From d27ea038b5f9f0e6ccee4c1706f39db2519318f2 Mon Sep 17 00:00:00 2001 From: Nate Mollica Date: Fri, 15 Dec 2023 16:06:20 -0800 Subject: [PATCH] datadog-integration: updated consul-server agent telemetry-config.json with dd specific items as well as additional missing VM based options, unit tests, dd unix socket integration, dd agent acl token generation | final initial-push --- charts/consul/templates/_helpers.tpl | 10 ++- .../consul/templates/datadog-agent-role.yaml | 38 +++++++++ .../templates/datadog-agent-rolebinding.yaml | 22 ++++++ .../consul/templates/server-acl-init-job.yaml | 2 +- .../consul/templates/server-statefulset.yaml | 6 +- .../telemetry-collector-deployment.yaml | 13 +++ .../consul/test/unit/server-acl-init-job.bats | 17 ++++ .../test/unit/server-config-configmap.bats | 1 + .../consul/test/unit/server-statefulset.bats | 64 ++++++++++++++- .../unit/telemetry-collector-deployment.bats | 79 +++++++++++++++++++ charts/consul/values.yaml | 44 ++++++++--- .../subcommand/server-acl-init/command.go | 1 - 12 files changed, 276 insertions(+), 21 deletions(-) create mode 100644 charts/consul/templates/datadog-agent-role.yaml create mode 100644 charts/consul/templates/datadog-agent-rolebinding.yaml diff --git a/charts/consul/templates/_helpers.tpl b/charts/consul/templates/_helpers.tpl index dc30b1017d..795cad15a7 100644 --- a/charts/consul/templates/_helpers.tpl +++ b/charts/consul/templates/_helpers.tpl @@ -428,10 +428,10 @@ Usage: {{ template "consul.validateTelemetryCollectorCloud" . }} */}} {{- define "consul.validateTelemetryCollectorCloud" -}} {{- if (and .Values.telemetryCollector.cloud.clientId.secretName (and (not .Values.global.cloud.clientSecret.secretName) (not .Values.telemetryCollector.cloud.clientSecret.secretName))) }} -{{fail "When telemetryCollector.cloud.clientId.secretName is set, telemetryCollector.cloud.clientSecret.secretName must also be set."}} +{{fail "When telemetryCollector.cloud.clientId.secretName is set, telemetryCollector.cloud.clientSecret.secretName must also be set." }} {{- end }} {{- if (and .Values.telemetryCollector.cloud.clientSecret.secretName (and (not .Values.global.cloud.clientId.secretName) (not .Values.telemetryCollector.cloud.clientId.secretName))) }} -{{fail "When telemetryCollector.cloud.clientSecret.secretName is set, telemetryCollector.cloud.clientId.secretName must also be set."}} +{{fail "When telemetryCollector.cloud.clientSecret.secretName is set, telemetryCollector.cloud.clientId.secretName must also be set." }} {{- end }} {{- end }} @@ -532,6 +532,9 @@ Fail if Consul OpenMetrics (Prometheus) and DogStatsD metrics are both enabled. - global.metrics.datadogIntegration.openMetricsPrometheus.enabled (scrapes `/v1/agent/metrics?format=prometheus`) - see https://docs.datadoghq.com/integrations/consul/?tab=host#host for recommendation to not have both +Fail if Consul Open Telemetry collector forwarding protocol is not one of either "http" or "grpc" + - global.metrics.datadogIntegration.datadogOpenTelemetryCollector.protocol!="http" || global.metrics.datadogIntegration.datadogOpenTelemetryCollector.protocol!