operator

README

Operator

See the binary documentation for deployment instructions.

Testing

The operator has an end-to-end test suite to run functional tests against a real Kubernetes cluster.

To run the tests a kubeconfig pointing to a GKE cluster is required. This is generally already taken care of while setting up a GKE cluster (instructions). Use kubectl config {current,set}-context to verify or change which cluster the tests will execute against.

The test expects various resources, which are part of deploying the operator, to be installed in the cluster:

kubectl apply -f ../../cmd/operator/deploy/crds/
kubectl apply -f ../../cmd/operator/deploy/operator/00-namespace.yaml
kubectl apply -f ../../cmd/operator/deploy/operator/01-priority-class.yaml

The operator itself is run locally within the test suite. Thus, make sure the blocking webhooks are not currently enabled:

kubectl delete -f ../../cmd/operator/deploy/operator/08-validatingwebhookconfiguration.yaml
kubectl delete -f ../../cmd/operator/deploy/operator/09-mutatingwebhookconfiguration.yaml

The tests verify the metric data written into GCM, for which information about the GKE cluster must be provided. Execute the tests with:

go test ./e2e/ \
    --project-id=$PROJECT_ID --cluster=$CLUSTER_NAME --location=$LOCATION

Credentials

Tests by default assume to run in a GKE cluster and that they can infer sufficient credentials from the environment.

If that's not the case the --skip-gcm flag disables tests paths that require connectivity to the GMP and GCM backends.

Alternatively, the --gcp-service-account=<filepath> flag allows providing a GCP service account credentials file which is used for deployed components instead of relying on the environment. The service account needs permission to read and write metric data against the --project-id. Running the test on GKE with and without this option provides more comprehensive coverage.

Code Generation

To update generated code when changes to Custom Resource Definitions are made run:

make regen

The generated CRD YAMLs may require manual editing. Especially consider whether fields are correctly marked as required or not.

Documentation

Index

• Constants
• type Operator
  • func New(logger logr.Logger, clientConfig *rest.Config, opts Options) (*Operator, error)
  • func (o *Operator) Run(ctx context.Context, registry prometheus.Registerer) error
• type Options

Constants

const (
	// DefaultOperatorNamespace is the namespace in which all resources owned by the operator are installed.
	DefaultOperatorNamespace = "gmp-system"
	// DefaultPublicNamespace is the namespace where the operator will check for user-specified
	// configuration data.
	DefaultPublicNamespace = "gmp-public"

	// Fixed names used in various resources managed by the operator.
	NameOperator = "gmp-operator"

	// The well-known app name label.
	LabelAppName = "app.kubernetes.io/name"
	// The component name, will be exposed as metric name.
	AnnotationMetricName = "components.gke.io/component-name"
	// ClusterAutoscalerSafeEvictionLabel is the annotation label that determines
	// whether the cluster autoscaler can safely evict a Pod when the Pod doesn't
	// satisfy certain eviction criteria.
	ClusterAutoscalerSafeEvictionLabel = "cluster-autoscaler.kubernetes.io/safe-to-evict"

	// The k8s Application, will be exposed as component name.
	KubernetesAppName    = "app"
	RuleEvaluatorAppName = "managed-prometheus-rule-evaluator"
	AlertmanagerAppName  = "managed-prometheus-alertmanager"
)

const (
	NameOperatorConfig = "config"
	NameRuleEvaluator  = "rule-evaluator"
	NameCollector      = "collector"
	NameAlertmanager   = "alertmanager"
)

Base resource names which may be used for multiple different resource kinds related to the given component.

const (
	RulesSecretName              = "rules"
	CollectionSecretName         = "collection"
	AlertmanagerSecretName       = "alertmanager"
	AlertmanagerPublicSecretName = "alertmanager"
	AlertmanagerPublicSecretKey  = "alertmanager.yaml"
)

const (
	CollectorPrometheusContainerName         = "prometheus"
	CollectorPrometheusContainerPortName     = "prom-metrics"
	CollectorConfigReloaderContainerPortName = "cfg-rel-metrics"
)

Collector Kubernetes Deployment extraction/detection.

Types

type Operator

type Operator struct {
	// contains filtered or unexported fields
}

Operator to implement managed collection for Google Prometheus Engine.

func New

func New(logger logr.Logger, clientConfig *rest.Config, opts Options) (*Operator, error)

New instantiates a new Operator.

func (*Operator) Run

func (o *Operator) Run(ctx context.Context, registry prometheus.Registerer) error

Run the reconciliation loop of the operator. The passed owner references are set on cluster-wide resources created by the operator.

type Options

type Options struct {
	// ID of the project of the cluster.
	ProjectID string
	// Location of the cluster.
	Location string
	// Name of the cluster the operator acts on.
	Cluster string
	// Namespace to which the operator deploys any associated resources.
	OperatorNamespace string
	// Namespace to which the operator looks for user-specified configuration
	// data, like Secrets and ConfigMaps.
	PublicNamespace string
	// Certificate of the server in base 64.
	TLSCert string
	// Key of the server in base 64.
	TLSKey string
	// Certificate authority in base 64.
	CACert string
	// Webhook serving address.
	ListenAddr string
	// Cleanup resources without this annotation.
	CleanupAnnotKey string
	// Whether to disable target polling.
	TargetPollDisabled bool
	// The number of upper bound threads to use for target polling otherwise
	// use the default.
	TargetPollConcurrency uint16
}

Options for the Operator.