[PROCS-1464] Add Process Discovery Feature to Operator (#927)

* initial commit * add tests
DataDog · Sep 26, 2023 · b1e69ec · b1e69ec
1 parent e81840e
commit b1e69ec
Show file tree

Hide file tree

Showing 14 changed files with 294 additions and 1 deletion.
diff --git a/README.md b/README.md
@@ -50,6 +50,7 @@ Operator `1.0.0` contains several changes users need to be aware of:
 - Live Container Collection
 - Orchestrator Explorer
 - UnixDomainSocket transport for DogStatsD (and APM if enabled)
+- Process Discovery
 
 ## Functionalities
 

diff --git a/apis/datadoghq/common/envvar.go b/apis/datadoghq/common/envvar.go
@@ -90,6 +90,7 @@ const (
 	DDProcessCollectionEnabled                        = "DD_PROCESS_CONFIG_PROCESS_COLLECTION_ENABLED"
 	DDProcessConfigScrubArgs                          = "DD_PROCESS_CONFIG_SCRUB_ARGS"
 	DDProcessConfigStripArgs                          = "DD_PROCESS_CONFIG_STRIP_PROC_ARGUMENTS"
+	DDProcessDiscoveryEnabled                         = "DD_PROCESS_CONFIG_PROCESS_DISCOVERY_ENABLED"
 	DDPrometheusScrapeChecks                          = "DD_PROMETHEUS_SCRAPE_CHECKS"
 	DDPrometheusScrapeEnabled                         = "DD_PROMETHEUS_SCRAPE_ENABLED"
 	DDPrometheusScrapeServiceEndpoints                = "DD_PROMETHEUS_SCRAPE_SERVICE_ENDPOINTS"

diff --git a/apis/datadoghq/v2alpha1/datadogagent_default.go b/apis/datadoghq/v2alpha1/datadogagent_default.go
@@ -27,6 +27,8 @@ const (
 	// defaultLiveProcessCollectionEnabled   bool = false
 	defaultLiveContainerCollectionEnabled bool = true
 
+	defaultProcessDiscoveryEnabled bool = true
+
 	// defaultOOMKillEnabled        bool = false
 	// defaultTCPQueueLengthEnabled bool = false
 
@@ -153,6 +155,13 @@ func defaultFeaturesConfig(ddaSpec *DatadogAgentSpec) {
 		}
 	}
 
+	// ProcessDiscovery Feature
+	if ddaSpec.Features.ProcessDiscovery == nil || apiutils.IsEqualStruct(*ddaSpec.Features.ProcessDiscovery, ProcessDiscoveryFeatureConfig{}) {
+		ddaSpec.Features.ProcessDiscovery = &ProcessDiscoveryFeatureConfig{
+			Enabled: apiutils.NewBoolPointer(defaultProcessDiscoveryEnabled),
+		}
+	}
+
 	// APM Feature
 	if ddaSpec.Features.APM != nil && ddaSpec.Features.APM.Enabled != nil && *ddaSpec.Features.APM.Enabled {
 		if ddaSpec.Features.APM.HostPortConfig == nil {