="grpc" + Usage: {{ template "consul.validateDatadogConfiguration" . }} */}} @@ -543,6 +546,9 @@ Usage: {{ template "consul.validateDatadogConfiguration" . }} {{- if and .Values.global.metrics.datadogIntegration.dogstatsd.enabled .Values.global.metrics.datadogIntegration.openMetricsPrometheus.enabled }} {{fail "You must have one of DogStatsD (global.metrics.datadogIntegration.dogstatsd.enabled) or OpenMetrics (global.metrics.datadogIntegration.openMetricsPrometheus.enabled) enabled, not both as this is an unsupported configuration." }} {{- end }} +{{- if and .Values.global.metrics.datadogIntegration.datadogOpenTelemetryCollector.enabled (or (eq (.Values.global.metrics.datadogIntegration.datadogOpenTelemetryCollector.protocol | trimAll "\"" | quote) "http") (eq (.Values.global.metrics.datadogIntegration.datadogOpenTelemetryCollector.protocol | trimAll "\"" | quote) "grpc")) }} +{{fail "Valid values for global.metrics.datadogIntegration.datadogOpenTelemetryCollector.protocol must be one of either \"http\" or \"grpc\"." }} +{{- end }} {{- end -}} {{/* diff --git a/charts/consul/templates/datadog-agent-role.yaml b/charts/consul/templates/datadog-agent-role.yaml new file mode 100644 index 0000000000..51dbf10f0c --- /dev/null +++ b/charts/consul/templates/datadog-agent-role.yaml @@ -0,0 +1,38 @@ +{{- if .Values.global.metrics.datadogIntegration.enabled }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: {{ template "consul.fullname" . }}-datadog-metrics-agent + namespace: {{ .Release.Namespace }} + labels: + app: datadog + heritage: {{ .Release.Service }} + release: {{ .Release.Name }} + component: agent +{{- if (or (and .Values.global.openshift.enabled .Values.server.exposeGossipAndRPCPorts) .Values.global.enablePodSecurityPolicies) }} +{{- if .Values.global.enablePodSecurityPolicies }} +rules: + - apiGroups: ["policy"] + resources: ["podsecuritypolicies"] + resourceNames: + - {{ template "consul.fullname" . }}-datadog-metrics-agent + verbs: + - use +{{- end }} +{{- if (and .Values.global.openshift.enabled .Values.server.exposeGossipAndRPCPorts ) }} + - apiGroups: ["security.openshift.io"] + resources: ["securitycontextconstraints"] + resourceNames: + - {{ template "consul.fullname" . }}-datadog-metrics-agent + verbs: + - use +{{- end }} +{{- else}} +rules: + - apiGroups: [ "" ] + resources: [ "secrets" ] + resourceNames: + - {{ .Release.Namespace }}-datadog-agent-metrics-acl-token + verbs: [ "get", "watch", "list" ] +{{- end }} +{{- end }} \ No newline at end of file diff --git a/charts/consul/templates/datadog-agent-rolebinding.yaml b/charts/consul/templates/datadog-agent-rolebinding.yaml new file mode 100644 index 0000000000..d203581d0e --- /dev/null +++ b/charts/consul/templates/datadog-agent-rolebinding.yaml @@ -0,0 +1,22 @@ +{{- if .Values.global.metrics.datadogIntegration.enabled }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: datadog-read-secrets + namespace: consul + labels: + component: agent +subjects: + - kind: ServiceAccount + apiGroup: "" + name: datadog-agent + namespace: datadog + - kind: ServiceAccount + apiGroup: "" + name: datadog-cluster-agent + namespace: datadog +roleRef: + kind: Role + name: {{ template "consul.fullname" . }}-datadog-metrics-agent + apiGroup: "" +{{- end }} \ No newline at end of file diff --git a/charts/consul/templates/server-acl-init-job.yaml b/charts/consul/templates/server-acl-init-job.yaml index 511b5bcea2..711d5f1f03 100644 --- a/charts/consul/templates/server-acl-init-job.yaml +++ b/charts/consul/templates/server-acl-init-job.yaml @@ -276,7 +276,7 @@ spec: -create-enterprise-license-token=true \ {{- end }} - {{- if (and .Values.global.metrics.datadogIntegration.enabled .Values.global.acls.manageSystemACLs) }} + {{- if (and (not .Values.global.metrics.datadogIntegration.dogstatsd.enabled) .Values.global.metrics.datadogIntegration.enabled .Values.global.acls.manageSystemACLs) }} -create-dd-agent-token=true \ {{- end }} diff --git a/charts/consul/templates/server-statefulset.yaml b/charts/consul/templates/server-statefulset.yaml index b923fc935b..e4f04b5cfc 100644 --- a/charts/consul/templates/server-statefulset.yaml +++ b/charts/consul/templates/server-statefulset.yaml @@ -155,7 +155,7 @@ spec: "tls_private_key": "/etc/datadog-agent/conf.d/consul.d/certs/tls.key", "tls_ca_cert": "/etc/datadog-agent/conf.d/consul.d/ca/tls.crt", {{- else }} - "openmetrics_endpoint": "http://%%host%%:8500/v1/agent/metrics?format=prometheus", + "openmetrics_endpoint": "http://consul-server.{{ .Release.Namespace }}.svc:8500/v1/agent/metrics?format=prometheus", {{- end }} {{- if ( .Values.global.acls.manageSystemACLs) }} "headers": { @@ -168,7 +168,7 @@ spec: ] } } - {{- else }} + {{- else if (not .Values.global.metrics.datadogIntegration.dogstatsd.enabled) }} "ad.datadoghq.com/consul.checks": | { "consul": { @@ -195,6 +195,8 @@ spec: ] } } + {{- else }} + "ad.datadoghq.com/consul.metrics_exclude": "true" {{- end }} {{- end }} {{- end }} diff --git a/charts/consul/templates/telemetry-collector-deployment.yaml b/charts/consul/templates/telemetry-collector-deployment.yaml index 7028cd958b..850d58e93a 100644 --- a/charts/consul/templates/telemetry-collector-deployment.yaml +++ b/charts/consul/templates/telemetry-collector-deployment.yaml @@ -248,6 +248,19 @@ spec: - name: SSL_CERT_DIR value: "/etc/ssl/certs:/trusted-cas" {{- end }} + {{- if .Values.global.metrics.datadogIntegration.datadogOpenTelemetryCollector.enabled }} + - name: HOST_IP + valueFrom: + fieldRef: + fieldPath: status.hostIP + {{- if eq (.Values.global.metrics.datadogIntegration.datadogOpenTelemetryCollector.protocol | lower ) "http" }} + - name: CO_OTEL_HTTP_ENDPOINT + value: "http://$(HOST_IP):4318" + {{- else if eq (.Values.global.metrics.datadogIntegration.datadogOpenTelemetryCollector.protocol | lower) "grpc" }} + - name: CO_OTEL_HTTP_ENDPOINT + value: "grpc://$(HOST_IP):4317" + {{- end }} + {{- end }} {{- include "consul.extraEnvironmentVars" .Values.telemetryCollector | nindent 12 }} command: - "/bin/sh" diff --git a/charts/consul/test/unit/server-acl-init-job.bats b/charts/consul/test/unit/server-acl-init-job.bats index d745839810..685c8bf0c3 100644 --- a/charts/consul/test/unit/server-acl-init-job.bats +++ b/charts/consul/test/unit/server-acl-init-job.bats @@ -2475,4 +2475,21 @@ load _helpers local actual=$( echo "$command" | yq 'any(contains("-create-dd-agent-token"))' | tee /dev/stderr) [ "${actual}" = "true" ] +} + +@test "serverACLInit/Job: -create-dd-agent-token NOT set when global.metrics.datadogIntegration=true, global.metrics.datadogIntegration.dogstatsd.enabled=true, and global.acls.manageSystemACLs=true" { + cd `chart_dir` + local command=$(helm template \ + -s templates/server-acl-init-job.yaml \ + --set 'global.metrics.enabled=true' \ + --set 'global.metrics.enableAgentMetrics=true' \ + --set 'global.metrics.datadogIntegration.enabled=true' \ + --set 'global.metrics.datadogIntegration.dogstatsd.enabled=true' \ + --set 'global.acls.manageSystemACLs=true' \ + . | tee /dev/stderr | + yq '.spec.template.spec.containers[0].command' | tee /dev/stderr) + + local actual=$( echo "$command" | + yq 'any(contains("-create-dd-agent-token"))' | tee /dev/stderr) + [ "${actual}" = "false" ] } \ No newline at end of file diff --git