diff --git a/acceptance/framework/config/config.go b/acceptance/framework/config/config.go index 49a24a6d10..df4a1d9af9 100644 --- a/acceptance/framework/config/config.go +++ b/acceptance/framework/config/config.go @@ -22,6 +22,9 @@ const ( HelmChartPath = "../../../charts/consul" LicenseSecretName = "license" LicenseSecretKey = "key" + DatadogSecretName = "datadog-secret" + DatadogAPIKey = "api-key" + DatadogAppKey = "app-key" ) type KubeTestConfig struct { @@ -70,6 +73,10 @@ type TestConfig struct { EnableEnterprise bool EnterpriseLicense string + EnableDatadog bool + DatadogAPIKey string + DatadogAppKey string + EnableOpenshift bool EnablePodSecurityPolicies bool diff --git a/acceptance/framework/consul/helm_cluster.go b/acceptance/framework/consul/helm_cluster.go index fafaceaca1..77cc712763 100644 --- a/acceptance/framework/consul/helm_cluster.go +++ b/acceptance/framework/consul/helm_cluster.go @@ -94,6 +94,15 @@ func NewHelmCluster( valuesFromConfig, err := cfg.HelmValuesFromConfig() require.NoError(t, err) + if cfg.EnableDatadog { + datadogNamespace := helmValues["global.metrics.datadog.namespace"] + configureNamespace(t, ctx.KubernetesClient(t), cfg, datadogNamespace) + + if cfg.DatadogAPIKey != "" || cfg.DatadogAppKey != "" { + createOrUpdateDatadogSecret(t, ctx.KubernetesClient(t), cfg, datadogNamespace) + } + } + // Merge all helm values helpers.MergeMaps(values, valuesFromConfig) helpers.MergeMaps(values, helmValues) @@ -159,6 +168,15 @@ func (h *HelmCluster) Create(t *testing.T) { chartName = h.ChartPath } + if strings.Contains(t.Name(), "Datadog") { + helm.AddRepo(t, h.helmOptions, "datadog", "https://helm.datadoghq.com") + // Ignoring the error from `helm repo update` as it could fail due to stale cache or unreachable servers and we're + // asserting a chart version on Install which would fail in an obvious way should this not succeed. + _, err := helm.RunHelmCommandAndGetOutputE(t, &helm.Options{}, "repo", "update") + if err != nil { + logger.Logf(t, "Unable to update helm repository, proceeding anyway: %s.", err) + } + } // Retry the install in case previous tests have not finished cleaning up. retry.RunWith(&retry.Counter{Wait: 2 * time.Second, Count: 30}, t, func(r *retry.R) { err := helm.InstallE(r, h.helmOptions, chartName, h.releaseName) @@ -672,6 +690,14 @@ func createOrUpdateLicenseSecret(t *testing.T, client kubernetes.Interface, cfg CreateK8sSecret(t, client, cfg, namespace, config.LicenseSecretName, config.LicenseSecretKey, cfg.EnterpriseLicense) } +func createOrUpdateDatadogSecret(t *testing.T, client kubernetes.Interface, cfg *config.TestConfig, namespace string) { + secretMap := map[string]string{ + config.DatadogAPIKey: cfg.DatadogAPIKey, + config.DatadogAppKey: cfg.DatadogAppKey, + } + CreateMultiKeyK8sSecret(t, client, cfg, namespace, config.DatadogSecretName, secretMap) +} + func configureNamespace(t *testing.T, client kubernetes.Interface, cfg *config.TestConfig, namespace string) { ctx := context.Background() @@ -783,3 +809,25 @@ func CreateK8sSecret(t *testing.T, client kubernetes.Interface, cfg *config.Test _ = client.CoreV1().Secrets(namespace).Delete(context.Background(), secretName, metav1.DeleteOptions{}) }) } + +func CreateMultiKeyK8sSecret(t *testing.T, client kubernetes.Interface, cfg *config.TestConfig, namespace, secretName string, secretMap map[string]string) { + retry.RunWith(&retry.Counter{Wait: 2 * time.Second, Count: 15}, t, func(r *retry.R) { + _, err := client.CoreV1().Secrets(namespace).Get(context.Background(), secretName, metav1.GetOptions{}) + if errors.IsNotFound(err) { + _, err := client.CoreV1().Secrets(namespace).Create(context.Background(), &corev1.Secret{ + ObjectMeta: metav1.ObjectMeta{ + Name: secretName, + }, + StringData: secretMap, + Type: corev1.SecretTypeOpaque, + }, metav1.CreateOptions{}) + require.NoError(r, err) + } else { + require.NoError(r, err) + } + }) + + helpers.Cleanup(t, cfg.NoCleanupOnFailure, cfg.NoCleanup, func() { + _ = client.CoreV1().Secrets(namespace).Delete(context.Background(), secretName, metav1.DeleteOptions{}) + }) +} diff --git a/acceptance/framework/flags/flags.go b/acceptance/framework/flags/flags.go index d16de7b5b1..638d269a06 100644 --- a/acceptance/framework/flags/flags.go +++ b/acceptance/framework/flags/flags.go @@ -23,6 +23,10 @@ type TestFlags struct { flagEnableEnterprise bool flagEnterpriseLicense string + flagEnableDatadog bool + flagDatadogAPIKey string + flagDatadogAppKey string + flagEnableOpenshift bool flagEnablePodSecurityPolicies bool @@ -109,6 +113,15 @@ func (t *TestFlags) init() { flag.StringVar(&t.flagEnterpriseLicense, "enterprise-license", "", "The enterprise license for Consul.") + flag.BoolVar(&t.flagEnableDatadog, "enable-datadog", false, + "If true, the test suite will run tests for datadog integration features. "+ + "Note that some features will require setting the Datadog API and Application keys using the 'dd-api-key' and 'dd-app-key' flag below"+ + "or the env vars DATADOG_API_KEY and DATADOG_APP_KEY") + flag.StringVar(&t.flagDatadogAPIKey, "dd-api-key", "", + "The Datadog Agent API Key used for datadog metrics tests.") + flag.StringVar(&t.flagDatadogAppKey, "dd-app-key", "", + "The Datadog Agent Application Key used for datadog metrics tests.") + flag.BoolVar(&t.flagEnableOpenshift, "enable-openshift", false, "If true, the tests will automatically add Openshift Helm value for each Helm install.") @@ -158,6 +171,14 @@ func (t *TestFlags) init() { if t.flagEnterpriseLicense == "" { t.flagEnterpriseLicense = os.Getenv("CONSUL_ENT_LICENSE") } + + if t.flagDatadogAPIKey == "" { + t.flagDatadogAPIKey = os.Getenv("DATADOG_API_KEY") + } + + if t.flagDatadogAppKey == "" { + t.flagDatadogAppKey = os.Getenv("DATADOG_APP_KEY") + } } func (t *TestFlags) Validate() error { @@ -205,6 +226,10 @@ func (t *TestFlags) TestConfigFromFlags() *config.TestConfig { EnableEnterprise: t.flagEnableEnterprise, EnterpriseLicense: t.flagEnterpriseLicense, + EnableDatadog: t.flagEnableDatadog, + DatadogAPIKey: t.flagDatadogAPIKey, + DatadogAppKey: t.flagDatadogAppKey, + KubeEnvs: kubeEnvs, EnableMultiCluster: t.flagEnableMultiCluster, diff --git a/acceptance/framework/k8s/deploy.go b/acceptance/framework/k8s/deploy.go index 37cc0fb63a..7d37e984ae 100644 --- a/acceptance/framework/k8s/deploy.go +++ b/acceptance/framework/k8s/deploy.go @@ -69,8 +69,10 @@ func DeployKustomize(t *testing.T, options *k8s.KubectlOptions, noCleanupOnFailu KubectlDeleteK(t, options, kustomizeDir) }) - // The timeout to allow for connect-init to wait for services to be registered by the endpoints controller. - RunKubectl(t, options, "wait", "--for=condition=available", "--timeout=5m", fmt.Sprintf("deploy/%s", deployment.Name)) + if !strings.Contains(t.Name(), "Datadog") { + // The timeout to allow for connect-init to wait for services to be registered by the endpoints