Release operator version: 2.8.0

wavefrontHQ · Jun 14, 2023 · 5bd7be6 · 5bd7be6
1 parent 331679a
commit 5bd7be6
Show file tree

Hide file tree

Showing 22 changed files with 561 additions and 85 deletions.
diff --git a/README.md b/README.md
@@ -135,6 +135,7 @@ See below for configuration options.
 
 We have templates for common scenarios. See the comments in each file for usage instructions.
 
+ * [Using a custom private registry](deploy/scenarios/wavefront-custom-private-registry.yaml)
  * [Using an existing Collector ConfigMap](deploy/scenarios/wavefront-collector-existing-configmap.yaml)
  * [With plugin configuration in a secret](deploy/scenarios/wavefront-collector-with-plugin-secret.yaml)
  * [Filtering metrics upon collection](deploy/scenarios/wavefront-collector-filtering.yaml)
@@ -152,6 +153,16 @@ We have templates for common scenarios. See the comments in each file for usage
 
 You can see all configuration options in the [wavefront-full-config.yaml](deploy/scenarios/wavefront-full-config.yaml).
 
+# Creating Alerts
+
+We have alerts on common Kubernetes issues. For details on creating alerts, see [alerts.md](docs/alerts/alerts.md).
+
+### Pod Failure
+
+| Alert name | Description |
+|---|---|
+| [Pods Stuck in Pending](docs/alerts/templates/pods-stuck-in-pending.json.tmpl) | Workload has pods stuck in pending. |
+
 ## Bring Your Own Logs Shipper
 
 The operator deploys a data export component (wavefront-proxy) which can receive log data and forward it to the Operations for Applications service.

diff --git a/collector/release/NEXT_RELEASE_VERSION b/collector/release/NEXT_RELEASE_VERSION
@@ -1 +1 @@
-1.20.0
+1.21.0
diff --git a/collector/release/VERSION b/collector/release/VERSION
@@ -1 +1 @@
-1.19.0
+1.20.0
diff --git a/deploy/crd/wavefront.com_wavefronts.yaml b/deploy/crd/wavefront.com_wavefronts.yaml
@@ -215,7 +215,7 @@ spec:
                           enable:
                             default: true
                             description: Enable is whether to include kubernetes.controlplane.*
-                              metrics and whether to include kubernetes_control_plane_source
+                              metrics
                             type: boolean
                         required:
                         - enable
@@ -590,6 +590,35 @@ spec:
                         type: object
                     type: object
                 type: object
+              imagePullSecret:
+                description: ImagePullSecret is the name of the secret to authenticate
+                  with a private custom registry.
+                maxLength: 253
+                pattern: ^[a-z0-9]([a-z0-9\.\-]*[a-z0-9])?$
+                type: string
+              experimental:
+                description: Experimental features
+                properties:
+                  autoInstrumentation:
+                    properties:
+                      deployKey:
+                        type: string
+                      enable:
+                        type: boolean
+                    type: object
+                  kubernetesEvents:
+                    properties:
+                      enable:
+                        default: false
+                        description: Enable is whether to enable events. Defaults
+                          to false.
+                        type: boolean
+                      externalEndpointURL:
+                        type: string
+                    required:
+                    - externalEndpointURL
+                    type: object
+                type: object
               wavefrontTokenSecret:
                 default: wavefront-secret
                 description: WavefrontTokenSecret is the name of the secret that contains

diff --git a/deploy/scenarios/wavefront-collector-existing-configmap.yaml b/deploy/scenarios/wavefront-collector-existing-configmap.yaml
@@ -79,9 +79,46 @@ data:
       kubernetes_state_source:
         prefix: kubernetes.
 