a/charts/consul/test/unit/server-config-configmap.bats b/charts/consul/test/unit/server-config-configmap.bats index e0f20805b4..ec35d62bd4 100755 --- a/charts/consul/test/unit/server-config-configmap.bats +++ b/charts/consul/test/unit/server-config-configmap.bats @@ -1366,6 +1366,7 @@ load _helpers --set 'global.metrics.enabled=true' \ --set 'global.metrics.enableAgentMetrics=true' \ --set 'global.metrics.datadogIntegration.enabled=true' \ + --set 'global.metrics.datadogIntegration.dogstatsd.enabled=true' \ . | tee /dev/stderr | yq -r '.data["telemetry-config.json"]' | jq -r .telemetry.dogstatsd_tags | jq -r '[ .[] ]| join (" ")' | tee /dev/stderr) diff --git a/charts/consul/test/unit/server-statefulset.bats b/charts/consul/test/unit/server-statefulset.bats index 9ead41ce53..56dc2c6380 100755 --- a/charts/consul/test/unit/server-statefulset.bats +++ b/charts/consul/test/unit/server-statefulset.bats @@ -901,7 +901,7 @@ load _helpers @test "server/StatefulSet: when global.metrics.datadogIntegration.openMetricsPrometheus.enabled, applicable openmetrics annotation is set" { cd `chart_dir` - local annotations=$(helm template --debug \ + local annotations=$(helm template \ -s templates/server-statefulset.yaml \ --set 'global.metrics.enabled=true' \ --set 'global.metrics.enableAgentMetrics=true' \ @@ -919,7 +919,11 @@ load _helpers local actual="$( echo "$consul_checks" | \ jq -r .openmetrics.instances | jq -r .[0].openmetrics_endpoint | tee /dev/stderr)" - [ "${actual}" = "http://%%host%%:8500/v1/agent/metrics" ] + [ "${actual}" = "http://consul-server.default.svc:8500/v1/agent/metrics?format=prometheus" ] + + local actual="$( echo "$consul_checks" | \ + jq -r .openmetrics.instances | jq -r .[0].headers | tee /dev/stderr)" + [ -n "${actual}" ] local actual="$( echo "$consul_checks" | \ jq -r .openmetrics.instances | jq -r .[0].namespace | tee /dev/stderr)" @@ -933,7 +937,7 @@ load _helpers @test "server/StatefulSet: when datadogIntegration.openMetricsPrometheus.enabled, applicable openmetrics annotation is set with tls url" { cd `chart_dir` - local annotations=$(helm template --debug \ + local annotations=$(helm template \ -s templates/server-statefulset.yaml \ --set 'global.metrics.enabled=true' \ --set 'global.tls.enabled=true' \ @@ -952,7 +956,59 @@ load _helpers local actual="$( echo "$consul_checks" | \ jq -r .openmetrics.instances | jq -r .[0].openmetrics_endpoint | tee /dev/stderr)" - [ "${actual}" = "https://%%host%%:8501/v1/agent/metrics" ] + [ "${actual}" = "https://consul-server.default.svc:8501/v1/agent/metrics?format=prometheus" ] + + local actual="$( echo "$consul_checks" | \ + jq -r .openmetrics.instances | jq -r .[0].headers | tee /dev/stderr)" + [ -n "${actual}" ] + + local actual="$( echo "$consul_checks" | \ + jq -r .openmetrics.instances | jq -r .[0].tls_cert | tee /dev/stderr)" + [ "${actual}" = "/etc/datadog-agent/conf.d/consul.d/certs/tls.crt" ] + + local actual="$( echo "$consul_checks" | \ + jq -r .openmetrics.instances | jq -r .[0].tls_private_key | tee /dev/stderr)" + [ "${actual}" = "/etc/datadog-agent/conf.d/consul.d/certs/tls.key" ] + + local actual="$( echo "$consul_checks" | \ + jq -r .openmetrics.instances | jq -r .[0].tls_ca_cert | tee /dev/stderr)" + [ "${actual}" = "/etc/datadog-agent/conf.d/consul.d/ca/tls.crt" ] + + local actual="$( echo "$consul_checks" | \ + jq -r .openmetrics.instances | jq -r .