From 8b9c55f6f32b6a4e96f313d9ae6b94f45cc70102 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Mois=C3=A9s=20Calzado?= <mcalzado@cartodb.com>
Date: Thu, 12 Dec 2024 19:17:27 +0100
Subject: [PATCH 1/4] [Research] OTEL collector

---
 chart/templates/otel-collector/configmap.yaml | 29 +++++++++++++
 .../templates/otel-collector/deployment.yaml  | 41 +++++++++++++++++++
 chart/templates/otel-collector/service.yaml   | 17 ++++++++
 3 files changed, 87 insertions(+)
 create mode 100644 chart/templates/otel-collector/configmap.yaml
 create mode 100644 chart/templates/otel-collector/deployment.yaml
 create mode 100644 chart/templates/otel-collector/service.yaml

diff --git a/chart/templates/otel-collector/configmap.yaml b/chart/templates/otel-collector/configmap.yaml
new file mode 100644
index 00000000..81cb32bb
--- /dev/null
+++ b/chart/templates/otel-collector/configmap.yaml
@@ -0,0 +1,29 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: otel-collector-config
+data:
+  config.yaml: |-
+    receivers:
+      otlp:
+        protocols:
+          http:
+            endpoint: 0.0.0.0:4318
+
+    processors:
+      # Data sources: traces, metrics, logs
+      memory_limiter:
+        check_interval: 5s
+        limit_mib: 4000
+        spike_limit_mib: 500
+
+    exporters:
+      debug:
+        verbosity: detailed
+
+    service:
+      pipelines:
+        logs:
+          receivers: [otlp]
+          processors: [memory_limiter]
+          exporters: [exporters]
diff --git a/chart/templates/otel-collector/deployment.yaml b/chart/templates/otel-collector/deployment.yaml
new file mode 100644
index 00000000..a057065e
--- /dev/null
+++ b/chart/templates/otel-collector/deployment.yaml
@@ -0,0 +1,41 @@
+apiVersion: {{ include "common.capabilities.deployment.apiVersion" . }}
+kind: Deployment
+metadata:
+  name: otel-collector
+  namespace: {{ .Release.Namespace | quote }}
+  labels: {{- include "common.labels.standard" . | nindent 4 }}
+    app.kubernetes.io/component: otel-collector
+    {{- if .Values.commonLabels }}
+    {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
+    {{- end }}
+spec:
+  selector:
+    matchLabels:
+      app: opentelemetry
+      component: otel-collector
+  template:
+    metadata:
+      labels:
+        app: opentelemetry
+        component: otel-collector
+    spec:
+      containers:
+      - name: otel-collector
+        image: otel/opentelemetry-collector-contrib:0.115.1
+        resources:
+          limits:
+            cpu: 100m
+            memory: 200Mi
+          requests:
+            cpu: 100m
+            memory: 200Mi
+        volumeMounts:
+        - mountPath: /etc/otelcol-contrib/config.yaml
+          name: data
+          subPath: config.yaml
+          readOnly: true
+      terminationGracePeriodSeconds: 30
+      volumes:
+      - name: data
+        configMap:
+          name: otel-collector-config
diff --git a/chart/templates/otel-collector/service.yaml b/chart/templates/otel-collector/service.yaml
new file mode 100644
index 00000000..cf41bb06
--- /dev/null
+++ b/chart/templates/otel-collector/service.yaml
@@ -0,0 +1,17 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: otel-collector
+  namespace: {{ .Release.Namespace | quote }}
+  labels: {{- include "common.labels.standard" . | nindent 4 }}
+    app.kubernetes.io/component: otel-collector
+    {{- if .Values.commonLabels }}
+    {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
+    {{- end }}
+spec:
+  ports:
+  - name: metrics # Default endpoint for querying metrics.
+    port: 4318
+  selector:
+    {{- include "common.labels.matchLabels" . | nindent 4 }}
+    app.kubernetes.io/component: otel-collector

From f4254136310581ee34c83f793839eaa240fcd858 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Mois=C3=A9s=20Calzado?= <mcalzado@cartodb.com>
Date: Fri, 13 Dec 2024 12:40:20 +0100
Subject: [PATCH 2/4] Add security context