-      kubernetes_control_plane_source:
-        collection:
-          interval: 120s
+      prometheus_sources:
+       - url: 'https://kubernetes.default.svc:443/metrics'
+         name: 'etcd-workqueue'
+         httpConfig:
+           bearer_token_file: '/var/run/secrets/kubernetes.io/serviceaccount/token'
+           tls_config:
+             ca_file: '/var/run/secrets/kubernetes.io/serviceaccount/ca.crt'
+             insecure_skip_verify: true
+         prefix: 'kubernetes.controlplane.'
+         convertHistograms: true
+         filters:
+           metricAllowList:
+           - 'kubernetes.controlplane.etcd.request.duration.seconds'
+           - 'kubernetes.controlplane.etcd.db.total.size.in.bytes.gauge'
+           - 'kubernetes.controlplane.workqueue.adds.total.counter'
+           - 'kubernetes.controlplane.workqueue.queue.duration.seconds'
+
+       - url: 'https://kubernetes.default.svc:443/metrics'
+         name: 'apiserver'
+         httpConfig:
+           bearer_token_file: '/var/run/secrets/kubernetes.io/serviceaccount/token'
+           tls_config:
+             ca_file: '/var/run/secrets/kubernetes.io/serviceaccount/ca.crt'
+             insecure_skip_verify: true
+         prefix: 'kubernetes.controlplane.'
+         convertHistograms: true
+         filters:
+           metricAllowList:
+           - 'kubernetes.controlplane.apiserver.request.duration.seconds'
+           - 'kubernetes.controlplane.apiserver.request.total.counter'
+           - 'kubernetes.controlplane.apiserver.storage.objects.gauge'
+           metricTagAllowList:
+             resource:
+             - 'customresourcedefinitions'
+             - 'namespaces'
+             - 'lease'
+             - 'nodes'
+             - 'pods'
+             - 'tokenreviews'
+             - 'subjectaccessreviews'
 
     discovery:
       enable_runtime_plugins: true

diff --git a/deploy/scenarios/wavefront-custom-private-registry.yaml b/deploy/scenarios/wavefront-custom-private-registry.yaml
@@ -0,0 +1,19 @@
+# Need to change YOUR_CLUSTER_NAME, YOUR_WAVEFRONT_URL and YOUR_IMAGE_REGISTRY_SECRET accordingly
+apiVersion: wavefront.com/v1alpha1
+kind: Wavefront
+metadata:
+  name: wavefront
+  namespace: observability-system
+spec:
+  clusterName: YOUR_CLUSTER_NAME
+  wavefrontUrl: YOUR_WAVEFRONT_URL
+  # First follow steps for setting imagePullSecret for the operator at below link
+  # https://github.com/wavefrontHQ/observability-for-kubernetes/blob/main/docs/operator/custom-configuration.md.
+  # Set the image registry secret below for the operator components to authenticate with a private custom registry.
+  imagePullSecret: YOUR_IMAGE_REGISTRY_SECRET
+  dataCollection:
+    metrics:
+      enable: true
+  dataExport:
+    wavefrontProxy:
+      enable: true
diff --git a/deploy/scenarios/wavefront-full-config.yaml b/deploy/scenarios/wavefront-full-config.yaml
@@ -9,6 +9,7 @@ spec:
   clusterName: YOUR_CLUSTER_NAME
   wavefrontUrl: YOUR_WAVEFRONT_URL
   wavefrontTokenSecret: wavefront-secret
+  imagePullSecret: registry-secret
   dataCollection:
     # These are top level tolerations to be applied to all data collection (metrics and logging) DaemonSet pods. These
     # are meant to add custom tolerations to DaemonSet pods inorder to enable metrics and log collection from tainted
@@ -207,9 +208,46 @@ data:
       kubernetes_state_source:
         prefix: kubernetes.
 
-      kubernetes_control_plane_source:
-        collection:
-          interval: 120s
+      prometheus_sources:
+       - url: 'https://kubernetes.default.svc:443/metrics'
+         name: 'etcd-workqueue'
+         httpConfig:
+           bearer_token_file: '/var/run/secrets/kubernetes.io/serviceaccount/token'
+           tls_config:
+             ca_file: '/var/run/secrets/kubernetes.io/serviceaccount/ca.crt'
+             insecure_skip_verify: true
+         prefix: 'kubernetes.controlplane.'
+         convertHistograms: true
+         filters:
+           metricAllowList:
+           - 'kubernetes.controlplane.etcd.request.duration.seconds'
+           - 'kubernetes.controlplane.etcd.db.total.size.in.bytes.gauge'
+           - 'kubernetes.controlplane.workqueue.adds.total.counter'
+           - 'kubernetes.controlplane.workqueue.queue.duration.seconds'
+
+       - url: 'https://kubernetes.default.svc:443/metrics'
+         name: 'apiserver'
+         httpConfig:
+           bearer_token_file: '/var/run/secrets/kubernetes.io/serviceaccount/token'
+           tls_config:
+             ca_file: '/var/run/secrets/kubernetes.io/serviceaccount/ca.crt'
+             insecure_skip_verify: true
+         prefix: 'kubernetes.controlplane.'
+         convertHistograms: true
+         filters:
+           metricAllowList:
+           - 'kubernetes.controlplane.apiserver.request.duration.seconds'
+           - 'kubernetes.controlplane.apiserver.request.total.counter'
+           - 'kubernetes.controlplane.apiserver.storage.objects.gauge'
+           metricTagAllowList:
+             resource:
+             - 'customresourcedefinitions'
+             - 'namespaces'
+             - 'lease'
+             - 'nodes'
+             - 'pods'
+             - 'tokenreviews'
+             - 'subjectaccessreviews'
 