[0].namespace | tee /dev/stderr)" + [ "${actual}" = "default" ] + + local actual="$( echo "$consul_checks" | \ + jq -r .openmetrics.instances | jq -r .[0].metrics[0] | tee /dev/stderr)" + [ "${actual}" = ".*" ] +} + +@test "server/StatefulSet: when global.metrics.datadogIntegration.openMetricsPrometheus.enabled, applicable openmetrics annotation is set with acls.manageSystemACLs enabled" { + cd `chart_dir` + local annotations=$(helm template \ + -s templates/server-statefulset.yaml \ + --set 'global.metrics.enabled=true' \ + --set 'global.acls.manageSystemACLs=true' \ + --set 'global.metrics.enableAgentMetrics=true' \ + --set 'global.metrics.datadogIntegration.enabled=true' \ + --set 'global.metrics.datadogIntegration.openMetricsPrometheus.enabled=true' \ + . | tee /dev/stderr | + yq -r '.spec.template.metadata.annotations' | tee /dev/stderr) + + local consul_checks=$(echo "$annotations" | \ + yq -r '."ad.datadoghq.com/consul.checks"' | tee /dev/stderr) + + local actual="$( echo "$consul_checks" | \ + jq -r .openmetrics.init_config | tee /dev/stderr)" + [ "${actual}" = "{}" ] + + local actual="$( echo "$consul_checks" | \ + jq -r .openmetrics.instances | jq -r .[0].openmetrics_endpoint | tee /dev/stderr)" + [ "${actual}" = "http://consul-server.default.svc:8500/v1/agent/metrics?format=prometheus" ] + + local actual="$( echo "$consul_checks" | \ + jq -r .openmetrics.instances | jq -r '.[0].headers["X-Consul-Token"]' | tee /dev/stderr)" + [ "${actual}" = "ENC[k8s_secret@default/default-datadog-agent-metrics-acl-token/token]" ] local actual="$( echo "$consul_checks" | \ jq -r .openmetrics.instances | jq -r .[0].namespace | tee /dev/stderr)" diff --git a/charts/consul/test/unit/telemetry-collector-deployment.bats b/charts/consul/test/unit/telemetry-collector-deployment.bats index dd871b30df..db0ae3052b 100755 --- a/charts/consul/test/unit/telemetry-collector-deployment.bats +++ b/charts/consul/test/unit/telemetry-collector-deployment.bats @@ -1371,3 +1371,82 @@ MIICFjCCAZsCCQCdwLtdjbzlYzAKBggqhkjOPQQDAjB0MQswCQYDVQQGEwJDQTEL' \ local actual=$(echo $object | jq -r '.[1].args | any(contains("-service-namespace=fakenamespace"))' | tee /dev/stderr) [ "${actual}" = 'true' ] } + +#-------------------------------------------------------------------- +# global.metrics.datadogIntegration.datadogOpenTelemetryCollector + +@test "telemetryCollector/Deployment: DataDog OTLP Collector HTTP protocol verification" { + cd `chart_dir` + local object=$(helm template \ + -s templates/telemetry-collector-deployment.yaml \ + --set 'telemetryCollector.enabled=true' \ + --set 'telemetryCollector.cloud.enabled=false' \ + --set 'global.metrics.enabled=true' \ + --set 'global.metrics.enableAgentMetrics=true' \ + --set 'global.metrics.datadogIntegration.enabled=true' \ + --set 'global.metrics.datadogIntegration.datadogOpenTelemetryCollector.enabled=true' \ + --set 'global.metrics.datadogIntegration.datadogOpenTelemetryCollector.protocol'="http" \ + . | tee /dev/stderr | + yq -r '.spec.template.spec.containers[0].env' | tee /dev/stderr) + + local actual=$(echo "$object" | + yq -r '.