Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Disable mutations on Datadog resources pods #1330

Merged
merged 2 commits into from
Feb 23, 2024
Merged

Disable mutations on Datadog resources pods #1330

merged 2 commits into from
Feb 23, 2024

Conversation

liliyadd
Copy link
Contributor

@liliyadd liliyadd commented Feb 22, 2024
edited
Loading

What this PR does / why we need it:

Exclude the agent, cluster agent and clusterchecks pods from any kind of mutation performed by the Admission Controller. With this change Admission Controllers will not inject configs, tags or tracing libraries into DD resources.

Agent pod for latest helm-chart:

apiVersion: v1
kind: Pod
metadata:
  annotations:
    checksum/autoconf-config: 74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
    checksum/checksd-config: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
    checksum/clusteragent_token: 03184415b2e1becb4249a9453d54f35f031f89ed107c895018bf4ec611d9265e
    checksum/confd-config: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
    checksum/install_info: 53a0b6d31a0130a55703ac799b2ab18fdaed9e338e6d27bf12695bb42b598cb4
  creationTimestamp: "2024-02-22T16:23:29Z"
  generateName: dd2-datadog-
  labels:
    app: dd2-datadog
    app.kubernetes.io/component: agent
    app.kubernetes.io/instance: dd2
    app.kubernetes.io/managed-by: Helm
    app.kubernetes.io/name: dd2-datadog
    controller-revision-hash: 76f596d679
    pod-template-generation: "1"
  name: dd2-datadog-56z92
  namespace: default
  ownerReferences:
  - apiVersion: apps/v1
    blockOwnerDeletion: true
    controller: true
    kind: DaemonSet
    name: dd2-datadog
    uid: 62e74eb9-7170-4bb2-a7da-f1118d8fefac
  resourceVersion: "250590100"
  uid: bf578731-e008-4879-852c-60318d3a069d
...

Agent pod with PR's change:

apiVersion: v1
kind: Pod
metadata:
  annotations:
    checksum/autoconf-config: 74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
    checksum/checksd-config: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
    checksum/clusteragent_token: f80d582aa8960692c0c36b44a445c3fab290bcedf3eff324ee7b2700d8181699
    checksum/confd-config: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
    checksum/install_info: ba661cfd1e600203476c7247bad81157e5bc70aaa7f91e6cdd6be6a469cd0093
  creationTimestamp: "2024-02-22T18:38:41Z"
  generateName: dd2-datadog-
  labels:
    admission.datadoghq.com/enabled: "false"
    app: dd2-datadog
    app.kubernetes.io/component: agent
    app.kubernetes.io/instance: dd2
    app.kubernetes.io/managed-by: Helm
    app.kubernetes.io/name: dd2-datadog
    controller-revision-hash: bd85b9c86
    pod-template-generation: "1"
  name: dd2-datadog-6hvj6
  namespace: default
  ownerReferences:
  - apiVersion: apps/v1
    blockOwnerDeletion: true
    controller: true
    kind: DaemonSet
    name: dd2-datadog
    uid: 011344d2-58f0-4da9-b9e5-71fcdfd6e691
  resourceVersion: "250664017"
  uid: 870f46c9-946c-4a5a-9a4a-0b868511801d

Which issue this PR fixes

(optional, in fixes #<issue number>(, fixes #<issue_number>, ...) format, will close that issue when PR gets merged)

  • fixes #

Special notes for your reviewer:

Checklist

[Place an '[x]' (no spaces) in all applicable fields. Please remove unrelated fields.]

  • Chart Version bumped
  • Documentation has been updated with helm-docs (run: .github/helm-docs.sh)
  • CHANGELOG.md has been updated
  • Variables are documented in the README.md
  • For Datadog Operator chart or value changes update the test baselines (run: make update-test-baselines)

@liliyadd liliyadd requested a review from a team as a code owner February 22, 2024 18:33
@github-actions github-actions bot added the chart/datadog This issue or pull request is related to the datadog chart label Feb 22, 2024
@liliyadd liliyadd mentioned this pull request Feb 22, 2024
Merged
5 tasks
clamoriniere
clamoriniere reviewed Feb 22, 2024
View reviewed changes
charts/datadog/templates/cluster-agent-deployment.yaml Outdated
@@ -8,6 +8,7 @@ metadata:
labels:
{{ include "datadog.labels" . | indent 4 }}
app.kubernetes.io/component: cluster-agent
admission.datadoghq.com/enabled: "false"
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

it is in the Deployment.spec.template.metadata.labels that the label needs to be added

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks, forgot to remove this line after testing the label is not inherited by pods.

@liliyadd
Copy link
Contributor Author

/merge

@dd-devflow
Copy link

dd-devflow bot commented Feb 22, 2024

❌ MergeQueue

You are not allowed to use the merge queue towards main.

If you need support, contact us on Slack #ci-interfaces with those details!

@fanny-jiang
Copy link
Contributor

/merge

@dd-devflow
Copy link

dd-devflow bot commented Feb 22, 2024

🚂 MergeQueue

This merge request is not mergeable yet, because of pending checks/missing approvals. It will be added to the queue as soon as checks pass and/or get approvals.
Note: if you pushed new commits since the last approval, you may need additional approval.
You can remove it from the waiting list with /remove command.

Use /merge -c to cancel this operation!

@dd-devflow
Copy link

dd-devflow bot commented Feb 22, 2024

🚂 MergeQueue

Added to the queue.

This build is going to start soon! (estimated merge in less than 0s)

Use /merge -c to cancel this operation!

@dd-devflow
Copy link

dd-devflow bot commented Feb 22, 2024

❌ MergeQueue

The merge has been interrupted. The current limit on the base branch 'main' is 120 minutes.

If you need support, contact us on Slack #ci-interfaces with those details!

@clamoriniere clamoriniere merged commit 0b71eb1 into main Feb 23, 2024
17 of 18 checks passed
@clamoriniere clamoriniere deleted the liliya.belaus/disable-admission-controllers-on-dd-resources branch February 23, 2024 12:19
@clamoriniere clamoriniere mentioned this pull request Feb 29, 2024
Merged
5 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@clamoriniere clamoriniere clamoriniere approved these changes

Assignees
No one assigned
Labels
chart/datadog This issue or pull request is related to the datadog chart mergequeue-status: rejected
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@liliyadd @fanny-jiang @clamoriniere