     discovery:
       enable_runtime_plugins: true

diff --git a/deploy/wavefront-operator.yaml b/deploy/wavefront-operator.yaml
@@ -222,7 +222,7 @@ spec:
                           enable:
                             default: true
                             description: Enable is whether to include kubernetes.controlplane.*
-                              metrics and whether to include kubernetes_control_plane_source
+                              metrics
                             type: boolean
                         required:
                         - enable
@@ -597,6 +597,35 @@ spec:
                         type: object
                     type: object
                 type: object
+              experimental:
+                description: Experimental features
+                properties:
+                  autoInstrumentation:
+                    properties:
+                      deployKey:
+                        type: string
+                      enable:
+                        type: boolean
+                    type: object
+                  kubernetesEvents:
+                    properties:
+                      enable:
+                        default: false
+                        description: Enable is whether to enable events. Defaults
+                          to false.
+                        type: boolean
+                      externalEndpointURL:
+                        type: string
+                    required:
+                    - externalEndpointURL
+                    type: object
+                type: object
+              imagePullSecret:
+                description: ImagePullSecret is the name of the secret to authenticate
+                  with a private custom registry.
+                maxLength: 253
+                pattern: ^[a-z0-9]([a-z0-9\.\-]*[a-z0-9])?$
+                type: string
               wavefrontTokenSecret:
                 default: wavefront-secret
                 description: WavefrontTokenSecret is the name of the secret that contains
@@ -668,6 +697,16 @@ rules:
   - get
   - patch
   - update
+- apiGroups:
+  - ""
+  resources:
+  - persistentvolumeclaims
+  verbs:
+  - create
+  - delete
+  - get
+  - patch
+  - update
 - apiGroups:
   - ""
   resources:
@@ -681,8 +720,12 @@ rules:
   resources:
   - secrets
   verbs:
+  - create
+  - delete
   - get
   - list
+  - patch
+  - update
   - watch
 - apiGroups:
   - ""
@@ -692,8 +735,10 @@ rules:
   - create
   - delete
   - get
+  - list
   - patch
   - update
+  - watch
 - apiGroups:
   - ""
   resources:
@@ -726,6 +771,39 @@ rules:
   - patch
   - update
   - watch
+- apiGroups:
+  - apps
+  resources:
+  - statefulsets
+  verbs:
+  - create
+  - delete
+  - get
+  - patch
+  - update
+- apiGroups:
+  - batch
+  resources:
+  - jobs
+  verbs:
+  - create
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - policy
+  resources:
+  - poddisruptionbudgets
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
 - apiGroups:
   - wavefront.com
   resources:
@@ -843,6 +921,8 @@ rules:
   - pods
   - services
   - replicationcontrollers
+  - persistentvolumeclaims
+  - persistentvolumes
   verbs:
   - get
   - list
@@ -999,7 +1079,7 @@ subjects:
 ---
 apiVersion: v1
 data:
-  collector: 1.19.0
+  collector: 1.20.0
   logging: 2.1.2
   proxy: 12.4.1
 kind: ConfigMap
@@ -1071,7 +1151,7 @@ spec:
             configMapKeyRef:
               key: logging
               name: wavefront-component-versions
-        image: projects.registry.vmware.com/tanzu_observability/kubernetes-operator:2.7.0
+        image: projects.registry.vmware.com/tanzu_observability/kubernetes-operator:2.8.0
         imagePullPolicy: Always
         livenessProbe:
           httpGet: