diff --git a/pkg/otel/templates/metrics.tmpl b/pkg/otel/templates/metrics.tmpl index 4b079b38ad..e7428648a7 100644 --- a/pkg/otel/templates/metrics.tmpl +++ b/pkg/otel/templates/metrics.tmpl @@ -1,12 +1,5 @@ {{- define "metrics-node-receivers" -}} {{- if .Metrics.Enabled -}} -prometheus/self: - config: - scrape_configs: - - job_name: 'otel-collector' - scrape_interval: 15s - static_configs: - - targets: ['127.0.0.1:{{ .Metrics.ListenPort }}'] {{ template "metrics-nodehost-receiver" . }} {{- end -}} {{- end -}} @@ -81,10 +74,8 @@ kubeletstats: {{- define "metrics-self-telemetry" -}} {{- if .Metrics.Enabled -}} telemetry: - logs: - level : {{ or .Metrics.LogLevel "debug" }} metrics: - address : "127.0.0.1:{{ .Metrics.ListenPort }}" + level: none {{- end -}} {{- end -}} diff --git a/pkg/otel/types.go b/pkg/otel/types.go index 7d01f7a09a..421a014166 100644 --- a/pkg/otel/types.go +++ b/pkg/otel/types.go @@ -154,7 +154,6 @@ func (w *WALConfig) DeepCopy() *WALConfig { func (d NodeConfig) MetricReceivers() []string { res := []string{} if d.Metrics.Enabled { - res = append(res, "prometheus/self") if lo.FromPtrOr(d.Metrics.Spec.HostMetrics, false) { res = append(res, "hostmetrics") if d.Containerized { @@ -168,7 +167,6 @@ func (d NodeConfig) MetricReceivers() []string { func (o AggregatorConfig) MetricReceivers() []string { res := []string{} if o.Metrics.Enabled { - res = append(res, "prometheus/self") if len(o.Metrics.Spec.AdditionalScrapeConfigs) > 0 { res = append(res, "prometheus/additional") } diff --git a/pkg/resources/collector/templates.go b/pkg/resources/collector/templates.go index e6025ea068..e0327606da 100644 --- a/pkg/resources/collector/templates.go +++ b/pkg/resources/collector/templates.go @@ -197,7 +197,6 @@ receivers: protocols: grpc: {} http: {} - {{ template "metrics-self-receiver" . }} {{ template "metrics-prometheus-receiver" . }} {{ template "metrics-prometheus-discoverer" . }} {{- if .LogsEnabled }} diff --git a/pkg/resources/collector/workloads.go b/pkg/resources/collector/workloads.go index bc59a4ca8f..5a54aacded 100644 --- a/pkg/resources/collector/workloads.go +++ b/pkg/resources/collector/workloads.go @@ -25,7 +25,7 @@ const ( collectorImage = "rancher-sandbox/opni-otel-collector" collectorVersion = "v0.1.2-0.74.0" reloaderImage = "rancher-sandbox/config-reloader" - reloaderVersion = "v0.1.0" + reloaderVersion = "v0.1.2" otelColBinaryName = "otelcol-custom" otelConfigDir = "/etc/otel" @@ -286,7 +286,7 @@ func (r *Reconciler) daemonSet() resources.Resource { }, VolumeMounts: volumeMounts, }, - r.configReloaderContainer(volumeMounts), + r.configReloaderContainer(volumeMounts, true), }, ImagePullSecrets: imageSpec.ImagePullSecrets, Volumes: volumes, @@ -415,7 +415,7 @@ func (r *Reconciler) deployment() resources.Resource { }, }, }, - r.configReloaderContainer(volumeMounts), + r.configReloaderContainer(volumeMounts, false), }, ImagePullSecrets: imageSpec.ImagePullSecrets, Volumes: volumes, @@ -465,7 +465,7 @@ func (r *Reconciler) service() resources.Resource { return resources.Present(svc) } -func (r *Reconciler) configReloaderContainer(mounts []corev1.VolumeMount) corev1.Container { +func (r *Reconciler) configReloaderContainer(mounts []corev1.VolumeMount, runAsRoot bool) corev1.Container { reloaderImageSpec := r.configReloaderImageSpec() return corev1.Container{ Name: "config-reloader", @@ -477,13 +477,20 @@ func (r *Reconciler) configReloaderContainer(mounts []corev1.VolumeMount) corev1 "-process", otelColBinaryName, }, - SecurityContext: &corev1.SecurityContext{ - Capabilities: &corev1.Capabilities{ - Add: []corev1.Capability{ - "SYS_PTRACE", + SecurityContext: func() *corev1.SecurityContext { + ctx := &corev1.SecurityContext{ + Capabilities: &corev1.Capabilities{ + Add: []corev1.Capability{ + "SYS_PTRACE", + }, }, - }, - }, + RunAsUser: lo.ToPtr[int64](10001), + } + if runAsRoot { + ctx.RunAsUser = lo.ToPtr[int64](0) + } + return ctx + }(), VolumeMounts: mounts, } }