First sidecar module: OpenTelemetry (#8013)

* remove opentelemetry from main nginx image * add opentelemetry sidecar image * handle extra modules in helm chart * fix running helm chart * mount the modules volume in the init container * merge the mounted folder * fix the otel image * fix licence year * fix cloudbuild image * use the same nginx version as in the main image * only retrieve /etc/nginx/modules for now
2022-01-16 22:33:28 +01:00 · 2022-01-16 22:33:28 +01:00 · 15b0aba03b
commit 15b0aba03b
parent c0098f305c
14 changed files with 353 additions and 53 deletions
--- a/charts/ingress-nginx/ci/daemonset-extra-modules.yaml
+++ b/charts/ingress-nginx/ci/daemonset-extra-modules.yaml
@ -0,0 +1,10 @@
+controller:
+  kind: DaemonSet
+  image:
+    repository: ingress-controller/controller
+    tag: 1.0.0-dev
+  service:
+    type: ClusterIP
+  extraModules:
+    - name: opentelemetry
+      image: busybox
--- a/charts/ingress-nginx/ci/deployment-extra-modules.yaml
+++ b/charts/ingress-nginx/ci/deployment-extra-modules.yaml
@ -0,0 +1,10 @@
+controller:
+  image:
+    repository: ingress-controller/controller
+    tag: 1.0.0-dev
+    digest: null
+  service:
+    type: ClusterIP
+  extraModules:
+    - name: opentelemetry
+      image: busybox
--- a/charts/ingress-nginx/templates/controller-daemonset.yaml
+++ b/charts/ingress-nginx/templates/controller-daemonset.yaml
@ -143,8 +143,12 @@ spec:
              hostPort: {{ $key }}
              {{- end }}
          {{- end }}
-        {{- if (or .Values.controller.customTemplate.configMapName .Values.controller.extraVolumeMounts .Values.controller.admissionWebhooks.enabled) }}
+        {{- if (or .Values.controller.customTemplate.configMapName .Values.controller.extraVolumeMounts .Values.controller.admissionWebhooks.enabled .Values.controller.extraModules) }}
          volumeMounts:
+          {{- if .Values.controller.extraModules }}
+            - name: modules
+              mountPath: /modules_mount
+          {{- end }}
          {{- if .Values.controller.customTemplate.configMapName }}
            - mountPath: /etc/nginx/template
              name: nginx-template-volume
@ -165,8 +169,20 @@ spec:
      {{- if .Values.controller.extraContainers }}
        {{ toYaml .Values.controller.extraContainers | nindent 8 }}
      {{- end }}
-    {{- if .Values.controller.extraInitContainers }}
-      initContainers: {{ toYaml .Values.controller.extraInitContainers | nindent 8 }}
+
+
+    {{- if (or .Values.controller.extraInitContainers .Values.controller.extraModules) }}
+      initContainers:
+      {{- if .Values.controller.extraInitContainers }}
+        {{ toYaml .Values.controller.extraInitContainers | nindent 8 }}
+      {{- end }}
+      {{- if .Values.controller.extraModules }}
+        {{- range .Values.controller.extraModules }}
+          - name: {{ .Name }}
+            image: {{ .Image }}
+            command: ['sh', '-c', '/usr/local/bin/init_module.sh']
+        {{- end }}
+      {{- end }}
    {{- end }}
    {{- if .Values.controller.hostNetwork }}
      hostNetwork: {{ .Values.controller.hostNetwork }}
@ -185,8 +201,12 @@ spec:
    {{- end }}
      serviceAccountName: {{ template "ingress-nginx.serviceAccountName" . }}
      terminationGracePeriodSeconds: {{ .Values.controller.terminationGracePeriodSeconds }}
-    {{- if (or .Values.controller.customTemplate.configMapName .Values.controller.extraVolumeMounts .Values.controller.admissionWebhooks.enabled .Values.controller.extraVolumes) }}
+    {{- if (or .Values.controller.customTemplate.configMapName .Values.controller.extraVolumeMounts .Values.controller.admissionWebhooks.enabled .Values.controller.extraVolumes .Values.controller.extraModules) }}
      volumes:
+      {{- if .Values.controller.extraModules }}
+        - name: modules
+          emptyDir: {}
+      {{- end }}
      {{- if .Values.controller.customTemplate.configMapName }}
        - name: nginx-template-volume
          configMap:
--- a/charts/ingress-nginx/templates/controller-deployment.yaml
+++ b/charts/ingress-nginx/templates/controller-deployment.yaml
@ -140,8 +140,12 @@ spec:
              hostPort: {{ $key }}
              {{- end }}
          {{- end }}
-        {{- if (or .Values.controller.customTemplate.configMapName .Values.controller.extraVolumeMounts .Values.controller.admissionWebhooks.enabled) }}
+        {{- if (or .Values.controller.customTemplate.configMapName .Values.controller.extraVolumeMounts .Values.controller.admissionWebhooks.enabled .Values.controller.extraModules) }}
          volumeMounts:
+          {{- if .Values.controller.extraModules }}
+            - name: modules
+              mountPath: /modules_mount
+          {{- end }}
          {{- if .Values.controller.customTemplate.configMapName }}
            - mountPath: /etc/nginx/template
              name: nginx-template-volume
@ -162,8 +166,21 @@ spec:
      {{- if .Values.controller.extraContainers }}
        {{ toYaml .Values.controller.extraContainers | nindent 8 }}
      {{- end }}
-    {{- if .Values.controller.extraInitContainers }}
-      initContainers: {{ toYaml .Values.controller.extraInitContainers | nindent 8 }}
+    {{- if (or .Values.controller.extraInitContainers .Values.controller.extraModules) }}
+      initContainers:
+      {{- if .Values.controller.extraInitContainers }}
+        {{ toYaml .Values.controller.extraInitContainers | nindent 8 }}
+      {{- end }}
+      {{- if .Values.controller.extraModules }}
+        {{- range .Values.controller.extraModules }}
+          - name: {{ .name }}
+            image: {{ .image }}
+            command: ['sh', '-c', '/usr/local/bin/init_module.sh']
+            volumeMounts:
+              - name: modules
+                mountPath: /modules_mount
+        {{- end }}
+      {{- end }}
    {{- end }}
    {{- if .Values.controller.hostNetwork }}
      hostNetwork: {{ .Values.controller.hostNetwork }}
@ -182,8 +199,12 @@ spec:
    {{- end }}
      serviceAccountName: {{ template "ingress-nginx.serviceAccountName" . }}
      terminationGracePeriodSeconds: {{ .Values.controller.terminationGracePeriodSeconds }}
-    {{- if (or .Values.controller.customTemplate.configMapName .Values.controller.extraVolumeMounts .Values.controller.admissionWebhooks.enabled .Values.controller.extraVolumes) }}
+    {{- if (or .Values.controller.customTemplate.configMapName .Values.controller.extraVolumeMounts .Values.controller.admissionWebhooks.enabled .Values.controller.extraVolumes .Values.controller.extraModules) }}
      volumes:
+      {{- if .Values.controller.extraModules }}
+        - name: modules
+          emptyDir: {}
+      {{- end }}
      {{- if .Values.controller.customTemplate.configMapName }}
        - name: nginx-template-volume
          configMap:
--- a/charts/ingress-nginx/values.yaml
+++ b/charts/ingress-nginx/values.yaml
@ -559,6 +559,15 @@ controller:
  #   image: busybox
  #   command: ['sh', '-c', 'until nslookup myservice; do echo waiting for myservice; sleep 2; done;']

+  extraModules: []
+  ## Modules, which are mounted into the core nginx image
+  # - name: opentelemetry
+  #   image: busybox
+  #
+  # The image must contain a `/usr/local/bin/init_module.sh` executable, which
+  # will be executed as initContainers, to move its config files within the
+  # mounted volume.
+
  admissionWebhooks:
    annotations: {}
    # ignore-check.kube-linter.io/no-read-only-rootfs: "This deployment needs write access to root filesystem".