diff --git a/CHANGELOG.md b/CHANGELOG.md index b92cb25e4d..d6f7840a6c 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,6 +4,10 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). ## Unreleased +### Changed + +- Update the Kubernetes scheduler monitor to stop using insecure port 10251 and start using secure port 10259 with authentication [#711](https://github.com/signalfx/splunk-otel-collector-chart/pull/711) + ### Added - Add experimental support for deploying OpenTelemetry Operator as a subchart [#691](https://github.com/signalfx/splunk-otel-collector-chart/pull/691) diff --git a/examples/add-receiver-creator/rendered_manifests/configmap-agent.yaml b/examples/add-receiver-creator/rendered_manifests/configmap-agent.yaml index b89eda756c..763475168d 100644 --- a/examples/add-receiver-creator/rendered_manifests/configmap-agent.yaml +++ b/examples/add-receiver-creator/rendered_manifests/configmap-agent.yaml @@ -222,8 +222,11 @@ data: config: extraDimensions: metric_source: kubernetes-scheduler - port: 10251 + port: 10259 + skipVerify: true type: kubernetes-scheduler + useHTTPS: true + useServiceAccount: true rule: type == "pod" && labels["k8s-app"] == "kube-scheduler" smartagent/postgresql: config: diff --git a/examples/add-receiver-creator/rendered_manifests/daemonset.yaml b/examples/add-receiver-creator/rendered_manifests/daemonset.yaml index 9c0bd78a3a..9b048ca38f 100644 --- a/examples/add-receiver-creator/rendered_manifests/daemonset.yaml +++ b/examples/add-receiver-creator/rendered_manifests/daemonset.yaml @@ -29,7 +29,7 @@ spec: app: splunk-otel-collector release: default annotations: - checksum/config: f53074c7e6712d30ad31de66add6c3529d16e343e054e73a545906d19111b360 + checksum/config: a7188a6b6e897ee303bde201d8362c777044809c63bcdb466634db44e8979e78 kubectl.kubernetes.io/default-container: otel-collector spec: hostNetwork: true diff --git a/examples/add-sampler/rendered_manifests/configmap-agent.yaml b/examples/add-sampler/rendered_manifests/configmap-agent.yaml index 7ea34c4681..0fd2161573 100644 --- a/examples/add-sampler/rendered_manifests/configmap-agent.yaml +++ b/examples/add-sampler/rendered_manifests/configmap-agent.yaml @@ -219,8 +219,11 @@ data: config: extraDimensions: metric_source: kubernetes-scheduler - port: 10251 + port: 10259 + skipVerify: true type: kubernetes-scheduler + useHTTPS: true + useServiceAccount: true rule: type == "pod" && labels["k8s-app"] == "kube-scheduler" watch_observers: - k8s_observer diff --git a/examples/add-sampler/rendered_manifests/daemonset.yaml b/examples/add-sampler/rendered_manifests/daemonset.yaml index 4e67dee2b7..c7e2fc5970 100644 --- a/examples/add-sampler/rendered_manifests/daemonset.yaml +++ b/examples/add-sampler/rendered_manifests/daemonset.yaml @@ -29,7 +29,7 @@ spec: app: splunk-otel-collector release: default annotations: - checksum/config: 423da53e56d8c91fed1b59203794abea204b1dc3a2c39cd09af8e504d785aec4 + checksum/config: 33614666c6dc88f8c51c31eb89dfd1326830757d2ff0e84b99ff31110f736c19 kubectl.kubernetes.io/default-container: otel-collector spec: hostNetwork: true diff --git a/examples/collector-agent-only/rendered_manifests/configmap-agent.yaml b/examples/collector-agent-only/rendered_manifests/configmap-agent.yaml index bc118d7967..8386d46736 100644 --- a/examples/collector-agent-only/rendered_manifests/configmap-agent.yaml +++ b/examples/collector-agent-only/rendered_manifests/configmap-agent.yaml @@ -216,8 +216,11 @@ data: config: extraDimensions: metric_source: kubernetes-scheduler - port: 10251 + port: 10259 + skipVerify: true type: kubernetes-scheduler + useHTTPS: true + useServiceAccount: true rule: type == "pod" && labels["k8s-app"] == "kube-scheduler" watch_observers: - k8s_observer diff --git a/examples/collector-agent-only/rendered_manifests/daemonset.yaml b/examples/collector-agent-only/rendered_manifests/daemonset.yaml index d5a33bb391..1c8bb8cc51 100644 --- a/examples/collector-agent-only/rendered_manifests/daemonset.yaml +++ b/examples/collector-agent-only/rendered_manifests/daemonset.yaml @@ -29,7 +29,7 @@ spec: app: splunk-otel-collector release: default annotations: - checksum/config: 498afc3c3c738f02ac2cd1f6c810331f61d284a2ad8afded1a8239f0f46dcb0b + checksum/config: 52df16f44ae345ce03c4cffdb196869645743a1acaafe611aa3ce5593ac54127 kubectl.kubernetes.io/default-container: otel-collector spec: hostNetwork: true diff --git a/examples/crio-logging/rendered_manifests/configmap-agent.yaml b/examples/crio-logging/rendered_manifests/configmap-agent.yaml index bc118d7967..8386d46736 100644 --- a/examples/crio-logging/rendered_manifests/configmap-agent.yaml +++ b/examples/crio-logging/rendered_manifests/configmap-agent.yaml @@ -216,8 +216,11 @@ data: config: extraDimensions: metric_source: kubernetes-scheduler - port: 10251 + port: 10259 + skipVerify: true type: kubernetes-scheduler + useHTTPS: true + useServiceAccount: true rule: type == "pod" && labels["k8s-app"] == "kube-scheduler" watch_observers: - k8s_observer diff --git a/examples/crio-logging/rendered_manifests/daemonset.yaml b/examples/crio-logging/rendered_manifests/daemonset.yaml index d5a33bb391..1c8bb8cc51 100644 --- a/examples/crio-logging/rendered_manifests/daemonset.yaml +++ b/examples/crio-logging/rendered_manifests/daemonset.yaml @@ -29,7 +29,7 @@ spec: app: splunk-otel-collector release: default annotations: - checksum/config: 498afc3c3c738f02ac2cd1f6c810331f61d284a2ad8afded1a8239f0f46dcb0b + checksum/config: 52df16f44ae345ce03c4cffdb196869645743a1acaafe611aa3ce5593ac54127 kubectl.kubernetes.io/default-container: otel-collector spec: hostNetwork: true diff --git a/examples/default/rendered_manifests/configmap-agent.yaml b/examples/default/rendered_manifests/configmap-agent.yaml index bc118d7967..8386d46736 100644 --- a/examples/default/rendered_manifests/configmap-agent.yaml +++ b/examples/default/rendered_manifests/configmap-agent.yaml @@ -216,8 +216,11 @@ data: config: extraDimensions: metric_source: kubernetes-scheduler - port: 10251 + port: 10259 + skipVerify: true type: kubernetes-scheduler + useHTTPS: true + useServiceAccount: true rule: type == "pod" && labels["k8s-app"] == "kube-scheduler" watch_observers: - k8s_observer diff --git a/examples/default/rendered_manifests/daemonset.yaml b/examples/default/rendered_manifests/daemonset.yaml index d5a33bb391..1c8bb8cc51 100644 --- a/examples/default/rendered_manifests/daemonset.yaml +++ b/examples/default/rendered_manifests/daemonset.yaml @@ -29,7 +29,7 @@ spec: app: splunk-otel-collector release: default annotations: - checksum/config: 498afc3c3c738f02ac2cd1f6c810331f61d284a2ad8afded1a8239f0f46dcb0b + checksum/config: 52df16f44ae345ce03c4cffdb196869645743a1acaafe611aa3ce5593ac54127 kubectl.kubernetes.io/default-container: otel-collector spec: hostNetwork: true diff --git a/examples/distribution-openshift/rendered_manifests/configmap-agent.yaml b/examples/distribution-openshift/rendered_manifests/configmap-agent.yaml index 6ae4f68375..3d804b0837 100644 --- a/examples/distribution-openshift/rendered_manifests/configmap-agent.yaml +++ b/examples/distribution-openshift/rendered_manifests/configmap-agent.yaml @@ -221,8 +221,11 @@ data: config: extraDimensions: metric_source: kubernetes-scheduler - port: 10251 + port: 10259 + skipVerify: true type: kubernetes-scheduler + useHTTPS: true + useServiceAccount: true rule: type == "pod" && labels["app"] == "openshift-kube-scheduler" && labels["scheduler"] == "true" watch_observers: diff --git a/examples/distribution-openshift/rendered_manifests/daemonset.yaml b/examples/distribution-openshift/rendered_manifests/daemonset.yaml index d43b2bc29d..41609ccf9a 100644 --- a/examples/distribution-openshift/rendered_manifests/daemonset.yaml +++ b/examples/distribution-openshift/rendered_manifests/daemonset.yaml @@ -29,7 +29,7 @@ spec: app: splunk-otel-collector release: default annotations: - checksum/config: 4334ae0fef09f4fcc630409f6a0f5e34ffef2a77f1cb335af0c75aed0e2c1781 + checksum/config: 311e3ef32a07c0a11a9cf8ab1cc199c9c150fb8bc32da47c9c22f8dea7e0d31d kubectl.kubernetes.io/default-container: otel-collector spec: hostNetwork: true diff --git a/examples/enabled-pprof-extension/rendered_manifests/configmap-agent.yaml b/examples/enabled-pprof-extension/rendered_manifests/configmap-agent.yaml index b9f2780b36..c41b8304b5 100644 --- a/examples/enabled-pprof-extension/rendered_manifests/configmap-agent.yaml +++ b/examples/enabled-pprof-extension/rendered_manifests/configmap-agent.yaml @@ -217,8 +217,11 @@ data: config: extraDimensions: metric_source: kubernetes-scheduler - port: 10251 + port: 10259 + skipVerify: true type: kubernetes-scheduler + useHTTPS: true + useServiceAccount: true rule: type == "pod" && labels["k8s-app"] == "kube-scheduler" watch_observers: - k8s_observer diff --git a/examples/enabled-pprof-extension/rendered_manifests/daemonset.yaml b/examples/enabled-pprof-extension/rendered_manifests/daemonset.yaml index 073510752b..61b322b72a 100644 --- a/examples/enabled-pprof-extension/rendered_manifests/daemonset.yaml +++ b/examples/enabled-pprof-extension/rendered_manifests/daemonset.yaml @@ -29,7 +29,7 @@ spec: app: splunk-otel-collector release: default annotations: - checksum/config: e4268b97683d27ccd517e81dd8ddb1687491898aa4b30901cc342b25bb75f9af + checksum/config: 07e22162779b7045ecec161f1ef517814d0f64282be0618f539bc6c07bc2bdce kubectl.kubernetes.io/default-container: otel-collector spec: hostNetwork: true diff --git a/examples/filter-container-metrics/rendered_manifests/configmap-agent.yaml b/examples/filter-container-metrics/rendered_manifests/configmap-agent.yaml index 2e53f972fd..c4cd627363 100644 --- a/examples/filter-container-metrics/rendered_manifests/configmap-agent.yaml +++ b/examples/filter-container-metrics/rendered_manifests/configmap-agent.yaml @@ -214,8 +214,11 @@ data: config: extraDimensions: metric_source: kubernetes-scheduler - port: 10251 + port: 10259 + skipVerify: true type: kubernetes-scheduler + useHTTPS: true + useServiceAccount: true rule: type == "pod" && labels["k8s-app"] == "kube-scheduler" watch_observers: - k8s_observer diff --git a/examples/filter-container-metrics/rendered_manifests/daemonset.yaml b/examples/filter-container-metrics/rendered_manifests/daemonset.yaml index 41e3903fd1..39a7551b25 100644 --- a/examples/filter-container-metrics/rendered_manifests/daemonset.yaml +++ b/examples/filter-container-metrics/rendered_manifests/daemonset.yaml @@ -29,7 +29,7 @@ spec: app: splunk-otel-collector release: default annotations: - checksum/config: c12b01c9930dfa52f6c6fda600aa83a870b156e7361f4ec24493b103b18aa682 + checksum/config: 67a7a537dae3d446076005aea64871f8120e05b9d02f935eb14223e8236a6bb7 kubectl.kubernetes.io/default-container: otel-collector spec: hostNetwork: true diff --git a/examples/fluentd-multiline-logs-java-stack-traces/rendered_manifests/configmap-agent.yaml