Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Dynatrace 1.3.2 #316

Merged
merged 19 commits into from
Nov 21, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Original file line number Diff line number Diff line change
Expand Up @@ -31,4 +31,6 @@ spec:
postBuild:
substituteFrom:
- kind: ConfigMap
name: dynatrace-variables # Provides apiurl, dynatracesecretname, dynakubename, oneagentvolumestorage
name: dynatrace-variables # Provides dynatracesecretname, dynakubename, oneagentvolumestorage
- kind: Secret
name: dynatrace-apiurl # provides apiurl
Original file line number Diff line number Diff line change
Expand Up @@ -5,33 +5,33 @@ metadata:
name: "${dynakubename}"
namespace: dynatrace
annotations:
feature.dynatrace.com/automatic-kubernetes-api-monitoring: "true"
feature.dynatrace.com/k8s-app-enabled: "true"
feature.dynatrace.com/no-proxy: "dynakube-activegate.dynatrace.svc.cluster.local,.svc.cluster.local,.dynatrace.svc"
feature.dynatrace.com/oneagent-ignore-proxy: "true"

spec:
apiUrl: ${apiurl}
apiUrl: "${apiurl}"
tokens: ${dynatracesecretname}
skipCertCheck: false
namespaceSelector:
matchLabels:
dynatrace.com/inject: "true"
oneAgent:
classicFullStack:
# image: ""
cloudNativeFullStack:
tolerations:
- effect: NoSchedule
key: node-role.kubernetes.io/master
operator: Exists
- effect: NoSchedule
key: node-role.kubernetes.io/control-plane
operator: Exists
env:
- name: ONEAGENT_ENABLE_VOLUME_STORAGE
value: "${oneagentvolumestorage}"
activeGate:
capabilities:
- routing
- kubernetes-monitoring
- dynatrace-api
#image: ""
resources:
requests:
cpu: 50m
cpu: 500m
memory: 512Mi
limits:
cpu: 1000m
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -10,14 +10,14 @@ spec:
chart: dynatrace-operator
sourceRef:
kind: HelmRepository
name: dynatrace-operator
name: dynatrace-operator-oci
namespace: flux-system
version: 0.10.1
interval: 1m0s
values:
installCRD: true
# version: "1.3.2"
install:
crds: CreateReplace
interval: 1m0s
targetNamespace: dynatrace
upgrade:
crds: CreateReplace
targetNamespace: dynatrace
values:
installCRD: true
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
apiVersion: source.toolkit.fluxcd.io/v1beta2
kind: HelmRepository
metadata:
name: dynatrace-operator-oci
namespace: flux-system
spec:
interval: 1m0s
type: "oci"
url: oci://public.ecr.aws/dynatrace

This file was deleted.

Original file line number Diff line number Diff line change
Expand Up @@ -15,4 +15,21 @@ spec:
- extract:
# we expect an external secret in the following format
# {"apiToken":"sometoken","dataIngestToken":"anothertoken"}
key: dt-tokens-secret
key: dt-tokens-secret
---
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: dynatrace-apiurl-external-secret
namespace: flux-system
spec:
refreshInterval: 1m
secretStoreRef:
name: eksa-secret-store #The secret store name we have just created.
kind: ClusterSecretStore
target:
name: dynatrace-apiurl # Secret name in k8s
data:
- secretKey: apiurl
remoteRef:
key: dynatrace-apiurl
Original file line number Diff line number Diff line change
Expand Up @@ -6,4 +6,4 @@ metadata:
labels:
aws.conformance.vendor: dynatrace
aws.conformance.vendor-solution: dynatrace
aws.conformance.vendor-solution-version: 0.10.1
aws.conformance.vendor-solution-version: 1.3.0
Original file line number Diff line number Diff line change
Expand Up @@ -5,12 +5,7 @@ metadata:
name: dynatrace-variables
namespace: flux-system
data:
# api url for dynatrace environment
apiurl: "https://syh360.dynatrace-managed.com/e/29143f4b-2894-450d-a1fc-89a197b68909/api"
# name of secret containing tokens
# name of secret containing tokens created by external-secret
dynatracesecretname: "dt-secret"
# name of cluster to be listed in Dynatrace
dynakubename: "eks-flux-test-cluster"
# ONEAGENT_ENABLE_VOLUME_STORAGE should be false for EKS, the escaped are due to flux being weird
# and the value here isn't actually a boolean
oneagentvolumestorage: "\"false\""
118 changes: 118 additions & 0 deletions eks-anywhere-common/Testers/dynatrace/testJob.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,118 @@
apiVersion: batch/v1
kind: CronJob
metadata:
name: dynatrace-tester-cron
namespace: dynatrace
spec:
schedule: "10 10 * * *"
jobTemplate:
spec:
template:
spec:
containers:
- name: job
image: 'alpine/k8s:1.26.2'
command: ["/bin/bash", "-c"]
args:
- |
#!/bin/bash