controller. + RunKubectl(t, options, "wait", "--for=condition=available", "--timeout=5m", fmt.Sprintf("deploy/%s", deployment.Name)) + } } func DeployJob(t *testing.T, options *k8s.KubectlOptions, noCleanupOnFailure bool, noCleanup bool, debugDirectory, kustomizeDir string) { diff --git a/acceptance/tests/datadog/README.md b/acceptance/tests/datadog/README.md new file mode 100644 index 0000000000..c7451604a9 --- /dev/null +++ b/acceptance/tests/datadog/README.md @@ -0,0 +1,20 @@ +## Datadog Acceptance Testing + +Tests helm chart override automation configurations for expected operation. + + +```yaml +global: + metrics: + enabled: true + enableAgentMetrics: true + disableAgentHostName: true + enableHostMetrics: true + datadog: + enabled: true + dogstatsd: + enabled: true + socketTransportType: "UDS" + dogstatsdAddr: "/var/run/datadog/dsd.socket" + dogstatsdTags: [ "source:consul","consul_service:consul-server" ] +``` \ No newline at end of file diff --git a/acceptance/tests/datadog/datadog_test.go b/acceptance/tests/datadog/datadog_test.go new file mode 100644 index 0000000000..d955d8dda1 --- /dev/null +++ b/acceptance/tests/datadog/datadog_test.go @@ -0,0 +1,76 @@ +package datadog + +import ( + "encoding/json" + "fmt" + "github.com/DataDog/datadog-api-client-go/v2/api/datadogV1" + "github.com/hashicorp/consul-k8s/acceptance/framework/consul" + "github.com/hashicorp/consul-k8s/acceptance/framework/datadog" + "github.com/hashicorp/consul-k8s/acceptance/framework/helpers" + "github.com/hashicorp/consul-k8s/acceptance/framework/k8s" + "github.com/hashicorp/consul-k8s/acceptance/framework/logger" + "github.com/stretchr/testify/require" + "testing" +) + +// Test that prometheus metrics, when enabled, are accessible from the +// endpoints that have been exposed on the server, client and gateways. +func TestDatadogDogstatsDUnixDomainSocket(t *testing.T) { + env := suite.Environment() + cfg := suite.Config() + ctx := env.DefaultContext(t) + // ns := ctx.KubectlOptions(t).Namespace + + helmValues := map[string]string{ + "global.datacenter": "dc1", + "global.metrics.enabled": "true", + "global.metrics.enableAgentMetrics": "true", + "global.metrics.disableAgentHostName": "true", + "global.metrics.enableHostMetrics": "true", + "global.metrics.datadog.enabled": "true", + "global.metrics.datadog.namespace": "datadog", + "global.metrics.datadog.dogstatsd.enabled": "true", + "global.metrics.datadog.dogstatsd.socketTransportType": "UDS", + } + + datadogOperatorHelmValues := map[string]string{ + "replicaCount": "1", + "image.tag": datadog.DefaultHelmChartVersion, + "image.repository": "gcr.io/datadoghq/operator", + } + + releaseName := helpers.RandomName() + datadogOperatorRelease := datadog.DatadogOperatorReleaseName + + // Install the consul cluster in the default kubernetes ctx. + consulCluster := consul.NewHelmCluster(t, helmValues, ctx, cfg, releaseName) + consulCluster.Create(t) + + // Deploy Datadog Agent via Datadog Operator and apply dogstatsd overlay + datadogNamespace := helmValues["global.metrics.datadog.namespace"] + logger.Log(t, fmt.Sprintf("deploying datadog-operator via helm | namespace: %s | release-name: %s", datadogNamespace, datadogOperatorRelease)) + datadogCluster := datadog.NewDatadogCluster(t, ctx, cfg, datadogOperatorRelease, datadogNamespace, datadogOperatorHelmValues) + datadogCluster.Create(t) + //k8s.DeployKustomize(t, ctx.KubectlOptionsForNamespace(datadogNamespace), cfg.NoCleanupOnFailure, cfg.NoCleanup, cfg.DebugDirectory, "../fixtures/bases/datadog-operator") + //k8s.WaitForAllPodsToBeReady(t, ctx.KubernetesClient(t), datadogNamespace, "app.kubernetes.io/name=datadog-operator") + + logger.Log(t, fmt.Sprintf("deploying datadog-agent | namespace: %s", datadogNamespace)) + k8s.DeployKustomize(t, ctx.KubectlOptionsForNamespace(datadogNamespace), cfg.NoCleanupOnFailure, cfg.NoCleanup, cfg.DebugDirectory, "../fixtures/bases/datadog") + k8s.WaitForAllPodsToBeReady(t, ctx.KubernetesClient(t), datadogNamespace, "agent.datadoghq.com/component=agent") + + logger.Log(t, fmt.Sprintf("applying dogstatd over unix domain sockets patch to datadog-agent | namespace: %s", datadogNamespace)) + k8s.DeployKustomize(t, ctx.KubectlOptionsForNamespace(datadogNamespace), cfg.NoCleanupOnFailure, cfg.NoCleanup, cfg.DebugDirectory, "../fixtures/cases/datadog-dogstatsd-uds") + k8s.WaitForAllPodsToBeReady(t, ctx.KubernetesClient(t), datadogNamespace, "agent.datadoghq.com/component=agent") + + datadogAPIClient := datadogCluster.DatadogClient(t) + api := datadogV1.NewMetricsApi(datadogAPIClient.ApiClient) + + response, fullResponse, err := api.ListMetrics(datadogAPIClient.Ctx, "consul.acl") + if err != nil { + logger.Logf(t, "Error when calling MetricsApi.ListMetris: %v", err) + logger.Logf(t, "Full Response: %v", fullResponse) + } + content, _ := json.MarshalIndent(response, "", " ") + logger.Logf(t, "Full Response: %v", string(content)) + require.Contains(t, string(content), `consul.acl.ResolveToken.50percentile`) +} diff --git a/acceptance/tests/datadog/main_test.go b/acceptance/tests/datadog/main_test.go new file mode 100644 index 0000000000..03033336a0 --- /dev/null +++ b/acceptance/tests/datadog/main_test.go @@ -0,0 +1,16 @@ +package datadog + +import ( + "os" + "testing" + + testsuite "github.com/hashicorp/consul-k8s/acceptance/framework/suite" +) + +var suite testsuite.Suite + +func TestMain(m *testing.M) { + suite = testsuite.NewSuite(m) + os.Exit(suite.Run()) + +} diff --git a/acceptance/tests/fixtures/bases/datadog/datadog.yaml b/acceptance/tests/fixtures/bases/datadog/datadog.yaml new file mode 100644 index 0000000000..b14c930bb2 --- /dev/null +++ b/acceptance/tests/fixtures/bases/datadog/datadog.yaml @@ -0,0 +1,238 @@ +# https://github.com/DataDog/datadog-operator/blob/main/docs/configuration.v2alpha1.md +apiVersion: datadoghq.com/v2alpha1 +kind: DatadogAgent +metadata: + name: datadog +spec: + global: + clusterName: dc1 + registry: gcr.io/datadoghq + logLevel: debug + # Site is the Datadog intake site Agent data are sent to. Set to 'datadoghq.com' to + # send data to the US1 site (default). Set to 'datadoghq.eu' to send data to the EU site. + # Set to 'http://fake-datadog.default.svc.cluster.local' to send data to the local testing API. + # Default: 'datadoghq.com' + site: datadoghq.com + credentials: + apiSecret: + secretName: datadog-secret + keyName: api-key + appSecret: + secretName: datadog-secret + keyName: app-key + # Requirement for kind cluster as tls verification prevents the agent from + # being able to obtain hostname from hostnameFile + # ref: https://docs.datadoghq.com/agent/troubleshooting/hostname_containers/?tab=operator + kubelet: + tlsVerify: false + features: + # This enables the cluster check setup in the Cluster Agent and allows it to process + # configurations from the Kubernetes service annotations (kube_services). + clusterChecks: + # Once