Merge pull request #302 from jcountsNR/main

feat: Added newrelic into hybrid dir

eks-anywhere-hybrid/Addons/Partner/newrelic/external-secret.yaml

@@ -0,0 +1,22 @@
+apiVersion: external-secrets.io/v1beta1
+kind: ExternalSecret
+metadata:
+  name: newrelic-external-secret
+  namespace: newrelic
+spec:
+  refreshInterval: 1m
+  secretStoreRef:
+    name: eksa-secret-store #The secret store name we have just created.
+    kind: ClusterSecretStore
+  target:
+    name: newrelic-secret # Secret name in k8s
+  data:
+  - secretKey: newrelic-licensekey # which key it's going to be stored
+    remoteRef:
+      key: newrelic-licensekey # Our secret-name goes here
+  - secretKey: newrelic-account 
+    remoteRef:
+      key: newrelic-account 
+  - secretKey: newrelic-apikey # which key it's going to be stored
+    remoteRef:
+      key: newrelic-apikey

eks-anywhere-hybrid/Addons/Partner/newrelic/namespace.yaml

@@ -0,0 +1,9 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: newrelic
+  labels:
+    aws.conformance.vendor: newrelic
+    aws.conformance.vendor-solution: nri-bundle
+    aws.conformance.vendor-solution-version: 5.0.95
+    scrape: "true"

eks-anywhere-hybrid/Addons/Partner/newrelic/newrelic-source.yaml

@@ -0,0 +1,10 @@
+---
+apiVersion: source.toolkit.fluxcd.io/v1beta2
+kind: HelmRepository
+metadata:
+  name: newrelic-charts
+  namespace: flux-system
+spec:
+  interval: 30s
+  url: https://helm-charts.newrelic.com
+

eks-anywhere-hybrid/Addons/Partner/newrelic/newrelic.yaml

@@ -0,0 +1,48 @@
+---
+apiVersion: helm.toolkit.fluxcd.io/v2beta1
+kind: HelmRelease
+metadata:
+  name: newrelic
+  namespace: newrelic
+spec:
+  chart:
+    spec:
+      chart: nri-bundle
+      reconcileStrategy: ChartVersion
+      sourceRef:
+        kind: HelmRepository
+        name: newrelic-charts
+        namespace: flux-system
+      version: 5.0.95
+  interval: 1m0s
+  targetNamespace: newrelic
+  values:
+    global:
+      cluster: eks-conformance-testing
+      lowDataMode: false
+    newrelic-infrastructure:
+      controlPlane:
+        enabled: false
+      privileged: false
+      common:
+        config:
+          interval: 40s
+          namespaceSelector:
+            matchLabels:
+              scrape: "true"
+    kube-state-metrics:
+      image:
+        tag: v2.6.0
+      enabled: true
+    nri-metadata-injection:
+      enabled: false
+  valuesFrom:
+    - kind: Secret
+      name: newrelic-secret
+      valuesKey: newrelic-licensekey
+      targetPath: global.licenseKey
+      # - kind: ConfigMap
+      #   name: aws-env-metadata
+      #   namespace: kube-system
+      #   valuesKey: clusterName
+      #   targetPath: global.cluster

eks-anywhere-hybrid/Testers/newrelic/README.md

@@ -0,0 +1,47 @@
+## Development Setup for the TestJob
+
+* Set Environment variables, replacing NR license keys, API Keys and Account as appropriate
+
+``
+export newrelic_licensekey=YOUR_LICENSE_KEY
+export newrelic_account=YOUR_ACCOUNT
+export newrelic_apikey=YOUR_APIKEY
+
+``
+
+* Install NR K8 instrumentation 
+
+```
+function ver { printf "%03d%03d" $(echo "$1" | tr '.' ' '); } && \
+K8S_VERSION=$(kubectl version --short 2>&1 | grep 'Server Version' | awk -F' v' '{ print $2; }' | awk -F. '{ print $1"."$2; }') && \
+if [[ $(ver $K8S_VERSION) -lt $(ver "1.25") ]]; then KSM_IMAGE_VERSION="v2.6.0"; else KSM_IMAGE_VERSION="v2.7.0"; fi && \
+helm repo add newrelic https://helm-charts.newrelic.com && helm repo update && \
+kubectl create namespace newrelic ; helm upgrade --install newrelic-bundle newrelic/nri-bundle \
+ --set global.licenseKey=$newrelic_licensekey \
+ --set global.cluster=development \
+ --namespace=newrelic \
+ --set newrelic-infrastructure.privileged=false \
+ --set global.lowDataMode=true \
+ --set kube-state-metrics.image.tag=${KSM_IMAGE_VERSION} \
+ --set kube-state-metrics.enabled=true \
+ --set kubeEvents.enabled=true 
+```
+
+* Create Secret
+
+```
+kubectl create secret generic newrelic-secret -n newrelic \
+    --from-literal=newrelic-licensekey=$newrelic_licensekey \
+    --from-literal=newrelic-account=$newrelic_account \
+    --from-literal=newrelic-apikey=$newrelic_apikey
+```
+
+* Modify Cron job time
+
+Make changes in spec.schedule in eks-cloud/Testers/newrelic/test-job.yaml reflect the time when you want the cron job to run in your development environment
+
+* Install K8 manifest files
+
+```
+kubectl apply -f eks-cloud/Testers/newrelic/
+```

