retina icon indicating copy to clipboard operation
retina copied to clipboard
verified publisher icon microsoft

feat: Add new manifest for Retina with Hubble

Open jimassa opened this issue 1 year ago • 3 comments

Description

This PR adds the deployment files, values as well as make targets for our hubble milestone.

Related Issue

If this pull request is related to any issue, please mention it here. Additionally, make sure that the issue is assigned to you before submitting this pull request.

Checklist

  • [ ] I have read the contributing documentation.
  • [ ] I signed and signed-off the commits (git commit -S -s ...). See this documentation on signing commits.
  • [ ] I have correctly attributed the author(s) of the code.
  • [ ] I have tested the changes locally.
  • [ ] I have followed the project's style guidelines.
  • [ ] I have updated the documentation, if necessary.
  • [ ] I have added tests, if applicable.

Screenshots (if applicable) or Testing Completed

Please add any relevant screenshots or GIFs to showcase the changes made.

Additional Notes

Add any additional notes or context about the pull request here.

Testing Done.

> make helm-install-hubble
helm upgrade --install retina ./deploy/hubble/manifests/controller/helm/retina/ \
        --namespace kube-system \
        --set operator.enabled=true \
        --set operator.repository=ghcr.io/microsoft/retina/retina-operator \
        --set operator.tag=v0.0.2 \
        --set agent.enabled=true \
        --set agent.repository=ghcr.io/microsoft/retina/retina-agent \
        --set agent.tag=v0.0.2 \
        --set agent.init.enabled=true \
        --set agent.init.repository=ghcr.io/microsoft/retina/retina-init \
        --set agent.init.tag=v0.0.2 \
        --set logLevel=info \
        --set hubble.tls.enabled=true \
        --set hubble.relay.tls.server.enabled=true \
        --set hubble.tls.auto.enabled=true \
        --set hubble.tls.auto.method=cronJob \
        --set hubble.tls.auto.certValidityDuration=1 \
        --set hubble.tls.auto.schedule="*/10 * * * *"
WARNING: Kubernetes configuration file is group-readable. This is insecure. Location: /mnt/c/Users/jacquesmassa/.kube/config
WARNING: Kubernetes configuration file is world-readable. This is insecure. Location: /mnt/c/Users/jacquesmassa/.kube/config
Release "retina" does not exist. Installing it now.
NAME: retina

The following pods are present on the cluster

hubble-generate-certs-wfrv8          0/1     ImagePullBackOff    0             23s   10.224.1.172   aksws22000001                       <none>           <none>
hubble-relay-5447fc485b-6ghwv        0/1     ContainerCreating   0             23s   <none>         aks-nodepool1-36764280-vmss000002   <none>           <none>
hubble-ui-5d879774f8-m5zkn           0/2     ContainerCreating   0             23s   <none>         aks-nodepool1-36764280-vmss000002   <none>           <none>

retina-agent-29pt7                   0/1     Init:0/1            0             24s   10.224.0.4     aks-arm64-36764280-vmss000000       <none>           <none>
retina-agent-85c6d                   0/1     Init:0/1            0             23s   10.224.1.248   aks-nodepool1-36764280-vmss000002   <none>           <none>
retina-agent-nn4m4                   0/1     Init:0/1            0             24s   10.224.2.241   aks-nodepool1-36764280-vmss000000   <none>           <none>
retina-agent-ztbkq                   0/1     Init:0/1            0             24s   10.224.3.234   aks-nodepool1-36764280-vmss000001   <none>           <none>
retina-operator-5d59dcc578-7ffkj     0/1     Error               2 (21s ago)   23s   10.224.4.154   aks-nodepool1-36764280-vmss000001   <none>           <none>

The following services are also found

> kubectl get service -n kube-system -o wide
NAME                              TYPE        CLUSTER-IP     EXTERNAL-IP   PORT(S)              AGE     SELECTOR
hubble-peer                       ClusterIP   10.0.172.234   <none>        80/TCP               6m57s   k8s-app=retina
hubble-relay                      ClusterIP   10.0.128.85    <none>        443/TCP              6m57s   k8s-app=hubble-relay
hubble-ui                         ClusterIP   10.0.174.210   <none>        80/TCP               6m57s   k8s-app=hubble-ui
retina-svc                        ClusterIP   10.0.180.180   <none>        10093/TCP            6m57s   app=retina

configmaps

> kubectl get configmaps -n kube-system
NAME                                                   DATA   AGE
hubble-relay-config                                    1      12m
hubble-ui-nginx                                        1      12m
retina-config                                          16     12m
retina-operator-config                                 5      12m

cluster roles

> kubectl get clusterroles -o wide | grep retina

retina-cluster-reader                                                     2024-06-06T17:51:56Z
retina-operator-role                                                      2024-06-06T17:51:56Z
> kubectl get clusterroles -o wide | grep hubble

hubble-generate-certs                                                     2024-06-06T17:51:56Z
hubble-ui                                                                 2024-06-06T17:51:56Z

Please refer to the CONTRIBUTING.md file for more information on how to contribute to this project.

jimassa avatar Jun 04 '24 17:06 jimassa

I am currently using the "Legacy" chart of Retina here some remarks regarding it:

  1. Instead of moving it to Legacy and overwrite the upstream version rename the charts / directories to:
  • retina-hubble with the dashboards directory also named retina-hubble-dashboards, ...
  • retina with the dashboards directory also named retina-dashboards for the legacy stuff
  • following this naming scheme everywhere else
  1. Do proper semantic versioning of the Helm chart otherwise its hard to deploy / maintain if there are changes without version change.
  2. The current chart has several issues / bugs so tests for the chart would be great :D

@jimassa @snguyen64

VincentS avatar Jun 25 '24 14:06 VincentS

This PR will be closed in 7 days due to inactivity.

github-actions[bot] avatar Jul 28 '24 00:07 github-actions[bot]

This PR was merged with https://github.com/microsoft/retina/commit/6aef3e3e1f7491ec25239449b227cfef0cb47aa5 without fixing any of the outstanding issues of the old and new chart in the first place @jimassa @snguyen64 @rbtr

VincentS avatar Aug 05 '24 13:08 VincentS

This PR will be closed in 7 days due to inactivity.

github-actions[bot] avatar Sep 05 '24 00:09 github-actions[bot]

Pull request closed due to inactivity.

github-actions[bot] avatar Sep 12 '24 00:09 github-actions[bot]