From ab364ca836afb4de0e5254280b619e2294d2132a Mon Sep 17 00:00:00 2001 From: Celene Date: Wed, 31 Jan 2024 10:17:47 -0500 Subject: [PATCH] update monocontainer config (#1059) * update monocontainer config * Update docs/configuration.v2alpha1.md Co-authored-by: May Lee * fix generated file * fix missed var names --------- Co-authored-by: May Lee --- apis/datadoghq/common/v1/types.go | 16 +-- .../v2alpha1/datadogagent_default.go | 10 +- apis/datadoghq/v2alpha1/datadogagent_types.go | 29 +++-- apis/datadoghq/v2alpha1/test/builder.go | 14 +-- .../v2alpha1/zz_generated.deepcopy.go | 21 +--- .../v2alpha1/zz_generated.openapi.go | 21 ---- .../bases/v1/datadoghq.com_datadogagents.yaml | 10 +- .../v1beta1/datadoghq.com_datadogagents.yaml | 10 +- .../datadogagent/component/agent/default.go | 16 +-- .../controller_reconcile_agent.go | 10 +- .../datadogagent/controller_v2_test.go | 28 ++--- .../feature/admissioncontroller/feature.go | 6 +- .../datadogagent/feature/apm/feature.go | 8 +- .../datadogagent/feature/apm/feature_test.go | 16 +-- .../feature/clusterchecks/feature.go | 8 +- .../feature/clusterchecks/feature_test.go | 12 +- .../datadogagent/feature/cspm/feature.go | 6 +- .../datadogagent/feature/cws/feature.go | 6 +- .../datadogagent/feature/dogstatsd/feature.go | 8 +- .../datadogagent/feature/dummy/feature.go | 6 +- .../datadogagent/feature/ebpfcheck/feature.go | 6 +- .../feature/enabledefault/feature.go | 6 +- .../feature/eventcollection/feature.go | 8 +- .../feature/externalmetrics/feature.go | 6 +- controllers/datadogagent/feature/factory.go | 6 +- .../feature/kubernetesstatecore/feature.go | 8 +- .../kubernetesstatecore/feature_test.go | 20 +-- .../feature/livecontainer/feature.go | 8 +- .../feature/livecontainer/feature_test.go | 10 +- .../feature/liveprocess/feature.go | 8 +- .../feature/logcollection/feature.go | 8 +- .../datadogagent/feature/npm/feature.go | 6 +- .../datadogagent/feature/oomkill/feature.go | 6 +- .../feature/orchestratorexplorer/feature.go | 8 +- .../datadogagent/feature/otlp/feature.go | 14 +-- .../datadogagent/feature/otlp/feature_test.go | 30 ++--- .../feature/processdiscovery/feature.go | 4 +- .../feature/prometheusscrape/feature.go | 8 +- .../feature/remoteconfig/feature.go | 6 +- .../datadogagent/feature/sbom/feature.go | 4 +- .../feature/tcpqueuelength/feature.go | 6 +- .../datadogagent/feature/test/factory_test.go | 114 +++++++++--------- .../datadogagent/feature/test/testsuite.go | 4 +- controllers/datadogagent/feature/types.go | 10 +- .../datadogagent/feature/usm/feature.go | 6 +- controllers/datadogagent/override/global.go | 14 +-- .../datadogagent/override/global_test.go | 32 ++--- docs/configuration.v2alpha1.md | 2 +- 48 files changed, 285 insertions(+), 344 deletions(-) diff --git a/apis/datadoghq/common/v1/types.go b/apis/datadoghq/common/v1/types.go index b20144736..4b4058c45 100644 --- a/apis/datadoghq/common/v1/types.go +++ b/apis/datadoghq/common/v1/types.go @@ -75,9 +75,9 @@ const ( // SeccompSetupContainerName is the name of the Seccomp Setup init container SeccompSetupContainerName AgentContainerName = "seccomp-setup" - // UnprivilegedMultiProcessAgentContainerName is the name of a multi process container - // which may run any combination of core, trace and process agent processes. - UnprivilegedMultiProcessAgentContainerName AgentContainerName = "unprivileged-multi-process-agent" + // UnprivilegedSingleAgentContainerName is the name of a container which may run + // any combination of Core, Trace and Process Agent processes in a single container. + UnprivilegedSingleAgentContainerName AgentContainerName = "unprivileged-single-agent" // CoreAgentContainerName is the name of the Core Agent container CoreAgentContainerName AgentContainerName = "agent" // TraceAgentContainerName is the name of the Trace Agent container @@ -96,13 +96,3 @@ const ( // ClusterChecksRunnersContainerName is the name of the Agent container in Cluster Checks Runners ClusterChecksRunnersContainerName AgentContainerName = "agent" ) - -type ContainerProcessStrategyType string - -const ( - // Run one process per container - SingleProcessContainers ContainerProcessStrategyType = "singleProcessContainers" - // Run unprivileged processes in a single container. If privileged process, for example `security-agent` or `system-probe` - // is required, fall back to singleProcessContainer - UnprivilegedMultiProcessContainer ContainerProcessStrategyType = "unprivilegedMultiProcessContainer" -) diff --git a/apis/datadoghq/v2alpha1/datadogagent_default.go b/apis/datadoghq/v2alpha1/datadogagent_default.go index a2e7c0993..686db4e61 100644 --- a/apis/datadoghq/v2alpha1/datadogagent_default.go +++ b/apis/datadoghq/v2alpha1/datadogagent_default.go @@ -7,7 +7,6 @@ package v2alpha1 import ( apicommon "github.com/DataDog/datadog-operator/apis/datadoghq/common" - commonv1 "github.com/DataDog/datadog-operator/apis/datadoghq/common/v1" apiutils "github.com/DataDog/datadog-operator/apis/utils" ) @@ -93,7 +92,7 @@ const ( // defaultKubeletAgentCAPath = "/var/run/secrets/kubernetes.io/serviceaccount/ca.crt" // defaultKubeletAgentCAPathHostPathSet = "/var/run/host-kubelet-ca.crt" - defaultContainerProcessStrategyType = commonv1.SingleProcessContainers + defaultContainerStrategy = OptimizedContainerStrategy ) // DefaultDatadogAgent defaults the DatadogAgentSpec GlobalConfig and Features. @@ -130,10 +129,9 @@ func defaultGlobalConfig(ddaSpec *DatadogAgentSpec) { ddaSpec.Global.LogLevel = apiutils.NewStringPointer(defaultLogLevel) } - if ddaSpec.Global.ContainerProcessStrategy == nil { - ddaSpec.Global.ContainerProcessStrategy = &ContainerProcessStrategy{ - Type: defaultContainerProcessStrategyType, - } + if ddaSpec.Global.ContainerStrategy == nil { + dcs := defaultContainerStrategy + ddaSpec.Global.ContainerStrategy = &dcs } } diff --git a/apis/datadoghq/v2alpha1/datadogagent_types.go b/apis/datadoghq/v2alpha1/datadogagent_types.go index d407c56a3..e0827990e 100644 --- a/apis/datadoghq/v2alpha1/datadogagent_types.go +++ b/apis/datadoghq/v2alpha1/datadogagent_types.go @@ -781,9 +781,10 @@ type GlobalConfig struct { // +optional CriSocketPath *string `json:"criSocketPath,omitempty"` - // ContainerProcessStrategy determines whether agents run in single or multi-process containers. + // ContainerStrategy determines whether agents run in a single or multiple containers. + // Default: 'optimized' // +optional - ContainerProcessStrategy *ContainerProcessStrategy `json:"containerProcessStrategy,omitempty"` + ContainerStrategy *ContainerStrategyType `json:"containerStrategy,omitempty"` } // DatadogCredentials is a generic structure that holds credentials to access Datadog. @@ -1064,6 +1065,17 @@ type DatadogAgentGenericContainer struct { AppArmorProfileName *string `json:"appArmorProfileName,omitempty"` } +type ContainerStrategyType string + +const ( + // OptimizedContainerStrategy indicates multiple Agent containers with one process per + // container (default) + OptimizedContainerStrategy ContainerStrategyType = "optimized" + // SingleContainerStrategy indicates a single Agent container with multiple (unprivileged) + // processes in one container + SingleContainerStrategy ContainerStrategyType = "single" +) + // DatadogAgentStatus defines the observed state of DatadogAgent. // +k8s:openapi-gen=true type DatadogAgentStatus struct { @@ -1087,19 +1099,6 @@ type DatadogAgentStatus struct { ClusterChecksRunner *commonv1.DeploymentStatus `json:"clusterChecksRunner,omitempty"` } -// ContainerProcessStrategy determines how various agent processes are grouped across multiple containers. -// +k8s:openapi-gen=true -type ContainerProcessStrategy struct { - // Type sets a predetermined grouping of processes across containers. There are two supported groupings: - // `singleProcessContainers` runs one process per container. - // `unprivilegedMultiProcessContainer`, runs unprivileged processes in a single container - // unless the configuration requires a privileged agent. For example if `security-agent` or `system-probe` - // is required, `singleProcessContainers` will be used. - // Default: `singleProcessContainers` - // +optional - Type commonv1.ContainerProcessStrategyType `json:"type,omitempty"` -} - // DatadogAgent Deployment with the Datadog Operator. // +kubebuilder:object:root=true // +kubebuilder:subresource:status diff --git a/apis/datadoghq/v2alpha1/test/builder.go b/apis/datadoghq/v2alpha1/test/builder.go index 1736df18d..a50a49346 100644 --- a/apis/datadoghq/v2alpha1/test/builder.go +++ b/apis/datadoghq/v2alpha1/test/builder.go @@ -470,17 +470,15 @@ func (builder *DatadogAgentBuilder) WithGlobalCriSocketPath(criSocketPath string return builder } -// Global ContainerProcessModel +// Global ContainerStrategy -func (builder *DatadogAgentBuilder) WithMultiProcessContainer(enabled bool) *DatadogAgentBuilder { +func (builder *DatadogAgentBuilder) WithSingleContainerStrategy(enabled bool) *DatadogAgentBuilder { if enabled { - builder.datadogAgent.Spec.Global.ContainerProcessStrategy = &v2alpha1.ContainerProcessStrategy{ - Type: common.UnprivilegedMultiProcessContainer, - } + scs := v2alpha1.SingleContainerStrategy + builder.datadogAgent.Spec.Global.ContainerStrategy = &scs } else { - builder.datadogAgent.Spec.Global.ContainerProcessStrategy = &v2alpha1.ContainerProcessStrategy{ - Type: common.SingleProcessContainers, - } + ocs := v2alpha1.OptimizedContainerStrategy + builder.datadogAgent.Spec.Global.ContainerStrategy = &ocs } return builder } diff --git a/apis/datadoghq/v2alpha1/zz_generated.deepcopy.go b/apis/datadoghq/v2alpha1/zz_generated.deepcopy.go index 3221bdb78..c43295b6b 100644 --- a/apis/datadoghq/v2alpha1/zz_generated.deepcopy.go +++ b/apis/datadoghq/v2alpha1/zz_generated.deepcopy.go @@ -277,21 +277,6 @@ func (in *ClusterChecksFeatureConfig) DeepCopy() *ClusterChecksFeatureConfig { return out } -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ContainerProcessStrategy) DeepCopyInto(out *ContainerProcessStrategy) { - *out = *in -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ContainerProcessStrategy. -func (in *ContainerProcessStrategy) DeepCopy() *ContainerProcessStrategy { - if in == nil { - return nil - } - out := new(ContainerProcessStrategy) - in.DeepCopyInto(out) - return out -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *CustomConfig) DeepCopyInto(out *CustomConfig) { *out = *in @@ -1108,9 +1093,9 @@ func (in *GlobalConfig) DeepCopyInto(out *GlobalConfig) { *out = new(string) **out = **in } - if in.ContainerProcessStrategy != nil { - in, out := &in.ContainerProcessStrategy, &out.ContainerProcessStrategy - *out = new(ContainerProcessStrategy) + if in.ContainerStrategy != nil { + in, out := &in.ContainerStrategy, &out.ContainerStrategy + *out = new(ContainerStrategyType) **out = **in } } diff --git a/apis/datadoghq/v2alpha1/zz_generated.openapi.go b/apis/datadoghq/v2alpha1/zz_generated.openapi.go index 09b094839..721cd78aa 100644 --- a/apis/datadoghq/v2alpha1/zz_generated.openapi.go +++ b/apis/datadoghq/v2alpha1/zz_generated.openapi.go @@ -20,7 +20,6 @@ import ( func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenAPIDefinition { return map[string]common.OpenAPIDefinition{ "./apis/datadoghq/v2alpha1.CSPMHostBenchmarksConfig": schema__apis_datadoghq_v2alpha1_CSPMHostBenchmarksConfig(ref), - "./apis/datadoghq/v2alpha1.ContainerProcessStrategy": schema__apis_datadoghq_v2alpha1_ContainerProcessStrategy(ref), "./apis/datadoghq/v2alpha1.CustomConfig": schema__apis_datadoghq_v2alpha1_CustomConfig(ref), "./apis/datadoghq/v2alpha1.DatadogAgent": schema__apis_datadoghq_v2alpha1_DatadogAgent(ref), "./apis/datadoghq/v2alpha1.DatadogAgentGenericContainer": schema__apis_datadoghq_v2alpha1_DatadogAgentGenericContainer(ref), @@ -65,26 +64,6 @@ func schema__apis_datadoghq_v2alpha1_CSPMHostBenchmarksConfig(ref common.Referen } } -func schema__apis_datadoghq_v2alpha1_ContainerProcessStrategy(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "ContainerProcessStrategy determines how various agent processes are grouped across multiple containers.