diff --git a/apis/datadoghq/v2alpha1/datadogagent_default_test.go b/apis/datadoghq/v2alpha1/datadogagent_default_test.go
@@ -73,6 +73,9 @@ func Test_defaultFeatures(t *testing.T) {
 					LiveContainerCollection: &LiveContainerCollectionFeatureConfig{
 						Enabled: apiutils.NewBoolPointer(defaultLiveContainerCollectionEnabled),
 					},
+					ProcessDiscovery: &ProcessDiscoveryFeatureConfig{
+						Enabled: apiutils.NewBoolPointer(defaultProcessDiscoveryEnabled),
+					},
 					Dogstatsd: &DogstatsdFeatureConfig{
 						OriginDetectionEnabled: apiutils.NewBoolPointer(defaultDogstatsdOriginDetectionEnabled),
 						HostPortConfig:         &HostPortConfig{Enabled: apiutils.NewBoolPointer(defaultDogstatsdHostPortEnabled)},
@@ -129,6 +132,9 @@ func Test_defaultFeatures(t *testing.T) {
 					LiveContainerCollection: &LiveContainerCollectionFeatureConfig{
 						Enabled: apiutils.NewBoolPointer(valueFalse),
 					},
+					ProcessDiscovery: &ProcessDiscoveryFeatureConfig{
+						Enabled: apiutils.NewBoolPointer(valueFalse),
+					},
 					OOMKill: &OOMKillFeatureConfig{
 						Enabled: apiutils.NewBoolPointer(valueFalse),
 					},
@@ -191,6 +197,9 @@ func Test_defaultFeatures(t *testing.T) {
 					LiveContainerCollection: &LiveContainerCollectionFeatureConfig{
 						Enabled: apiutils.NewBoolPointer(valueFalse),
 					},
+					ProcessDiscovery: &ProcessDiscoveryFeatureConfig{
+						Enabled: apiutils.NewBoolPointer(valueFalse),
+					},
 					OOMKill: &OOMKillFeatureConfig{
 						Enabled: apiutils.NewBoolPointer(valueFalse),
 					},
@@ -274,6 +283,10 @@ func Test_defaultFeatures(t *testing.T) {
 					LiveContainerCollection: &LiveContainerCollectionFeatureConfig{
 						Enabled: apiutils.NewBoolPointer(defaultLiveContainerCollectionEnabled),
 					},
+					ProcessDiscovery: &ProcessDiscoveryFeatureConfig{
+						// The agent will automatically disable process discovery collection in this case
+						Enabled: apiutils.NewBoolPointer(defaultProcessDiscoveryEnabled),
+					},
 					Dogstatsd: &DogstatsdFeatureConfig{
 						OriginDetectionEnabled: apiutils.NewBoolPointer(defaultDogstatsdOriginDetectionEnabled),
 						HostPortConfig:         &HostPortConfig{Enabled: apiutils.NewBoolPointer(defaultDogstatsdHostPortEnabled)},
@@ -339,6 +352,9 @@ func Test_defaultFeatures(t *testing.T) {
 					LiveContainerCollection: &LiveContainerCollectionFeatureConfig{
 						Enabled: apiutils.NewBoolPointer(defaultLiveContainerCollectionEnabled),
 					},
+					ProcessDiscovery: &ProcessDiscoveryFeatureConfig{
+						Enabled: apiutils.NewBoolPointer(defaultProcessDiscoveryEnabled),
+					},
 					Dogstatsd: &DogstatsdFeatureConfig{
 						OriginDetectionEnabled: apiutils.NewBoolPointer(defaultDogstatsdOriginDetectionEnabled),
 						HostPortConfig:         &HostPortConfig{Enabled: apiutils.NewBoolPointer(defaultDogstatsdHostPortEnabled)},
@@ -396,6 +412,9 @@ func Test_defaultFeatures(t *testing.T) {
 					LiveContainerCollection: &LiveContainerCollectionFeatureConfig{
 						Enabled: apiutils.NewBoolPointer(defaultLiveContainerCollectionEnabled),
 					},
+					ProcessDiscovery: &ProcessDiscoveryFeatureConfig{
+						Enabled: apiutils.NewBoolPointer(defaultProcessDiscoveryEnabled),
+					},
 					APM: &APMFeatureConfig{
 						Enabled: apiutils.NewBoolPointer(valueTrue),
 						HostPortConfig: &HostPortConfig{
@@ -464,6 +483,9 @@ func Test_defaultFeatures(t *testing.T) {
 					LiveContainerCollection: &LiveContainerCollectionFeatureConfig{
 						Enabled: apiutils.NewBoolPointer(defaultLiveContainerCollectionEnabled),
 					},
+					ProcessDiscovery: &ProcessDiscoveryFeatureConfig{
+						Enabled: apiutils.NewBoolPointer(defaultProcessDiscoveryEnabled),
+					},
 					NPM: &NPMFeatureConfig{
 						Enabled:         apiutils.NewBoolPointer(valueTrue),
 						EnableConntrack: apiutils.NewBoolPointer(defaultNPMEnableConntrack),
@@ -533,6 +555,9 @@ func Test_defaultFeatures(t *testing.T) {
 					LiveContainerCollection: &LiveContainerCollectionFeatureConfig{
