github.com/verrazzano/verrazzano@v1.7.0/cluster-operator/controllers/vmc/jaeger.go

github.com/verrazzano/verrazzano@v1.7.0/cluster-operator/controllers/vmc/jaeger.go (about)

     1  // Copyright (c) 2022, 2023, Oracle and/or its affiliates.
     2  // Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl.
     3  
     4  package vmc
     5  
     6  import (
     7  	vzconstants "github.com/verrazzano/verrazzano/pkg/constants"
     8  	"github.com/verrazzano/verrazzano/pkg/mcconstants"
     9  	"github.com/verrazzano/verrazzano/pkg/vzcr"
    10  	vzapi "github.com/verrazzano/verrazzano/platform-operator/apis/verrazzano/v1beta1"
    11  	"github.com/verrazzano/verrazzano/platform-operator/constants"
    12  	"github.com/verrazzano/verrazzano/platform-operator/controllers/verrazzano/component/common/override"
    13  	"path/filepath"
    14  )
    15  
    16  const (
    17  	jaegerNamespace        = constants.VerrazzanoMonitoringNamespace
    18  	jaegerCreateField      = "jaeger.create"
    19  	jaegerSecNameField     = "jaeger.spec.storage.secretName"
    20  	jaegerStorageTypeField = "jaeger.spec.storage.type"
    21  	jaegerOSURLField       = "jaeger.spec.storage.options.es.server-urls"
    22  	jaegerOSCAField        = "jaeger.spec.storage.options.es.tls.ca"
    23  	jaegerOSTLSKeyField    = "jaeger.spec.storage.options.es.tls.key"
    24  	jaegerOSTLSCertField   = "jaeger.spec.storage.options.es.tls.cert"
    25  )
    26  
    27  type jaegerSpecConfig struct {
    28  	jaegerCreate    bool
    29  	secName         string
    30  	storageType     string
    31  	OSURL           string
    32  	CAFileName      string
    33  	TLSKeyFileName  string
    34  	TLSCertFileName string
    35  }
    36  
    37  type jaegerOpenSearchConfig struct {
    38  	URL      string
    39  	username []byte
    40  	password []byte
    41  	CA       []byte
    42  	TLSKey   []byte
    43  	TLSCert  []byte
    44  }
    45  
    46  // getJaegerOpenSearchConfig gets Jaeger OpenSearch Storage data if it exists
    47  func (r *VerrazzanoManagedClusterReconciler) getJaegerOpenSearchConfig(vzList *vzapi.VerrazzanoList) (*jaegerOpenSearchConfig, error) {
    48  	jc := &jaegerOpenSearchConfig{}
    49  	// Get the OpenSearch URL, secret and other details configured in Jaeger spec
    50  	jsc, err := r.getJaegerSpecConfig(vzList)
    51  	if err != nil {
    52  		return jc, r.log.ErrorfNewErr("Failed to fetch the Jaeger spec details from the Verrazzano CR %v", err)
    53  	}
    54  	// If Jaeger instance creation is disabled in the VZ CR, then just return
    55  	if !jsc.jaegerCreate {
    56  		r.log.Once("Jaeger instance creation is disabled in the Verrazzano CR. Skipping multicluster Jaeger" +
    57  			" configuration.")
    58  		return jc, nil
    59  	}
    60  	// If OpenSearch storage is not configured for the Jaeger instance, then just return
    61  	if jsc.storageType != "opensearch" {
    62  		r.log.Once("A Jaeger instance with OpenSearch storage is not configured. Skipping multicluster Jaeger" +
    63  			" configuration.")
    64  		return jc, nil
    65  	}
    66  
    67  	jaegerSecret, err := r.getSecret(jaegerNamespace, jsc.secName, true)
    68  	if err != nil {
    69  		return jc, err
    70  	}
    71  
    72  	// Decide which OpenSearch URL to use.
    73  	// If the Jaeger OpenSearch URL is the default URL, use VZ OpenSearch ingress URL.
    74  	// If the Jaeger OpenSearch URL  is not the default, meaning it is a custom OpenSearch, use the external OpenSearch URL.
