From 099eba784b95df429263d57c1f24dcb3acfedf60 Mon Sep 17 00:00:00 2001 From: Benedikt Bongartz Date: Thu, 11 May 2023 17:32:22 +0200 Subject: [PATCH 1/2] pass tracerprovider to kublet-readonly server Signed-off-by: Benedikt Bongartz --- cmd/kubelet/app/server.go | 2 +- pkg/kubelet/kubelet.go | 6 +++--- pkg/kubelet/server/server.go | 8 ++++---- 3 files changed, 8 insertions(+), 8 deletions(-) diff --git a/cmd/kubelet/app/server.go b/cmd/kubelet/app/server.go index 76e8cdf7b99..21ced945caf 100644 --- a/cmd/kubelet/app/server.go +++ b/cmd/kubelet/app/server.go @@ -1267,7 +1267,7 @@ func startKubelet(k kubelet.Bootstrap, podCfg *config.PodConfig, kubeCfg *kubele go k.ListenAndServe(kubeCfg, kubeDeps.TLSOptions, kubeDeps.Auth, kubeDeps.TracerProvider) } if kubeCfg.ReadOnlyPort > 0 { - go k.ListenAndServeReadOnly(netutils.ParseIPSloppy(kubeCfg.Address), uint(kubeCfg.ReadOnlyPort)) + go k.ListenAndServeReadOnly(netutils.ParseIPSloppy(kubeCfg.Address), uint(kubeCfg.ReadOnlyPort), kubeDeps.TracerProvider) } go k.ListenAndServePodResources() } diff --git a/pkg/kubelet/kubelet.go b/pkg/kubelet/kubelet.go index 62083b62db4..a4c18f22d36 100644 --- a/pkg/kubelet/kubelet.go +++ b/pkg/kubelet/kubelet.go @@ -237,7 +237,7 @@ type Bootstrap interface { BirthCry() StartGarbageCollection() ListenAndServe(kubeCfg *kubeletconfiginternal.KubeletConfiguration, tlsOptions *server.TLSOptions, auth server.AuthInterface, tp trace.TracerProvider) - ListenAndServeReadOnly(address net.IP, port uint) + ListenAndServeReadOnly(address net.IP, port uint, tp trace.TracerProvider) ListenAndServePodResources() Run(<-chan kubetypes.PodUpdate) RunOnce(<-chan kubetypes.PodUpdate) ([]RunPodResult, error) @@ -2931,8 +2931,8 @@ func (kl *Kubelet) ListenAndServe(kubeCfg *kubeletconfiginternal.KubeletConfigur } // ListenAndServeReadOnly runs the kubelet HTTP server in read-only mode. -func (kl *Kubelet) ListenAndServeReadOnly(address net.IP, port uint) { - server.ListenAndServeKubeletReadOnlyServer(kl, kl.resourceAnalyzer, address, port) +func (kl *Kubelet) ListenAndServeReadOnly(address net.IP, port uint, tp trace.TracerProvider) { + server.ListenAndServeKubeletReadOnlyServer(kl, kl.resourceAnalyzer, address, port, tp) } // ListenAndServePodResources runs the kubelet podresources grpc service diff --git a/pkg/kubelet/server/server.go b/pkg/kubelet/server/server.go index 87a017f9ccc..2b0e7ec858e 100644 --- a/pkg/kubelet/server/server.go +++ b/pkg/kubelet/server/server.go @@ -190,10 +190,10 @@ func ListenAndServeKubeletReadOnlyServer( host HostInterface, resourceAnalyzer stats.ResourceAnalyzer, address net.IP, - port uint) { + port uint, + tp oteltrace.TracerProvider) { klog.InfoS("Starting to listen read-only", "address", address, "port", port) - // TODO: https://github.com/kubernetes/kubernetes/issues/109829 tracer should use WithPublicEndpoint - s := NewServer(host, resourceAnalyzer, nil, oteltrace.NewNoopTracerProvider(), nil) + s := NewServer(host, resourceAnalyzer, nil, tp, nil) server := &http.Server{ Addr: net.JoinHostPort(address.String(), strconv.FormatUint(uint64(port), 10)), @@ -341,7 +341,7 @@ func (s *Server) InstallAuthFilter() { // InstallTracingFilter installs OpenTelemetry tracing filter with the restful Container. func (s *Server) InstallTracingFilter(tp oteltrace.TracerProvider) { - s.restfulCont.Filter(otelrestful.OTelFilter("kubelet", otelrestful.WithTracerProvider(tp))) + s.restfulCont.Filter(otelrestful.OTelFilter("kubelet", otelrestful.WithTracerProvider(tp), otelrestful.WithPublicEndpoint())) } // addMetricsBucketMatcher adds a regexp matcher and the relevant