From 6f555833e8045bd9c70d206bdea0c10612ec9e1e Mon Sep 17 00:00:00 2001 From: Israel Blancas Date: Mon, 11 Mar 2024 12:59:55 +0100 Subject: [PATCH] OBSDOCS-928/TRACING-3899: Document permissions to generate automatically the permissions for the processors Signed-off-by: Israel Blancas --- modules/otel-collector-components.adoc | 2 +- modules/otel-collector-config-options.adoc | 2 +- modules/otel-config-target-allocator.adoc | 2 +- ...required-RBAC-resources-automatically.adoc | 48 +++++++++++++++++++ .../otel-configuration-of-otel-collector.adoc | 1 + 5 files changed, 52 insertions(+), 3 deletions(-) create mode 100644 modules/otel-creating-required-RBAC-resources-automatically.adoc diff --git a/modules/otel-collector-components.adoc b/modules/otel-collector-components.adoc index a3998ffb0773..0d994d56f61b 100644 --- a/modules/otel-collector-components.adoc +++ b/modules/otel-collector-components.adoc @@ -1,6 +1,6 @@ // Module included in the following assemblies: // -// * observability/otel/otel-configuration-of-collector.adoc +// * observability/otel/otel-configuration-of-otel-collector.adoc :_mod-docs-content-type: REFERENCE [id="otel-collector-components_{context}"] diff --git a/modules/otel-collector-config-options.adoc b/modules/otel-collector-config-options.adoc index cef3f00c0708..ec2e9119305d 100644 --- a/modules/otel-collector-config-options.adoc +++ b/modules/otel-collector-config-options.adoc @@ -1,6 +1,6 @@ // Module included in the following assemblies: // -// * observability/otel/otel-configuration-of-collector.adoc +// * observability/otel/otel-configuration-of-otel-collector.adoc :_mod-docs-content-type: REFERENCE [id="otel-collector-config-options_{context}"] diff --git a/modules/otel-config-target-allocator.adoc b/modules/otel-config-target-allocator.adoc index 471ac3af2482..c5fac3ab7b1c 100644 --- a/modules/otel-config-target-allocator.adoc +++ b/modules/otel-config-target-allocator.adoc @@ -1,6 +1,6 @@ // Module included in the following assemblies: // -// * observability/otel/otel-configuration-of-collector.adoc +// * observability/otel/otel-configuration-of-otel-collector.adoc :_mod-docs-content-type: REFERENCE [id="otel-config-target-allocator_{context}"] diff --git a/modules/otel-creating-required-RBAC-resources-automatically.adoc b/modules/otel-creating-required-RBAC-resources-automatically.adoc new file mode 100644 index 000000000000..9e575d2593f0 --- /dev/null +++ b/modules/otel-creating-required-RBAC-resources-automatically.adoc @@ -0,0 +1,48 @@ +// Module included in the following assemblies: +// +// * observability/otel/otel-configuration-of-otel-collector.adoc + +:_mod-docs-content-type: PROCEDURE +[id="otel-creating-required-RBAC-resources-automatically_{context}"] += Creating the required RBAC resources automatically + +Some Collector components require configuring the RBAC resources. + +.Procedure + +* Add the following permissions to the `opentelemetry-operator-controller-manage` service account so that the {OTELOperator} can create them automatically: ++ +[source,yaml] +---- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: generate-processors-rbac +rules: +- apiGroups: + - rbac.authorization.k8s.io + resources: + - clusterrolebindings + - clusterroles + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: generate-processors-rbac +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: generate-processors-rbac +subjects: +- kind: ServiceAccount + name: opentelemetry-operator-controller-manager + namespace: openshift-opentelemetry-operator +---- diff --git a/observability/otel/otel-configuration-of-otel-collector.adoc b/observability/otel/otel-configuration-of-otel-collector.adoc index 1b859d992407..dce6022e99cf 100644 --- a/observability/otel/otel-configuration-of-otel-collector.adoc +++ b/observability/otel/otel-configuration-of-otel-collector.adoc @@ -10,4 +10,5 @@ The {OTELName} Operator uses a custom resource definition (CRD) file that define include::modules/otel-collector-config-options.adoc[leveloffset=+1] include::modules/otel-collector-components.adoc[leveloffset=+1] +include::modules/otel-creating-required-RBAC-resources-automatically.adoc[leveloffset=+1] include::modules/otel-config-target-allocator.adoc[leveloffset=+1]