 						Enabled: apiutils.NewBoolPointer(defaultLiveContainerCollectionEnabled),
 					},
+					ProcessDiscovery: &ProcessDiscoveryFeatureConfig{
+						Enabled: apiutils.NewBoolPointer(defaultProcessDiscoveryEnabled),
+					},
 					Dogstatsd: &DogstatsdFeatureConfig{
 						OriginDetectionEnabled: apiutils.NewBoolPointer(defaultDogstatsdOriginDetectionEnabled),
 						HostPortConfig:         &HostPortConfig{Enabled: apiutils.NewBoolPointer(defaultDogstatsdHostPortEnabled)},
@@ -590,6 +615,9 @@ func Test_defaultFeatures(t *testing.T) {
 					LiveContainerCollection: &LiveContainerCollectionFeatureConfig{
 						Enabled: apiutils.NewBoolPointer(defaultLiveContainerCollectionEnabled),
 					},
+					ProcessDiscovery: &ProcessDiscoveryFeatureConfig{
+						Enabled: apiutils.NewBoolPointer(defaultProcessDiscoveryEnabled),
+					},
 					Dogstatsd: &DogstatsdFeatureConfig{
 						OriginDetectionEnabled: apiutils.NewBoolPointer(defaultDogstatsdOriginDetectionEnabled),
 						HostPortConfig:         &HostPortConfig{Enabled: apiutils.NewBoolPointer(defaultDogstatsdHostPortEnabled)},
@@ -652,6 +680,9 @@ func Test_defaultFeatures(t *testing.T) {
 					LiveContainerCollection: &LiveContainerCollectionFeatureConfig{
 						Enabled: apiutils.NewBoolPointer(defaultLiveContainerCollectionEnabled),
 					},
+					ProcessDiscovery: &ProcessDiscoveryFeatureConfig{
+						Enabled: apiutils.NewBoolPointer(defaultProcessDiscoveryEnabled),
+					},
 					Dogstatsd: &DogstatsdFeatureConfig{
 						OriginDetectionEnabled: apiutils.NewBoolPointer(defaultDogstatsdOriginDetectionEnabled),
 						HostPortConfig:         &HostPortConfig{Enabled: apiutils.NewBoolPointer(defaultDogstatsdHostPortEnabled)},
@@ -710,6 +741,9 @@ func Test_defaultFeatures(t *testing.T) {
 					LiveContainerCollection: &LiveContainerCollectionFeatureConfig{
 						Enabled: apiutils.NewBoolPointer(defaultLiveContainerCollectionEnabled),
 					},
+					ProcessDiscovery: &ProcessDiscoveryFeatureConfig{
+						Enabled: apiutils.NewBoolPointer(defaultProcessDiscoveryEnabled),
+					},
 					Dogstatsd: &DogstatsdFeatureConfig{
 						OriginDetectionEnabled: apiutils.NewBoolPointer(defaultDogstatsdOriginDetectionEnabled),
 						HostPortConfig:         &HostPortConfig{Enabled: apiutils.NewBoolPointer(defaultDogstatsdHostPortEnabled)},
@@ -768,6 +802,9 @@ func Test_defaultFeatures(t *testing.T) {
 					LiveContainerCollection: &LiveContainerCollectionFeatureConfig{
 						Enabled: apiutils.NewBoolPointer(defaultLiveContainerCollectionEnabled),
 					},
+					ProcessDiscovery: &ProcessDiscoveryFeatureConfig{
+						Enabled: apiutils.NewBoolPointer(defaultProcessDiscoveryEnabled),
+					},
 					Dogstatsd: &DogstatsdFeatureConfig{
 						OriginDetectionEnabled: apiutils.NewBoolPointer(defaultDogstatsdOriginDetectionEnabled),
 						HostPortConfig:         &HostPortConfig{Enabled: apiutils.NewBoolPointer(defaultDogstatsdHostPortEnabled)},
@@ -820,6 +857,7 @@ func Test_defaultFeatures(t *testing.T) {
 					LogCollection:           &LogCollectionFeatureConfig{},
 					LiveProcessCollection:   &LiveProcessCollectionFeatureConfig{},
 					LiveContainerCollection: &LiveContainerCollectionFeatureConfig{},
+					ProcessDiscovery:        &ProcessDiscoveryFeatureConfig{},
 					OOMKill:                 &OOMKillFeatureConfig{},
 					TCPQueueLength:          &TCPQueueLengthFeatureConfig{},
 					APM:                     &APMFeatureConfig{},
@@ -842,6 +880,9 @@ func Test_defaultFeatures(t *testing.T) {
 				Features: &DatadogFeatures{
 					LogCollection:         &LogCollectionFeatureConfig{},
 					LiveProcessCollection: &LiveProcessCollectionFeatureConfig{},
+					ProcessDiscovery: &ProcessDiscoveryFeatureConfig{
+						Enabled: apiutils.NewBoolPointer(defaultProcessDiscoveryEnabled),
+					},
 					OOMKill:               &OOMKillFeatureConfig{},
 					TCPQueueLength:        &TCPQueueLengthFeatureConfig{},
 					APM:                   &APMFeatureConfig{},

