Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add a service with local internal traffic policy for traces and dogstatsd. #375

Merged
merged 1 commit into from
Dec 7, 2021
Merged

Add a service with local internal traffic policy for traces and dogstatsd. #375

merged 1 commit into from
Dec 7, 2021

Conversation

L3n41c
Copy link
Member

@L3n41c L3n41c commented Sep 15, 2021

What does this PR do?

Add a service which leverages internal traffic policy for traces and dogstatsd.

Motivation

Ease the use of dogstatsd and APM as an application could use a kubernetes service instead of having to rely on the downward API to target the local node agent.

Additional Notes

Anything else we should know when reviewing?

Describe your test plan

Deploy the agent with the operator on kubernetes 1.22+ cluster and check that a new service targeting the nodes agent with local internal traffic policy has been created.

@L3n41c L3n41c requested review from a team as code owners September 15, 2021 13:25
github-actions[bot]
github-actions bot requested changes Sep 15, 2021
View reviewed changes
Copy link

@github-actions github-actions bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This pull request does not contain a valid label. Please add one of the following labels: bug, enhancement, documentation

@L3n41c L3n41c added the enhancement New feature or request label Sep 15, 2021
jtappa
jtappa approved these changes Sep 15, 2021
View reviewed changes
Copy link

@jtappa jtappa left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍🏻 from docs team

@L3n41c L3n41c force-pushed the lenaic/internal-traffic-policy branch 4 times, most recently from 9949708 to aba7f81 Compare September 22, 2021 13:05
@L3n41c L3n41c force-pushed the lenaic/internal-traffic-policy branch from aba7f81 to 2aebdd0 Compare October 13, 2021 13:06
@clamoriniere clamoriniere added this to the v0.8.0 milestone Nov 30, 2021
@L3n41c L3n41c force-pushed the lenaic/internal-traffic-policy branch from 38fefbe to 2c77b21 Compare December 2, 2021 16:29
@codecov-commenter
Copy link

codecov-commenter commented Dec 2, 2021
edited
Loading

Codecov Report

Merging #375 (2c77b21) into main (5d59e5f) will not change coverage.
The diff coverage is n/a.

Impacted file tree graph

@@           Coverage Diff           @@
##             main     #375   +/-   ##
=======================================
  Coverage   61.05%   61.05%           
=======================================
  Files           3        3           
  Lines          95       95           
=======================================
  Hits           58       58           
  Misses         25       25           
  Partials       12       12
Flag Coverage Δ
unittests 61.05% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 5d59e5f...2c77b21. Read the comment docs.

clamoriniere
clamoriniere reviewed Dec 2, 2021
View reviewed changes
Copy link
Collaborator

@clamoriniere clamoriniere left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

IMO what is missing is a way in the DatadogAgent CR to force the creation of the service if a customer has enabled it on k8s cluster 1.21

@clamoriniere
Copy link
Collaborator

Also maybe it will require to update the Network policy to allow the traffic on this service?

@L3n41c L3n41c force-pushed the lenaic/internal-traffic-policy branch from 2c77b21 to 67f8570 Compare December 3, 2021 14:20
@L3n41c
Copy link
Member Author

L3n41c commented Dec 3, 2021

@clamoriniere

IMO what is missing is a way in the DatadogAgent CR to force the creation of the service if a customer has enabled it on k8s cluster 1.21

I’ve just updated the PR to implement here the equivalent of DataDog/helm-charts#434 which includes a way to force the service creation.

Also maybe it will require to update the Network policy to allow the traffic on this service?

I don’t think so because Network Policies apply to pods. Reaching a pod directly or through a Service doesn’t make any difference for the Network policy.

@L3n41c L3n41c requested a review from clamoriniere December 3, 2021 16:31
@L3n41c L3n41c requested a review from clamoriniere December 7, 2021 09:06
clamoriniere
clamoriniere approved these changes Dec 7, 2021
View reviewed changes
Copy link
Collaborator

@clamoriniere clamoriniere left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍

@L3n41c L3n41c merged commit 0903d98 into main Dec 7, 2021
@L3n41c L3n41c deleted the lenaic/internal-traffic-policy branch December 7, 2021 09:54
@khewonc khewonc mentioned this pull request May 17, 2022
Merged
mftoure pushed a commit that referenced this pull request Oct 3, 2024
@L3n41c
Add a service with local internal traffic policy (#375)
51b1f59 
for traces and dogstatsd.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@github-actions github-actions[bot] github-actions[bot] approved these changes

@jtappa jtappa jtappa approved these changes

@clamoriniere clamoriniere clamoriniere approved these changes

Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
v0.8.0
Development

Successfully merging this pull request may close these issues.
4 participants
@L3n41c @codecov-commenter @clamoriniere @jtappa