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "type": { - SchemaProps: spec.SchemaProps{ - Description: "Type sets a predetermined grouping of processes across containers. There are two supported groupings: `singleProcessContainers` runs one process per container. `unprivilegedMultiProcessContainer`, runs unprivileged processes in a single container unless the configuration requires a privileged agent. For example if `security-agent` or `system-probe` is required, `singleProcessContainers` will be used. Default: `singleProcessContainers`", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - } -} - func schema__apis_datadoghq_v2alpha1_CustomConfig(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ diff --git a/config/crd/bases/v1/datadoghq.com_datadogagents.yaml b/config/crd/bases/v1/datadoghq.com_datadogagents.yaml index 16b3c08eb..ce4791e20 100644 --- a/config/crd/bases/v1/datadoghq.com_datadogagents.yaml +++ b/config/crd/bases/v1/datadoghq.com_datadogagents.yaml @@ -8428,13 +8428,9 @@ spec: clusterName: description: ClusterName sets a unique cluster name for the deployment to easily scope monitoring data in the Datadog app. type: string - containerProcessStrategy: - description: ContainerProcessStrategy determines whether agents run in single or multi-process containers. - properties: - type: - description: 'Type sets a predetermined grouping of processes across containers. There are two supported groupings: `singleProcessContainers` runs one process per container. `unprivilegedMultiProcessContainer`, runs unprivileged processes in a single container unless the configuration requires a privileged agent. For example if `security-agent` or `system-probe` is required, `singleProcessContainers` will be used. Default: `singleProcessContainers`' - type: string - type: object + containerStrategy: + description: 'ContainerStrategy determines whether agents run in a single or multiple containers. Default: ''optimized''' + type: string credentials: description: Credentials defines the Datadog credentials used to submit data to/query data from Datadog. properties: diff --git a/config/crd/bases/v1beta1/datadoghq.com_datadogagents.yaml b/config/crd/bases/v1beta1/datadoghq.com_datadogagents.yaml index 191d07be1..72bddce30 100644 --- a/config/crd/bases/v1beta1/datadoghq.com_datadogagents.yaml +++ b/config/crd/bases/v1beta1/datadoghq.com_datadogagents.yaml @@ -15978,13 +15978,9 @@ spec: clusterName: description: ClusterName sets a unique cluster name for the deployment to easily scope monitoring data in the Datadog app. type: string - containerProcessStrategy: - description: ContainerProcessStrategy determines whether agents run in single or multi-process containers. - properties: - type: - description: 'Type sets a predetermined grouping of processes across containers. There are two supported groupings: `singleProcessContainers` runs one process per container. `unprivilegedMultiProcessContainer`, runs unprivileged processes in a single container unless the configuration requires a privileged agent. For example if `security-agent` or `system-probe` is required, `singleProcessContainers` will be used. Default: `singleProcessContainers`' - type: string - type: object + containerStrategy: + description: 'ContainerStrategy determines whether agents run in a single or multiple containers. Default: ''optimized''' + type: string credentials: description: Credentials defines the Datadog credentials used to submit data to/query data from Datadog. properties: diff --git a/controllers/datadogagent/component/agent/default.go b/controllers/datadogagent/component/agent/default.go index 55ffe2905..52764d274 100644 --- a/controllers/datadogagent/component/agent/default.go +++ b/controllers/datadogagent/component/agent/default.go @@ -45,10 +45,10 @@ func NewDefaultAgentPodTemplateSpec(dda metav1.Object, agentComponent feature.Re requiredContainers := agentComponent.Containers var agentContainers []corev1.Container - if agentComponent.MultiProcessContainerEnabled() { - agentContainers = agentMultiProcessContainer(dda) + if agentComponent.SingleContainerStrategyEnabled() { + agentContainers = agentSingleContainer(dda) } else { - agentContainers = agentSingleProcessContainers(dda, requiredContainers) + agentContainers = agentOptimizedContainers(dda, requiredContainers) } return &corev1.PodTemplateSpec{ @@ -107,9 +107,9 @@ func initContainers(dda metav1.Object, requiredContainers []common.AgentContaine return initContainers } -func agentMultiProcessContainer(dda metav1.Object) []corev1.Container { - agentMultiProcessContainer := corev1.Container{ - Name: string(common.UnprivilegedMultiProcessAgentContainerName), +func agentSingleContainer(dda metav1.Object) []corev1.Container { + agentSingleContainer := corev1.Container{ + Name: string(common.UnprivilegedSingleAgentContainerName), Image: agentImage(), Env: envVarsForCoreAgent(dda), VolumeMounts: volumeMountsForCoreAgent(), @@ -118,13 +118,13 @@ func agentMultiProcessContainer(dda metav1.Object) []corev1.Container { } containers := []corev1.Container{ - agentMultiProcessContainer, + agentSingleContainer, } return containers } -func agentSingleProcessContainers(dda metav1.Object, requiredContainers []common.AgentContainerName) []corev1.Container { +func agentOptimizedContainers(dda metav1.Object, requiredContainers []common.AgentContainerName) []corev1.Container { containers := []corev1.Container{coreAgentContainer(dda)} for _, containerName := range requiredContainers { diff --git a/controllers/datadogagent/controller_reconcile_agent.go b/controllers/datadogagent/controller_reconcile_agent.go index 0e108a6d0..ea89f063b 100644 --- a/controllers/datadogagent/controller_reconcile_agent.go +++ b/controllers/datadogagent/controller_reconcile_agent.go @@ -45,7 +45,7 @@ func (r *Reconciler) reconcileV2Agent(logger logr.Logger, requiredComponents fea disabledByOverride := false agentEnabled := requiredComponents.Agent.IsEnabled() - multiProcessContainerEnabled := requiredComponents.Agent.MultiProcessContainerEnabled() + singleContainerStrategyEnabled := requiredComponents.Agent.SingleContainerStrategyEnabled() if r.options.ExtendedDaemonsetOptions.Enabled { // Start by creating the Default Agent extendeddaemonset @@ -53,7 +53,7 @@ func (r *Reconciler) reconcileV2Agent(logger logr.Logger, requiredComponents fea podManagers = feature.NewPodTemplateManagers(&eds.Spec.Template) // Set Global setting on the default extendeddaemonset - eds.Spec.Template = *override.ApplyGlobalSettingsNodeAgent(logger, podManagers, dda, resourcesManager, multiProcessContainerEnabled) + eds.Spec.Template = *override.ApplyGlobalSettingsNodeAgent(logger, podManagers, dda, resourcesManager, singleContainerStrategyEnabled) // Apply features changes on the Deployment.Spec.Template for _, feat := range features { @@ -113,12 +113,12 @@ func (r *Reconciler) reconcileV2Agent(logger logr.Logger, requiredComponents fea daemonset = componentagent.NewDefaultAgentDaemonset(dda, requiredComponents.Agent) podManagers = feature.NewPodTemplateManagers(&daemonset.Spec.Template) // Set Global setting on the default daemonset - daemonset.Spec.Template = *override.ApplyGlobalSettingsNodeAgent(logger, podManagers, dda, resourcesManager, multiProcessContainerEnabled) + daemonset.Spec.Template = *override.ApplyGlobalSettingsNodeAgent(logger, podManagers, dda, resourcesManager, singleContainerStrategyEnabled) // Apply features changes on the Deployment.Spec.Template for _, feat := range features { - if multiProcessContainerEnabled { - if errFeat := feat.ManageMultiProcessNodeAgent(podManagers, provider); errFeat != nil { + if singleContainerStrategyEnabled { + if errFeat := feat.ManageSingleContainerNodeAgent(podManagers, provider); errFeat != nil { return result, errFeat } } else { diff --git a/controllers/datadogagent/controller_v2_test.go b/controllers/datadogagent/controller_v2_test.go index ef9ee7198..61b9f3663 100644 --- a/controllers/datadogagent/controller_v2_test.go +++ b/controllers/datadogagent/controller_v2_test.go @@ -112,7 +112,7 @@ func TestReconcileDatadogAgentV2_Reconcile(t *testing.T) { request: newRequest(resourcesNamespace, resourcesName), loadFunc: func(c client.Client) { dda := v2alpha1test.NewInitializedDatadogAgentBuilder(resourcesNamespace, resourcesName). - WithMultiProcessContainer(false). + WithSingleContainerStrategy(false). Build() _ = c.Create(context.TODO(), dda) }, @@ -130,7 +130,7 @@ func TestReconcileDatadogAgentV2_Reconcile(t *testing.T) { }, }, { - name: "[multi-process container] DatadogAgent default, create Daemonset with a multi-process container", + name: "[single container] DatadogAgent default, create Daemonset with a single container", fields: fields{ client: fake.NewFakeClient(), scheme: s, @@ -140,7 +140,7 @@ func TestReconcileDatadogAgentV2_Reconcile(t *testing.T) { request: newRequest(resourcesNamespace, resourcesName), loadFunc: func(c client.Client) { dda := v2alpha1test.NewInitializedDatadogAgentBuilder(resourcesNamespace, resourcesName). - WithMultiProcessContainer(true). + WithSingleContainerStrategy(true). Build() _ = c.Create(context.TODO(), dda) }, @@ -149,7 +149,7 @@ func TestReconcileDatadogAgentV2_Reconcile(t *testing.T) { wantErr: false, wantFunc: func(c client.Client) error { expectedContainers := []string{ - string(apicommonv1.UnprivilegedMultiProcessAgentContainerName), + string(apicommonv1.UnprivilegedSingleAgentContainerName), } return verifyDaemonsetContainers(c, resourcesNamespace, dsName, expectedContainers) @@ -167,7 +167,7 @@ func TestReconcileDatadogAgentV2_Reconcile(t *testing.T) { loadFunc: func(c client.Client) { dda := v2alpha1test.NewInitializedDatadogAgentBuilder(resourcesNamespace, resourcesName). WithAPMEnabled(true). - WithMultiProcessContainer(false). + WithSingleContainerStrategy(false). Build() _ = c.Create(context.TODO(), dda) }, @@ -185,7 +185,7 @@ func TestReconcileDatadogAgentV2_Reconcile(t *testing.T) { }, }, { - name: "[multi-process container] DatadogAgent with APM enabled, create Daemonset with a multi-process container", + name: "[single container] DatadogAgent with APM enabled, create Daemonset with a single container", fields: fields{ client: fake.NewFakeClient(), scheme: s, @@ -196,7 +196,7 @@ func TestReconcileDatadogAgentV2_Reconcile(t *testing.T) { loadFunc: func(c client.Client) { dda := v2alpha1test.NewInitializedDatadogAgentBuilder(resourcesNamespace, resourcesName). WithAPMEnabled(true). - WithMultiProcessContainer(true). + WithSingleContainerStrategy(true). Build() _ = c.Create(context.TODO(), dda) }, @@ -205,7 +205,7 @@ func TestReconcileDatadogAgentV2_Reconcile(t *testing.T) { wantErr: false, wantFunc: func(c client.Client) error { expectedContainers := []string{ - string(apicommonv1.UnprivilegedMultiProcessAgentContainerName), + string(apicommonv1.UnprivilegedSingleAgentContainerName), } return verifyDaemonsetContainers(c, resourcesNamespace, dsName, expectedContainers) @@ -224,7 +224,7 @@ func TestReconcileDatadogAgentV2_Reconcile(t *testing.T) { dda := v2alpha1test.NewInitializedDatadogAgentBuilder(resourcesNamespace, resourcesName). WithAPMEnabled(true). WithCWSEnabled(true). - WithMultiProcessContainer(false). + WithSingleContainerStrategy(false). Build() _ = c.Create(context.TODO(), dda) }, @@ -244,7 +244,7 @@ func TestReconcileDatadogAgentV2_Reconcile(t *testing.T) { }, }, { - name: "[multi-process container] DatadogAgent with APM and CWS enables, create Daemonset with all five agents", + name: "[single container] DatadogAgent with APM and CWS enables, create Daemonset with all five agents", fields: fields{ client: fake.NewFakeClient(), scheme: s, @@ -256,7 +256,7 @@ func TestReconcileDatadogAgentV2_Reconcile(t *testing.T) { dda := v2alpha1test.NewInitializedDatadogAgentBuilder(resourcesNamespace, resourcesName). WithAPMEnabled(true). WithCWSEnabled(true). - WithMultiProcessContainer(true). + WithSingleContainerStrategy(true). Build() _ = c.Create(context.TODO(), dda) @@ -289,7 +289,7 @@ func TestReconcileDatadogAgentV2_Reconcile(t *testing.T) { dda := v2alpha1test.NewInitializedDatadogAgentBuilder(resourcesNamespace, resourcesName). WithAPMEnabled(true). WithOOMKillEnabled(true). - WithMultiProcessContainer(false). + WithSingleContainerStrategy(false). Build() _ = c.Create(context.TODO(), dda) }, @@ -308,7 +308,7 @@ func TestReconcileDatadogAgentV2_Reconcile(t *testing.T) { }, }, { - name: "[multi-process container] DatadogAgent with APM and OOMKill enabled, create Daemonset with core, trace, process and system-probe", + name: "[single container] DatadogAgent with APM and OOMKill enabled, create Daemonset with core, trace, process and system-probe", fields: fields{ client: fake.NewFakeClient(), scheme: s, @@ -320,7 +320,7 @@ func TestReconcileDatadogAgentV2_Reconcile(t *testing.T) { dda := v2alpha1test.NewInitializedDatadogAgentBuilder(resourcesNamespace, resourcesName). WithAPMEnabled(true). WithOOMKillEnabled(true). - WithMultiProcessContainer(true). + WithSingleContainerStrategy(true). Build() _ = c.Create(context.TODO(), dda) }, diff --git a/controllers/datadogagent/feature/admissioncontroller/feature.go b/controllers/datadogagent/feature/admissioncontroller/feature.go index ae50b6d45..732ada574 100644 --- a/controllers/datadogagent/feature/admissioncontroller/feature.go +++ b/controllers/datadogagent/feature/admissioncontroller/feature.go @@ -180,10 +180,10 @@ func (f *admissionControllerFeature) ManageClusterAgent(managers feature.PodTemp return nil } -// ManageMultiProcessNodeAgent allows a feature to configure the multi-process container for the Node Agent's corev1.PodTemplateSpec -// if multi-process container usage is enabled and can be used with the current feature set. +// ManageSingleContainerNodeAgent allows a feature to configure the Agent container for the Node Agent's corev1.PodTemplateSpec +// if SingleContainerStrategy is enabled and can be used with the configured feature set.. // It should do nothing if the feature doesn't need to configure it. -func (f *admissionControllerFeature) ManageMultiProcessNodeAgent(managers feature.PodTemplateManagers, provider string) error { +func (f *admissionControllerFeature) ManageSingleContainerNodeAgent(managers feature.PodTemplateManagers, provider string) error { return nil } diff --git a/controllers/datadogagent/feature/apm/feature.go b/controllers/datadogagent/feature/apm/feature.go index 6504c7fbc..5b3389e4f 100644 --- a/controllers/datadogagent/feature/apm/feature.go +++ b/controllers/datadogagent/feature/apm/feature.go @@ -231,11 +231,11 @@ func (f *apmFeature) ManageClusterAgent(managers feature.PodTemplateManagers) er return nil } -// ManageMultiProcessNodeAgent allows a feature to configure the multi-process container for Node Agent's corev1.PodTemplateSpec -// if multi-process container usage is enabled and can be used with the current feature set +// ManageSingleContainerNodeAgent allows a feature to configure the Agent container for the Node Agent's corev1.PodTemplateSpec +// if SingleContainerStrategy is enabled and can be used with the configured feature set. // It should do nothing if the feature doesn't need to configure it. -func (f *apmFeature) ManageMultiProcessNodeAgent(managers feature.PodTemplateManagers, provider string) error { - f.manageNodeAgent(apicommonv1.UnprivilegedMultiProcessAgentContainerName, managers, provider) +func (f *apmFeature) ManageSingleContainerNodeAgent(managers feature.PodTemplateManagers, provider string) error { + f.manageNodeAgent(apicommonv1.UnprivilegedSingleAgentContainerName, managers, provider) return nil } diff --git a/controllers/datadogagent/feature/apm/feature_test.go b/controllers/datadogagent/feature/apm/feature_test.go index 787d6e6bf..8e245d65b 100644 --- a/controllers/datadogagent/feature/apm/feature_test.go +++ b/controllers/datadogagent/feature/apm/feature_test.go @@ -61,10 +61,10 @@ func TestAPMFeature(t *testing.T) { WantConfigure: false, }, { - Name: "v2alpha1 apm not enabled with multi-process container", + Name: "v2alpha1 apm not enabled with single container strategy", DDAv2: v2alpha1test.NewDatadogAgentBuilder(). WithAPMEnabled(false). - WithMultiProcessContainer(true). + WithSingleContainerStrategy(true). Build(), WantConfigure: false, }, @@ -79,15 +79,15 @@ func TestAPMFeature(t *testing.T) { Agent: testAgentUDSOnly(apicommonv1.TraceAgentContainerName), }, { - Name: "v2alpha1 apm enabled, use uds with multi-process container", + Name: "v2alpha1 apm enabled, use uds with single container strategy", DDAv2: v2alpha1test.NewDatadogAgentBuilder(). WithAPMEnabled(true). WithAPMHostPortEnabled(false, 8126). WithAPMUDSEnabled(true, apmSocketHostPath). - WithMultiProcessContainer(true). + WithSingleContainerStrategy(true). Build(), WantConfigure: true, - Agent: testAgentUDSOnly(apicommonv1.UnprivilegedMultiProcessAgentContainerName), + Agent: testAgentUDSOnly(apicommonv1.UnprivilegedSingleAgentContainerName), }, { Name: "v2alpha1 apm enabled, use uds and host port", @@ -100,15 +100,15 @@ func TestAPMFeature(t *testing.T) { Agent: testAgentHostPortUDS(apicommonv1.TraceAgentContainerName), }, { - Name: "v2alpha1 apm enabled, use uds and host port with multi-process container", + Name: "v2alpha1 apm enabled, use uds and host port with single container strategy", DDAv2: v2alpha1test.NewDatadogAgentBuilder(). WithAPMEnabled(true). WithAPMHostPortEnabled(true, 8126). WithAPMUDSEnabled(true, apmSocketHostPath). - WithMultiProcessContainer(true). + WithSingleContainerStrategy(true). Build(), WantConfigure: true, - Agent: testAgentHostPortUDS(apicommonv1.UnprivilegedMultiProcessAgentContainerName), + Agent: testAgentHostPortUDS(apicommonv1.UnprivilegedSingleAgentContainerName), }, } diff --git a/controllers/datadogagent/feature/clusterchecks/feature.go b/controllers/datadogagent/feature/clusterchecks/feature.go index 58a4ae776..65324b556 100644 --- a/controllers/datadogagent/feature/clusterchecks/feature.go +++ b/controllers/datadogagent/feature/clusterchecks/feature.go @@ -200,11 +200,11 @@ func (f *clusterChecksFeature) ManageClusterAgent(managers feature.PodTemplateMa return nil } -// ManageMultiProcessNodeAgent allows a feature to configure the multi-process container for Node Agent's corev1.PodTemplateSpec -// if multi-process container usage is enabled and can be used with the current feature set +// ManageSingleContainerNodeAgent allows a feature to configure the Agent container for the Node Agent's corev1.PodTemplateSpec +// if SingleContainerStrategy is enabled and can be used with the configured feature set. // It should do nothing if the feature doesn't need to configure it. -func (f *clusterChecksFeature) ManageMultiProcessNodeAgent(managers feature.PodTemplateManagers, provider string) error { - f.manageNodeAgent(common.UnprivilegedMultiProcessAgentContainerName, managers, provider) +func (f *clusterChecksFeature) ManageSingleContainerNodeAgent(managers feature.PodTemplateManagers, provider string) error { + f.manageNodeAgent(common.UnprivilegedSingleAgentContainerName, managers, provider) return nil } diff --git a/controllers/datadogagent/feature/clusterchecks/feature_test.go b/controllers/datadogagent/feature/clusterchecks/feature_test.go index e48b82146..ceae29723 100644 --- a/controllers/datadogagent/feature/clusterchecks/feature_test.go +++ b/controllers/datadogagent/feature/clusterchecks/feature_test.go @@ -101,15 +101,15 @@ func TestClusterChecksFeature(t *testing.T) { Agent: testAgentHasExpectedEnvsWithNoRunners(apicommonv1.CoreAgentContainerName), }, { - Name: "v2alpha1 cluster checks enabled and runners not enabled with multi-process container", + Name: "v2alpha1 cluster checks enabled and runners not enabled with single container strategy", DDAv2: v2alpha1test.NewDatadogAgentBuilder(). WithClusterChecksEnabled(true). WithClusterChecksUseCLCEnabled(false). - WithMultiProcessContainer(true). + WithSingleContainerStrategy(true). Build(), WantConfigure: true, ClusterAgent: test.NewDefaultComponentTest().WithWantFunc(wantClusterAgentHasExpectedEnvsAndChecksum), - Agent: testAgentHasExpectedEnvsWithNoRunners(apicommonv1.UnprivilegedMultiProcessAgentContainerName), + Agent: testAgentHasExpectedEnvsWithNoRunners(apicommonv1.UnprivilegedSingleAgentContainerName), }, { Name: "v2alpha1 cluster checks enabled and runners enabled", @@ -123,16 +123,16 @@ func TestClusterChecksFeature(t *testing.T) { Agent: testAgentHasExpectedEnvsWithRunners(apicommonv1.CoreAgentContainerName), }, { - Name: "v2alpha1 cluster checks enabled and runners enabled with multi-process container", + Name: "v2alpha1 cluster checks enabled and runners enabled with single container strategy", DDAv2: v2alpha1test.NewDatadogAgentBuilder(). WithClusterChecksEnabled(true). WithClusterChecksUseCLCEnabled(true). - WithMultiProcessContainer(true). + WithSingleContainerStrategy(true). Build(), WantConfigure: true, ClusterAgent: test.NewDefaultComponentTest().WithWantFunc(wantClusterAgentHasExpectedEnvsAndChecksum), ClusterChecksRunner: testClusterChecksRunnerHasExpectedEnvs(), - Agent: testAgentHasExpectedEnvsWithRunners(apicommonv1.UnprivilegedMultiProcessAgentContainerName), + Agent: testAgentHasExpectedEnvsWithRunners(apicommonv1.UnprivilegedSingleAgentContainerName), }, } diff --git a/controllers/datadogagent/feature/cspm/feature.go b/controllers/datadogagent/feature/cspm/feature.go index a70cb8d86..d91160308 100644 --- a/controllers/datadogagent/feature/cspm/feature.go +++ b/controllers/datadogagent/feature/cspm/feature.go @@ -239,10 +239,10 @@ func (f *cspmFeature) ManageClusterAgent(managers feature.PodTemplateManagers) e return nil } -// ManageMultiProcessNodeAgent allows a feature to configure the multi-process container for Node Agent's corev1.PodTemplateSpec -// if multi-process container usage is enabled and can be used with the current feature set +// ManageSingleContainerNodeAgent allows a feature to configure the Agent container for the Node Agent's corev1.PodTemplateSpec +// if SingleContainerStrategy is enabled and can be used with the configured feature set. // It should do nothing if the feature doesn't need to configure it. -func (f *cspmFeature) ManageMultiProcessNodeAgent(managers feature.PodTemplateManagers, provider string) error { +func (f *cspmFeature) ManageSingleContainerNodeAgent(managers feature.PodTemplateManagers, provider string) error { return nil } diff --git a/controllers/datadogagent/feature/cws/feature.go b/controllers/datadogagent/feature/cws/feature.go index c8dff33a9..25a3f3901 100644 --- a/controllers/datadogagent/feature/cws/feature.go +++ b/controllers/datadogagent/feature/cws/feature.go @@ -173,10 +173,10 @@ func (f *cwsFeature) ManageClusterAgent(managers feature.PodTemplateManagers) er return nil } -// ManageMultiProcessNodeAgent allows a feature to configure the multi-process container for Node Agent's corev1.PodTemplateSpec -// if multi-process container usage is enabled and can be used with the current feature set +// ManageSingleContainerNodeAgent allows a feature to configure the Agent container for the Node Agent's corev1.PodTemplateSpec +// if SingleContainerStrategy is enabled and can be used with the configured feature set. // It should do nothing if the feature doesn't need to configure it. -func (f *cwsFeature) ManageMultiProcessNodeAgent(managers feature.PodTemplateManagers, provider string) error { +func (f *cwsFeature) ManageSingleContainerNodeAgent(managers feature.PodTemplateManagers, provider string) error { return nil } diff --git a/controllers/datadogagent/feature/dogstatsd/feature.go b/controllers/datadogagent/feature/dogstatsd/feature.go index d56f5c872..b6fa340ea 100644 --- a/controllers/datadogagent/feature/dogstatsd/feature.go +++ b/controllers/datadogagent/feature/dogstatsd/feature.go @@ -171,11 +171,11 @@ func (f *dogstatsdFeature) ManageClusterAgent(managers feature.PodTemplateManage return nil } -// ManageMultiProcessNodeAgent allows a feature to configure the multi-process container for Node Agent's corev1.PodTemplateSpec -// if multi-process container usage is enabled and can be used with the current feature set +// ManageSingleContainerNodeAgent allows a feature to configure the Agent container for the Node Agent's corev1.PodTemplateSpec +// if SingleContainerStrategy is enabled and can be used with the configured feature set. // It should do nothing if the feature doesn't need to configure it. -func (f *dogstatsdFeature) ManageMultiProcessNodeAgent(managers feature.PodTemplateManagers, provider string) error { - f.manageNodeAgent(apicommonv1.UnprivilegedMultiProcessAgentContainerName, managers, provider) +func (f *dogstatsdFeature) ManageSingleContainerNodeAgent(managers feature.PodTemplateManagers, provider string) error { + f.manageNodeAgent(apicommonv1.UnprivilegedSingleAgentContainerName, managers, provider) return nil } diff --git a/controllers/datadogagent/feature/dummy/feature.go b/controllers/datadogagent/feature/dummy/feature.go index 7f2471ef4..603bec803 100644 --- a/controllers/datadogagent/feature/dummy/feature.go +++ b/controllers/datadogagent/feature/dummy/feature.go @@ -59,10 +59,10 @@ func (f *dummyFeature) ManageClusterAgent(managers feature.PodTemplateManagers) return nil } -// ManageMultiProcessNodeAgent allows a feature to configure the multi-process container for Node Agent's corev1.PodTemplateSpec -// if multi-process container usage is enabled and can be used with the current feature set +// ManageSingleContainerNodeAgent allows a feature to configure the Agent container for the Node Agent's corev1.PodTemplateSpec +// if SingleContainerStrategy is enabled and can be used with the configured feature set. // It should do nothing if the feature doesn't need to configure it. -func (f *dummyFeature) ManageMultiProcessNodeAgent(managers feature.PodTemplateManagers, provider string) error { +func (f *dummyFeature) ManageSingleContainerNodeAgent(managers feature.PodTemplateManagers, provider string) error { return nil } diff --git a/controllers/datadogagent/feature/ebpfcheck/feature.go b/controllers/datadogagent/feature/ebpfcheck/feature.go index b13c55e37..9ae041fb5 100644 --- a/controllers/datadogagent/feature/ebpfcheck/feature.go +++ b/controllers/datadogagent/feature/ebpfcheck/feature.go @@ -101,10 +101,10 @@ func (f *ebpfCheckFeature) ManageNodeAgent(managers feature.PodTemplateManagers, return nil } -// ManageMultiProcessNodeAgent allows a feature to configure the multi-process container for Node Agent's corev1.PodTemplateSpec -// if multi-process container usage is enabled and can be used with the current feature set +// ManageSingleContainerNodeAgent allows a feature to configure the Agent container for the Node Agent's corev1.PodTemplateSpec +// if SingleContainerStrategy is enabled and can be used with the configured feature set. // It should do nothing if the feature doesn't need to configure it. -func (f *ebpfCheckFeature) ManageMultiProcessNodeAgent(managers feature.PodTemplateManagers, provider string) error { +func (f *ebpfCheckFeature) ManageSingleContainerNodeAgent(managers feature.PodTemplateManagers, provider string) error { return nil } diff --git a/controllers/datadogagent/feature/enabledefault/feature.go b/controllers/datadogagent/feature/enabledefault/feature.go index b8ce079b6..450627afe 100644 --- a/controllers/datadogagent/feature/enabledefault/feature.go +++ b/controllers/datadogagent/feature/enabledefault/feature.go @@ -384,10 +384,10 @@ func (f *defaultFeature) ManageClusterAgent(managers feature.PodTemplateManagers return nil } -// ManageMultiProcessNodeAgent allows a feature to configure the multi-process container for Node Agent's corev1.PodTemplateSpec -// if multi-process container usage is enabled and can be used with the current feature set +// ManageSingleContainerNodeAgent allows a feature to configure the Agent container for the Node Agent's corev1.PodTemplateSpec +// if SingleContainerStrategy is enabled and can be used with the configured feature set. // It should do nothing if the feature doesn't need to configure it. -func (f *defaultFeature) ManageMultiProcessNodeAgent(managers feature.PodTemplateManagers, provider string) error { +func (f *defaultFeature) ManageSingleContainerNodeAgent(managers feature.PodTemplateManagers, provider string) error { f.ManageNodeAgent(managers, provider) return nil diff --git a/controllers/datadogagent/feature/eventcollection/feature.go b/controllers/datadogagent/feature/eventcollection/feature.go index 48d0749f4..74ba6cdc1 100644 --- a/controllers/datadogagent/feature/eventcollection/feature.go +++ b/controllers/datadogagent/feature/eventcollection/feature.go @@ -144,11 +144,11 @@ func (f *eventCollectionFeature) ManageClusterAgent(managers feature.PodTemplate return nil } -// ManageMultiProcessNodeAgent allows a feature to configure the multi-process container for Node Agent's corev1.PodTemplateSpec -// if multi-process container usage is enabled and can be used with the current feature set +// ManageSingleContainerNodeAgent allows a feature to configure the Agent container for the Node Agent's corev1.PodTemplateSpec +// if SingleContainerStrategy is enabled and can be used with the configured feature set. // It should do nothing if the feature doesn't need to configure it. -func (f *eventCollectionFeature) ManageMultiProcessNodeAgent(managers feature.PodTemplateManagers, provider string) error { - f.manageNodeAgent(apicommonv1.UnprivilegedMultiProcessAgentContainerName, managers, provider) +func (f *eventCollectionFeature) ManageSingleContainerNodeAgent(managers feature.PodTemplateManagers, provider string) error { + f.manageNodeAgent(apicommonv1.UnprivilegedSingleAgentContainerName, managers, provider) return nil } diff --git a/controllers/datadogagent/feature/externalmetrics/feature.go b/controllers/datadogagent/feature/externalmetrics/feature.go index 17e248d4b..cb84fde08 100644 --- a/controllers/datadogagent/feature/externalmetrics/feature.go +++ b/controllers/datadogagent/feature/externalmetrics/feature.go @@ -402,10 +402,10 @@ func (f *externalMetricsFeature) ManageClusterAgent(managers feature.PodTemplate return nil } -// ManageMultiProcessNodeAgent allows a feature to configure the multi-process container for Node Agent's corev1.PodTemplateSpec -// if multi-process container usage is enabled and can be used with the current feature set +// ManageSingleContainerNodeAgent allows a feature to configure the Agent container for the Node Agent's corev1.PodTemplateSpec +// if SingleContainerStrategy is enabled and can be used with the configured feature set. // It should do nothing if the feature doesn't need to configure it. -func (f *externalMetricsFeature) ManageMultiProcessNodeAgent(managers feature.PodTemplateManagers, provider string) error { +func (f *externalMetricsFeature) ManageSingleContainerNodeAgent(managers feature.PodTemplateManagers, provider string) error { return nil } diff --git a/controllers/datadogagent/feature/factory.go b/controllers/datadogagent/feature/factory.go index e8781ef9f..185287dac 100644 --- a/controllers/datadogagent/feature/factory.go +++ b/controllers/datadogagent/feature/factory.go @@ -59,14 +59,14 @@ func BuildFeatures(dda *v2alpha1.DatadogAgent, options *Options) ([]Feature, Req } if dda.Spec.Global != nil && - dda.Spec.Global.ContainerProcessStrategy != nil && - dda.Spec.Global.ContainerProcessStrategy.Type == common.UnprivilegedMultiProcessContainer && + dda.Spec.Global.ContainerStrategy != nil && + *dda.Spec.Global.ContainerStrategy == v2alpha1.SingleContainerStrategy && // All features that need the NodeAgent must include it in their RequiredComponents; // otherwise tests will fail when checking `requiredComponents.Agent.IsPrivileged()`. requiredComponents.Agent.IsEnabled() && !requiredComponents.Agent.IsPrivileged() { - requiredComponents.Agent.Containers = []common.AgentContainerName{common.UnprivilegedMultiProcessAgentContainerName} + requiredComponents.Agent.Containers = []common.AgentContainerName{common.UnprivilegedSingleAgentContainerName} return output, requiredComponents } return output, requiredComponents diff --git a/controllers/datadogagent/feature/kubernetesstatecore/feature.go b/controllers/datadogagent/feature/kubernetesstatecore/feature.go index d3d62a45e..b4c236e73 100644 --- a/controllers/datadogagent/feature/kubernetesstatecore/feature.go +++ b/controllers/datadogagent/feature/kubernetesstatecore/feature.go @@ -238,17 +238,17 @@ func (f *ksmFeature) ManageClusterAgent(managers feature.PodTemplateManagers) er return nil } -// ManageMultiProcessNodeAgent allows a feature to configure the multi-process container