b/examples/fluentd-multiline-logs-java-stack-traces/rendered_manifests/configmap-agent.yaml index bc118d7967..8386d46736 100644 --- a/examples/fluentd-multiline-logs-java-stack-traces/rendered_manifests/configmap-agent.yaml +++ b/examples/fluentd-multiline-logs-java-stack-traces/rendered_manifests/configmap-agent.yaml @@ -216,8 +216,11 @@ data: config: extraDimensions: metric_source: kubernetes-scheduler - port: 10251 + port: 10259 + skipVerify: true type: kubernetes-scheduler + useHTTPS: true + useServiceAccount: true rule: type == "pod" && labels["k8s-app"] == "kube-scheduler" watch_observers: - k8s_observer diff --git a/examples/fluentd-multiline-logs-java-stack-traces/rendered_manifests/daemonset.yaml b/examples/fluentd-multiline-logs-java-stack-traces/rendered_manifests/daemonset.yaml index d5a33bb391..1c8bb8cc51 100644 --- a/examples/fluentd-multiline-logs-java-stack-traces/rendered_manifests/daemonset.yaml +++ b/examples/fluentd-multiline-logs-java-stack-traces/rendered_manifests/daemonset.yaml @@ -29,7 +29,7 @@ spec: app: splunk-otel-collector release: default annotations: - checksum/config: 498afc3c3c738f02ac2cd1f6c810331f61d284a2ad8afded1a8239f0f46dcb0b + checksum/config: 52df16f44ae345ce03c4cffdb196869645743a1acaafe611aa3ce5593ac54127 kubectl.kubernetes.io/default-container: otel-collector spec: hostNetwork: true diff --git a/examples/kubernetes-windows-nodes/rendered_manifests/configmap-agent.yaml b/examples/kubernetes-windows-nodes/rendered_manifests/configmap-agent.yaml index 4b6112fc1f..7a084bcf6f 100644 --- a/examples/kubernetes-windows-nodes/rendered_manifests/configmap-agent.yaml +++ b/examples/kubernetes-windows-nodes/rendered_manifests/configmap-agent.yaml @@ -229,8 +229,11 @@ data: config: extraDimensions: metric_source: kubernetes-scheduler - port: 10251 + port: 10259 + skipVerify: true type: kubernetes-scheduler + useHTTPS: true + useServiceAccount: true rule: type == "pod" && labels["k8s-app"] == "kube-scheduler" watch_observers: - k8s_observer diff --git a/examples/kubernetes-windows-nodes/rendered_manifests/daemonset.yaml b/examples/kubernetes-windows-nodes/rendered_manifests/daemonset.yaml index e582efb035..9ad5d30b95 100644 --- a/examples/kubernetes-windows-nodes/rendered_manifests/daemonset.yaml +++ b/examples/kubernetes-windows-nodes/rendered_manifests/daemonset.yaml @@ -30,7 +30,7 @@ spec: app: splunk-otel-collector release: default annotations: - checksum/config: 0316b40b2e151409687b01d3c64bad21f18d25f8bc158e71fb15d1b68fd1f16c + checksum/config: ef916ad1204564eb4b7209ffeddf08e7b65292dfb2a0f6dc20835aa4d108f58c kubectl.kubernetes.io/default-container: otel-collector spec: dnsPolicy: ClusterFirstWithHostNet diff --git a/examples/only-metrics/rendered_manifests/configmap-agent.yaml b/examples/only-metrics/rendered_manifests/configmap-agent.yaml index c0fe130503..ed0a0e8d80 100644 --- a/examples/only-metrics/rendered_manifests/configmap-agent.yaml +++ b/examples/only-metrics/rendered_manifests/configmap-agent.yaml @@ -207,8 +207,11 @@ data: config: extraDimensions: metric_source: kubernetes-scheduler - port: 10251 + port: 10259 + skipVerify: true type: kubernetes-scheduler + useHTTPS: true + useServiceAccount: true rule: type == "pod" && labels["k8s-app"] == "kube-scheduler" watch_observers: - k8s_observer diff --git a/examples/only-metrics/rendered_manifests/daemonset.yaml b/examples/only-metrics/rendered_manifests/daemonset.yaml index b13eb01612..8a67ca84e4 100644 --- a/examples/only-metrics/rendered_manifests/daemonset.yaml +++ b/examples/only-metrics/rendered_manifests/daemonset.yaml @@ -29,7 +29,7 @@ spec: app: splunk-otel-collector release: default annotations: - checksum/config: 1e7bf284b1cbc89531b19420d13c9e2c4f46e8f5deee4f9e92ed8be453946104 + checksum/config: f909703ee5fa4c32e8bba40ca060a20ebf84dd328359140073807c534cee2b41 kubectl.kubernetes.io/default-container: otel-collector spec: hostNetwork: true diff --git a/examples/route-data-through-gateway-deployed-separately/rendered_manifests/configmap-agent.yaml b/examples/route-data-through-gateway-deployed-separately/rendered_manifests/configmap-agent.yaml index a4155a60f5..47417f077a 100644 --- a/examples/route-data-through-gateway-deployed-separately/rendered_manifests/configmap-agent.yaml +++ b/examples/route-data-through-gateway-deployed-separately/rendered_manifests/configmap-agent.yaml @@ -220,8 +220,11 @@ data: config: extraDimensions: metric_source: kubernetes-scheduler - port: 10251 + port: 10259 + skipVerify: true type: kubernetes-scheduler + useHTTPS: true + useServiceAccount: true rule: type == "pod" && labels["k8s-app"] == "kube-scheduler" watch_observers: - k8s_observer diff --git a/examples/route-data-through-gateway-deployed-separately/rendered_manifests/daemonset.yaml b/examples/route-data-through-gateway-deployed-separately/rendered_manifests/daemonset.yaml index fd1271cac6..abe6216bf9 100644 --- a/examples/route-data-through-gateway-deployed-separately/rendered_manifests/daemonset.yaml +++ b/examples/route-data-through-gateway-deployed-separately/rendered_manifests/daemonset.yaml @@ -29,7 +29,7 @@ spec: app: splunk-otel-collector release: default annotations: - checksum/config: 5faa8cf715db90c8033aae1080ffc91028e20865defc8f518925c6818860c76a + checksum/config: 12f0cafbfee5a9ce73a537e0bc6a2fd40939a92bcf041d67685d398eac4cd26f kubectl.kubernetes.io/default-container: otel-collector spec: hostNetwork: true diff --git a/examples/use-proxy/rendered_manifests/configmap-agent.yaml b/examples/use-proxy/rendered_manifests/configmap-agent.yaml index bc118d7967..8386d46736 100644 --- a/examples/use-proxy/rendered_manifests/configmap-agent.yaml +++ b/examples/use-proxy/rendered_manifests/configmap-agent.yaml @@ -216,8 +216,11 @@ data: config: extraDimensions: metric_source: kubernetes-scheduler - port: 10251 + port: 10259 + skipVerify: true type: kubernetes-scheduler + useHTTPS: true + useServiceAccount: true rule: type == "pod" && labels["k8s-app"] == "kube-scheduler" watch_observers: - k8s_observer diff --git a/examples/use-proxy/rendered_manifests/daemonset.yaml b/examples/use-proxy/rendered_manifests/daemonset.yaml index 27017c1f16..14193ba96c 100644 --- a/examples/use-proxy/rendered_manifests/daemonset.yaml +++ b/examples/use-proxy/rendered_manifests/daemonset.yaml @@ -29,7 +29,7 @@ spec: app: splunk-otel-collector release: default annotations: - checksum/config: 498afc3c3c738f02ac2cd1f6c810331f61d284a2ad8afded1a8239f0f46dcb0b + checksum/config: 52df16f44ae345ce03c4cffdb196869645743a1acaafe611aa3ce5593ac54127 kubectl.kubernetes.io/default-container: otel-collector spec: hostNetwork: true diff --git a/helm-charts/splunk-otel-collector/templates/config/_otel-agent.tpl b/helm-charts/splunk-otel-collector/templates/config/_otel-agent.tpl index da9e21054d..80f174ea62 100644 --- a/helm-charts/splunk-otel-collector/templates/config/_otel-agent.tpl +++ b/helm-charts/splunk-otel-collector/templates/config/_otel-agent.tpl @@ -184,8 +184,11 @@ receivers: config: extraDimensions: metric_source: kubernetes-scheduler - port: 10251 + skipVerify: true + port: 10259 type: kubernetes-scheduler + useHTTPS: true + useServiceAccount: true {{- end }} {{- end }}