this is enabled, configurations are passed to the Cluster Agent through + # - mounted configuration files + # - through Kubernetes service annotations + enabled: false + # When you use Cluster Check Runners, a small, dedicated set of Agents runs the + # cluster checks, leaving the endpoint checks to the normal Agent. + # This strategy can be beneficial to control the dispatching of cluster checks, + # especially when the scale of your cluster checks increases. + useClusterChecksRunners: false + # admission controller: datadog operator default enables this. + # it auto-injects: + # - environment variables (DD_AGENT_HOST, DD_TRACE_AGENT_URL and DD_ENTITY_ID) to + # configure DogStatsD and APM tracer libraries into the user’s application containers. + # - Datadog standard tags (env, service, version) from application labels into the container + # environment variables. These comply with DD unified service tagging (https://docs.datadoghq.com/getting_started/tagging/unified_service_tagging/?tab=kubernetes) + # - Identify deployment impact with trace and container metrics filtered by version + # - Navigate seamlessly across traces, metrics, and logs with consistent tags + # - View service data based on environment or version in a unified fashion + admissionController: + enabled: false + mutateUnlabelled: false +# dogstatsd: +# # Sets DD_DOGSTATSD_ORIGIN_DETECTION=true on NodeAgent 'agent' container +# originDetectionEnabled: false +# +# # TagCardinality configures tag cardinality for the metrics collected using origin detection (low, orchestrator or high). +# # See also: https://docs.datadoghq.com/getting_started/tagging/assigning_tags/?tab=containerizedenvironments#environment-variables +# # Cardinality default: low +# tagCardinality: low + + # | Testing Consul to Datadog Unix Socket Connection | + # | Ref: https://docs.datadoghq.com/developers/dogstatsd/unix_socket/?tab=kubernetes#test-with-netcat | + # ---------------------------------------------------- + # Requires: netcat-openbsd (-U unix domain socket) + # - privileged consul container: apk add netcat-openbsd + # - privileged datadog agent container: apt-get update && apt-get install -y netcat-openbsd + # + # $ echo -n "custom.metric.name:1|c" | nc -U -u -v -w1 /var/run/datadog/dsd.socket + # Bound on /tmp/nc-IjJkoG/recv.sock + # + # # Check UDS Connection Established: netstat -x (-x: Unix Sockets) + # # Looking for CONNECTED state to the I-Node + # + # $ netstat -x + # Active UNIX domain sockets (w/o servers) + # Proto RefCnt Flags Type State I-Node Path + # unix 2 [ ] DGRAM CONNECTED 15952473 + # unix 2 [ ] DGRAM 15652537 @9d10c +# unixDomainSocketConfig: +# enabled: false +# path: "/var/run/datadog/dsd.socket" +# hostPortConfig: +# enabled: false +# hostPort: 8125 +# mapperProfiles: +# configData: |- +# - name: consul +# prefix: "consul." +# mappings: +# - match: 'consul\.raft\.replication\.appendEntries\.logs\.([0-9a-f-]+)' +# match_type: "regex" +# name: "consul.raft.replication.appendEntries.logs" +# tags: +# peer_id: "$1" +# - match: 'consul\.raft\.replication\.appendEntries\.rpc\.([0-9a-f-]+)' +# match_type: "regex" +# name: "consul.raft.replication.appendEntries.rpc" +# tags: +# peer_id: "$1" +# - match: 'consul\.raft\.replication\.heartbeat\.