for Node Agent's corev1.PodTemplateSpec -// if multi-process container usage is enabled and can be used with the current feature set +// ManageSingleContainerNodeAgent allows a feature to configure the Agent container for the Node Agent's corev1.PodTemplateSpec +// if SingleContainerStrategy is enabled and can be used with the configured feature set. // It should do nothing if the feature doesn't need to configure it. -func (f *ksmFeature) ManageMultiProcessNodeAgent(managers feature.PodTemplateManagers, provider string) error { +func (f *ksmFeature) ManageSingleContainerNodeAgent(managers feature.PodTemplateManagers, provider string) error { // Remove ksm v1 conf if the cluster checks are enabled and the ksm core is enabled ignoreAutoConf := &corev1.EnvVar{ Name: apicommon.DDIgnoreAutoConf, Value: "kubernetes_state", } - return managers.EnvVar().AddEnvVarToContainerWithMergeFunc(apicommonv1.UnprivilegedMultiProcessAgentContainerName, ignoreAutoConf, merger.AppendToValueEnvVarMergeFunction) + return managers.EnvVar().AddEnvVarToContainerWithMergeFunc(apicommonv1.UnprivilegedSingleAgentContainerName, ignoreAutoConf, merger.AppendToValueEnvVarMergeFunction) } // ManageNodeAgent allows a feature to configure the Node Agent's corev1.PodTemplateSpec diff --git a/controllers/datadogagent/feature/kubernetesstatecore/feature_test.go b/controllers/datadogagent/feature/kubernetesstatecore/feature_test.go index 0d7a3edd0..dd57b9a4a 100644 --- a/controllers/datadogagent/feature/kubernetesstatecore/feature_test.go +++ b/controllers/datadogagent/feature/kubernetesstatecore/feature_test.go @@ -61,10 +61,10 @@ func Test_ksmFeature_Configure(t *testing.T) { WantConfigure: false, }, { - Name: "v2alpha1 ksm-core not enabled with multi-process container", + Name: "v2alpha1 ksm-core not enabled with single agent container", DDAv2: v2alpha1test.NewDatadogAgentBuilder(). WithKSMEnabled(false). - WithMultiProcessContainer(true). + WithSingleContainerStrategy(true). Build(), WantConfigure: false, }, @@ -78,14 +78,14 @@ func Test_ksmFeature_Configure(t *testing.T) { Agent: test.NewDefaultComponentTest().WithWantFunc(ksmAgentNodeWantFunc), }, { - Name: "v2alpha1 ksm-core enabled with multi-process container", + Name: "v2alpha1 ksm-core enabled with single agent container", DDAv2: v2alpha1test.NewDatadogAgentBuilder(). WithKSMEnabled(true). - WithMultiProcessContainer(true). + WithSingleContainerStrategy(true). Build(), WantConfigure: true, ClusterAgent: ksmClusterAgentWantFunc(false), - Agent: test.NewDefaultComponentTest().WithWantFunc(ksmAgentMultiProcessWantFunc), + Agent: test.NewDefaultComponentTest().WithWantFunc(ksmAgentSingleAgentWantFunc), }, { Name: "v2alpha1 ksm-core enabled, custom config", @@ -98,15 +98,15 @@ func Test_ksmFeature_Configure(t *testing.T) { Agent: test.NewDefaultComponentTest().WithWantFunc(ksmAgentNodeWantFunc), }, { - Name: "v2alpha1 ksm-core enabled, custom config with multi-process container", + Name: "v2alpha1 ksm-core enabled, custom config with single agent container", DDAv2: v2alpha1test.NewDatadogAgentBuilder(). WithKSMEnabled(true). WithKSMCustomConf(customData). - WithMultiProcessContainer(true). + WithSingleContainerStrategy(true). Build(), WantConfigure: true, ClusterAgent: ksmClusterAgentWantFunc(true), - Agent: test.NewDefaultComponentTest().WithWantFunc(ksmAgentMultiProcessWantFunc), + Agent: test.NewDefaultComponentTest().WithWantFunc(ksmAgentSingleAgentWantFunc), }, } @@ -169,8 +169,8 @@ func ksmAgentNodeWantFunc(t testing.TB, mgrInterface feature.PodTemplateManagers ksmAgentWantFunc(t, mgrInterface, apicommonv1.CoreAgentContainerName) } -func ksmAgentMultiProcessWantFunc(t testing.TB, mgrInterface feature.PodTemplateManagers) { - ksmAgentWantFunc(t, mgrInterface, apicommonv1.UnprivilegedMultiProcessAgentContainerName) +func ksmAgentSingleAgentWantFunc(t testing.TB, mgrInterface feature.PodTemplateManagers) { + ksmAgentWantFunc(t, mgrInterface, apicommonv1.UnprivilegedSingleAgentContainerName) } func ksmAgentWantFunc(t testing.TB, mgrInterface feature.PodTemplateManagers, agentContainerName apicommonv1.AgentContainerName) { diff --git a/controllers/datadogagent/feature/livecontainer/feature.go b/controllers/datadogagent/feature/livecontainer/feature.go index 3b7a1a304..878f43356 100644 --- a/controllers/datadogagent/feature/livecontainer/feature.go +++ b/controllers/datadogagent/feature/livecontainer/feature.go @@ -84,11 +84,11 @@ func (f *liveContainerFeature) ManageClusterAgent(managers feature.PodTemplateMa return nil } -// ManageMultiProcessNodeAgent allows a feature to configure the multi-process container for Node Agent's corev1.PodTemplateSpec -// if multi-process container usage is enabled and can be used with the current feature set +// ManageSingleContainerNodeAgent allows a feature to configure the Agent container for the Node Agent's corev1.PodTemplateSpec +// if SingleContainerStrategy is enabled and can be used with the configured feature set. // It should do nothing if the feature doesn't need to configure it. -func (f *liveContainerFeature) ManageMultiProcessNodeAgent(managers feature.PodTemplateManagers, provider string) error { - f.manageNodeAgent(apicommonv1.UnprivilegedMultiProcessAgentContainerName, managers, provider) +func (f *liveContainerFeature) ManageSingleContainerNodeAgent(managers feature.PodTemplateManagers, provider string) error { + f.manageNodeAgent(apicommonv1.UnprivilegedSingleAgentContainerName, managers, provider) return nil } diff --git a/controllers/datadogagent/feature/livecontainer/feature_test.go b/controllers/datadogagent/feature/livecontainer/feature_test.go index 6c4d65eef..0e501c965 100644 --- a/controllers/datadogagent/feature/livecontainer/feature_test.go +++ b/controllers/datadogagent/feature/livecontainer/feature_test.go @@ -50,10 +50,10 @@ func TestLiveContainerFeature(t *testing.T) { WantConfigure: false, }, { - Name: "v1alpha1 live container collection not enabled with multi-process container", + Name: "v1alpha1 live container collection not enabled with single container", DDAv2: v2alpha1test.NewDatadogAgentBuilder(). WithLiveContainerCollectionEnabled(false). - WithMultiProcessContainer(true). + WithSingleContainerStrategy(true). Build(), WantConfigure: false, }, @@ -66,13 +66,13 @@ func TestLiveContainerFeature(t *testing.T) { Agent: testExpectedAgent(apicommonv1.ProcessAgentContainerName), }, { - Name: "v2alpha1 live container collection enabled with multi-process container", + Name: "v2alpha1 live container collection enabled with single container", DDAv2: v2alpha1test.NewDatadogAgentBuilder(). WithLiveContainerCollectionEnabled(true). - WithMultiProcessContainer(true). + WithSingleContainerStrategy(true). Build(), WantConfigure: true, - Agent: testExpectedAgent(apicommonv1.UnprivilegedMultiProcessAgentContainerName), + Agent: testExpectedAgent(apicommonv1.UnprivilegedSingleAgentContainerName), }, } diff --git a/controllers/datadogagent/feature/liveprocess/feature.go b/controllers/datadogagent/feature/liveprocess/feature.go index 77525f257..b14b697fe 100644 --- a/controllers/datadogagent/feature/liveprocess/feature.go +++ b/controllers/datadogagent/feature/liveprocess/feature.go @@ -93,11 +93,11 @@ func (f *liveProcessFeature) ManageClusterAgent(managers feature.PodTemplateMana return nil } -// ManageMultiProcessNodeAgent allows a feature to configure the multi-process container for Node Agent's corev1.PodTemplateSpec -// if multi-process container usage is enabled and can be used with the current feature set +// ManageSingleContainerNodeAgent allows a feature to configure the Agent container for the Node Agent's corev1.PodTemplateSpec +// if SingleContainerStrategy is enabled and can be used with the configured feature set. // It should do nothing if the feature doesn't need to configure it. -func (f *liveProcessFeature) ManageMultiProcessNodeAgent(managers feature.PodTemplateManagers, provider string) error { - f.manageNodeAgent(apicommonv1.UnprivilegedMultiProcessAgentContainerName, managers, provider) +func (f *liveProcessFeature) ManageSingleContainerNodeAgent(managers feature.PodTemplateManagers, provider string) error { + f.manageNodeAgent(apicommonv1.UnprivilegedSingleAgentContainerName, managers, provider) return nil } diff --git a/controllers/datadogagent/feature/logcollection/feature.go b/controllers/datadogagent/feature/logcollection/feature.go index 291ad9263..dbfc3681c 100644 --- a/controllers/datadogagent/feature/logcollection/feature.go +++ b/controllers/datadogagent/feature/logcollection/feature.go @@ -125,11 +125,11 @@ func (f *logCollectionFeature) ManageClusterAgent(managers feature.PodTemplateMa return nil } -// ManageMultiProcessNodeAgent allows a feature to configure the multi-process container for Node Agent's corev1.PodTemplateSpec -// if multi-process container usage is enabled and can be used with the current feature set +// ManageSingleContainerNodeAgent allows a feature to configure the Agent container for the Node Agent's corev1.PodTemplateSpec +// if SingleContainerStrategy is enabled and can be used with the configured feature set. // It should do nothing if the feature doesn't need to configure it. -func (f *logCollectionFeature) ManageMultiProcessNodeAgent(managers feature.PodTemplateManagers, provider string) error { - f.manageNodeAgent(apicommonv1.UnprivilegedMultiProcessAgentContainerName, managers, provider) +func (f *logCollectionFeature) ManageSingleContainerNodeAgent(managers feature.PodTemplateManagers, provider string) error { + f.manageNodeAgent(apicommonv1.UnprivilegedSingleAgentContainerName, managers, provider) return nil } diff --git a/controllers/datadogagent/feature/npm/feature.go b/controllers/datadogagent/feature/npm/feature.go index 6330f0fe0..f62d9677b 100644 --- a/controllers/datadogagent/feature/npm/feature.go +++ b/controllers/datadogagent/feature/npm/feature.go @@ -97,10 +97,10 @@ func (f *npmFeature) ManageClusterAgent(managers feature.PodTemplateManagers) er return nil } -// ManageMultiProcessNodeAgent allows a feature to configure the multi-process container for Node Agent's corev1.PodTemplateSpec -// if multi-process container usage is enabled and can be used with the current feature set +// ManageSingleContainerNodeAgent allows a feature to configure the Agent container for the Node Agent's corev1.PodTemplateSpec +// if SingleContainerStrategy is enabled and can be used with the configured feature set. // It should do nothing if the feature doesn't need to configure it. -func (f *npmFeature) ManageMultiProcessNodeAgent(managers feature.PodTemplateManagers, provider string) error { +func (f *npmFeature) ManageSingleContainerNodeAgent(managers feature.PodTemplateManagers, provider string) error { return nil } diff --git a/controllers/datadogagent/feature/oomkill/feature.go b/controllers/datadogagent/feature/oomkill/feature.go index e37bf88f2..c3c1f0701 100644 --- a/controllers/datadogagent/feature/oomkill/feature.go +++ b/controllers/datadogagent/feature/oomkill/feature.go @@ -76,10 +76,10 @@ func (f *oomKillFeature) ManageClusterAgent(managers feature.PodTemplateManagers return nil } -// ManageMultiProcessNodeAgent allows