Skip to content

newrelic/newrelic-infra-operator

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

282 Commits

.github

.github

 
 

assets/licence

assets/licence

 
 

charts

charts

 
 

e2e-go-tests

e2e-go-tests

 
 

e2e

e2e

 
 

hack

hack

 
 

internal

internal

 
 

tilt_modules

tilt_modules

 
 

.codespellrc

.codespellrc

 
 

.dockerignore

.dockerignore

 
 

.gitignore

.gitignore

 
 

CHANGELOG.md

CHANGELOG.md

 
 

CONTRIBUTING.md

CONTRIBUTING.md

 
 

Dockerfile

Dockerfile

 
 

Dockerfile.dev

Dockerfile.dev

 
 

LICENSE

LICENSE

 
 

Makefile

Makefile

 
 

README.md

README.md

 
 

THIRD_PARTY_NOTICES.md

THIRD_PARTY_NOTICES.md

 
 

Tiltfile

Tiltfile

 
 

cla.md

cla.md

 
 

go.mod

go.mod

 
 

go.sum

go.sum

 
 

img.png

img.png

 
 

main.go

main.go

 
 

tilt_option.json.example

tilt_option.json.example

 
 

values-dev.yaml

values-dev.yaml

 
 

Repository files navigation

New Relic Open Source community project banner.

New Relic Infrastructure Operator for Kubernetes codecov

This operator automates the injection of the New Relic Infrastructure sidecar on Pods matching the configured policies.

The newrelic-infra-operator sets up a mutatingWebhookConfiguration, which allows it to modify the Pod objects that are about to be created in the cluster.

On this event, and when the Pod being created matches the user’s configured policies the operator will:

  • Add a sidecar container to the Pod, containing the New Relic Kubernetes Integration.
  • If a secret containing license key doesn't exist, create it in the same Namespace as the pod, since it is needed for the integration to report data.
  • Add the Pod’s service account to a ClusterRoleBinding previously created by the operator chart, which will grant this sidecar the required permissions to access the Kubernetes metrics endpoints.

The ClusterRoleBinding grants the following permissions to the Pod being injected:

- apiGroups: [""]
  resources:
    - "nodes"
    - "nodes/metrics"
    - "nodes/stats"
    - "nodes/proxy"
    - "pods"
    - "services"
      verbs: ["get", "list"]
- nonResourceURLs: ["/metrics"]
  verbs: ["get"]

In order to get the sidecar injected on Pods deployed before the operator has been installed, you need to manually perform a rollout (restart) of the workloads. New Relic has chosen not to do this automatically in order to prevent unexpected service disruptions and resource usage spikes.

Installation

You can install this chart using nri-bundle located in the helm-charts repository or directly from this repository by adding this Helm repository:

helm repo add newrelic-infra-operator https://newrelic.github.io/newrelic-infra-operator
helm upgrade --install newrelic-infra-operator/newrelic-infra-operator -f your-custom-values.yaml

Once deployed, it will automatically inject the sidecar in the Pod matching the policy specified. Only Pods created after the deployment of the monitoring solution will be injected with the configuration and agent.

For further information regarding the installation refer to the official docs and to the README.md and the values.yaml of the chart.

Develop, Test and Run Locally

For the development process kind and tilt tools are used.

Building

To build the image:

GOOS=linux make image

To build the binary:

GOOS=linux make build

Configure Tilt

If you want to use a kind cluster for testing, configure Tilt using the command below:

cat <<EOF > tilt_option.json
{
  "default_registry": "localhost:5000"
}
EOF

If you want to use existing Kubernetes cluster, create tilt_option.json file with content similar to below:

{
  "default_registry": "quay.io/<your username>",
  "allowed_contexts": "<kubeconfig context to use>"
}
Helm chart location

To deploy the operator, the current Tilt configuration expects the New Relic helm-charts repository to be cloned as a sibling to this repository under the name helm-charts-newrelic This repository is an authoritative source of the deployment manifests for the operator.

If you have helm-charts repository cloned into a different path, you can configure Tilt to use it by adding the following key-value pair to your local tilt_option.json file:

  "chart_path": "../../helm-charts-newrelic/charts/newrelic-infra-operator/"

Creating kind cluster

If you want to use a local kind cluster for testing, create it with command below:

make kind-up

Run

If you use a kind cluster, simply run:

make tilt-up

If you deploy on external cluster, run the command below, pointing TILT_KUBECONFIG to your kubeconfig file:

TILT_KUBECONFIG=~/.kube/config make tilt-down

Now, when you make changes to the code, the operator binary will be built locally, copied to the Pod, and then executed.

Testing

Unit testing

In order to run unit tests run:

make test
Integration and test-e2e testing

In order to run integration and test-e2e tests run:

make test-integration
make test-e2e

Notice that in order to run both integration and test-e2e tests, you will need a working environment available with the newrelic-infra-operator running. Both installing the newrelic-infra-operator chart or spinning up the environment with make tilt-up are possible options.

It is also possible to run such tests against any cluster you have access to by setting the environment variable TEST_KUBECONFIG=/your/kube/config/path.

E2E testing

In order to run E2E tests, read the E2E README for more details regarding running E2E tests.

Support

Should you need assistance with New Relic products, you are in good hands with several support diagnostic tools and support channels.

If the issue has been confirmed as a bug or is a feature request, file a GitHub issue.

Support Channels

Contribute

We encourage your contributions to improve the newrelic-infra-operator! Keep in mind that when you submit your pull request, you'll need to sign the CLA via the click-through using CLA-Assistant. You only have to sign the CLA one time per project.

If you have any questions, or to execute our corporate CLA (which is required if your contribution is on behalf of a company), drop us an email at opensource@newrelic.com.

A note about vulnerabilities

As noted in our security policy, New Relic is committed to the privacy and security of our customers and their data. We believe that providing coordinated disclosure by security researchers and engaging with the security community are important means to achieve our security goals.

If you believe you have found a security vulnerability in this project or any of New Relic's products or websites, we welcome and greatly appreciate you reporting it to New Relic through HackerOne.

If you would like to contribute to this project, review these guidelines.

To all contributors, we thank you! Without your contribution, this project would not be what it is today.

License

newrelic-infra-operator is licensed under the Apache 2.0 License.

The newrelic-infra-operator also uses source code from third-party libraries. You can find full details on which libraries are used, and the terms under which they are licensed in the third-party notices document.

About

This repository hosts the newrelic kubernetes operator of infrastructure

Resources

Readme

License

Apache-2.0 license

Code of conduct

Code of conduct

Security policy

Security policy
Activity
Custom properties

Stars

3 stars

Watchers

8 watching

Forks

8 forks
Report repository

Releases 59

newrelic-infra-operator-2.10.0 Latest
Feb 26, 2024
+ 58 releases

Packages

No packages published

Contributors 24

+ 10 contributors

Languages