([0-9a-f-]+)' +# match_type: "regex" +# name: "consul.raft.replication.heartbeat" +# tags: +# peer_id: "$1" + apm: + enabled: false + # features.npm.enabled: false + # required as the /etc/passwd rootfs is mounted for this + # see: https://github.com/DataDog/helm-charts/issues/273 + npm: + enabled: false + logCollection: + enabled: false + containerCollectAll: false + # features.processDiscovery.enabled: false + # required as the /etc/passwd rootfs is mounted for this + # see: https://github.com/DataDog/helm-charts/issues/273 + processDiscovery: + enabled: false + # features.liveProcessCollection.enabled: false + # required as the /etc/passwd rootfs is mounted for this + # see: https://github.com/DataDog/helm-charts/issues/273 + liveProcessCollection: + enabled: false + liveContainerCollection: + enabled: false + orchestratorExplorer: + enabled: false + prometheusScrape: + enabled: false + enableServiceEndpoints: false +# otlp: +# receiver: +# protocols: +# grpc: +# enabled: true +# endpoint: "0.0.0.0:4317" +# http: +# enabled: true +# endpoint: "0.0.0.0:4318" +# override: +# nodeAgent: +# annotations: +# 'consul.hashicorp.com/connect-inject': 'false' +# 'consul.hashicorp.com/transparent-proxy': 'false' +# volumes: +# - hostPath: +# path: /var/run/datadog/ +# name: dsdsocket +# - name: consul-ca-cert +# secret: +# secretName: consul-ca-cert +# - name: consul-server-cert +# secret: +# secretName: consul-server-cert +# +# tolerations: +# - operator: Exists +# env: +# - name: DD_HISTOGRAM_PERCENTILES +# value: '0.10 0.20 0.30 0.40 0.50 0.60 0.70 0.80 0.90 0.95 0.99' +# - name: DD_SECRET_BACKEND_COMMAND +# value: /readsecret_multiple_providers.sh +# - name: DD_CLC_RUNNER_ENABLED +# value: "true" +# - name: DD_CLC_RUNNER_HOST +# valueFrom: +# fieldRef: +# fieldPath: status.podIP +# containers: +# agent: +# env: +# - name: DD_OTLP_CONFIG_LOGS_ENABLED +# value: "true" +# - name: DD_DOGSTATSD_NON_LOCAL_TRAFFIC +# value: "true" +# - name: DD_USE_V2_API_SERIES +# value: "true" +# volumeMounts: +# - name: dsdsocket +# mountPath: /var/run/datadog +# - name: consul-ca-cert +# mountPath: /etc/datadog-agent/conf.d/consul.d/ca +# - name: consul-server-cert +# mountPath: /etc/datadog-agent/conf.d/consul.d/certs +# +# extraConfd: +# configDataMap: +# # ACL Token API Endpoints Scraped: Overall permissions required -> agent:read, service:read, node:read +# # - /v1/agent/metrics | /v1/agent/self -> agent:read +# # - /v1/status/leader | /v1/status/peers -> none (not blocked by ACLs) +# # - /v1/catalog/services -> service:read +# # - /v1/health/service | /v1/health/state/any -> node:read,service:read +# # - /v1/coordinate/datacenters | /v1/coordinate/nodes -> node:read +# consul.yaml: |- +# advanced_ad_identifiers: +# - kube_service: +# name: "consul-server" +# namespace: "consul" +# init_config: +# instances: +# - url: "https://consul-server.consul.svc:8501" +# tls_cert: "ENC[k8s_secret@consul/consul-server-cert/tls.crt" +# tls_private_key: "ENC[k8s_secret@consul/consul-server-cert/tls.key" +# tls_ca_cert: "ENC[k8s_secret@consul/consul-ca-cert/tls.crt" +# acl_token: "ENC[k8s_secret@consul/datadog-agent-metrics-acl-token/token]" +# new_leader_checks: true +# network_latency_checks: true +# catalog_checks: true +# auth_type: "basic" +# envoy.yaml: |- +# ad_identifiers: +# - consul-dataplane +# init_config: {} +# instances: +# - openmetrics_endpoint: http://%%host%%:20200/metrics +# stats_url: "http://%%host%%:21200/stats" +# metrics: [ "*" ] +# +# clusterChecksRunner: +# annotations: +# 'consul.hashicorp.com/connect-inject': 'false' +# 'consul.hashicorp.com/transparent-proxy': 