diff --git a/apis/datadoghq/v2alpha1/datadogagent_types.go b/apis/datadoghq/v2alpha1/datadogagent_types.go
@@ -51,6 +51,8 @@ type DatadogFeatures struct {
 	LiveProcessCollection *LiveProcessCollectionFeatureConfig `json:"liveProcessCollection,omitempty"`
 	// LiveContainerCollection configuration.
 	LiveContainerCollection *LiveContainerCollectionFeatureConfig `json:"liveContainerCollection,omitempty"`
+	// ProcessDiscovery configuration.
+	ProcessDiscovery *ProcessDiscoveryFeatureConfig `json:"processDiscovery,omitempty"`
 	// OOMKill configuration.
 	OOMKill *OOMKillFeatureConfig `json:"oomKill,omitempty"`
 	// TCPQueueLength configuration.
@@ -196,6 +198,15 @@ type LiveContainerCollectionFeatureConfig struct {
 	Enabled *bool `json:"enabled,omitempty"`
 }
 
+// ProcessDiscoveryFeatureConfig contains the configuration for the process discovery check
+// ProcessDiscovery is run in the ProcessAgent
+type ProcessDiscoveryFeatureConfig struct {
+	// Enabled enables the Process Discovery check in the Agent.
+	// Default: true
+	// +optional
+	Enabled *bool `json:"enabled,omitempty"`
+}
+
 // OOMKillFeatureConfig configures the OOM Kill monitoring feature.
 type OOMKillFeatureConfig struct {
 	// Enables the OOMKill eBPF-based check.

diff --git a/apis/datadoghq/v2alpha1/zz_generated.deepcopy.go b/apis/datadoghq/v2alpha1/zz_generated.deepcopy.go
diff --git a/apis/datadoghq/v2alpha1/zz_generated.openapi.go b/apis/datadoghq/v2alpha1/zz_generated.openapi.go
diff --git a/config/crd/bases/v1/datadoghq.com_datadogagents.yaml b/config/crd/bases/v1/datadoghq.com_datadogagents.yaml
@@ -8323,6 +8323,13 @@ spec:
                               type: object
                           type: object
                       type: object
+                    processDiscovery:
+                      description: ProcessDiscovery configuration.
+                      properties:
+                        enabled:
+                          description: 'Enabled enables the Process Discovery check in the Agent. Default: true'
+                          type: boolean
+                      type: object
                     prometheusScrape:
                       description: PrometheusScrape configuration.
                       properties:

diff --git a/config/crd/bases/v1beta1/datadoghq.com_datadogagents.yaml b/config/crd/bases/v1beta1/datadoghq.com_datadogagents.yaml
@@ -15873,6 +15873,13 @@ spec:
                               type: object
                           type: object
                       type: object
+                    processDiscovery:
+                      description: ProcessDiscovery configuration.
+                      properties:
+                        enabled:
+                          description: 'Enabled enables the Process Discovery check in the Agent. Default: true'
+                          type: boolean
+                      type: object
                     prometheusScrape:
                       description: PrometheusScrape configuration.
                       properties:

diff --git a/controllers/datadogagent/controller.go b/controllers/datadogagent/controller.go
@@ -52,6 +52,7 @@ import (
 	_ "github.com/DataDog/datadog-operator/controllers/datadogagent/feature/oomkill"
 	_ "github.com/DataDog/datadog-operator/controllers/datadogagent/feature/orchestratorexplorer"
 	_ "github.com/DataDog/datadog-operator/controllers/datadogagent/feature/otlp"
+	_ "github.com/DataDog/datadog-operator/controllers/datadogagent/feature/processdiscovery"
 	_ "github.com/DataDog/datadog-operator/controllers/datadogagent/feature/prometheusscrape"
 	_ "github.com/DataDog/datadog-operator/controllers/datadogagent/feature/remoteconfig"
 	_ "github.com/DataDog/datadog-operator/controllers/datadogagent/feature/tcpqueuelength"

