diff --git a/pkg/kwokctl/components/etcd.go b/pkg/kwokctl/components/etcd.go index 8fba11ecf1..88a0ae2df7 100644 --- a/pkg/kwokctl/components/etcd.go +++ b/pkg/kwokctl/components/etcd.go @@ -45,6 +45,7 @@ type BuildEtcdComponentConfig struct { PeerPort uint32 Verbosity log.Level QuotaBackendSize string + OtlpGrpcAddress string } // BuildEtcdComponent builds an etcd component. @@ -156,6 +157,14 @@ func BuildEtcdComponent(conf BuildEtcdComponentConfig) (component internalversio } } + if conf.OtlpGrpcAddress != "" { + etcdArgs = append(etcdArgs, + "--experimental-enable-distributed-tracing=true", + "--experimental-distributed-tracing-address="+conf.OtlpGrpcAddress, + "--experimental-distributed-tracing-sampling-rate=1000000", + ) + } + envs := []internalversion.Env{} if runtime.GOARCH != "amd64" { envs = append(envs, internalversion.Env{ diff --git a/pkg/kwokctl/components/jaeger.go b/pkg/kwokctl/components/jaeger.go index f06c8a2d2a..89c6c9bb87 100644 --- a/pkg/kwokctl/components/jaeger.go +++ b/pkg/kwokctl/components/jaeger.go @@ -63,7 +63,7 @@ func BuildJaegerComponent(conf BuildJaegerComponentConfig) (component internalve ) jaegerArgs = append(jaegerArgs, "--query.http-server.host-port="+conf.BindAddress+":16686", - "--collector.otlp.grpc.host-port="+net.LocalAddress+":4317", + "--collector.otlp.grpc.host-port="+conf.BindAddress+":4317", ) } else { ports = append( diff --git a/pkg/kwokctl/runtime/binary/cluster.go b/pkg/kwokctl/runtime/binary/cluster.go index ff44203deb..aa70629157 100644 --- a/pkg/kwokctl/runtime/binary/cluster.go +++ b/pkg/kwokctl/runtime/binary/cluster.go @@ -255,6 +255,16 @@ func (c *Cluster) Install(ctx context.Context) error { return err } + if env.kwokctlConfig.Options.JaegerPort != 0 { + err = c.setupPorts(ctx, + env.usedPorts, + &env.kwokctlConfig.Options.JaegerOtlpGrpcPort, + ) + if err != nil { + return err + } + } + err = c.addEtcd(ctx, env) if err != nil { return err @@ -327,6 +337,11 @@ func (c *Cluster) addEtcd(ctx context.Context, env *env) (err error) { return err } + otlpGrpcAddress := "" + if conf.JaegerOtlpGrpcPort != 0 { + otlpGrpcAddress = net.LocalAddress + ":" + format.String(conf.JaegerOtlpGrpcPort) + } + etcdComponent, err := components.BuildEtcdComponent(components.BuildEtcdComponentConfig{ Runtime: conf.Runtime, ProjectName: c.Name(), @@ -339,6 +354,7 @@ func (c *Cluster) addEtcd(ctx context.Context, env *env) (err error) { PeerPort: conf.EtcdPeerPort, Verbosity: env.verbosity, QuotaBackendSize: conf.EtcdQuotaBackendSize, + OtlpGrpcAddress: otlpGrpcAddress, }) if err != nil { return err @@ -362,15 +378,7 @@ func (c *Cluster) addKubeApiserver(ctx context.Context, env *env) (err error) { } kubeApiserverTracingConfigPath := "" - if conf.JaegerPort != 0 { - err = c.setupPorts(ctx, - env.usedPorts, - &conf.JaegerOtlpGrpcPort, - ) - if err != nil { - return err - } - + if conf.JaegerOtlpGrpcPort != 0 { kubeApiserverTracingConfigData, err := k8s.BuildKubeApiserverTracingConfig(k8s.BuildKubeApiserverTracingConfigParam{ Endpoint: net.LocalAddress + ":" + format.String(conf.JaegerOtlpGrpcPort), }) diff --git a/pkg/kwokctl/runtime/compose/cluster.go b/pkg/kwokctl/runtime/compose/cluster.go index fa265563cd..0c2fd9bd5f 100644 --- a/pkg/kwokctl/runtime/compose/cluster.go +++ b/pkg/kwokctl/runtime/compose/cluster.go @@ -288,6 +288,10 @@ func (c *Cluster) Install(ctx context.Context) error { return err } + if env.kwokctlConfig.Options.JaegerPort != 0 { + env.kwokctlConfig.Options.JaegerOtlpGrpcPort = 4317 + } + err = c.addEtcd(ctx, env) if err != nil { return err @@ -364,6 +368,11 @@ func (c *Cluster) addEtcd(ctx context.Context, env *env) (err error) { return err } + otlpGrpcAddress := "" + if conf.JaegerOtlpGrpcPort != 0 { + otlpGrpcAddress = c.Name() + "-jaeger:" + format.String(conf.JaegerOtlpGrpcPort) + } + etcdComponent, err := components.BuildEtcdComponent(components.BuildEtcdComponentConfig{ Runtime: conf.Runtime, ProjectName: c.Name(), @@ -375,6 +384,7 @@ func (c *Cluster) addEtcd(ctx context.Context, env *env) (err error) { DataPath: env.etcdDataPath, Verbosity: env.verbosity, QuotaBackendSize: conf.EtcdQuotaBackendSize, + OtlpGrpcAddress: otlpGrpcAddress, }) if err != nil { return err @@ -397,9 +407,9 @@ func (c *Cluster) addKubeApiserver(ctx context.Context, env *env) (err error) { } kubeApiserverTracingConfigPath := "" - if conf.JaegerPort != 0 { + if conf.JaegerOtlpGrpcPort != 0 { kubeApiserverTracingConfigData, err := k8s.BuildKubeApiserverTracingConfig(k8s.BuildKubeApiserverTracingConfigParam{ - Endpoint: c.Name() + "-jaeger:4317", + Endpoint: c.Name() + "-jaeger:" + format.String(conf.JaegerOtlpGrpcPort), }) if err != nil { return fmt.Errorf("failed to generate kubeApiserverTracingConfig yaml: %w", err) diff --git a/test/e2e/kwokctl/dryrun/testdata/binary/create_cluster_with_verbosity.txt b/test/e2e/kwokctl/dryrun/testdata/binary/create_cluster_with_verbosity.txt index f9bb718880..5534d9c69c 100644 --- a/test/e2e/kwokctl/dryrun/testdata/binary/create_cluster_with_verbosity.txt +++ b/test/e2e/kwokctl/dryrun/testdata/binary/create_cluster_with_verbosity.txt @@ -163,7 +163,7 @@ users: null EOF # Save cluster config to /workdir/clusters//kwok.yaml # Add context kwok- to ~/.kube/config -cd /workdir/clusters/ && etcd --name=node0 --auto-compaction-retention=1 --quota-backend-bytes=8589934592 --data-dir=/workdir/clusters//etcd --initial-advertise-peer-urls=http://0.0.0.0:32766 --listen-peer-urls=http://0.0.0.0:32766 --advertise-client-urls=http://0.0.0.0:32765 --listen-client-urls=http://0.0.0.0:32765 --initial-cluster=node0=http://0.0.0.0:32766 >/workdir/clusters//logs/etcd.log 2>&1 & +cd /workdir/clusters/ && etcd --name=node0 --auto-compaction-retention=1 --quota-backend-bytes=8589934592 --data-dir=/workdir/clusters//etcd --initial-advertise-peer-urls=http://0.0.0.0:32766 --listen-peer-urls=http://0.0.0.0:32766 --advertise-client-urls=http://0.0.0.0:32765 --listen-client-urls=http://0.0.0.0:32765 --initial-cluster=node0=http://0.0.0.0:32766 --experimental-enable-distributed-tracing=true --experimental-distributed-tracing-address=127.0.0.1:32762 --experimental-distributed-tracing-sampling-rate=1000000 >/workdir/clusters//logs/etcd.log 2>&1 & echo $! >/workdir/clusters//pids/etcd.pid cd /workdir/clusters/ && jaeger --collector.otlp.enabled=true --query.http-server.host-port=0.0.0.0:16686 --collector.otlp.grpc.host-port=127.0.0.1:32762 >/workdir/clusters//logs/jaeger.log 2>&1 & echo $! >/workdir/clusters//pids/jaeger.pid diff --git a/test/e2e/kwokctl/dryrun/testdata/docker/create_cluster_with_verbosity.txt b/test/e2e/kwokctl/dryrun/testdata/docker/create_cluster_with_verbosity.txt index f677566871..a42519bc74 100644 --- a/test/e2e/kwokctl/dryrun/testdata/docker/create_cluster_with_verbosity.txt +++ b/test/e2e/kwokctl/dryrun/testdata/docker/create_cluster_with_verbosity.txt @@ -171,8 +171,8 @@ users: EOF # Save cluster config to /workdir/clusters//kwok.yaml docker network create kwok- --label=com.docker.compose.project=kwok- -docker create --name=kwok--etcd --pull=never --entrypoint=etcd --network=kwok- --restart=unless-stopped --label=com.docker.compose.project=kwok- registry.k8s.io/etcd:3.5.15-0 --name=node0 --auto-compaction-retention=1 --quota-backend-bytes=8589934592 --data-dir=/etcd-data --initial-advertise-peer-urls=http://0.0.0.0:2380 --listen-peer-urls=http://0.0.0.0:2380 --advertise-client-urls=http://0.0.0.0:2379 --listen-client-urls=http://0.0.0.0:2379 --initial-cluster=node0=http://0.0.0.0:2380 -docker create --name=kwok--jaeger --pull=never --network=kwok- --restart=unless-stopped --label=com.docker.compose.project=kwok- --publish=16686:16686/tcp docker.io/jaegertracing/all-in-one:1.58.1 --collector.otlp.enabled=true --query.http-server.host-port=0.0.0.0:16686 --collector.otlp.grpc.host-port=127.0.0.1:4317 +docker create --name=kwok--etcd --pull=never --entrypoint=etcd --network=kwok- --restart=unless-stopped --label=com.docker.compose.project=kwok- registry.k8s.io/etcd:3.5.15-0 --name=node0 --auto-compaction-retention=1 --quota-backend-bytes=8589934592 --data-dir=/etcd-data --initial-advertise-peer-urls=http://0.0.0.0:2380 --listen-peer-urls=http://0.0.0.0:2380 --advertise-client-urls=http://0.0.0.0:2379 --listen-client-urls=http://0.0.0.0:2379 --initial-cluster=node0=http://0.0.0.0:2380 --experimental-enable-distributed-tracing=true --experimental-distributed-tracing-address=kwok--jaeger:4317 --experimental-distributed-tracing-sampling-rate=1000000 +docker create --name=kwok--jaeger --pull=never --network=kwok- --restart=unless-stopped --label=com.docker.compose.project=kwok- --publish=16686:16686/tcp --publish=4317:4317/tcp docker.io/jaegertracing/all-in-one:1.58.1 --collector.otlp.enabled=true --query.http-server.host-port=0.0.0.0:16686 --collector.otlp.grpc.host-port=0.0.0.0:4317 docker create --name=kwok--kube-apiserver --pull=never --entrypoint=kube-apiserver --network=kwok- --link=kwok--etcd --link=kwok--jaeger --restart=unless-stopped --label=com.docker.compose.project=kwok- --publish=32766:6443/tcp --volume=/workdir/clusters//pki/ca.crt:/etc/kubernetes/pki/ca.crt:ro --volume=/workdir/clusters//pki/admin.crt:/etc/kubernetes/pki/admin.crt:ro --volume=/workdir/clusters//pki/admin.key:/etc/kubernetes/pki/admin.key:ro --volume=/workdir/clusters//audit.yaml:/etc/kubernetes/audit-policy.yaml:ro --volume=/workdir/clusters//logs/audit.log:/var/log/kubernetes/audit/audit.log --volume=/workdir/clusters//apiserver-tracing-config.yaml:/etc/kubernetes/apiserver-tracing-config.yaml:ro registry.k8s.io/kube-apiserver:v1.31.0 --etcd-prefix=/registry --allow-privileged=true --max-requests-inflight=0 --max-mutating-requests-inflight=0 --enable-priority-and-fairness=false --etcd-servers=http://kwok--etcd:2379 --authorization-mode=Node,RBAC --bind-address=0.0.0.0 --secure-port=6443 --tls-cert-file=/etc/kubernetes/pki/admin.crt --tls-private-key-file=/etc/kubernetes/pki/admin.key --client-ca-file=/etc/kubernetes/pki/ca.crt --service-account-key-file=/etc/kubernetes/pki/admin.key --service-account-signing-key-file=/etc/kubernetes/pki/admin.key --service-account-issuer=https://kubernetes.default.svc.cluster.local --proxy-client-key-file=/etc/kubernetes/pki/admin.key --proxy-client-cert-file=/etc/kubernetes/pki/admin.crt --audit-policy-file=/etc/kubernetes/audit-policy.yaml --audit-log-path=/var/log/kubernetes/audit/audit.log --tracing-config-file=/etc/kubernetes/apiserver-tracing-config.yaml docker create --name=kwok--kube-apiserver-insecure-proxy --pull=never --entrypoint=kubectl --network=kwok- --link=kwok--kube-apiserver --restart=unless-stopped --label=com.docker.compose.project=kwok- --publish=6080:8001/tcp --volume=/workdir/clusters//kubeconfig:~/.kube/config:ro --volume=/workdir/clusters//pki/ca.crt:/etc/kubernetes/pki/ca.crt:ro --volume=/workdir/clusters//pki/admin.crt:/etc/kubernetes/pki/admin.crt:ro --volume=/workdir/clusters//pki/admin.key:/etc/kubernetes/pki/admin.key:ro registry.k8s.io/kubectl:v1.31.0 proxy --accept-hosts=^*$ --address=0.0.0.0 --kubeconfig=~/.kube/config --port=8001 docker create --name=kwok--kube-controller-manager --pull=never --entrypoint=kube-controller-manager --network=kwok- --link=kwok--kube-apiserver --restart=unless-stopped --label=com.docker.compose.project=kwok- --volume=/workdir/clusters//kubeconfig:~/.kube/config:ro --volume=/workdir/clusters//pki/ca.crt:/etc/kubernetes/pki/ca.crt:ro --volume=/workdir/clusters//pki/admin.crt:/etc/kubernetes/pki/admin.crt:ro --volume=/workdir/clusters//pki/admin.key:/etc/kubernetes/pki/admin.key:ro registry.k8s.io/kube-controller-manager:v1.31.0 --node-monitor-period=25s --node-monitor-grace-period=3m20s --kubeconfig=~/.kube/config --authorization-always-allow-paths=/healthz,/readyz,/livez,/metrics --bind-address=0.0.0.0 --secure-port=10257 --root-ca-file=/etc/kubernetes/pki/ca.crt --service-account-private-key-file=/etc/kubernetes/pki/admin.key --kube-api-qps=5000 --kube-api-burst=10000 diff --git a/test/e2e/kwokctl/dryrun/testdata/kind-podman/create_cluster_with_verbosity.txt b/test/e2e/kwokctl/dryrun/testdata/kind-podman/create_cluster_with_verbosity.txt index 0d0b95a113..61f9fd2438 100644 --- a/test/e2e/kwokctl/dryrun/testdata/kind-podman/create_cluster_with_verbosity.txt +++ b/test/e2e/kwokctl/dryrun/testdata/kind-podman/create_cluster_with_verbosity.txt @@ -502,7 +502,7 @@ spec: - args: - --collector.otlp.enabled=true - --query.http-server.host-port=0.0.0.0:16686 - - --collector.otlp.grpc.host-port=127.0.0.1:4317 + - --collector.otlp.grpc.host-port=0.0.0.0:4317 image: docker.io/jaegertracing/all-in-one:1.58.1 imagePullPolicy: Never name: jaeger diff --git a/test/e2e/kwokctl/dryrun/testdata/kind/create_cluster_with_verbosity.txt b/test/e2e/kwokctl/dryrun/testdata/kind/create_cluster_with_verbosity.txt index a4194803de..86e85bbef6 100644 --- a/test/e2e/kwokctl/dryrun/testdata/kind/create_cluster_with_verbosity.txt +++ b/test/e2e/kwokctl/dryrun/testdata/kind/create_cluster_with_verbosity.txt @@ -502,7 +502,7 @@ spec: - args: - --collector.otlp.enabled=true - --query.http-server.host-port=0.0.0.0:16686 - - --collector.otlp.grpc.host-port=127.0.0.1:4317 + - --collector.otlp.grpc.host-port=0.0.0.0:4317 image: docker.io/jaegertracing/all-in-one:1.58.1 imagePullPolicy: Never name: jaeger diff --git a/test/e2e/kwokctl/dryrun/testdata/nerdctl/create_cluster_with_verbosity.txt b/test/e2e/kwokctl/dryrun/testdata/nerdctl/create_cluster_with_verbosity.txt index 27bf980767..cc2be8e340 100644 --- a/test/e2e/kwokctl/dryrun/testdata/nerdctl/create_cluster_with_verbosity.txt +++ b/test/e2e/kwokctl/dryrun/testdata/nerdctl/create_cluster_with_verbosity.txt @@ -171,8 +171,8 @@ users: EOF # Save cluster config to /workdir/clusters//kwok.yaml nerdctl network create kwok- --label=com.docker.compose.project=kwok- -nerdctl create --name=kwok--etcd --pull=never --entrypoint=etcd --network=kwok- --restart=unless-stopped --label=com.docker.compose.project=kwok- registry.k8s.io/etcd:3.5.15-0 --name=node0 --auto-compaction-retention=1 --quota-backend-bytes=8589934592 --data-dir=/etcd-data --initial-advertise-peer-urls=http://0.0.0.0:2380 --listen-peer-urls=http://0.0.0.0:2380 --advertise-client-urls=http://0.0.0.0:2379 --listen-client-urls=http://0.0.0.0:2379 --initial-cluster=node0=http://0.0.0.0:2380 -nerdctl create --name=kwok--jaeger --pull=never --network=kwok- --restart=unless-stopped --label=com.docker.compose.project=kwok- --publish=16686:16686/tcp docker.io/jaegertracing/all-in-one:1.58.1 --collector.otlp.enabled=true --query.http-server.host-port=0.0.0.0:16686 --collector.otlp.grpc.host-port=127.0.0.1:4317 +nerdctl create --name=kwok--etcd --pull=never --entrypoint=etcd --network=kwok- --restart=unless-stopped --label=com.docker.compose.project=kwok- registry.k8s.io/etcd:3.5.15-0 --name=node0 --auto-compaction-retention=1 --quota-backend-bytes=8589934592 --data-dir=/etcd-data --initial-advertise-peer-urls=http://0.0.0.0:2380 --listen-peer-urls=http://0.0.0.0:2380 --advertise-client-urls=http://0.0.0.0:2379 --listen-client-urls=http://0.0.0.0:2379 --initial-cluster=node0=http://0.0.0.0:2380 --experimental-enable-distributed-tracing=true --experimental-distributed-tracing-address=kwok--jaeger:4317 --experimental-distributed-tracing-sampling-rate=1000000 +nerdctl