a feature to configure the multi-process container for Node Agent's corev1.PodTemplateSpec -// if multi-process container usage is enabled and can be used with the current feature set +// ManageSingleContainerNodeAgent allows a feature to configure the Agent container for the Node Agent's corev1.PodTemplateSpec +// if SingleContainerStrategy is enabled and can be used with the configured feature set. // It should do nothing if the feature doesn't need to configure it. -func (f *oomKillFeature) ManageMultiProcessNodeAgent(managers feature.PodTemplateManagers, provider string) error { +func (f *oomKillFeature) ManageSingleContainerNodeAgent(managers feature.PodTemplateManagers, provider string) error { return nil } diff --git a/controllers/datadogagent/feature/orchestratorexplorer/feature.go b/controllers/datadogagent/feature/orchestratorexplorer/feature.go index 0f6ae57e7..4bdde7576 100644 --- a/controllers/datadogagent/feature/orchestratorexplorer/feature.go +++ b/controllers/datadogagent/feature/orchestratorexplorer/feature.go @@ -216,12 +216,12 @@ func (f *orchestratorExplorerFeature) ManageClusterAgent(managers feature.PodTem return nil } -// ManageMultiProcessNodeAgent allows a feature to configure the multi-process container for Node Agent's corev1.PodTemplateSpec -// if multi-process container usage is enabled and can be used with the current feature set +// ManageSingleContainerNodeAgent allows a feature to configure the Agent container for the Node Agent's corev1.PodTemplateSpec +// if SingleContainerStrategy is enabled and can be used with the configured feature set. // It should do nothing if the feature doesn't need to configure it. -func (f *orchestratorExplorerFeature) ManageMultiProcessNodeAgent(managers feature.PodTemplateManagers, provider string) error { +func (f *orchestratorExplorerFeature) ManageSingleContainerNodeAgent(managers feature.PodTemplateManagers, provider string) error { for _, env := range f.getEnvVars() { - managers.EnvVar().AddEnvVarToContainer(apicommonv1.UnprivilegedMultiProcessAgentContainerName, env) + managers.EnvVar().AddEnvVarToContainer(apicommonv1.UnprivilegedSingleAgentContainerName, env) } return nil diff --git a/controllers/datadogagent/feature/otlp/feature.go b/controllers/datadogagent/feature/otlp/feature.go index d84a1cfad..d0114fa94 100644 --- a/controllers/datadogagent/feature/otlp/feature.go +++ b/controllers/datadogagent/feature/otlp/feature.go @@ -239,10 +239,10 @@ func extractPortEndpoint(endpoint string) (int32, error) { return 0, fmt.Errorf("%q does not have a port explicitly set", endpoint) } -// ManageMultiProcessNodeAgent allows a feature to configure the multi-process container for Node Agent's corev1.PodTemplateSpec -// if multi-process container usage is enabled and can be used with the current feature set +// ManageSingleContainerNodeAgent allows a feature to configure the Agent container for the Node Agent's corev1.PodTemplateSpec +// if SingleContainerStrategy is enabled and can be used with the configured feature set. // It should do nothing if the feature doesn't need to configure it. -func (f *otlpFeature) ManageMultiProcessNodeAgent(managers feature.PodTemplateManagers, provider string) error { +func (f *otlpFeature) ManageSingleContainerNodeAgent(managers feature.PodTemplateManagers, provider string) error { if f.grpcEnabled { if err := validateOTLPGRPCEndpoint(f.grpcEndpoint); err != nil { f.logger.Error(err, "invalid OTLP/gRPC endpoint") @@ -264,8 +264,8 @@ func (f *otlpFeature) ManageMultiProcessNodeAgent(managers feature.PodTemplateMa Name: apicommon.DDOTLPgRPCEndpoint, Value: f.grpcEndpoint, } - managers.Port().AddPortToContainer(apicommonv1.UnprivilegedMultiProcessAgentContainerName, otlpgrpcPort) - managers.EnvVar().AddEnvVarToContainer(apicommonv1.UnprivilegedMultiProcessAgentContainerName, envVar) + managers.Port().AddPortToContainer(apicommonv1.UnprivilegedSingleAgentContainerName, otlpgrpcPort) + managers.EnvVar().AddEnvVarToContainer(apicommonv1.UnprivilegedSingleAgentContainerName, envVar) } if f.httpEnabled { @@ -284,8 +284,8 @@ func (f *otlpFeature) ManageMultiProcessNodeAgent(managers feature.PodTemplateMa Name: apicommon.DDOTLPHTTPEndpoint, Value: f.httpEndpoint, } - managers.Port().AddPortToContainer(apicommonv1.UnprivilegedMultiProcessAgentContainerName, otlphttpPort) - managers.EnvVar().AddEnvVarToContainer(apicommonv1.UnprivilegedMultiProcessAgentContainerName, envVar) + managers.Port().AddPortToContainer(apicommonv1.UnprivilegedSingleAgentContainerName, otlphttpPort) + managers.EnvVar().AddEnvVarToContainer(apicommonv1.UnprivilegedSingleAgentContainerName, envVar) } return nil diff --git a/controllers/datadogagent/feature/otlp/feature_test.go b/controllers/datadogagent/feature/otlp/feature_test.go index f89ddb945..769c55648 100644 --- a/controllers/datadogagent/feature/otlp/feature_test.go +++ b/controllers/datadogagent/feature/otlp/feature_test.go @@ -159,8 +159,8 @@ func TestOTLPFeature(t *testing.T) { }), }, { - Name: "[multi-process container] v2alpha1 gRPC and HTTP enabled, APM", - DDAv2: newV2AgentMultiProcess(Settings{ + Name: "[single container] v2alpha1 gRPC and HTTP enabled, APM", + DDAv2: newV2AgentSingleContainer(Settings{ EnabledGRPC: true, EndpointGRPC: "0.0.0.0:4317", EnabledHTTP: true, @@ -168,7 +168,7 @@ func TestOTLPFeature(t *testing.T) { APM: true, }), WantConfigure: true, - Agent: testExpectedMultiProcess(Expected{ + Agent: testExpectedSingleContainer(Expected{ EnvVars: []*corev1.EnvVar{ { Name: apicommon.DDOTLPgRPCEndpoint, @@ -221,13 +221,13 @@ func TestOTLPFeature(t *testing.T) { }), }, { - Name: "[multi-process container] v2alpha1 gRPC enabled, no APM", - DDAv2: newV2AgentMultiProcess(Settings{ + Name: "[single container] v2alpha1 gRPC enabled, no APM", + DDAv2: newV2AgentSingleContainer(Settings{ EnabledGRPC: true, EndpointGRPC: "0.0.0.0:4317", }), WantConfigure: true, - Agent: testExpectedMultiProcess(Expected{ + Agent: testExpectedSingleContainer(Expected{ EnvVars: []*corev1.EnvVar{ { Name: apicommon.DDOTLPgRPCEndpoint, @@ -271,14 +271,14 @@ func TestOTLPFeature(t *testing.T) { }), }, { - Name: "[multi-process container] v2alpha1 HTTP enabled, APM", - DDAv2: newV2AgentMultiProcess(Settings{ + Name: "[single container] v2alpha1 HTTP enabled, APM", + DDAv2: newV2AgentSingleContainer(Settings{ EnabledHTTP: true, EndpointHTTP: "somehostname:4318", APM: true, }), WantConfigure: true, - Agent: testExpectedMultiProcess(Expected{ + Agent: testExpectedSingleContainer(Expected{ EnvVars: []*corev1.EnvVar{ { Name: apicommon.DDOTLPHTTPEndpoint, @@ -340,12 +340,12 @@ func newV2Agent(set Settings) *v2alpha1.DatadogAgent { Build() } -func newV2AgentMultiProcess(set Settings) *v2alpha1.DatadogAgent { +func newV2AgentSingleContainer(set Settings) *v2alpha1.DatadogAgent { return v2alpha1test.NewDatadogAgentBuilder(). WithOTLPGRPCSettings(set.EnabledGRPC, set.EndpointGRPC). WithOTLPHTTPSettings(set.EnabledHTTP, set.EndpointHTTP). WithAPMEnabled(set.APM). - WithMultiProcessContainer(true). + WithSingleContainerStrategy(true). Build() } @@ -386,12 +386,12 @@ func testExpected(exp Expected) *test.ComponentTest { ) } -func testExpectedMultiProcess(exp Expected) *test.ComponentTest { +func testExpectedSingleContainer(exp Expected) *test.ComponentTest { return test.NewDefaultComponentTest().WithWantFunc( func(t testing.TB, mgrInterface feature.PodTemplateManagers) { mgr := mgrInterface.(*fake.PodTemplateManagers) - agentEnvs := mgr.EnvVarMgr.EnvVarsByC[apicommonv1.UnprivilegedMultiProcessAgentContainerName] + agentEnvs := mgr.EnvVarMgr.EnvVarsByC[apicommonv1.UnprivilegedSingleAgentContainerName] assert.True( t, apiutils.IsEqualStruct(agentEnvs, exp.EnvVars), @@ -399,7 +399,7 @@ func testExpectedMultiProcess(exp Expected) *test.ComponentTest { ) if exp.CheckTraceAgent { - agentEnvs := mgr.EnvVarMgr.EnvVarsByC[apicommonv1.UnprivilegedMultiProcessAgentContainerName] + agentEnvs := mgr.EnvVarMgr.EnvVarsByC[apicommonv1.UnprivilegedSingleAgentContainerName] assert.True( t, apiutils.IsEqualStruct(agentEnvs, exp.EnvVars), @@ -407,7 +407,7 @@ func testExpectedMultiProcess(exp Expected) *test.ComponentTest { ) } - agentPorts := mgr.PortMgr.PortsByC[apicommonv1.UnprivilegedMultiProcessAgentContainerName] + agentPorts := mgr.PortMgr.PortsByC[apicommonv1.UnprivilegedSingleAgentContainerName] assert.True( t, apiutils.IsEqualStruct(agentPorts, exp.Ports), diff --git a/controllers/datadogagent/feature/processdiscovery/feature.go b/controllers/datadogagent/feature/processdiscovery/feature.go index a425920f2..ffa78f1e0 100644 --- a/controllers/datadogagent/feature/processdiscovery/feature.go +++ b/controllers/datadogagent/feature/processdiscovery/feature.go @@ -62,8 +62,8 @@ func (p processDiscoveryFeature) ManageNodeAgent(managers feature.PodTemplateMan return nil } -func (p processDiscoveryFeature) ManageMultiProcessNodeAgent(managers feature.PodTemplateManagers, provider string) error { - p.manageNodeAgent(apicommonv1.UnprivilegedMultiProcessAgentContainerName, managers, provider) +func (p processDiscoveryFeature) ManageSingleContainerNodeAgent(managers feature.PodTemplateManagers, provider string) error { + p.manageNodeAgent(apicommonv1.UnprivilegedSingleAgentContainerName, managers, provider) return nil } diff --git a/controllers/datadogagent/feature/prometheusscrape/feature.go b/controllers/datadogagent/feature/prometheusscrape/feature.go index 00f885167..1a458b97d 100644 --- a/controllers/datadogagent/feature/prometheusscrape/feature.go +++ b/controllers/datadogagent/feature/prometheusscrape/feature.go @@ -139,11 +139,11 @@ func (f *prometheusScrapeFeature) ManageClusterAgent(managers feature.PodTemplat return nil } -// ManageMultiProcessNodeAgent allows a feature to configure the multi-process container for Node Agent's corev1.PodTemplateSpec -// if multi-process container usage is enabled and can be used with the current feature set +// ManageSingleContainerNodeAgent allows a feature to configure the Agent container for the Node Agent's corev1.PodTemplateSpec +// if SingleContainerStrategy is enabled and can be used with the configured feature set. // It should do nothing if the feature doesn't need to configure it. -func (f *prometheusScrapeFeature) ManageMultiProcessNodeAgent(managers feature.PodTemplateManagers, provider string) error { - f.manageNodeAgent(apicommonv1.UnprivilegedMultiProcessAgentContainerName, managers, provider) +func (f *prometheusScrapeFeature) ManageSingleContainerNodeAgent(managers feature.PodTemplateManagers, provider string) error { + f.manageNodeAgent(apicommonv1.UnprivilegedSingleAgentContainerName, managers, provider) return nil } diff --git a/controllers/datadogagent/feature/remoteconfig/feature.go b/controllers/datadogagent/feature/remoteconfig/feature.go index ac445309e..6d0c625ff 100644 --- a/controllers/datadogagent/feature/remoteconfig/feature.go +++ b/controllers/datadogagent/feature/remoteconfig/feature.go @@ -124,10 +124,10 @@ func (f *rcFeature) ManageClusterAgent(managers feature.PodTemplateManagers) err return nil } -// ManageMultiProcessNodeAgent allows a feature to configure the multi-process container for Node Agent's corev1.PodTemplateSpec -// if multi-process container usage is enabled and can be used with the current feature set +// ManageSingleContainerNodeAgent allows a feature to configure the Agent container for the Node Agent's corev1.PodTemplateSpec +// if SingleContainerStrategy is enabled and can be used with the configured feature set. // It should do nothing if the feature doesn't need to configure it. -func (f *rcFeature) ManageMultiProcessNodeAgent(managers feature.PodTemplateManagers, provider string) error { +func (f *rcFeature) ManageSingleContainerNodeAgent(managers feature.PodTemplateManagers, provider string) error { f.ManageNodeAgent(managers, provider) return nil } diff --git a/controllers/datadogagent/feature/sbom/feature.go b/controllers/datadogagent/feature/sbom/feature.go index d1c5fef7f..2a1281e98 100644 --- a/controllers/datadogagent/feature/sbom/feature.go +++ b/controllers/datadogagent/feature/sbom/feature.go @@ -100,8 +100,8 @@ func (f *sbomFeature) ManageClusterAgent(managers feature.PodTemplateManagers) e return nil } -func (p sbomFeature) ManageMultiProcessNodeAgent(managers feature.PodTemplateManagers, provider string) error { - // This feature doesn't set env vars on specific containers, so no specific logic for the multi-process agent +func (p sbomFeature) ManageSingleContainerNodeAgent(managers feature.PodTemplateManagers, provider string) error { + // This feature doesn't set env vars on specific containers, so no specific logic for the single agent p.ManageNodeAgent(managers, provider) return nil } diff --git a/controllers/datadogagent/feature/tcpqueuelength/feature.go b/controllers/datadogagent/feature/tcpqueuelength/feature.go index 1c69b9783..4651a5978 100644 --- a/controllers/datadogagent/feature/tcpqueuelength/feature.go +++ b/controllers/datadogagent/feature/tcpqueuelength/feature.go @@ -79,10 +79,10 @@ func (f *tcpQueueLengthFeature) ManageClusterAgent(managers feature.PodTemplateM return nil } -// ManageMultiProcessNodeAgent allows a feature to configure the multi-process container for Node Agent's corev1.PodTemplateSpec -// if multi-process container usage is enabled and can be used with the current feature set +// ManageSingleContainerNodeAgent allows a feature to configure the Agent container for the Node Agent's corev1.PodTemplateSpec +// if SingleContainerStrategy is enabled and can be used with the configured feature set. // It should do nothing if the feature doesn't need to configure it. -func (f *tcpQueueLengthFeature) ManageMultiProcessNodeAgent(managers feature.PodTemplateManagers, provider string) error { +func (f *tcpQueueLengthFeature) ManageSingleContainerNodeAgent(managers feature.PodTemplateManagers, provider string) error { return nil } diff --git a/controllers/datadogagent/feature/test/factory_test.go b/controllers/datadogagent/feature/test/factory_test.go index f0a85e95f..32d4d3104 100644 --- a/controllers/datadogagent/feature/test/factory_test.go +++ b/controllers/datadogagent/feature/test/factory_test.go @@ -30,26 +30,26 @@ func TestBuilder(t *testing.T) { dda: v2alpha1test.NewDatadogAgentBuilder(). BuildWithDefaults(), wantAgentContainer: map[apicommonv1.AgentContainerName]bool{ - apicommonv1.UnprivilegedMultiProcessAgentContainerName: false, - apicommonv1.CoreAgentContainerName: true, - apicommonv1.ProcessAgentContainerName: true, - apicommonv1.TraceAgentContainerName: true, - apicommonv1.SystemProbeContainerName: false, - apicommonv1.SecurityAgentContainerName: false, + apicommonv1.UnprivilegedSingleAgentContainerName: false, + apicommonv1.CoreAgentContainerName: true, + apicommonv1.ProcessAgentContainerName: true, + apicommonv1.TraceAgentContainerName: true, + apicommonv1.SystemProbeContainerName: false, + apicommonv1.SecurityAgentContainerName: false, }, }, { - name: "Default DDA with multi-process container, 1 multi-process container", + name: "Default DDA with single container strategy, 1 single container", dda: v2alpha1test.NewDatadogAgentBuilder(). - WithMultiProcessContainer(true). + WithSingleContainerStrategy(true). BuildWithDefaults(), wantAgentContainer: map[apicommonv1.AgentContainerName]bool{ - apicommonv1.UnprivilegedMultiProcessAgentContainerName: true, - apicommonv1.CoreAgentContainerName: false, - apicommonv1.ProcessAgentContainerName: false, - apicommonv1.TraceAgentContainerName: false, - apicommonv1.SystemProbeContainerName: false, - apicommonv1.SecurityAgentContainerName: false, + apicommonv1.UnprivilegedSingleAgentContainerName: true, + apicommonv1.CoreAgentContainerName: false, + apicommonv1.ProcessAgentContainerName: false, + apicommonv1.TraceAgentContainerName: false, + apicommonv1.SystemProbeContainerName: false, + apicommonv1.SecurityAgentContainerName: false, }, }, { @@ -58,27 +58,27 @@ func TestBuilder(t *testing.T) { WithAPMEnabled(true). BuildWithDefaults(), wantAgentContainer: map[apicommonv1.AgentContainerName]bool{ - apicommonv1.UnprivilegedMultiProcessAgentContainerName: false, - apicommonv1.CoreAgentContainerName: true, - apicommonv1.ProcessAgentContainerName: true, - apicommonv1.TraceAgentContainerName: true, - apicommonv1.SystemProbeContainerName: false, - apicommonv1.SecurityAgentContainerName: false, + apicommonv1.UnprivilegedSingleAgentContainerName: false, + apicommonv1.CoreAgentContainerName: true, + apicommonv1.ProcessAgentContainerName: true, + apicommonv1.TraceAgentContainerName: true, + apicommonv1.SystemProbeContainerName: false, + apicommonv1.SecurityAgentContainerName: false, }, }, { - name: "APM enabled with multi-process container, 1 multi-process container", + name: "APM enabled with single container strategy, 1 single container", dda: v2alpha1test.NewDatadogAgentBuilder(). - WithMultiProcessContainer(true). + WithSingleContainerStrategy(true). WithAPMEnabled(true). BuildWithDefaults(), wantAgentContainer: map[apicommonv1.AgentContainerName]bool{ - apicommonv1.UnprivilegedMultiProcessAgentContainerName: true, - apicommonv1.CoreAgentContainerName: false, - apicommonv1.ProcessAgentContainerName: false, - apicommonv1.TraceAgentContainerName: false, - apicommonv1.SystemProbeContainerName: false, - apicommonv1.SecurityAgentContainerName: false, + apicommonv1.UnprivilegedSingleAgentContainerName: true, + apicommonv1.CoreAgentContainerName: false, + apicommonv1.ProcessAgentContainerName: false, + apicommonv1.TraceAgentContainerName: false, + apicommonv1.SystemProbeContainerName: false, + apicommonv1.SecurityAgentContainerName: false, }, }, { @@ -88,28 +88,28 @@ func TestBuilder(t *testing.T) { WithNPMEnabled(true). BuildWithDefaults(), wantAgentContainer: map[apicommonv1.AgentContainerName]bool{ - apicommonv1.UnprivilegedMultiProcessAgentContainerName: false, - apicommonv1.CoreAgentContainerName: true, - apicommonv1.ProcessAgentContainerName: true, - apicommonv1.TraceAgentContainerName: true, - apicommonv1.SystemProbeContainerName: true, - apicommonv1.SecurityAgentContainerName: false, + apicommonv1.UnprivilegedSingleAgentContainerName: false, + apicommonv1.CoreAgentContainerName: true, + apicommonv1.ProcessAgentContainerName: true, + apicommonv1.TraceAgentContainerName: true, + apicommonv1.SystemProbeContainerName: true, + apicommonv1.SecurityAgentContainerName: false, }, }, { - name: "APM, NPM enabled with multi-process container, 4 agents", + name: "APM, NPM enabled with single container strategy, 4 agents", dda: v2alpha1test.NewDatadogAgentBuilder(). - WithMultiProcessContainer(true). + WithSingleContainerStrategy(true). WithAPMEnabled(true). WithNPMEnabled(true). BuildWithDefaults(), wantAgentContainer: map[apicommonv1.AgentContainerName]bool{ - apicommonv1.UnprivilegedMultiProcessAgentContainerName: false, - apicommonv1.CoreAgentContainerName: true, - apicommonv1.ProcessAgentContainerName: true, - apicommonv1.TraceAgentContainerName: true, - apicommonv1.SystemProbeContainerName: true, - apicommonv1.SecurityAgentContainerName: false, + apicommonv1.UnprivilegedSingleAgentContainerName: false, + apicommonv1.CoreAgentContainerName: true, + apicommonv1.ProcessAgentContainerName: true, + apicommonv1.TraceAgentContainerName: true, + apicommonv1.SystemProbeContainerName: true, + apicommonv1.SecurityAgentContainerName: false, }, }, { @@ -120,29 +120,29 @@ func TestBuilder(t *testing.T) { WithCSPMEnabled(true). BuildWithDefaults(), wantAgentContainer: map[apicommonv1.AgentContainerName]bool{ - apicommonv1.UnprivilegedMultiProcessAgentContainerName: false, - apicommonv1.CoreAgentContainerName: true, - apicommonv1.ProcessAgentContainerName: true, - apicommonv1.TraceAgentContainerName: true, - apicommonv1.SystemProbeContainerName: true, - apicommonv1.SecurityAgentContainerName: true, + apicommonv1.UnprivilegedSingleAgentContainerName: false, + apicommonv1.CoreAgentContainerName: true, + apicommonv1.ProcessAgentContainerName: true, + apicommonv1.TraceAgentContainerName: true, + apicommonv1.SystemProbeContainerName: true, + apicommonv1.SecurityAgentContainerName: true, }, }, { - name: "APM, NPM, CSPM enabled with multi-process container, 5 agents", + name: "APM, NPM, CSPM enabled with single container strategy, 5 agents", dda: v2alpha1test.NewDatadogAgentBuilder(). - WithMultiProcessContainer(true). + WithSingleContainerStrategy(true). WithAPMEnabled(true). WithNPMEnabled(true). WithCSPMEnabled(true). BuildWithDefaults(), wantAgentContainer: map[apicommonv1.AgentContainerName]bool{ - apicommonv1.UnprivilegedMultiProcessAgentContainerName: false, - apicommonv1.CoreAgentContainerName: true, - apicommonv1.ProcessAgentContainerName: true, - apicommonv1.TraceAgentContainerName: true, - apicommonv1.SystemProbeContainerName: true, - apicommonv1.SecurityAgentContainerName: true, + apicommonv1.UnprivilegedSingleAgentContainerName: false, + apicommonv1.CoreAgentContainerName: true, + apicommonv1.ProcessAgentContainerName: true, + apicommonv1.TraceAgentContainerName: true, + apicommonv1.SystemProbeContainerName: true, + apicommonv1.SecurityAgentContainerName: true, }, }, } @@ -154,7 +154,7 @@ func TestBuilder(t *testing.T) { assert.True(t, *requiredComponents.Agent.IsRequired) for name, required := range tt.wantAgentContainer { - assert.Equal(t, required, wantAgentContainer(name, requiredComponents), "Chech", name) + assert.Equal(t, required, wantAgentContainer(name, requiredComponents), "Check", name) } }) } diff --git a/controllers/datadogagent/feature/test/testsuite.go b/controllers/datadogagent/feature/test/testsuite.go index c54e80f3a..85de08d7a 100644 --- a/controllers/datadogagent/feature/test/testsuite.go +++ b/controllers/datadogagent/feature/test/testsuite.go @@ -138,8 +138,8 @@ func runTest(t *testing.T, tt FeatureTest, buildFunc feature.BuildFunc) { if tt.Agent != nil { tplManager, provider := tt.Agent.CreateFunc(t) - if len(gotConfigure.Agent.Containers) > 0 && gotConfigure.Agent.Containers[0] == apicommonv1.UnprivilegedMultiProcessAgentContainerName { - _ = feat.ManageMultiProcessNodeAgent(tplManager, provider) + if len(gotConfigure.Agent.Containers) > 0 && gotConfigure.Agent.Containers[0] == apicommonv1.UnprivilegedSingleAgentContainerName { + _ = feat.ManageSingleContainerNodeAgent(tplManager, provider) } else { _ = feat.ManageNodeAgent(tplManager, provider) } diff --git