREADPOOL_ENABLED:true}
registry:
enabled: ${CONFIG_REGISTRY_ENABLED:true}
flowcontrol:
enabled: ${CONFIG_FLOW_CONTROL_ENABLED:true}
loadbalance: ${CONFIG_LOADBALANCE_ENABLED:true}
sticky: ${CONFIG_STICKY_ENABLED:false}
limit: ${CONFIG_LIMIT_ENABLED:true}
localhost: ${CONFIG_LOCALHOST_ENABLED:false}
virtual: ${CONFIG_VIRTUAL_ENABLED:false}
protect:
enabled: ${CONFIG_PROTECT_ENABLED:false}
mariadb: true
postgresql: true
opengauss: true
mongodb: true
redis: false
classloader:
enabled: ${CONFIG_CLASSLOADER_ENABLED:true}
springboot: true
counter:
enabled: true
governance:
service:
warmups: ${CONFIG_WARMUP_SERVICES:}
excludes:
- org.apache.dubbo.metadata.MetadataService
initializeTimeout: ${CONFIG_POLICY_INITIALIZE_TIMEOUT:10000}
router:
virtual: ${CONFIG_VIRTUAL_SIZE:500}
phevos:
groupExpression: ${unit}-${cell}-${group}
transmission:
thread:
excludeExecutors:
- org.apache.dubbo.common.threadpool.ThreadlessExecutor
- org.apache.tomcat.util.threads.ThreadPoolExecutor
- org.apache.tomcat.util.threads.ScheduledThreadPoolExecutor
- org.apache.tomcat.util.threads.InlineExecutorService
- javax.management.NotificationBroadcasterSupport$1
- io.grpc.stub.ClientCalls.ThreadlessExecutor
- io.grpc.SynchronizationContext
- io.netty.channel.MultithreadEventLoopGroup
- io.netty.channel.nio.NioEventLoop
- io.netty.channel.SingleThreadEventLoop
- io.netty.channel.kqueue.KQueueEventLoopGroup
- io.netty.channel.kqueue.KQueueEventLoop
- io.netty.util.concurrent.MultithreadEventExecutorGroup
- io.netty.util.concurrent.AbstractEventExecutorGroup
- io.netty.util.concurrent.ThreadPerTaskExecutor
- io.netty.util.concurrent.GlobalEventExecutor
- io.netty.util.concurrent.AbstractScheduledEventExecutor
- io.netty.util.concurrent.AbstractEventExecutor
- io.netty.util.concurrent.DefaultEventExecutor
- io.netty.util.concurrent.SingleThreadEventExecutor
- io.netty.util.internal.ThreadExecutorMap$1
- reactor.core.scheduler.BoundedElasticScheduler$BoundedScheduledExecutorService
- reactor.netty.resources.ColocatedEventLoopGroup
- com.alibaba.nacos.shaded.io.grpc.netty.shaded.io.netty.channel.nio.NioEventLoopGroup
- com.alibaba.nacos.shaded.io.grpc.netty.shaded.io.netty.channel.MultithreadEventLoopGroup
- com.alibaba.nacos.shaded.io.grpc.netty.shaded.io.netty.util.concurrent.MultithreadEventExecutorGroup
- com.alibaba.nacos.shaded.io.grpc.netty.shaded.io.netty.util.concurrent.AbstractEventExecutorGroup
- com.alibaba.nacos.shaded.io.grpc.netty.shaded.io.netty.util.concurrent.ThreadPerTaskExecutor
- com.alibaba.nacos.shaded.io.grpc.netty.shaded.io.netty.util.concurrent.GlobalEventExecutor
- com.alibaba.nacos.shaded.io.grpc.netty.shaded.io.netty.util.concurrent.AbstractScheduledEventExecutor
- com.alibaba.nacos.shaded.io.grpc.netty.shaded.io.netty.util.concurrent.AbstractEventExecutor
- com.alibaba.nacos.shaded.io.grpc.netty.shaded.io.netty.channel.nio.NioEventLoop
- com.alibaba.nacos.shaded.io.grpc.netty.shaded.io.netty.channel.SingleThreadEventLoop
- com.alibaba.nacos.shaded.io.grpc.netty.shaded.io.netty.util.concurrent.SingleThreadEventExecutor
- com.alibaba.nacos.shaded.io.grpc.netty.shaded.io.netty.util.internal.ThreadExecutorMap$1
- com.alibaba.nacos.shaded.io.grpc.internal.ManagedChannelImpl$ExecutorHolder
- com.alibaba.nacos.shaded.io.grpc.internal.ManagedChannelImpl$RestrictedScheduledExecutor
- com.alibaba.nacos.shaded.io.grpc.internal.ManagedChannelImpl$2
- com.alibaba.nacos.shaded.io.grpc.internal.SerializingExecutor
- com.alibaba.nacos.shaded.io.grpc.stub.ClientCalls.ThreadlessExecutor
- com.alibaba.nacos.shaded.io.grpc.SynchronizationContext
- com.alibaba.nacos.shaded.com.google.common.util.concurrent.DirectExecutor
excludeTasks:
- com.alibaba.nacos.shaded.io.grpc.internal.DnsNameResolver.Resolve
- com.alibaba.nacos.client.naming.backups.FailoverReactor$DiskFileWriter
- com.alibaba.nacos.client.naming.backups.FailoverReactor.SwitchRefresher
- com.alibaba.nacos.client.naming.remote.gprc.redo.RedoScheduledTask
- com.alibaba.nacos.shaded.io.grpc.internal.DnsNameResolver$Resolve
- com.alibaba.nacos.shaded.io.grpc.internal.DelayedClientTransport$5