create --name=kwok--jaeger --pull=never --network=kwok- --restart=unless-stopped --label=com.docker.compose.project=kwok- --publish=16686:16686/tcp --publish=4317:4317/tcp docker.io/jaegertracing/all-in-one:1.58.1 --collector.otlp.enabled=true --query.http-server.host-port=0.0.0.0:16686 --collector.otlp.grpc.host-port=0.0.0.0:4317 nerdctl create --name=kwok--kube-apiserver --pull=never --entrypoint=kube-apiserver --network=kwok- --restart=unless-stopped --label=com.docker.compose.project=kwok- --publish=32766:6443/tcp --volume=/workdir/clusters//pki/ca.crt:/etc/kubernetes/pki/ca.crt:ro --volume=/workdir/clusters//pki/admin.crt:/etc/kubernetes/pki/admin.crt:ro --volume=/workdir/clusters//pki/admin.key:/etc/kubernetes/pki/admin.key:ro --volume=/workdir/clusters//audit.yaml:/etc/kubernetes/audit-policy.yaml:ro --volume=/workdir/clusters//logs/audit.log:/var/log/kubernetes/audit/audit.log --volume=/workdir/clusters//apiserver-tracing-config.yaml:/etc/kubernetes/apiserver-tracing-config.yaml:ro registry.k8s.io/kube-apiserver:v1.31.0 --etcd-prefix=/registry --allow-privileged=true --max-requests-inflight=0 --max-mutating-requests-inflight=0 --enable-priority-and-fairness=false --etcd-servers=http://kwok--etcd:2379 --authorization-mode=Node,RBAC --bind-address=0.0.0.0 --secure-port=6443 --tls-cert-file=/etc/kubernetes/pki/admin.crt --tls-private-key-file=/etc/kubernetes/pki/admin.key --client-ca-file=/etc/kubernetes/pki/ca.crt --service-account-key-file=/etc/kubernetes/pki/admin.key --service-account-signing-key-file=/etc/kubernetes/pki/admin.key --service-account-issuer=https://kubernetes.default.svc.cluster.local --proxy-client-key-file=/etc/kubernetes/pki/admin.key --proxy-client-cert-file=/etc/kubernetes/pki/admin.crt --audit-policy-file=/etc/kubernetes/audit-policy.yaml --audit-log-path=/var/log/kubernetes/audit/audit.log --tracing-config-file=/etc/kubernetes/apiserver-tracing-config.yaml nerdctl create --name=kwok--kube-apiserver-insecure-proxy --pull=never --entrypoint=kubectl --network=kwok- --restart=unless-stopped --label=com.docker.compose.project=kwok- --publish=6080:8001/tcp --volume=/workdir/clusters//kubeconfig:~/.kube/config:ro --volume=/workdir/clusters//pki/ca.crt:/etc/kubernetes/pki/ca.crt:ro --volume=/workdir/clusters//pki/admin.crt:/etc/kubernetes/pki/admin.crt:ro --volume=/workdir/clusters//pki/admin.key:/etc/kubernetes/pki/admin.key:ro registry.k8s.io/kubectl:v1.31.0 proxy --accept-hosts=^*$ --address=0.0.0.0 --kubeconfig=~/.kube/config --port=8001 nerdctl create --name=kwok--kube-controller-manager --pull=never --entrypoint=kube-controller-manager --network=kwok- --restart=unless-stopped --label=com.docker.compose.project=kwok- --volume=/workdir/clusters//kubeconfig:~/.kube/config:ro --volume=/workdir/clusters//pki/ca.crt:/etc/kubernetes/pki/ca.crt:ro --volume=/workdir/clusters//pki/admin.crt:/etc/kubernetes/pki/admin.crt:ro --volume=/workdir/clusters//pki/admin.key:/etc/kubernetes/pki/admin.key:ro registry.k8s.io/kube-controller-manager:v1.31.0 --node-monitor-period=25s --node-monitor-grace-period=3m20s --kubeconfig=~/.kube/config --authorization-always-allow-paths=/healthz,/readyz,/livez,/metrics --bind-address=0.0.0.0 --secure-port=10257 --root-ca-file=/etc/kubernetes/pki/ca.crt --service-account-private-key-file=/etc/kubernetes/pki/admin.key --kube-api-qps=5000 --kube-api-burst=10000 diff --git a/test/e2e/kwokctl/dryrun/testdata/podman/create_cluster_with_verbosity.txt b/test/e2e/kwokctl/dryrun/testdata/podman/create_cluster_with_verbosity.txt index efde304b8b..eb2e9dd601 100644 --- a/test/e2e/kwokctl/dryrun/testdata/podman/create_cluster_with_verbosity.txt +++ b/test/e2e/kwokctl/dryrun/testdata/podman/create_cluster_with_verbosity.txt @@ -171,8 +171,8 @@ users: EOF # Save cluster config to /workdir/clusters//kwok.yaml podman network create kwok- --label=io.podman.compose.project=kwok- --label=com.docker.compose.project=kwok- -podman create --name=kwok--etcd --pull=never --entrypoint=etcd --network=kwok- --restart=unless-stopped --label=io.podman.compose.project=kwok- --label=com.docker.compose.project=kwok- registry.k8s.io/etcd:3.5.15-0 --name=node0 --auto-compaction-retention=1 --quota-backend-bytes=8589934592 --data-dir=/etcd-data --initial-advertise-peer-urls=http://0.0.0.0:2380 --listen-peer-urls=http://0.0.0.0:2380 --advertise-client-urls=http://0.0.0.0:2379 --listen-client-urls=http://0.0.0.0:2379 --initial-cluster=node0=http://0.0.0.0:2380 -podman create --name=kwok--jaeger --pull=never --network=kwok- --restart=unless-stopped --label=io.podman.compose.project=kwok- --label=com.docker.compose.project=kwok- --publish=16686:16686/tcp docker.io/jaegertracing/all-in-one:1.58.1 --collector.otlp.enabled=true --query.http-server.host-port=0.0.0.0:16686 --collector.otlp.grpc.host-port=127.0.0.1:4317 +podman create --name=kwok--etcd --pull=never --entrypoint=etcd --network=kwok- --restart=unless-stopped --label=io.podman.compose.project=kwok- --label=com.docker.compose.project=kwok- registry.k8s.io/etcd:3.5.15-0 --name=node0 --auto-compaction-retention=1 --quota-backend-bytes=8589934592 --data-dir=/etcd-data --initial-advertise-peer-urls=http://0.0.0.0:2380 --listen-peer-urls=http://0.0.0.0:2380 --advertise-client-urls=http://0.0.0.0:2379 --listen-client-urls=http://0.0.0.0:2379 --initial-cluster=node0=http://0.0.0.0:2380 --experimental-enable-distributed-tracing=true --experimental-distributed-tracing-address=kwok--jaeger:4317 --experimental-distributed-tracing-sampling-rate=1000000 +podman create --name=kwok--jaeger --pull=never --network=kwok- --restart=unless-stopped --label=io.podman.compose.project=kwok- --label=com.docker.compose.project=kwok- --publish=16686:16686/tcp --publish=4317:4317/tcp docker.io/jaegertracing/all-in-one:1.58.1 --collector.otlp.enabled=true --query.http-server.host-port=0.0.0.0:16686 --collector.otlp.grpc.host-port=0.0.0.0:4317 podman create --name=kwok--kube-apiserver --pull=never --entrypoint=kube-apiserver --network=kwok- --requires=kwok--etcd --requires=kwok--jaeger --restart=unless-stopped --label=io.podman.compose.project=kwok- --label=com.docker.compose.project=kwok- --publish=32766:6443/tcp --volume=/workdir/clusters//pki/ca.crt:/etc/kubernetes/pki/ca.crt:ro --volume=/workdir/clusters//pki/admin.crt:/etc/kubernetes/pki/admin.crt:ro --volume=/workdir/clusters//pki/admin.key:/etc/kubernetes/pki/admin.key:ro --volume=/workdir/clusters//audit.yaml:/etc/kubernetes/audit-policy.yaml:ro --volume=/workdir/clusters//logs/audit.log:/var/log/kubernetes/audit/audit.log --volume=/workdir/clusters//apiserver-tracing-config.yaml:/etc/kubernetes/apiserver-tracing-config.yaml:ro registry.k8s.io/kube-apiserver:v1.31.0 --etcd-prefix=/registry --allow-privileged=true --max-requests-inflight=0 --max-mutating-requests-inflight=0 --enable-priority-and-fairness=false --etcd-servers=http://kwok--etcd:2379 --authorization-mode=Node,RBAC --bind-address=0.0.0.0 --secure-port=6443 --tls-cert-file=/etc/kubernetes/pki/admin.crt --tls-private-key-file=/etc/kubernetes/pki/admin.key --client-ca-file=/etc/kubernetes/pki/ca.crt --service-account-key-file=/etc/kubernetes/pki/admin.key --service-account-signing-key-file=/etc/kubernetes/pki/admin.key --service-account-issuer=https://kubernetes.default.svc.cluster.local --proxy-client-key-file=/etc/kubernetes/pki/admin.key --proxy-client-cert-file=/etc/kubernetes/pki/admin.crt --audit-policy-file=/etc/kubernetes/audit-policy.yaml --audit-log-path=/var/log/kubernetes/audit/audit.log --tracing-config-file=/etc/kubernetes/apiserver-tracing-config.yaml podman create --name=kwok--kube-apiserver-insecure-proxy --pull=never --entrypoint=kubectl --network=kwok- --requires=kwok--kube-apiserver --restart=unless-stopped --label=io.podman.compose.project=kwok- --label=com.docker.compose.project=kwok- --publish=6080:8001/tcp --volume=/workdir/clusters//kubeconfig:~/.kube/config:ro --volume=/workdir/clusters//pki/ca.crt:/etc/kubernetes/pki/ca.crt:ro --volume=/workdir/clusters//pki/admin.crt:/etc/kubernetes/pki/admin.crt:ro --volume=/workdir/clusters//pki/admin.key:/etc/kubernetes/pki/admin.key:ro registry.k8s.io/kubectl:v1.31.0 proxy --accept-hosts=^*$ --address=0.0.0.0 --kubeconfig=~/.kube/config --port=8001 podman create --name=kwok--kube-controller-manager --pull=never --entrypoint=kube-controller-manager --network=kwok- --requires=kwok--kube-apiserver --restart=unless-stopped --label=io.podman.compose.project=kwok- --label=com.docker.compose.project=kwok- --volume=/workdir/clusters//kubeconfig:~/.kube/config:ro --volume=/workdir/clusters//pki/ca.crt:/etc/kubernetes/pki/ca.crt:ro --volume=/workdir/clusters//pki/admin.crt:/etc/kubernetes/pki/admin.crt:ro --volume=/workdir/clusters//pki/admin.key:/etc/kubernetes/pki/admin.key:ro registry.k8s.io/kube-controller-manager:v1.31.0 --node-monitor-period=25s --node-monitor-grace-period=3m20s --kubeconfig=~/.kube/config --authorization-always-allow-paths=/healthz,/readyz,/livez,/metrics --bind-address=0.0.0.0 --secure-port=10257 --root-ca-file=/etc/kubernetes/pki/ca.crt --service-account-private-key-file=/etc/kubernetes/pki/admin.key --kube-api-qps=5000 --kube-api-burst=10000