---
 chart/templates/otel-collector/deployment.yaml | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/chart/templates/otel-collector/deployment.yaml b/chart/templates/otel-collector/deployment.yaml
index a057065e..c076839d 100644
--- a/chart/templates/otel-collector/deployment.yaml
+++ b/chart/templates/otel-collector/deployment.yaml
@@ -19,6 +19,10 @@ spec:
         app: opentelemetry
         component: otel-collector
     spec:
+      securityContext:
+        fsGroup: 101
+        supplementalGroups:
+        - 2345
       containers:
       - name: otel-collector
         image: otel/opentelemetry-collector-contrib:0.115.1
@@ -29,6 +33,15 @@ spec:
           requests:
             cpu: 100m
             memory: 200Mi
+        securityContext:
+          allowPrivilegeEscalation: false
+          capabilities:
+            drop:
+            - all
+          readOnlyRootFilesystem: true
+          runAsGroup: 101
+          runAsNonRoot: false
+          runAsUser: 101
         volumeMounts:
         - mountPath: /etc/otelcol-contrib/config.yaml
           name: data

From 8402174d6a52eab7f030c2d7464a39d769a97cac Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Mois=C3=A9s=20Calzado?= <mcalzado@cartodb.com>
Date: Mon, 16 Dec 2024 10:27:01 +0100
Subject: [PATCH 3/4] Fix config

---
 chart/templates/otel-collector/configmap.yaml  |  4 ++--
 chart/templates/otel-collector/deployment.yaml | 17 +++++++++++------
 chart/templates/otel-collector/service.yaml    |  4 +++-
 3 files changed, 16 insertions(+), 9 deletions(-)

diff --git a/chart/templates/otel-collector/configmap.yaml b/chart/templates/otel-collector/configmap.yaml
index 81cb32bb..c0eb32a2 100644
--- a/chart/templates/otel-collector/configmap.yaml
+++ b/chart/templates/otel-collector/configmap.yaml
@@ -23,7 +23,7 @@ data:
 
     service:
       pipelines:
-        logs:
+        traces:
           receivers: [otlp]
           processors: [memory_limiter]
-          exporters: [exporters]
+          exporters: [debug]
diff --git a/chart/templates/otel-collector/deployment.yaml b/chart/templates/otel-collector/deployment.yaml
index c076839d..a141bed9 100644
--- a/chart/templates/otel-collector/deployment.yaml
+++ b/chart/templates/otel-collector/deployment.yaml
@@ -10,14 +10,15 @@ metadata:
     {{- end }}
 spec:
   selector:
-    matchLabels:
-      app: opentelemetry
-      component: otel-collector
+    matchLabels: matchLabels: {{- include "common.labels.matchLabels" . | nindent 6 }}
+      app.kubernetes.io/component: otel-collector
   template:
     metadata:
-      labels:
-        app: opentelemetry
-        component: otel-collector
+      annotations:
+        checksum/config: {{ include (print $.Template.BasePath "/otel-collector/configmap.yaml") . | sha256sum }}
+        cluster-autoscaler.kubernetes.io/safe-to-evict: "true"
+      labels: {{- include "common.labels.standard" . | nindent 8 }}
+        app.kubernetes.io/component: otel-collector
     spec:
       securityContext:
         fsGroup: 101
@@ -25,6 +26,10 @@ spec:
         - 2345
       containers:
       - name: otel-collector
+        ports:
+        - containerPort: 4318
+          name: metrics
+          protocol: TCP
         image: otel/opentelemetry-collector-contrib:0.115.1
         resources:
           limits:
diff --git a/chart/templates/otel-collector/service.yaml b/chart/templates/otel-collector/service.yaml
index cf41bb06..3742008f 100644
--- a/chart/templates/otel-collector/service.yaml
+++ b/chart/templates/otel-collector/service.yaml
@@ -10,8 +10,10 @@ metadata:
     {{- end }}
 spec:
   ports:
-  - name: metrics # Default endpoint for querying metrics.
+  - name: metrics
     port: 4318
+    protocol: TCP
+    targetPort: metrics
   selector:
     {{- include "common.labels.matchLabels" . | nindent 4 }}
     app.kubernetes.io/component: otel-collector

From 29df5664a493ae49a6abe273784d2a56dc187111 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Mois=C3=A9s=20Calzado?= <mcalzado@cartodb.com>
Date: Mon, 16 Dec 2024 11:21:50 +0100
Subject: [PATCH 4/4] Finish research

---
 chart/templates/otel-collector/configmap.yaml | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/chart/templates/otel-collector/configmap.yaml b/chart/templates/otel-collector/configmap.yaml
index c0eb32a2..369b08f6 100644
--- a/chart/templates/otel-collector/configmap.yaml
+++ b/chart/templates/otel-collector/configmap.yaml
@@ -20,10 +20,14 @@ data:
     exporters:
       debug:
         verbosity: detailed
+      otlp:
+        endpoint: 34.135.42.102:4317
+        tls:
+          insecure: true
 
     service:
       pipelines:
         traces:
           receivers: [otlp]
           processors: [memory_limiter]
-          exporters: [debug]
+          exporters: [debug, otlp]