PATTERN="Ping received: Healthy("
DAEMONSET_INCLUDE_PATTERN="oneagent"
DAEMONSET_EXCLUDE_PATTERN="csi"
CUSTOM_RESOURCE="dynakubes.dynatrace.com"
EXIT_STATUS=0 # Default to success
echo "Starting search for Dynakubes..."
# Get the list of namespaces
NAMESPACES=$(kubectl get namespaces -o jsonpath='{.items[*].metadata.name}')
echo "NAMESPACES: $NAMESPACES"
# Iterate over each namespace
for NAMESPACE in $NAMESPACES; do
echo "Checking namespace: $NAMESPACE"
# Get the list of custom resources in the current namespace that match the pattern
RESOURCES=$(kubectl get $CUSTOM_RESOURCE -n $NAMESPACE -o jsonpath='{.items[*].metadata.name}' | tr ' ' '\n')
echo "RESOURCES: $RESOURCES"
if [[ -z $RESOURCES ]]; then
echo "No matching resources found in namespace: $NAMESPACE"
continue
fi
# Iterate over each matching resource
for RESOURCE in $RESOURCES; do
echo "Found matching resource: $RESOURCE in namespace: $NAMESPACE"
# Get the list of pods in the current namespace created by the custom resource
echo "Checking pods created by the custom resource: $RESOURCE"
PODS=$(kubectl get pods -n $NAMESPACE --selector=app.kubernetes.io/created-by=$RESOURCE,app.kubernetes.io/name=oneagent -o jsonpath='{.items[*].metadata.name}')
echo "Oneagent pods: $PODS"
ALL_PODS_VALID=true # Assume all pods are valid initially
# Iterate over each pod
for POD in $PODS; do
echo "Checking logs for oneagent pod: $POD in CustomResource: $RESOURCE"
# Get the logs of the current pod
LOGS=$(kubectl logs -n $NAMESPACE $POD)
# Check the logs for the pattern
if ! echo "$LOGS" | grep -q "$PATTERN"; then
echo "Pattern not found in pod: $POD"
ALL_PODS_VALID=false # Mark as invalid if the pattern is not found
break
fi
done
# If any pod in the DaemonSet does not have the pattern, set exit status to failure
if ! $ALL_PODS_VALID; then
EXIT_STATUS=1
fi
done
done
if [[ $EXIT_STATUS -eq 0 ]]; then
echo "Search successful: Pattern found in all pods of all matching DaemonSets."
else
echo "Search complete: Pattern not found in all pods of one or more DaemonSets."
fi
exit $EXIT_STATUS
restartPolicy: Never
serviceAccountName: test-dynatrace
successfulJobsHistoryLimit: 3
failedJobsHistoryLimit: 1

---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: dynatrace-test-role
rules:
# Permissions for listing namespaces
- apiGroups: [""]
resources: ["namespaces"]
verbs: ["get", "list", "watch"]
# Permissions for listing pods and getting pod logs
- apiGroups: [""]
resources: ["pods"]
verbs: ["get", "list", "watch"]
# Permissions for getting pod logs
- apiGroups: [""]
resources: ["pods/log"]
verbs: ["get"]
# Permissions for listing the custom resource dynakube from the dynatrace.com apigroup
- apiGroups: ["dynatrace.com"]
resources: ["dynakubes"]
verbs: ["get", "list", "watch"]

---
apiVersion: v1
kind: ServiceAccount
metadata:
name: test-dynatrace
namespace: dynatrace

---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: custom-list-pods-logs-dynakube-binding
subjects:
- kind: ServiceAccount
name: test-dynatrace
namespace: dynatrace
roleRef:
kind: ClusterRole
name: dynatrace-test-role
apiGroup: rbac.authorization.k8s.io
Loading