bucket to use when From c823a21a7a1a119c775d51b13a718c6b792c012a Mon Sep 17 00:00:00 2001 From: Benedikt Bongartz Date: Thu, 11 Jan 2024 00:43:41 +0100 Subject: [PATCH 2/2] apply public endpoint filter only for kubelet-readonly Signed-off-by: Benedikt Bongartz --- pkg/kubelet/server/server.go | 21 +++++++++++++-------- pkg/kubelet/server/server_test.go | 2 -- 2 files changed, 13 insertions(+), 10 deletions(-) diff --git a/pkg/kubelet/server/server.go b/pkg/kubelet/server/server.go index 2b0e7ec858e..777fe48ddd7 100644 --- a/pkg/kubelet/server/server.go +++ b/pkg/kubelet/server/server.go @@ -160,7 +160,12 @@ func ListenAndServeKubeletServer( address := netutils.ParseIPSloppy(kubeCfg.Address) port := uint(kubeCfg.Port) klog.InfoS("Starting to listen", "address", address, "port", port) - handler := NewServer(host, resourceAnalyzer, auth, tp, kubeCfg) + handler := NewServer(host, resourceAnalyzer, auth, kubeCfg) + + if utilfeature.DefaultFeatureGate.Enabled(features.KubeletTracing) { + handler.InstallTracingFilter(tp) + } + s := &http.Server{ Addr: net.JoinHostPort(address.String(), strconv.FormatUint(uint64(port), 10)), Handler: &handler, @@ -193,7 +198,11 @@ func ListenAndServeKubeletReadOnlyServer( port uint, tp oteltrace.TracerProvider) { klog.InfoS("Starting to listen read-only", "address", address, "port", port) - s := NewServer(host, resourceAnalyzer, nil, tp, nil) + s := NewServer(host, resourceAnalyzer, nil, nil) + + if utilfeature.DefaultFeatureGate.Enabled(features.KubeletTracing) { + s.InstallTracingFilter(tp, otelrestful.WithPublicEndpoint()) + } server := &http.Server{ Addr: net.JoinHostPort(address.String(), strconv.FormatUint(uint64(port), 10)), @@ -270,7 +279,6 @@ func NewServer( host HostInterface, resourceAnalyzer stats.ResourceAnalyzer, auth AuthInterface, - tp oteltrace.TracerProvider, kubeCfg *kubeletconfiginternal.KubeletConfiguration) Server { server := Server{ @@ -284,9 +292,6 @@ func NewServer( if auth != nil { server.InstallAuthFilter() } - if utilfeature.DefaultFeatureGate.Enabled(features.KubeletTracing) { - server.InstallTracingFilter(tp) - } server.InstallDefaultHandlers() if kubeCfg != nil && kubeCfg.EnableDebuggingHandlers { server.InstallDebuggingHandlers() @@ -340,8 +345,8 @@ func (s *Server) InstallAuthFilter() { } // InstallTracingFilter installs OpenTelemetry tracing filter with the restful Container. -func (s *Server) InstallTracingFilter(tp oteltrace.TracerProvider) { - s.restfulCont.Filter(otelrestful.OTelFilter("kubelet", otelrestful.WithTracerProvider(tp), otelrestful.WithPublicEndpoint())) +func (s *Server) InstallTracingFilter(tp oteltrace.TracerProvider, opts ...otelrestful.Option) { + s.restfulCont.Filter(otelrestful.OTelFilter("kubelet", append(opts, otelrestful.WithTracerProvider(tp))...)) } // addMetricsBucketMatcher adds a regexp matcher and the relevant bucket to use when diff --git a/pkg/kubelet/server/server_test.go b/pkg/kubelet/server/server_test.go index 8adabf6fe79..a80aec65db3 100644 --- a/pkg/kubelet/server/server_test.go +++ b/pkg/kubelet/server/server_test.go @@ -37,7 +37,6 @@ import ( cadvisorapiv2 "github.com/google/cadvisor/info/v2" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" - oteltrace "go.opentelemetry.io/otel/trace" v1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/types" @@ -371,7 +370,6 @@ func newServerTestWithDebuggingHandlers(kubeCfg *kubeletconfiginternal.KubeletCo fw.fakeKubelet, stats.NewResourceAnalyzer(fw.fakeKubelet, time.Minute, &record.FakeRecorder{}), fw.fakeAuth, - oteltrace.NewNoopTracerProvider(), kubeCfg, ) fw.serverUnderTest = &server