Feat: updated profiles controller and add onprem properties to describe cli command

api/k8sconsts/odigosdeployment.go

@@ -5,9 +5,12 @@ import (
 )
 
 const (
-	OdigosDeploymentConfigMapName                  = "odigos-deployment"
-	OdigosDeploymentConfigMapVersionKey            = consts.OdigosVersionEnvVarName
-	OdigosDeploymentConfigMapTierKey               = consts.OdigosTierEnvVarName
-	OdigosDeploymentConfigMapInstallationMethodKey = "installation-method"
-	OdigosDeploymentConfigMapKubernetesVersionKey  = "kubernetes-version"
+	OdigosDeploymentConfigMapName                    = "odigos-deployment"
+	OdigosDeploymentConfigMapVersionKey              = consts.OdigosVersionEnvVarName
+	OdigosDeploymentConfigMapTierKey                 = consts.OdigosTierEnvVarName
+	OdigosDeploymentConfigMapInstallationMethodKey   = "installation-method"
+	OdigosDeploymentConfigMapKubernetesVersionKey    = "kubernetes-version"
+	OdigosDeploymentConfigMapOnPremTokenAudKey       = "onprem-token-audience"
+	OdigosDeploymentConfigMapOnPremTokenExpKey       = "onprem-token-expiration"
+	OdigosDeploymentConfigMapOnPremClientProfilesKey = "onprem-profiles"
 )

