diff --git a/README.md b/README.md index bcfceb5..a18c5b8 100644 --- a/README.md +++ b/README.md @@ -60,7 +60,6 @@ the bootstrapping pipeline, since this repo is private. It will also prompt you to ensure that the required secrets have been added to GCP Secret Manager. The following secrets must be created: -* `production-wavefront_token` - the wavefront token for sending metrics/traces * `production-ci-github_client_id` - the client ID of the Github application for authenticating with the CI concourse deployment * `production-ci-github_client_secret` - the client ID of the Github diff --git a/bootstrap/setup b/bootstrap/setup index fe525f7..e620edb 100755 --- a/bootstrap/setup +++ b/bootstrap/setup @@ -39,7 +39,6 @@ jq -n '{ "greenpeace_gcp_credentials_json": $credentials[] | tojson, # TODO: actually validate that these secrets are present with gcloud cli echo echo "ensure that the following secrets have been added to GCP Secret Manager:" -echo "- production-wavefront_token" echo "- production-ci-github_client_id" echo "- production-ci-github_client_secret" echo "- dispatcher-concourse-github_client_id" diff --git a/terraform/dependencies/wavefront/main.tf b/terraform/dependencies/wavefront/main.tf deleted file mode 100644 index 66da443..0000000 --- a/terraform/dependencies/wavefront/main.tf +++ /dev/null @@ -1,154 +0,0 @@ -resource "kubernetes_namespace" "main" { - metadata { - name = "wavefront-proxy" - } -} - -resource "kubernetes_secret" "main" { - metadata { - name = "wavefront" - namespace = kubernetes_namespace.main.metadata.0.name - } - - type = "Opaque" - - data = { - token = var.token - } -} - -resource "kubernetes_deployment" "main" { - metadata { - name = "wavefront-proxy" - namespace = kubernetes_namespace.main.metadata.0.name - labels = { - app = "wavefront-proxy" - } - } - - spec { - replicas = 1 - selector { - match_labels = { - app = "wavefront-proxy" - } - } - - template { - metadata { - labels = { - app = "wavefront-proxy" - } - } - - spec { - container { - name = "prom-storage-adapter" - image = "wavefronthq/prometheus-storage-adapter" - - args = [ - "-proxy=127.0.0.1", - "-proxy-port=2878", - "-listen=9000", - "-convert-paths=true" - ] - - port { - container_port = 9000 - } - - resources { - limits = { - cpu = "0.5" - memory = "1Gi" - } - requests = { - cpu = "0.5" - memory = "512Mi" - } - } - - } - container { - name = "wavefront-proxy" - image = "wavefronthq/proxy:9.2" - - port { - container_port = 14250 - } - - env { - name = "WAVEFRONT_URL" - value = "https://vmware.wavefront.com/api/" - } - env { - name = "WAVEFRONT_PROXY_ARGS" - value = <<-EOT - --prefix ${var.prefix} - --hostname ${var.url} - --traceJaegerGrpcListenerPorts 14250 - --traceJaegerApplicationName ${var.prefix} - EOT - } - env { - name = "WAVEFRONT_TOKEN" - value_from { - secret_key_ref { - name = kubernetes_secret.main.metadata.0.name - key = "token" - } - } - } - - resources { - limits = { - cpu = "1" - memory = "2Gi" - } - requests = { - cpu = "1" - memory = "1Gi" - } - } - - } - } - } - } -} - -resource "kubernetes_service" "tracing" { - metadata { - name = "tracing" - namespace = kubernetes_namespace.main.metadata.0.name - } - spec { - selector = { - app = "wavefront-proxy" - } - - port { - port = 14250 - target_port = 14250 - } - type = "ClusterIP" - } -} - -resource "kubernetes_service" "metrics" { - metadata { - name = "metrics" - namespace = kubernetes_namespace.main.metadata.0.name - } - spec { - selector = { - app = "wavefront-proxy" - } - - port { - port = 9000 - target_port = 9000 - } - type = "ClusterIP" - } -} diff --git a/terraform/dependencies/wavefront/outputs.tf b/terraform/dependencies/wavefront/outputs.tf deleted file mode 100644 index 4c7186f..0000000 --- a/terraform/dependencies/wavefront/outputs.tf +++ /dev/null @@ -1,8 +0,0 @@ -output "tracing_endpoint" { - value = "tracing.${kubernetes_namespace.main.id}:14250" -} - -output "metrics_endpoint" { - value = "metrics.