[] | select(.name=="CO_OTEL_HTTP_ENDPOINT").value' | tee /dev/stderr) + [ "${actual}" = 'http://$(HOST_IP):4318' ] +} + +@test "telemetryCollector/Deployment: DataDog OTLP Collector HTTP protocol verification, case-insensitive" { + cd `chart_dir` + local object=$(helm template \ + -s templates/telemetry-collector-deployment.yaml \ + --set 'telemetryCollector.enabled=true' \ + --set 'telemetryCollector.cloud.enabled=false' \ + --set 'global.metrics.enabled=true' \ + --set 'global.metrics.enableAgentMetrics=true' \ + --set 'global.metrics.datadogIntegration.enabled=true' \ + --set 'global.metrics.datadogIntegration.datadogOpenTelemetryCollector.enabled=true' \ + --set 'global.metrics.datadogIntegration.datadogOpenTelemetryCollector.protocol'="HTTP" \ + . | tee /dev/stderr | + yq -r '.spec.template.spec.containers[0].env' | tee /dev/stderr) + + local actual=$(echo "$object" | + yq -r '.[] | select(.name=="CO_OTEL_HTTP_ENDPOINT").value' | tee /dev/stderr) + [ "${actual}" = 'http://$(HOST_IP):4318' ] +} + +@test "telemetryCollector/Deployment: DataDog OTLP Collector gRPC protocol verification" { + cd `chart_dir` + local object=$(helm template \ + -s templates/telemetry-collector-deployment.yaml \ + --set 'telemetryCollector.enabled=true' \ + --set 'telemetryCollector.cloud.enabled=false' \ + --set 'global.metrics.enabled=true' \ + --set 'global.metrics.enableAgentMetrics=true' \ + --set 'global.metrics.datadogIntegration.enabled=true' \ + --set 'global.metrics.datadogIntegration.datadogOpenTelemetryCollector.enabled=true' \ + --set 'global.metrics.datadogIntegration.datadogOpenTelemetryCollector.protocol'="grpc" \ + . | tee /dev/stderr | + yq -r '.spec.template.spec.containers[0].env' | tee /dev/stderr) + + local actual=$(echo "$object" | + yq -r '.[] | select(.name=="CO_OTEL_HTTP_ENDPOINT").value' | tee /dev/stderr) + [ "${actual}" = 'grpc://$(HOST_IP):4317' ] +} + +@test "telemetryCollector/Deployment: DataDog OTLP Collector gRPC protocol verification, case-insensitive" { + cd `chart_dir` + local object=$(helm template \ + -s templates/telemetry-collector-deployment.yaml \ + --set 'telemetryCollector.enabled=true' \ + --set 'telemetryCollector.cloud.enabled=false' \ + --set 'global.metrics.enabled=true' \ + --set 'global.metrics.enableAgentMetrics=true' \ + --set 'global.metrics.datadogIntegration.enabled=true' \ + --set 'global.metrics.datadogIntegration.datadogOpenTelemetryCollector.enabled=true' \ + --set 'global.metrics.datadogIntegration.datadogOpenTelemetryCollector.protocol'="gRPC" \ + . | tee /dev/stderr | + yq -r '.spec.template.spec.containers[0].env' | tee /dev/stderr) + + local actual=$(echo "$object" | + yq -r '.[] | select(.name=="CO_OTEL_HTTP_ENDPOINT").value' | tee /dev/stderr) + [ "${actual}" = 'grpc://$(HOST_IP):4317' ] +} \ No newline at end of file diff --git a/charts/consul/values.yaml b/charts/consul/values.yaml index cb13478911..d4192f91ad 100644 --- a/charts/consul/values.yaml +++ b/charts/consul/values.yaml @@ -670,14 +670,29 @@ global: # Configures consul integration configurations for datadog on kubernetes. # Only applicable if `global.metrics.enabled` and `global.metrics.enableAgentMetrics` is true. datadogIntegration: - # Enables datadog [Consul autodiscovery integration](https://docs.datadoghq.com/integrations/consul/?tab=containerized#metric-collection) - # by configuring the required `ad.datadoghq.com/consul.checks` annotation. All available datadog-specific checks are enabled. + # Enables datadog [Consul Autodiscovery Integration](https://docs.datadoghq.com/integrations/consul/?tab=containerized#metric-collection) + # by configuring the required `ad.datadoghq.com/consul.checks` annotation. The following _Consul_ agent metrics/health statuses + # are monitored by Datadog unless monitoring via OpenMetrics (Prometheus) or DogStatsD: + # - Serf events and member flaps + # - The Raft protocol + # - DNS performance + # - API Endpoints Scraped: + # - `/v1/agent/metrics?format=prometheus` + # - `/v1/agent/self` + # - `/v1/status/leader` + # - `/v1/status/peers` + # - `/v1/catalog/services` + # - `/v1/health/service` + # - `/v1/health/state/any` + # - `/v1/coordinate/datacenters` + # - `/v1/coordinate/nodes` # - # ~> **Note:** Simply enabling `datadogIntegration` does not enable openmetrics (prometheus) nor DogStatsD - # metrics collection. When using OpenMetrics (i.e., `datadogIntegration.openMetricsPrometheus.enabled=true`) - # This changes the auto-discovery checks datadog will detect to scrape only the `/v1/agent/metrics?format=prometheus` - # API endpoint. When using DogStatsD custom metrics collection, the datadog specific checks will be enabled as - # you can only have either OpenMetrics/Prometheus _or_ DogStatsD enabled at a given time. + # Setting either `global.metrics.datadogIntegration.openMetricsPrometheus.enabled=true` or `global.metrics.datadogIntegration.dogstatsd.enabled=true` disables the above checks + # in lieu of metrics data collection via DogStatsD or by a customer OpenMetrics (Prometheus) collection endpoint. + # + # ~> **Note:** If you have a [dogstatsd_mapper_profile](https://docs.datadoghq.com/integrations/consul/?tab=host#dogstatsd) configured for Consul + # residing on either your Datadog NodeAgent or ClusterAgent the default Consul agent metrics/health status checks will fail. If you do not desire + # to utilize DogStatsD metrics emission from Consul, remove this configuration file, and restart your Datadog agent to permit the checks to run. # # @default: false # @type: boolean @@ -694,10 +709,17 @@ global: datadogOpenTelemetryCollector: # Enables forwarding of Consul's Telemetry Collector OTLP metrics for - # ingestion by Datadog Agent + # ingestion by Datadog Agent. # @default: false # @type: boolean - enable: false + enabled: false + # Protocol used for DataDog Endpoint OTLP ingestion. + # + # Valid protocol options are one of either: + # + # - "http": will forward to DataDog HTTP OTLP Node Agent Endpoint default - "0.0.0.0:4318" + # - "grpc": will forward to DataDog gRPC OTLP Node Agent Endpoint default - "0.0.0.0:4317" + # # @default: "http" # @type: string protocol: "http" @@ -710,7 +732,7 @@ global: # - Events # - Tagging dogstatsd: - enabled: true + enabled: false # Sets the socket transport type for dogstatsd: # - "UDS" (Unix Domain Socket): prefixes `unix://` to URL and appends path to socket (i.e., "unix:///var/run/datadog/dsd.socket") # If set, this will create the required [hostPath](https://kubernetes.io/docs/concepts/storage/volumes/#hostpath) mount for @@ -731,7 +753,7 @@ global: # readOnly: true # ``` # - "UDP" (User Datagram Protocol): assigns address to use `hostname/IP:Port` formatted URL for UDP transport to hostIP based - # dogstatsd sink (i.e., 127.0.0.1:8125). + # dogstatsd sink (i.e., 127.0.0.1:8125). HostIP of Datadog agent must be reachable and known to Consul server emitting metrics. # # @default: "UDS" # @type: string diff --git a/control-plane/subcommand/server-acl-init/command.go b/control-plane/subcommand/server-acl-init/command.go index 420b8a1c96..3d3c28c5ae 100644 --- a/control-plane/subcommand/server-acl-init/command.go +++ b/control-plane/subcommand/server-acl-init/command.go @@ -61,7 +61,6 @@ type Command struct { flagCreateEntLicenseToken bool flagCreateDDAgentToken bool - flagDatadogAgentNS string flagSnapshotAgent bool