'false' +# clusterAgent: +# annotations: +# 'consul.hashicorp.com/connect-inject': 'false' +# 'consul.hashicorp.com/transparent-proxy': 'false' +# replicas: 1 +# env: +# # The Cluster Agent can use an advanced dispatching logic for cluster checks, +# # which takes into account the execution time and metric samples from check instances. +# # This logic enables the Cluster Agent to optimize dispatching and distribution +# # between cluster check runners. +# - name: DD_CLUSTER_CHECKS_ADVANCED_DISPATCHING_ENABLED +# value: 'true' +# - name: DD_DOGSTATSD_NON_LOCAL_TRAFFIC +# value: 'true' \ No newline at end of file diff --git a/acceptance/tests/fixtures/bases/datadog/kustomization.yaml b/acceptance/tests/fixtures/bases/datadog/kustomization.yaml new file mode 100644 index 0000000000..a88b401ed2 --- /dev/null +++ b/acceptance/tests/fixtures/bases/datadog/kustomization.yaml @@ -0,0 +1,3 @@ + +resources: + - datadog.yaml diff --git a/acceptance/tests/fixtures/cases/datadog-dogstatsd-udp/patch.yaml b/acceptance/tests/fixtures/cases/datadog-dogstatsd-udp/patch.yaml new file mode 100644 index 0000000000..24eaf7e64f --- /dev/null +++ b/acceptance/tests/fixtures/cases/datadog-dogstatsd-udp/patch.yaml @@ -0,0 +1,60 @@ +apiVersion: datadoghq.com/v2alpha1 +kind: DatadogAgent +metadata: + name: datadog +spec: + features: + dogstatsd: + unixDomainSocketConfig: + enabled: false + hostPortConfig: + enabled: false + hostPort: 8125 + mapperProfiles: + configData: |- + - name: consul + prefix: "consul." + mappings: + - match: 'consul\.raft\.replication\.appendEntries\.logs\.([0-9a-f-]+)' + match_type: "regex" + name: "consul.raft.replication.appendEntries.logs" + tags: + peer_id: "$1" + - match: 'consul\.raft\.replication\.appendEntries\.rpc\.([0-9a-f-]+)' + match_type: "regex" + name: "consul.raft.replication.appendEntries.rpc" + tags: + peer_id: "$1" + - match: 'consul\.raft\.replication\.heartbeat\.([0-9a-f-]+)' + match_type: "regex" + name: "consul.raft.replication.heartbeat" + tags: + peer_id: "$1" + override: + nodeAgent: + annotations: + 'consul.hashicorp.com/connect-inject': 'false' + 'consul.hashicorp.com/transparent-proxy': 'false' + volumes: + - hostPath: + path: /var/run/datadog/ + name: dsdsocket + tolerations: + - operator: Exists + env: + - name: DD_HISTOGRAM_PERCENTILES + value: '0.10 0.20 0.30 0.40 0.50 0.60 0.70 0.80 0.90 0.95 0.99' + - name: DD_SECRET_BACKEND_COMMAND + value: /readsecret_multiple_providers.sh + containers: + agent: + env: + - name: DD_OTLP_CONFIG_LOGS_ENABLED + value: "true" + - name: DD_DOGSTATSD_NON_LOCAL_TRAFFIC + value: "true" + - name: DD_USE_V2_API_SERIES + value: "true" + volumeMounts: + - name: dsdsocket + mountPath: /var/run/datadog \ No newline at end of file diff --git a/acceptance/tests/fixtures/cases/datadog-dogstatsd-uds/kustomization.yaml b/acceptance/tests/fixtures/cases/datadog-dogstatsd-uds/kustomization.yaml new file mode 100644 index 0000000000..dcfce4e9f8 --- /dev/null +++ b/acceptance/tests/fixtures/cases/datadog-dogstatsd-uds/kustomization.yaml @@ -0,0 +1,8 @@ +# Copyright (c) HashiCorp, Inc. +# SPDX-License-Identifier: MPL-2.0 +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - ../../bases/datadog +patches: + - path: patch.yaml \ No newline at end of file diff --git a/acceptance/tests/fixtures/cases/datadog-dogstatsd-uds/patch.yaml b/acceptance/tests/fixtures/cases/datadog-dogstatsd-uds/patch.yaml new file mode 100644 index 0000000000..c9294b9a2a --- /dev/null +++ b/acceptance/tests/fixtures/cases/datadog-dogstatsd-uds/patch.yaml @@ -0,0 +1,60 @@ +apiVersion: datadoghq.com/v2alpha1 +kind: DatadogAgent +metadata: + name: datadog +spec: + features: + dogstatsd: + unixDomainSocketConfig: + enabled: true + path: "/var/run/datadog/dsd.socket" + hostPortConfig: + enabled: false + mapperProfiles: + configData: |- + - name: consul + prefix: "consul." + mappings: + - match: 'consul\.raft\.replication\.appendEntries\.logs\.