Skip to content

Commit

Permalink
readability and permission improvements
Browse files Browse the repository at this point in the history
  • Loading branch information
Ryan Fitzpatrick committed Feb 1, 2022
1 parent c8c7c43 commit 527260d
Show file tree
Hide file tree
Showing 5 changed files with 15 additions and 23 deletions.
4 changes: 2 additions & 2 deletions docs/advanced-configuration.md
Original file line number Diff line number Diff line change
Expand Up @@ -175,8 +175,8 @@ This distribution will operate similarly to the `eks` distribution but with the
1. The Collector agent daemonset is not applied since Fargate doesn't support daemonsets. Any desired Collector instances
running as agents must be configured manually as sidecar containers in your custom deployments. This includes any application
logging services like Fluentd. We recommend setting the `gateway.enabled` to `true` and configuring your instrumented
applications to report metrics, traces, and logs to the gateway's `<installed-chart-name>-splunk-otel-collector` service address if no
agent instances are used in your cluster. Any desired agent instances that would run as a daemonset should instead run as sidecar containers in your pods.
applications to report metrics, traces, and logs to the gateway's `<installed-chart-name>-splunk-otel-collector` service address.
Any desired agent instances that would run as a daemonset should instead run as sidecar containers in your pods.

2. Since Fargate nodes use a VM boundary to prevent access to host-based resources used by other pods, pods are not able to reach their own kubelet. The cluster receiver
for the Fargate distribution has two primary differences between regular `eks` to work around this limitation:
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -222,18 +222,3 @@ service:
{{- end }}
{{- end }}
{{- end }}

{{/*
Pod anti-affinity to prevent eks/fargate replicas from being on same node
*/}}
{{- define "splunk-otel-collector.clusterReceiverPodAntiAffinity" -}}
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchExpressions:
- key: component
operator: In
values:
- otel-k8s-cluster-receiver
topologyKey: "kubernetes.io/hostname"
{{- end }}
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
{{ $gateway := fromYaml (include "splunk-otel-collector.gateway" .) }}
{{ if or $gateway.enabled (eq (include "splunk-otel-collector.distribution" .) "eks/fargate") }}
{{ if $gateway.enabled }}
apiVersion: v1
kind: ConfigMap
metadata:
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -63,7 +63,18 @@ spec:
{{- end }}
{{- if or $clusterReceiver.affinity (eq (include "splunk-otel-collector.distribution" .) "eks/fargate") }}
affinity:
{{- $clusterReceiver.affinity | mustMergeOverwrite (fromYaml (include "splunk-otel-collector.clusterReceiverPodAntiAffinity" .)) | toYaml | nindent 8 }}
{{- $clusterReceiverPodAntiAffinity :=
`podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchExpressions:
- key: component
operator: In
values:
- otel-k8s-cluster-receiver
topologyKey: kubernetes.io/hostname`
}}
{{- $clusterReceiver.affinity | mustMergeOverwrite (fromYaml $clusterReceiverPodAntiAffinity) | toYaml | nindent 8 }}
{{- end }}
{{- if $clusterReceiver.securityContext }}
securityContext:
Expand All @@ -75,8 +86,6 @@ spec:
image: public.ecr.aws/amazonlinux/amazonlinux:latest
imagePullPolicy: IfNotPresent
command: ["bash", "-c", "/splunk-scripts/init-eks-fargate-cluster-receiver.sh"]
securityContext:
runAsUser: 0
env:
- name: K8S_POD_NAME
valueFrom:
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -52,8 +52,6 @@ spec:
image: public.ecr.aws/amazonlinux/amazonlinux:latest
imagePullPolicy: IfNotPresent
command: ["bash", "-c", "/splunk-scripts/init-eks-fargate-cluster-receiver.sh"]
securityContext:
runAsUser: 0
env:
- name: K8S_POD_NAME
valueFrom:
Expand Down

0 comments on commit 527260d

Please sign in to comment.