    75  	if jsc.OSURL == vzconstants.DefaultJaegerOSURL {
    76  		jc.URL, err = r.getESURL(*vzList)
    77  		if err != nil {
    78  			return jc, err
    79  		}
    80  		// Get the CA bundle needed to connect to the admin keycloak
    81  		jc.CA, err = r.getAdminCaBundle()
    82  		if err != nil {
    83  			return jc, r.log.ErrorfNewErr("Failed to get the CA bundle used by Verrazzano ingress %v", err)
    84  		}
    85  	} else {
    86  		jc.URL = jsc.OSURL
    87  		jc.CA = jaegerSecret.Data[jsc.CAFileName]
    88  		jc.TLSKey = jaegerSecret.Data[jsc.TLSKeyFileName]
    89  		jc.TLSCert = jaegerSecret.Data[jsc.TLSCertFileName]
    90  	}
    91  	jc.username = jaegerSecret.Data[mcconstants.JaegerOSUsernameKey]
    92  	jc.password = jaegerSecret.Data[mcconstants.JaegerOSPasswordKey]
    93  	return jc, nil
    94  }
    95  
    96  // getJaegerSpecConfig returns the OpenSearch URL, secret and other details configured for Jaeger instance
    97  func (r *VerrazzanoManagedClusterReconciler) getJaegerSpecConfig(vzList *vzapi.VerrazzanoList) (jaegerSpecConfig, error) {
    98  	jsc := jaegerSpecConfig{}
    99  	for _, vz := range vzList.Items {
   100  		if !isJaegerOperatorEnabled(vz) {
   101  			continue
   102  		}
   103  		// Set values for default Jaeger instance
   104  		if canUseVZOpenSearchStorage(vz) {
   105  			jsc.jaegerCreate = true
   106  			jsc.OSURL = vzconstants.DefaultJaegerOSURL
   107  			jsc.secName = vzconstants.DefaultJaegerSecretName
   108  			jsc.storageType = "opensearch"
   109  		}
   110  		overrides := vz.Spec.Components.JaegerOperator.ValueOverrides
   111  		overrideYAMLs, err := override.GetInstallOverridesYAMLUsingClient(r.Client, overrides, vz.Namespace)
   112  		if err != nil {
   113  			return jsc, err
   114  		}
   115  		for _, overrideYAML := range overrideYAMLs {
   116  			value, err := override.ExtractValueFromOverrideString(overrideYAML, jaegerCreateField)
   117  			if err != nil {
   118  				return jsc, err
   119  			}
   120  			if value != nil {
   121  				jsc.jaegerCreate = value.(bool)
   122  			}
   123  			// Check if there are any Helm chart override values defined for Jaeger storage
   124  			value, err = override.ExtractValueFromOverrideString(overrideYAML, jaegerStorageTypeField)
   125  			if err != nil {
   126  				return jsc, err
   127  			}
   128  			if value != nil {
   129  				jsc.storageType = value.(string)
   130  			}
   131  			value, err = override.ExtractValueFromOverrideString(overrideYAML, jaegerOSURLField)
   132  			if err != nil {
   133  				return jsc, err
   134  			}
   135  			if value != nil {
   136  				jsc.OSURL = value.(string)
   137  			}
   138  			value, err = override.ExtractValueFromOverrideString(overrideYAML, jaegerOSCAField)
   139  			if err != nil {
   140  				return jsc, err
   141  			}
   142  			if value != nil {
   143  				jsc.CAFileName = filepath.Base(value.(string))
   144  			}
   145  			value, err = override.ExtractValueFromOverrideString(overrideYAML, jaegerOSTLSKeyField)
   146  			if err != nil {
   147  				return jsc, err
   148  			}
   149  			if value != nil {
   150  				jsc.TLSKeyFileName = filepath.Base(value.(string))
   151  			}
   152  			value, err = override.ExtractValueFromOverrideString(overrideYAML, jaegerOSTLSCertField)
   153  			if err != nil {
   154  				return jsc, err
   155  			}
   156  			if value != nil {
   157  				jsc.TLSCertFileName = filepath.Base(value.(string))
   158  			}
   159  			value, err = override.ExtractValueFromOverrideString(overrideYAML, jaegerSecNameField)
   160  			if err != nil {
   161  				return jsc, err
   162  			}
   163  			if value != nil {
   164  				jsc.secName = value.(string)
   165  			}
   166  		}
   167  	}
   168  	return jsc, nil
   169  }
   170  
   171  // canUseVZOpenSearchStorage determines if Verrazzano's OpenSearch can be used as a storage for Jaeger instance.
   172  // As default Jaeger uses Authproxy to connect to OpenSearch storage, check if Keycloak and authproxy components is also enabled.
   173  func canUseVZOpenSearchStorage(vz vzapi.Verrazzano) bool {
   174  	if vzcr.IsOpenSearchEnabled(&vz) && vzcr.IsKeycloakEnabled(&vz) && vzcr.IsAuthProxyEnabled(&vz) {
   175  		return true
   176  	}
   177  	return false
   178  }
   179  
   180  func isJaegerOperatorEnabled(vz vzapi.Verrazzano) bool {
   181  	return vzcr.IsJaegerOperatorEnabled(&vz)
   182  }