([0-9a-f-]+)' + match_type: "regex" + name: "consul.raft.replication.appendEntries.logs" + tags: + peer_id: "$1" + - match: 'consul\.raft\.replication\.appendEntries\.rpc\.([0-9a-f-]+)' + match_type: "regex" + name: "consul.raft.replication.appendEntries.rpc" + tags: + peer_id: "$1" + - match: 'consul\.raft\.replication\.heartbeat\.([0-9a-f-]+)' + match_type: "regex" + name: "consul.raft.replication.heartbeat" + tags: + peer_id: "$1" + override: + nodeAgent: + annotations: + 'consul.hashicorp.com/connect-inject': 'false' + 'consul.hashicorp.com/transparent-proxy': 'false' + volumes: + - hostPath: + path: /var/run/datadog/ + name: dsdsocket + tolerations: + - operator: Exists + env: + - name: DD_HISTOGRAM_PERCENTILES + value: '0.10 0.20 0.30 0.40 0.50 0.60 0.70 0.80 0.90 0.95 0.99' + - name: DD_SECRET_BACKEND_COMMAND + value: /readsecret_multiple_providers.sh + containers: + agent: + env: + - name: DD_OTLP_CONFIG_LOGS_ENABLED + value: "true" + - name: DD_DOGSTATSD_NON_LOCAL_TRAFFIC + value: "true" + - name: DD_USE_V2_API_SERIES + value: "true" + volumeMounts: + - name: dsdsocket + mountPath: /var/run/datadog diff --git a/acceptance/tests/fixtures/cases/datadog-openmetrics/patch.yaml b/acceptance/tests/fixtures/cases/datadog-openmetrics/patch.yaml new file mode 100644 index 0000000000..54cf8f99e4 --- /dev/null +++ b/acceptance/tests/fixtures/cases/datadog-openmetrics/patch.yaml @@ -0,0 +1,9 @@ +apiVersion: datadoghq.com/v2alpha1 +kind: DatadogAgent +metadata: + name: datadog +spec: + features: + prometheusScrape: + enabled: true + enableServiceEndpoints: false diff --git a/acceptance/tests/fixtures/cases/datadog-otlp/patch.yaml b/acceptance/tests/fixtures/cases/datadog-otlp/patch.yaml new file mode 100644 index 0000000000..fb52c0acbf --- /dev/null +++ b/acceptance/tests/fixtures/cases/datadog-otlp/patch.yaml @@ -0,0 +1,15 @@ +apiVersion: datadoghq.com/v2alpha1 +kind: DatadogAgent +metadata: + name: datadog +spec: + features: + otlp: + receiver: + protocols: + grpc: + enabled: true + endpoint: "0.0.0.0:4317" + http: + enabled: true + endpoint: "0.0.0.0:4318" \ No newline at end of file diff --git a/charts/consul/templates/server-statefulset.yaml b/charts/consul/templates/server-statefulset.yaml index e560a75c26..ad1a57f2f8 100644 --- a/charts/consul/templates/server-statefulset.yaml +++ b/charts/consul/templates/server-statefulset.yaml @@ -131,7 +131,7 @@ spec: {{- tpl .Values.server.annotations . | nindent 8 }} {{- end }} {{- if (and .Values.global.metrics.enabled .Values.global.metrics.enableAgentMetrics) }} - {{- if not .Values.global.metrics.datadog.openMetricsPrometheus.enabled }} + {{- if (or (not .Values.global.metrics.datadog.enabled) (and .Values.global.metrics.datadog.enabled (.Values.global.metrics.datadog.dogstatsd.enabled))) }} "prometheus.io/scrape": "true" {{- if not (hasKey (default "" .Values.server.annotations | fromYaml) "prometheus.io/path")}} "prometheus.io/path": "/v1/agent/metrics"