k8sutils/pkg/consts/consts.go

@@ -0,0 +1,114 @@
+package consts
+
+import (
+	"k8s.io/apimachinery/pkg/util/version"
+
+	commonconsts "github.com/odigos-io/odigos/common/consts"
+)
+
+var (
+	DefaultIgnoredNamespaces = []string{"kube-system", "local-path-storage", "istio-system", "linkerd", "kube-node-lease"}
+	DefaultIgnoredContainers = []string{"istio-proxy", "vault-agent", "filebeat", "linkerd-proxy", "fluentd", "akeyless-init"}
+)
+
+type CollectorRole string
+
+const (
+	CollectorsRoleClusterGateway CollectorRole = "CLUSTER_GATEWAY"
+	CollectorsRoleNodeCollector  CollectorRole = "NODE_COLLECTOR"
+)
+
+const (
+	// OdigosInjectInstrumentationLabel is the label used to enable the mutating webhook.
+	OdigosInjectInstrumentationLabel = "odigos.io/inject-instrumentation"
+	// OdigosCollectorRoleLabel is the label used to identify the role of the Odigos collector.
+	OdigosCollectorRoleLabel = "odigos.io/collector-role"
+
+	// used to label resources created by profiles with the hash that created them.
+	// when a new profiles is reconciled, we will apply them with a new hash
+	// and use the label to identify the resources that needs to be deleted.
+	OdigosProfilesHashLabel = "odigos.io/profiles-hash"
+
+	// for resources auto created by a profile, this annotation will record
+	// the name of the profile that created them.
+	OdigosProfileAnnotation = "odigos.io/profile"
+)
+
+const (
+	OdigosDeploymentConfigMapName                    = "odigos-deployment"
+	OdigosDeploymentConfigMapVersionKey              = commonconsts.OdigosVersionEnvVarName
+	OdigosDeploymentConfigMapTierKey                 = commonconsts.OdigosTierEnvVarName
+	OdigosDeploymentConfigMapInstallationMethodKey   = "installation-method"
+	OdigosDeploymentConfigMapOnPremTokenAudKey       = "onprem-token-audience"
+	OdigosDeploymentConfigMapOnPremTokenExpKey       = "onprem-token-expiration"
+	OdigosDeploymentConfigMapOnPremClientProfilesKey = "onprem-profiles"
+)
+
+const (
+	OdigosClusterCollectorDeploymentName = "odigos-gateway"
+	OdigosClusterCollectorConfigMapName  = OdigosClusterCollectorDeploymentName
+	OdigosClusterCollectorServiceName    = OdigosClusterCollectorDeploymentName
+
+	OdigosClusterCollectorCollectorGroupName = OdigosClusterCollectorDeploymentName
+	OdigosClusterCollectorConfigMapKey       = "collector-conf"
+
+	// The cluster gateway collector runs as a deployment and the pod is exposed as a service.
+	// Thus it cannot collide with other ports on the same node, and we can use an handy default port.
+	OdigosClusterCollectorOwnTelemetryPortDefault = int32(8888)
+)
+
+const (
+	OdigosNodeCollectorDaemonSetName           = "odigos-data-collection"
+	OdigosNodeCollectorConfigMapName           = OdigosNodeCollectorDaemonSetName
+	OdigosNodeCollectorCollectorGroupName      = OdigosNodeCollectorDaemonSetName
+	OdigosNodeCollectorOwnTelemetryPortDefault = int32(55682)
+
+	OdigosNodeCollectorConfigMapKey = "conf" // this key is different than the cluster collector value. not sure why
+)
+
+const (
+	OdigosProSecretName         = "odigos-pro"
+	OdigosProSecretTokenKeyName = "odigos-onprem-token"
+)
+
+const (
+	OdigosEnvVarNamespace     = "ODIGOS_WORKLOAD_NAMESPACE"
+	OdigosEnvVarContainerName = "ODIGOS_CONTAINER_NAME"
+	OdigosEnvVarPodName       = "ODIGOS_POD_NAME"
+)
+
+func OdigosInjectedEnvVars() []string {
+	return []string{
+		OdigosEnvVarNamespace,
+		OdigosEnvVarContainerName,
+		OdigosEnvVarPodName,
+	}
+}
+
+var (
+	// MinK8SVersionForInstallation is the minimum Kubernetes version required for Odigos installation
+	// this value must be in sync with the one defined in the kubeVersion field in Chart.yaml
+	MinK8SVersionForInstallation = version.MustParse("v1.20.15-0")
+)
+
+const (
+	// StartLangDetectionFinalizer is used for Workload exclusion Sources. When a Workload exclusion Source
+	// is deleted, we want to go to the startlangdetection controller. There, we will check if the Workload should
+	// start inheriting Namespace instrumentation.
+	StartLangDetectionFinalizer = "odigos.io/source-startlangdetection-finalizer"
+	// DeleteInstrumentationConfigFinalizer is used for all non-exclusion (normal) Sources. When a normal Source
+	// is deleted, we want to go to the deleteinstrumentationconfig controller to un-instrument the workload/namespace.
+	DeleteInstrumentationConfigFinalizer = "odigos.io/source-deleteinstrumentationconfig-finalizer"
+
+	WorkloadNameLabel      = "odigos.io/workload-name"
+	WorkloadNamespaceLabel = "odigos.io/workload-namespace"
+	WorkloadKindLabel      = "odigos.io/workload-kind"
+
+	OdigosCloudApiKeySecretKey = "odigos-cloud-api-key"
+	OdigosOnpremTokenSecretKey = "odigos-onprem-token"
+)
+
+const (
+	OdigosUiServiceName = "ui"
+	OdigosUiServicePort = 3000
+)

k8sutils/pkg/describe/odigos.go

@@ -46,6 +46,16 @@ func printOdigosPipeline(analyze *odigos.OdigosAnalyze, sb *strings.Builder) {
 	printNodeCollectorStatus(analyze, sb)
 }
 
+func printOdigosPro(analyze *odigos.OdigosAnalyze, sb *strings.Builder) {
+	if !(analyze.OdigosPro == odigos.OdigosPro{}) {
+		describeText(sb, 0, "Odigos Pro:")
+		printProperty(sb, 1, &analyze.OdigosPro.OnpremTokenAud)
+		printProperty(sb, 1, &analyze.OdigosPro.OnpremTokenExpiration)
+		printProperty(sb, 1, &analyze.OdigosPro.OdigosProfiles)
+		sb.WriteString("\n")
+	}
+}
+
 func DescribeOdigosToText(analyze *odigos.OdigosAnalyze) string {
 	var sb strings.Builder
 