- com.alibaba.nacos.shaded.io.grpc.internal.SerializingExecutor
- com.alibaba.nacos.shaded.io.grpc.internal.LogExceptionRunnable
- com.jd.live.agent.core.thread.NamedThreadFactory
excludeTaskPrefixes:
- reactor.core.scheduler.BoundedElasticScheduler$$Lambda
- org.springframework.cloud.commons.util.InetUtils$$Lambda$
- com.alibaba.nacos.client.auth.ram.identify.CredentialWatcher$
- com.alibaba.nacos.client.naming.backups.FailoverReactor$$Lambda$
- com.alibaba.nacos.client.naming.remote.NamingClientProxyDelegate$$Lambda$
- com.alibaba.nacos.common.remote.client.RpcClient$$Lambda$
- com.alibaba.nacos.common.utils.ThreadFactoryBuilder$$Lambda$
- sun.rmi.transport.tcp.TCPTransport$
- sun.rmi.transport.DGCImpl$
- sun.rmi.transport.DGCAckHandler$
counter:
gateway: true
service: true
readerInterval: 1000
exporter:
type: ${CONFIG_COUNTER_EXPORTER_TYPE:logging}
endpoint: ${CONFIG_COUNTER_EXPORTER_ENDPOINT:}
timeout: 5000
logback.xml: |
<?xml version="1.0" encoding="UTF-8"?>
<configuration scan="true" debug="false">
<statusListener class="com.jd.live.agent.shaded.ch.qos.logback.core.status.NopStatusListener"/>
<conversionRule conversionWord="clr"
converterClass="com.jd.live.agent.implement.logger.slf4j.logback.ColorConverter"/>
<conversionRule conversionWord="wex"
converterClass="com.jd.live.agent.implement.logger.slf4j.logback.WhitespaceThrowableProxyConverter"/>
<conversionRule conversionWord="wEx"
converterClass="com.jd.live.agent.implement.logger.slf4j.logback.ExtendedWhitespaceThrowableProxyConverter"/>
<property name="LIVE_LOG_CONSOLE_PATTERN"
value="${LIVE_LOG_CONSOLE_PATTERN:-%clr(%d{${LIVE_LOG_DATEFORMAT_PATTERN:-yyyy-MM-dd HH:mm:ss.SSS}}){faint} %clr(${LIVE_LOG_LEVEL_PATTERN:-%5p}) %clr(${PID:- }){red} %clr(---){faint} %clr([%15.15t]){faint} %clr(%-40.40logger{39}){cyan} %clr(:){faint} %m%n${LIVE_LOG_EXCEPTION_CONVERSION_WORD:-%wEx}}"/>
<property name="LIVE_LOG_CONSOLE_CHARSET" value="${LIVE_LOG_CONSOLE_CHARSET:-${file.encoding:-UTF-8}}"/>
<property name="LIVE_LOG_FILE_PATTERN"
value="${LIVE_LOG_FILE_PATTERN:-%d{${LIVE_LOG_DATEFORMAT_PATTERN:-yyyy-MM-dd HH:mm:ss.SSS}} ${LIVE_LOG_LEVEL_PATTERN:-%5p} ${PID:- } --- [%t] %-40.40logger{39} : %m%n${LIVE_LOG_EXCEPTION_CONVERSION_WORD:-%wEx}}"/>
<property name="LIVE_LOG_FILE_CHARSET" value="${LIVE_LOG_FILE_CHARSET:-${file.encoding:-UTF-8}}"/>
<property scope="context" name="logger.dir" value="${LIVE_LOG_DIR:-./logs/live-agent/}"/>
<property scope="context" name="logger.application" value="${LIVE_APP_NAME:-live-agent}"/>
<property scope="context" name="logger.level" value="${LIVE_LOG_LEVEL:-info}"/>
<property scope="context" name="logger.totalSize" value="${LIVE_LOG_TOTAL_SIZE:-20GB}"/>
<property scope="context" name="logger.maxHistory" value="${LIVE_LOG_MAX_HISTORY:-10}"/>
<property scope="context" name="logger.maxFileSize" value="${LIVE_LOG_MAX_SIZE:-10MB}"/>
<property scope="context" name="logger.cleanHistoryOnStart" value="${LIVE_LOG_CLEAN_HISTORY_ONSTART:-true}"/>
<appender name="CONSOLE_APPENDER" class="com.jd.live.agent.shaded.ch.qos.logback.core.ConsoleAppender">
<encoder>
<pattern>
${LIVE_LOG_CONSOLE_PATTERN}
</pattern>
</encoder>
</appender>
<appender name="ROLLING_APPENDER" class="com.jd.live.agent.shaded.ch.qos.logback.core.rolling.RollingFileAppender">
<rollingPolicy class="com.jd.live.agent.shaded.ch.qos.logback.core.rolling.SizeAndTimeBasedRollingPolicy">
<fileNamePattern>${logger.dir}/%d{yyyy-MM-dd}/${logger.application}-%i.log</fileNamePattern>
<maxHistory>${logger.maxHistory}</maxHistory>
<maxFileSize>${logger.maxFileSize}</maxFileSize>
<totalSizeCap>${logger.totalSize}</totalSizeCap>
<cleanHistoryOnStart>${logger.cleanHistoryOnStart}</cleanHistoryOnStart>
</rollingPolicy>
<filter class="com.jd.live.agent.shaded.ch.qos.logback.classic.filter.ThresholdFilter">
<level>INFO</level>
</filter>
<encoder>
<pattern>
${LIVE_LOG_FILE_PATTERN}
</pattern>
</encoder>
</appender>
<root>
<level value="${logger.level}"/>
<appender-ref ref="CONSOLE_APPENDER"/>
<appender-ref ref="ROLLING_APPENDER"/>
</root>
</configuration>

0 comments on commit 861330e

Please sign in to comment.