${kubernetes_namespace.main.id}:9000/receive" -} - diff --git a/terraform/dependencies/wavefront/variables.tf b/terraform/dependencies/wavefront/variables.tf deleted file mode 100644 index f7bf7fa..0000000 --- a/terraform/dependencies/wavefront/variables.tf +++ /dev/null @@ -1,14 +0,0 @@ -variable "prefix" { - type = string - description = "Prefix for all metric and trace names" -} - -variable "url" { - type = string - description = "URL to differentiate different clusters" -} - -variable "token" { - type = string - description = "Wavefront API token" -} diff --git a/terraform/environments/dispatcher/concourse-values.yml.tpl b/terraform/environments/dispatcher/concourse-values.yml.tpl index 8f2f14f..8aab649 100644 --- a/terraform/environments/dispatcher/concourse-values.yml.tpl +++ b/terraform/environments/dispatcher/concourse-values.yml.tpl @@ -34,19 +34,6 @@ web: type: LoadBalancer loadBalancerIP: ${lb_address} - sidecarContainers: - - name: otel-collector - image: otel/opentelemetry-collector-contrib:0.15.0 - args: ['--config=/etc/config/otelcol.yml'] - volumeMounts: - - name: otelcol-config - mountPath: /etc/config - - additionalVolumes: - - name: otelcol-config - configMap: - name: ${otelcol_config_map_name} - worker: replicas: 1 annotations: diff --git a/terraform/environments/dispatcher/concourse.tf b/terraform/environments/dispatcher/concourse.tf index 1f9d8e8..862dfb9 100644 --- a/terraform/environments/dispatcher/concourse.tf +++ b/terraform/environments/dispatcher/concourse.tf @@ -66,8 +66,6 @@ data "template_file" "concourse_values" { vault_ca_cert = jsonencode(module.vault.ca_pem) vault_client_cert = jsonencode(module.vault.client_cert_pem) vault_client_private_key = jsonencode(module.vault.client_private_key_pem) - - otelcol_config_map_name = kubernetes_config_map.otel_collector.metadata.0.name } } diff --git a/terraform/environments/dispatcher/metrics.tf b/terraform/environments/dispatcher/metrics.tf deleted file mode 100644 index ffa41bc..0000000 --- a/terraform/environments/dispatcher/metrics.tf +++ /dev/null @@ -1,99 +0,0 @@ -data "google_secret_manager_secret_version" "wavefront_token" { - provider = google-beta - secret = "wavefront_token" -} - -module "wavefront" { - source = "../../dependencies/wavefront" - - prefix = "concourse" - url = module.concourse_dispatcher_address.dns_address - token = data.google_secret_manager_secret_version.wavefront_token.secret_data - - depends_on = [ - module.cluster.node_pools, - ] -} - -module "cluster-metrics" { - source = "../../dependencies/cluster-metrics" - url = module.concourse_dispatcher_address.dns_address - metrics_endpoint = module.wavefront.metrics_endpoint - - depends_on = [ - module.cluster.node_pools, - ] -} - -resource "kubernetes_config_map" "otel_collector" { - metadata { - name = "otelcol-config" - namespace = kubernetes_namespace.concourse.metadata.0.name - } - - data = { - "otelcol.yml" = <<-EOF - receivers: - otlp: - protocols: - grpc: - endpoint: 0.0.0.0:55680 - prometheus: - config: - scrape_configs: - - job_name: 'otel-collector' - scrape_interval: 30s - static_configs: - - targets: ['0.0.0.0:9391'] - exporters: - jaeger: - endpoint: ${module.wavefront.tracing_endpoint} - insecure: true - logging: - loglevel: debug - prometheusremotewrite: - endpoint: http://${module.wavefront.metrics_endpoint} - processors: - attributes/strip_tags: - actions: - - key: telemetry.sdk.name - action: delete - - key: telemetry.sdk.language - action: delete - - key: instrumentation.name - action: delete - attributes/insert_cluster: - actions: - - key: cluster - action: insert - value: ${module.concourse_dispatcher_address.dns_address} - metricstransform/insert_url: - transforms: - - include: .* - match_type: regexp - action: update - operations: - - action: add_label - new_label: url - new_value: ${module.concourse_dispatcher_address.dns_address} - service: - pipelines: - traces: - receivers: - - otlp - processors: - - attributes/strip_tags - - attributes/insert_cluster - exporters: - - jaeger - metrics: - receivers: - - prometheus - processors: - - metricstransform/insert_url - exporters: - - prometheusremotewrite - EOF - } -} - diff --git a/terraform/environments/production/ci-values.yml.tpl b/terraform/environments/production/ci-values.yml.tpl index 7c0bb95..6e314a4 100644 --- a/terraform/environments/production/ci-values.yml.tpl +++ b/terraform/environments/production/ci-values.yml.tpl @@ -37,18 +37,6 @@ web: type: LoadBalancer loadBalancerIP: ${lb_address} - sidecarContainers: - - name: otel-collector - image: otel/opentelemetry-collector-contrib:0.15.0 - args: ['--config=/etc/config/otelcol.yml'] - volumeMounts: - - name: otelcol-config - mountPath: /etc/config - additionalVolumes: - - name: otelcol-config - configMap: - name: ${otelcol_config_map_name} - concourse: web: auth: @@ -78,10 +66,6 @@ concourse: createTeamNamespaces: false prometheus: enabled: true - tracing: - serviceName: web - otlpAddress: 127.0.0.1:55680 - otlpUseTls: false vault: enabled: true url: https://vault.vault.svc.cluster.local:8200 diff --git a/terraform/environments/production/ci.tf b/terraform/environments/production/ci.tf index 54f656c..46eb335 100644 --- a/terraform/environments/production/ci.tf +++ b/terraform/environments/production/ci.tf @@ -100,8 +100,6 @@ data "template_file" "ci_values" { vault_ca_cert = jsonencode(module.vault.ca_pem) vault_client_cert = jsonencode(module.vault.client_cert_pem) vault_client_private_key = jsonencode(module.vault.client_private_key_pem) - - otelcol_config_map_name = jsonencode(kubernetes_config_map.otel_collector.metadata[0].name) } } diff --git a/terraform/environments/production/metrics.tf b/terraform/environments/production/metrics.tf deleted file mode 100644 index 01a6085..0000000 --- a/terraform/environments/production/metrics.tf +++ /dev/null @@ -1,99 +0,0 @@ -data "google_secret_manager_secret_version" "wavefront_token" { - provider = google-beta - secret = "wavefront_token" -} - -module "wavefront" { - source = "../../dependencies/wavefront" - - prefix = "concourse" - url = module.concourse_ci_address.dns_address - token = data.google_secret_manager_secret_version.wavefront_token.secret_data - - depends_on = [ - module.cluster.node_pools, - ] -} - -module "cluster-metrics" { - source = "../../dependencies/cluster-metrics" - url = module.concourse_ci_address.dns_address - metrics_endpoint = module.wavefront.metrics_endpoint - - depends_on = [ - module.cluster.node_pools, - ] -} - -resource "kubernetes_config_map" "otel_collector" { - metadata { - name = "otelcol-config" - namespace = kubernetes_namespace.ci.metadata.0.name - } - - data = { - "otelcol.yml" = <<-EOF - receivers: - otlp: - protocols: - grpc: - endpoint: 0.0.0.0:55680 - prometheus: - config: - scrape_configs: - - job_name: 'otel-collector' - scrape_interval: 30s - static_configs: - - targets: ['0.0.0.0:9391'] - exporters: - jaeger: - endpoint: ${module.wavefront.tracing_endpoint} - insecure: true - logging: - loglevel: debug - prometheusremotewrite: - endpoint: http://${module.wavefront.metrics_endpoint} - processors: - attributes/strip_tags: - actions: - - key: telemetry.sdk.name - action: delete - - key: telemetry.sdk.language - action: delete - - key: instrumentation.name - action: delete - attributes/insert_cluster: - actions: - - key: cluster - action: insert - value: ${module.concourse_ci_address.dns_address} - metricstransform/insert_url: - transforms: - - include: .* - match_type: regexp - action: update - operations: - - action: add_label - new_label: url - new_value: ${module.concourse_ci_address.dns_address} - service: - pipelines: - traces: - receivers: - - otlp - processors: - - attributes/strip_tags - - attributes/insert_cluster - exporters: - - jaeger - metrics: - receivers: - - prometheus - processors: - - metricstransform/insert_url - exporters: - - prometheusremotewrite - EOF - } -} - diff --git a/terraform/environments/stress/concourse-values.yml.tpl b/terraform/environments/stress/concourse-values.yml.tpl index 1d68b78..8c05b9b 100644 --- a/terraform/environments/stress/concourse-values.yml.tpl +++ b/terraform/environments/stress/concourse-values.yml.tpl @@ -30,19 +30,6 @@ web: type: LoadBalancer loadBalancerIP: ${lb_address} - sidecarContainers: - - name: otel-collector - image: otel/opentelemetry-collector-contrib:0.15.0 - args: ['--config=/etc/config/otelcol.yml'] - volumeMounts: - - name: otelcol-config - mountPath: /etc/config - - additionalVolumes: - - name: otelcol-config - configMap: - name: ${otelcol_config_map_name} - worker: enabled: false diff --git a/terraform/environments/stress/concourse_baseline.tf b/terraform/environments/stress/concourse_baseline.tf index 931f9bf..44d6bf7 100644 --- a/terraform/environments/stress/concourse_baseline.tf +++ b/terraform/environments/stress/concourse_baseline.tf @@ -57,7 +57,6 @@ data "template_file" "concourse_baseline_values" { vault_client_cert = jsonencode(module.vault.client_cert_pem) vault_client_private_key = jsonencode(module.vault.client_private_key_pem) - otelcol_config_map_name = kubernetes_config_map.otel_collector_baseline.metadata.0.name tracing_service_name = "baseline-web" } } diff --git a/terraform/environments/stress/concourse_stress.tf b/terraform/environments/stress/concourse_stress.tf index 83c2567..b8a6532 100644 --- a/terraform/environments/stress/concourse_stress.tf +++ b/terraform/environments/stress/concourse_stress.tf @@ -57,7 +57,6 @@ data "template_file" "concourse_stress_values" { vault_client_cert = jsonencode(module.vault.client_cert_pem) vault_client_private_key = jsonencode(module.vault.client_private_key_pem) - otelcol_config_map_name = kubernetes_config_map.otel_collector_stress.metadata.0.name tracing_service_name = "stress-web" } } diff --git a/terraform/environments/stress/metrics.tf b/terraform/environments/stress/metrics.tf deleted file mode 100644 index 1065286..0000000 --- a/terraform/environments/stress/metrics.tf +++ /dev/null @@ -1,59 +0,0 @@ -data "google_secret_manager_secret_version" "wavefront_token" { - provider = google-beta - secret = "wavefront_token" -} - -module "wavefront" { - source = "../../dependencies/wavefront" - - prefix = "concourse" - # Choosing stress' address arbitrarily - the important thing is that the - # otel_collector config sets the URL correctly, so as long as this url is - # unique within wavefront, we should be okay - url = module.concourse_stress_address.dns_address - token = data.google_secret_manager_secret_version.wavefront_token.secret_data - - depends_on = [ - module.cluster.node_pools, - ] -} - -module "cluster-metrics" { - source = "../../dependencies/cluster-metrics" - url = module.concourse_stress_address.dns_address - metrics_endpoint = module.wavefront.metrics_endpoint - - depends_on = [ - module.cluster.node_pools, - ] -} - -resource "kubernetes_config_map" "otel_collector_stress" { - metadata { - name = "otelcol-config" - namespace = kubernetes_namespace.stress.metadata.0.name - } - - data = { - "otelcol.yml" = templatefile("${path.module}/otelcol.yml.tpl", { - tracing_endpoint = module.wavefront.tracing_endpoint - metrics_endpoint = module.wavefront.metrics_endpoint - cluster_url = module.concourse_stress_address.dns_address - }) - } -} - -resource "kubernetes_config_map" "otel_collector_baseline" { - metadata { - name = "otelcol-config" - namespace = kubernetes_namespace.baseline.metadata.0.name - } - - data = { - "otelcol.yml" = templatefile("${path.module}/otelcol.yml.tpl", { - tracing_endpoint = module.wavefront.tracing_endpoint - metrics_endpoint = module.wavefront.metrics_endpoint - cluster_url = module.concourse_baseline_address.dns_address - }) - } -} diff --git a/terraform/environments/stress/otelcol.yml.tpl b/terraform/environments/stress/otelcol.yml.tpl deleted file mode 100644 index 9ca20cb..0000000 --- a/terraform/environments/stress/otelcol.yml.tpl +++ /dev/null @@ -1,60 +0,0 @@ -receivers: - otlp: - protocols: - grpc: - endpoint: 0.0.0.0:55680 - prometheus: - config: - scrape_configs: - - job_name: 'otel-collector' - scrape_interval: 30s - static_configs: - - targets: ['0.0.0.0:9391'] -exporters: - jaeger: - endpoint: ${tracing_endpoint} - insecure: true - logging: - loglevel: debug - prometheusremotewrite: - endpoint: http://${metrics_endpoint} -processors: - attributes/strip_tags: - actions: - - key: telemetry.sdk.name - action: delete - - key: telemetry.sdk.language - action: delete - - key: instrumentation.name - action: delete - attributes/insert_cluster: - actions: - - key: cluster - action: insert - value: ${cluster_url} - metricstransform/insert_url: - transforms: - - include: .* - match_type: regexp - action: update - operations: - - action: add_label - new_label: url - new_value: ${cluster_url} -service: - pipelines: - traces: - receivers: - - otlp - processors: - - attributes/strip_tags - - attributes/insert_cluster - exporters: - - jaeger - metrics: - receivers: - - prometheus - processors: - - metricstransform/insert_url - exporters: - - prometheusremotewrite