eks-anywhere-hybrid/Testers/newrelic/test-job-role.yaml

@@ -0,0 +1,31 @@
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: newrelic-testjob-service-account
+  namespace: newrelic
+automountServiceAccountToken: true
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  name: newrelic-testjob-role
+  namespace: newrelic
+rules:
+- apiGroups: ["*"]
+  resources: ["pods","secret"]
+  verbs: ["get","list"]
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  name: newrelic-testjob-clusterrole-binding
+  namespace: newrelic
+subjects:
+- kind: ServiceAccount
+  name: newrelic-testjob-service-account
+  namespace: newrelic
+roleRef:
+  kind: ClusterRole
+  name: newrelic-testjob-role
+  apiGroup: rbac.authorization.k8s.io

eks-anywhere-hybrid/Testers/newrelic/test-job.yaml

@@ -0,0 +1,67 @@
+apiVersion: batch/v1
+kind: CronJob
+metadata:
+  name: newrelic-testjob
+  namespace: newrelic
+spec:
+  schedule: "10 10 * * *"
+  # Running the cron at the 10 minute of 10th hour everyday
+  jobTemplate:
+    spec:
+      activeDeadlineSeconds: 900
+      # timeout after 15 minutes
+      template:
+        spec:
+          # serviceAccount: newrelic-testjob-service-account
+          # initContainers:
+          #   - name: kubectl
+          #     image: bitnami/kubectl
+          #     command: ['sh', '-c', "while [[$(kubectl get pods -l app.kubernetes.io/name=nri-metadata-injection -o 'jsonpath={..status.conditions[?(@.type==\"Running\")].status}') != \"True\" ]]; do echo \"waiting to init\"; sleep 10; done"]
+          containers:
+          - name: test-container
+            image: golang:latest
+            command: [ "bash", "-c", "--"]
+            args:
+            - >-
+              sleep 300;
+              export NR_LICENSE_KEY=$(cat /tmp/newrelic-licensekey/newrelic-licensekey);
+              export NR_ACCOUNT=$(cat /tmp/newrelic-account/newrelic-account);
+              export NR_API_KEY=$(cat /tmp/newrelic-apikey/newrelic-apikey);
+              git clone https://github.com/newrelic/newrelic-integration-e2e-action.git;
+              cd newrelic-integration-e2e-action;
+              go run main.go -account_id=$NR_ACCOUNT -agent_enabled=false -api_key=$NR_API_KEY -license_key=$NR_LICENSE_KEY -region="US" -spec_path=/tmp/configmaps/test-spec.yml -scenario_tag=$HOSTNAME --retry_attempts=1 --retry_seconds=5 -verbose_mode=true;
+            volumeMounts:
+                  - name: newrelic-licensekey
+                    mountPath: "/tmp/newrelic-licensekey"
+                    readOnly: true
+                  - name: newrelic-account
+                    mountPath: "/tmp/newrelic-account"
+                    readOnly: true
+                  - name: newrelic-apikey
+                    mountPath: "/tmp/newrelic-apikey"
+                    readOnly: true
+                  - name: test-spec-volume
+                    mountPath: /tmp/configmaps
+          restartPolicy: Never
+          volumes:
+          - name: newrelic-licensekey
+            secret:
+              secretName: newrelic-secret
+              items:
+              - key: newrelic-licensekey
+                path: newrelic-licensekey
+          - name: newrelic-account
+            secret:
+              secretName: newrelic-secret
+              items:
+              - key: newrelic-account
+                path: newrelic-account
+          - name: newrelic-apikey
+            secret:
+              secretName: newrelic-secret
+              items:
+              - key: newrelic-apikey
+                path: newrelic-apikey
+          - name: test-spec-volume
+            configMap:
+              name: test-spec

eks-anywhere-hybrid/Testers/newrelic/test-spec-configmap.yaml

@@ -0,0 +1,19 @@
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: test-spec
+  namespace: newrelic
+data:
+  test-spec.yml: |-
+    description: |
+      End-to-end tests for k8s integration
+    custom_test_key: k8s.podName
+    scenarios:
+      - description: |
+          This scenario will verify that metrics from a k8s Cluster are correctly collected without privileges
+        tests:
+          nrqls: 
+            - query: "SELECT latest(k8s.pod.startTime) FROM Metric SINCE 5 MINUTES AGO"
+          entities: []
+