a/controllers/datadogagent/feature/types.go b/controllers/datadogagent/feature/types.go index 616b86554..e4a45b5ed 100644 --- a/controllers/datadogagent/feature/types.go +++ b/controllers/datadogagent/feature/types.go @@ -75,9 +75,9 @@ func (rc *RequiredComponent) IsPrivileged() bool { return false } -func (rc *RequiredComponent) MultiProcessContainerEnabled() bool { +func (rc *RequiredComponent) SingleContainerStrategyEnabled() bool { return len(rc.Containers) == 1 && - rc.Containers[0] == apicommonv1.UnprivilegedMultiProcessAgentContainerName + rc.Containers[0] == apicommonv1.UnprivilegedSingleAgentContainerName } // Merge use to merge 2 RequiredComponents @@ -141,10 +141,10 @@ type Feature interface { // ManageNodeAget allows a feature to configure the Node Agent's corev1.PodTemplateSpec // It should do nothing if the feature doesn't need to configure it. ManageNodeAgent(managers PodTemplateManagers, provider string) error - // ManageMultiProcessNodeAgent allows a feature to configure the multi-process container for Node Agent's corev1.PodTemplateSpec - // if multi-process container usage is enabled and can be used with the current feature set + // ManageSingleContainerNodeAgent allows a feature to configure the Agent container for the Node Agent's corev1.PodTemplateSpec + // if SingleContainerStrategy is enabled and can be used with the configured feature set. // It should do nothing if the feature doesn't need to configure it. - ManageMultiProcessNodeAgent(managers PodTemplateManagers, provider string) error + ManageSingleContainerNodeAgent(managers PodTemplateManagers, provider string) error // ManageClusterChecksRunner allows a feature to configure the ClusterChecksRunnerAgent's corev1.PodTemplateSpec // It should do nothing if the feature doesn't need to configure it. ManageClusterChecksRunner(managers PodTemplateManagers) error diff --git a/controllers/datadogagent/feature/usm/feature.go b/controllers/datadogagent/feature/usm/feature.go index 64d5df903..3a6655d78 100644 --- a/controllers/datadogagent/feature/usm/feature.go +++ b/controllers/datadogagent/feature/usm/feature.go @@ -98,10 +98,10 @@ func (f *usmFeature) ManageClusterAgent(managers feature.PodTemplateManagers) er return nil } -// ManageMultiProcessNodeAgent allows a feature to configure the multi-process container for Node Agent's corev1.PodTemplateSpec -// if multi-process container usage is enabled and can be used with the current feature set +// ManageSingleContainerNodeAgent allows a feature to configure the Agent container for the Node Agent's corev1.PodTemplateSpec +// if SingleContainerStrategy is enabled and can be used with the configured feature set. // It should do nothing if the feature doesn't need to configure it. -func (f *usmFeature) ManageMultiProcessNodeAgent(managers feature.PodTemplateManagers, provider string) error { +func (f *usmFeature) ManageSingleContainerNodeAgent(managers feature.PodTemplateManagers, provider string) error { return nil } diff --git a/controllers/datadogagent/override/global.go b/controllers/datadogagent/override/global.go index dd758226d..a16b75429 100644 --- a/controllers/datadogagent/override/global.go +++ b/controllers/datadogagent/override/global.go @@ -35,13 +35,13 @@ func ApplyGlobalSettingsClusterChecksRunner(logger logr.Logger, manager feature. } func ApplyGlobalSettingsNodeAgent(logger logr.Logger, manager feature.PodTemplateManagers, dda *v2alpha1.DatadogAgent, - resourcesManager feature.ResourceManagers, usesMultiProcessCoreAgent bool) *corev1.PodTemplateSpec { - return applyGlobalSettings(logger, manager, dda, resourcesManager, v2alpha1.NodeAgentComponentName, usesMultiProcessCoreAgent) + resourcesManager feature.ResourceManagers, singleContainerStrategyEnabled bool) *corev1.PodTemplateSpec { + return applyGlobalSettings(logger, manager, dda, resourcesManager, v2alpha1.NodeAgentComponentName, singleContainerStrategyEnabled) } // ApplyGlobalSettings use to apply global setting to a PodTemplateSpec func applyGlobalSettings(logger logr.Logger, manager feature.PodTemplateManagers, dda *v2alpha1.DatadogAgent, - resourcesManager feature.ResourceManagers, componentName v2alpha1.ComponentName, usesMultiProcessCoreAgent bool) *corev1.PodTemplateSpec { + resourcesManager feature.ResourceManagers, componentName v2alpha1.ComponentName, singleContainerStrategyEnabled bool) *corev1.PodTemplateSpec { config := dda.Spec.Global // ClusterName sets a unique cluster name for the deployment to easily scope monitoring data in the Datadog app. @@ -215,11 +215,11 @@ func applyGlobalSettings(logger logr.Logger, manager feature.PodTemplateManagers agentCAPath = apicommon.KubeletAgentCAPath } kubeletVol, kubeletVolMount := volume.GetVolumes(apicommon.KubeletCAVolumeName, config.Kubelet.HostCAPath, agentCAPath, true) - if usesMultiProcessCoreAgent { + if singleContainerStrategyEnabled { manager.VolumeMount().AddVolumeMountToContainers( &kubeletVolMount, []apicommonv1.AgentContainerName{ - apicommonv1.UnprivilegedMultiProcessAgentContainerName, + apicommonv1.UnprivilegedSingleAgentContainerName, }, ) manager.Volume().AddVolume(&kubeletVol) @@ -264,11 +264,11 @@ func applyGlobalSettings(logger logr.Logger, manager feature.PodTemplateManagers } if runtimeVol.Name != "" && runtimeVolMount.Name != "" { - if usesMultiProcessCoreAgent { + if singleContainerStrategyEnabled { manager.VolumeMount().AddVolumeMountToContainers( &runtimeVolMount, []apicommonv1.AgentContainerName{ - apicommonv1.UnprivilegedMultiProcessAgentContainerName, + apicommonv1.UnprivilegedSingleAgentContainerName, }, ) manager.Volume().AddVolume(&runtimeVol) diff --git a/controllers/datadogagent/override/global_test.go b/controllers/datadogagent/override/global_test.go index 7b60ea6a2..4c511c99c 100644 --- a/controllers/datadogagent/override/global_test.go +++ b/controllers/datadogagent/override/global_test.go @@ -41,17 +41,17 @@ func TestNodeAgentComponenGlobalSettings(t *testing.T) { } tests := []struct { - name string - dda *v2alpha1.DatadogAgent - useMultiProcessAgentContainer bool - wantVolumeMounts []*corev1.VolumeMount - wantVolumes []*corev1.Volume - wantEnvVars []*corev1.EnvVar - want func(t testing.TB, mgrInterface feature.PodTemplateManagers, expectedEnvVars []*corev1.EnvVar, expectedVolumes []*corev1.Volume, expectedVolumeMounts []*corev1.VolumeMount) + name string + dda *v2alpha1.DatadogAgent + singleContainerStrategyEnabled bool + wantVolumeMounts []*corev1.VolumeMount + wantVolumes []*corev1.Volume + wantEnvVars []*corev1.EnvVar + want func(t testing.TB, mgrInterface feature.PodTemplateManagers, expectedEnvVars []*corev1.EnvVar, expectedVolumes []*corev1.Volume, expectedVolumeMounts []*corev1.VolumeMount) }{ { - name: "Kubelet volume configured", - useMultiProcessAgentContainer: false, + name: "Kubelet volume configured", + singleContainerStrategyEnabled: false, dda: v2alpha1test.NewDatadogAgentBuilder(). WithGlobalKubeletConfig(hostCAPath, agentCAPath, true). WithGlobalDockerSocketPath(dockerSocketPath). @@ -62,8 +62,8 @@ func TestNodeAgentComponenGlobalSettings(t *testing.T) { want: assertAll, }, { - name: "Kubelet volume configured", - useMultiProcessAgentContainer: true, + name: "Kubelet volume configured", + singleContainerStrategyEnabled: true, dda: v2alpha1test.NewDatadogAgentBuilder(). WithGlobalKubeletConfig(hostCAPath, agentCAPath, true). WithGlobalDockerSocketPath(dockerSocketPath). @@ -71,7 +71,7 @@ func TestNodeAgentComponenGlobalSettings(t *testing.T) { wantEnvVars: getExpectedEnvVars(), wantVolumeMounts: getExpectedVolumeMounts(), wantVolumes: getExpectedVolumes(), - want: assertAllAgentMultiProcessContainer, + want: assertAllAgentSingleContainer, }, } @@ -81,7 +81,7 @@ func TestNodeAgentComponenGlobalSettings(t *testing.T) { store := dependencies.NewStore(tt.dda, storeOptions) resourcesManager := feature.NewResourceManagers(store) - ApplyGlobalSettingsNodeAgent(logger, podTemplateManager, tt.dda, resourcesManager, tt.useMultiProcessAgentContainer) + ApplyGlobalSettingsNodeAgent(logger, podTemplateManager, tt.dda, resourcesManager, tt.singleContainerStrategyEnabled) tt.want(t, podTemplateManager, tt.wantEnvVars, tt.wantVolumes, tt.wantVolumeMounts) }) @@ -106,12 +106,12 @@ func assertAll(t testing.TB, mgrInterface feature.PodTemplateManagers, expectedE assert.True(t, apiutils.IsEqualStruct(agentEnvVars, expectedEnvVars), "Agent envvars \ndiff = %s", cmp.Diff(agentEnvVars, expectedEnvVars)) } -func assertAllAgentMultiProcessContainer(t testing.TB, mgrInterface feature.PodTemplateManagers, expectedEnvVars []*corev1.EnvVar, expectedVolumes []*corev1.Volume, expectedVolumeMounts []*corev1.VolumeMount) { +func assertAllAgentSingleContainer(t testing.TB, mgrInterface feature.PodTemplateManagers, expectedEnvVars []*corev1.EnvVar, expectedVolumes []*corev1.Volume, expectedVolumeMounts []*corev1.VolumeMount) { mgr := mgrInterface.(*fake.PodTemplateManagers) - agentMultiProcessContainerVolumeMounts := mgr.VolumeMountMgr.VolumeMountsByC[apicommonv1.UnprivilegedMultiProcessAgentContainerName] + agentSingleContainerVolumeMounts := mgr.VolumeMountMgr.VolumeMountsByC[apicommonv1.UnprivilegedSingleAgentContainerName] - assert.True(t, apiutils.IsEqualStruct(agentMultiProcessContainerVolumeMounts, expectedVolumeMounts), "Volume mounts \ndiff = %s", cmp.Diff(agentMultiProcessContainerVolumeMounts, []*corev1.VolumeMount(nil))) + assert.True(t, apiutils.IsEqualStruct(agentSingleContainerVolumeMounts, expectedVolumeMounts), "Volume mounts \ndiff = %s", cmp.Diff(agentSingleContainerVolumeMounts, []*corev1.VolumeMount(nil))) volumes := mgr.VolumeMgr.Volumes assert.True(t, apiutils.IsEqualStruct(volumes, expectedVolumes), "Volumes \ndiff = %s", cmp.Diff(volumes, []*corev1.Volume{})) diff --git a/docs/configuration.v2alpha1.md b/docs/configuration.v2alpha1.md index 7e594fbe1..d1417988b 100644 --- a/docs/configuration.v2alpha1.md +++ b/docs/configuration.v2alpha1.md @@ -133,7 +133,7 @@ spec: | global.clusterAgentTokenSecret.keyName | KeyName is the key of the secret to use. | | global.clusterAgentTokenSecret.secretName | SecretName is the name of the secret. | | global.clusterName | ClusterName sets a unique cluster name for the deployment to easily scope monitoring data in the Datadog app. | -| global.containerProcessStrategy.type | Type sets a predetermined grouping of processes across containers. There are two supported groupings: `singleProcessContainers` runs one process per container. `unprivilegedMultiProcessContainer`, runs unprivileged processes in a single container unless the configuration requires a privileged agent. For example if `security-agent` or `system-probe` is required, `singleProcessContainers` will be used. Default: `singleProcessContainers` | +| global.containerStrategy | ContainerStrategy determines whether agents run in a single or multiple containers. Default: 'optimized' | | global.credentials.apiKey | APIKey configures your Datadog API key. See also: https://app.datadoghq.com/account/settings#agent/kubernetes | | global.credentials.apiSecret.keyName | KeyName is the key of the secret to use. | | global.credentials.apiSecret.secretName | SecretName is the name of the secret. |