diff --git a/controllers/datadogagent/feature/ids.go b/controllers/datadogagent/feature/ids.go
@@ -23,6 +23,8 @@ const (
 	LiveContainerIDType = "live_container"
 	// LiveProcessIDType Live Process feature.
 	LiveProcessIDType = "live_process"
+	// ProcessDiscoveryIDType Process Discovery feature.
+	ProcessDiscoveryIDType = "process_discovery"
 	// OrchestratorExplorerIDType Orchestrator Explorer feature.
 	OrchestratorExplorerIDType = "orchestrator_explorer"
 	// LogCollectionIDType Log Collection feature.

diff --git a/controllers/datadogagent/feature/processdiscovery/feature.go b/controllers/datadogagent/feature/processdiscovery/feature.go
@@ -0,0 +1,77 @@
+package processdiscovery
+
+import (
+	corev1 "k8s.io/api/core/v1"
+
+	apicommon "github.com/DataDog/datadog-operator/apis/datadoghq/common"
+	apicommonv1 "github.com/DataDog/datadog-operator/apis/datadoghq/common/v1"
+	"github.com/DataDog/datadog-operator/apis/datadoghq/v1alpha1"
+	"github.com/DataDog/datadog-operator/apis/datadoghq/v2alpha1"
+	apiutils "github.com/DataDog/datadog-operator/apis/utils"
+	"github.com/DataDog/datadog-operator/controllers/datadogagent/feature"
+	"github.com/DataDog/datadog-operator/controllers/datadogagent/object/volume"
+)
+
+func init() {
+	err := feature.Register(feature.ProcessDiscoveryIDType, buildProcessDiscoveryFeature)
+	if err != nil {
+		panic(err)
+	}
+}
+
+func buildProcessDiscoveryFeature(options *feature.Options) feature.Feature {
+	return &processDiscoveryFeature{}
+}
+
+type processDiscoveryFeature struct{}
+
+func (p processDiscoveryFeature) ID() feature.IDType {
+	return feature.ProcessDiscoveryIDType
+}
+
+func (p processDiscoveryFeature) Configure(dda *v2alpha1.DatadogAgent) feature.RequiredComponents {
+	var reqComp feature.RequiredComponents
+	if dda.Spec.Features.ProcessDiscovery == nil || apiutils.BoolValue(dda.Spec.Features.ProcessDiscovery.Enabled) {
+		reqComp = feature.RequiredComponents{
+			Agent: feature.RequiredComponent{
+				IsRequired: apiutils.NewBoolPointer(true),
+				Containers: []apicommonv1.AgentContainerName{
+					apicommonv1.CoreAgentContainerName,
+					apicommonv1.ProcessAgentContainerName,
+				},
+			},
+		}
+	}
+	return reqComp
+}
+
+func (p processDiscoveryFeature) ConfigureV1(dda *v1alpha1.DatadogAgent) feature.RequiredComponents {
+	return feature.RequiredComponents{}
+}
+
+func (p processDiscoveryFeature) ManageDependencies(managers feature.ResourceManagers, components feature.RequiredComponents) error {
+	return nil
+}
+
+func (p processDiscoveryFeature) ManageClusterAgent(managers feature.PodTemplateManagers) error {
+	return nil
+}
+
+func (p processDiscoveryFeature) ManageNodeAgent(managers feature.PodTemplateManagers) error {
+	passwdVol, passwdVolMount := volume.GetVolumes(apicommon.PasswdVolumeName, apicommon.PasswdHostPath, apicommon.PasswdMountPath, true)
+	managers.VolumeMount().AddVolumeMountToContainer(&passwdVolMount, apicommonv1.ProcessAgentContainerName)
+	managers.Volume().AddVolume(&passwdVol)
+
+	enableEnvVar := &corev1.EnvVar{
+		Name:  apicommon.DDProcessDiscoveryEnabled,
+		Value: "true",
+	}
+
+	managers.EnvVar().AddEnvVarToContainer(apicommonv1.ProcessAgentContainerName, enableEnvVar)
+
+	return nil
+}
+
+func (p processDiscoveryFeature) ManageClusterChecksRunner(managers feature.PodTemplateManagers) error {
+	return nil
+}