@@ -54,6 +64,7 @@ func DescribeOdigosToText(analyze *odigos.OdigosAnalyze) string {
 	printProperty(&sb, 0, &analyze.Tier)
 	printProperty(&sb, 0, &analyze.InstallationMethod)
 	sb.WriteString("\n")
+	printOdigosPro(analyze, &sb)
 	printOdigosPipeline(analyze, &sb)
 
 	return sb.String()

k8sutils/pkg/describe/odigos/analyze.go

@@ -7,6 +7,7 @@ import (
 
 	"github.com/odigos-io/odigos/api/k8sconsts"
 	odigosv1 "github.com/odigos-io/odigos/api/odigos/v1alpha1"
+	"github.com/odigos-io/odigos/common"
 	"github.com/odigos-io/odigos/k8sutils/pkg/describe/properties"
 )
 
@@ -36,6 +37,12 @@ type NodeCollectorAnalyze struct {
 	AvailableNodes *properties.EntityProperty `json:"availableNodes,omitempty"`
 }
 
+type OdigosPro struct {
+	OnpremTokenAud        properties.EntityProperty `json:"onpremTokenAudience,omitempty"`
+	OnpremTokenExpiration properties.EntityProperty `json:"onpremTokenExpiration,omitempty"`
+	OdigosProfiles        properties.EntityProperty `json:"odigosProfiles,omitempty"`
+}
+
 type OdigosAnalyze struct {
 	OdigosVersion        properties.EntityProperty `json:"odigosVersion"`
 	KubernetesVersion    properties.EntityProperty `json:"kubernetesVersion"`
@@ -45,6 +52,7 @@ type OdigosAnalyze struct {
 	NumberOfSources      int                       `json:"numberOfSources"`
 	ClusterCollector     ClusterCollectorAnalyze   `json:"clusterCollector"`
 	NodeCollector        NodeCollectorAnalyze      `json:"nodeCollector"`
+	OdigosPro            OdigosPro                 `json:"odigosPro,omitempty"`
 
 	// is settled is true if all resources are created and ready
 	IsSettled bool `json:"isSettled"`
@@ -334,6 +342,37 @@ func analyzeNodeCollector(resources *OdigosResources) NodeCollectorAnalyze {
 	}
 }
 
+func analyzePro(resources *OdigosResources) OdigosPro {
+	odigosDeployment := resources.OdigosDeployment
+	tokenAud := odigosDeployment.Data[k8sconsts.OdigosDeploymentConfigMapOnPremTokenAudKey]
+	tokenExp := odigosDeployment.Data[k8sconsts.OdigosDeploymentConfigMapOnPremTokenExpKey]
+	profiles := odigosDeployment.Data[k8sconsts.OdigosDeploymentConfigMapOnPremClientProfilesKey]
+
+	tokenAudProperty := properties.EntityProperty{
+		Name:    "OnPrem Token Audience",
+		Value:   tokenAud,
+		Explain: "the audience of the on-prem token used to authenticate the odigos pro",
+	}
+
+	tokenExpProperty := properties.EntityProperty{
+		Name:    "OnPrem Token Expiration Date",
+		Value:   tokenExp,
+		Explain: "the expiration time of the on-prem token used to authenticate the odigos pro",
+	}
+
+	profilesProperty := properties.EntityProperty{
+		Name:    "OnPrem Client Profiles",
+		Value:   profiles,
+		Explain: "the Odigos profiles that are used to configure the odigos pro",
+	}
+
+	return OdigosPro{
+		OnpremTokenAud:        tokenAudProperty,
+		OnpremTokenExpiration: tokenExpProperty,
+		OdigosProfiles:        profilesProperty,
+	}
+}
+
 func summarizeStatus(clusterCollector *ClusterCollectorAnalyze, nodeCollector *NodeCollectorAnalyze) (bool, bool) {
 	isSettled := true  // everything is settled, unless we find property with status transitioning
 	hasErrors := false // there is no error, unless we find property with status error
@@ -383,6 +422,7 @@ func AnalyzeOdigos(resources *OdigosResources) *OdigosAnalyze {
 
 	odigosVersion := resources.OdigosDeployment.Data[k8sconsts.OdigosDeploymentConfigMapVersionKey]
 	tier := resources.OdigosDeployment.Data[k8sconsts.OdigosDeploymentConfigMapTierKey]
+
 	installationMethod := resources.OdigosDeployment.Data[k8sconsts.OdigosDeploymentConfigMapInstallationMethodKey]
 	k8sVersion := resources.OdigosDeployment.Data[k8sconsts.OdigosDeploymentConfigMapKubernetesVersionKey]
 
@@ -410,7 +450,7 @@ func AnalyzeOdigos(resources *OdigosResources) *OdigosAnalyze {
 		Explain: "the version of kubernetes cluster where odigos is deployed",
 	}
 
-	return &OdigosAnalyze{
+	odigosAnalyze := &OdigosAnalyze{
 		OdigosVersion:        odigosVersionProperty,
 		KubernetesVersion:    k8sVersionProperty,
 		Tier:                 odigosTierProperty,
@@ -419,8 +459,13 @@ func AnalyzeOdigos(resources *OdigosResources) *OdigosAnalyze {
 		NumberOfSources:      len(resources.InstrumentationConfigs.Items),
 		ClusterCollector:     clusterCollector,
 		NodeCollector:        nodeCollector,
+		IsSettled:            isSettled,
+		HasErrors:            hasErrors,
+	}
 
-		IsSettled: isSettled,
-		HasErrors: hasErrors,
+	if odigosTierProperty.Value == string(common.OnPremOdigosTier) {
+		odigosAnalyze.OdigosPro = analyzePro(resources)
 	}
+
+	return odigosAnalyze
 }

k8sutils/pkg/predicate/objectname.go

@@ -99,3 +99,12 @@ var NodeCollectorsDaemonSetPredicate = ObjectNamePredicate{
 var ClusterCollectorDeploymentPredicate = ObjectNamePredicate{
 	AllowedObjectName: k8sconsts.OdigosClusterCollectorDeploymentName,
 }
+
+// this predicate will only allow events for the odigos cluster collectors daemon set object.
+// this is useful if you only want to reconcile events for the cluster collectors daemon set object and ignore other daemon set objects.
+var OdigosProSecretPredicate = ObjectNamePredicate{
+	AllowedObjectName: k8sconsts.OdigosProSecretName,
+}
+var OdigosDeploymentConfigMapPredicate = ObjectNamePredicate{
+	AllowedObjectName: k8sconsts.OdigosDeploymentConfigMapName,
+}

scheduler/controllers/odigospro/manager.go

@@ -0,0 +1,37 @@
+package odigospro
+
+import (
+	odigospredicates "github.com/odigos-io/odigos/k8sutils/pkg/predicate"
+	corev1 "k8s.io/api/core/v1"
+	ctrl "sigs.k8s.io/controller-runtime"
+	"sigs.k8s.io/controller-runtime/pkg/predicate"
+)
+
+func SetupWithManager(mgr ctrl.Manager) error {
+
+	err := ctrl.NewControllerManagedBy(mgr).
+		For(&corev1.Secret{}).
+		Named("odigospro-odigospro").
+		WithEventFilter(&odigospredicates.OdigosProSecretPredicate).
+		Complete(&odigossecretController{
+			Client: mgr.GetClient(),
+		})
+	if err != nil {
+		return err
+	}
+
+	// it is possbile that the secret was deleted when the controller was down.
+	// we want to sync the odigos deployment config map with the secret on startup to reconcile any deleted pro info.
+	err = ctrl.NewControllerManagedBy(mgr).
+		For(&corev1.ConfigMap{}).
+		Named("odigospro-odigosdeployment").
+		WithEventFilter(predicate.And(&odigospredicates.OdigosDeploymentConfigMapPredicate, &odigospredicates.CreationPredicate{})).
+		Complete(&odigossecretController{
+			Client: mgr.GetClient(),
+		})
+	if err != nil {
+		return err
+	}
+
+	return nil
+}