Allow configuring proxy trace export protocol (#13099)

Allows setting the trace export protocol env var (`LINKERD2_PROXY_TRACE_PROTOCOL`) on instances of the proxy using the existing mechanisms we have today for setting the trace collector endpoint (helm values, annotations, etc.). Currently defaults the protocol to `opencensus` to match the behavior we have today. \#10111 Signed-off-by: Scott Fleener <[email protected]>
linkerd · Oct 2, 2024 · b67c8ac · b67c8ac
1 parent f804357
commit b67c8ac
Show file tree

Hide file tree

Showing 9 changed files with 52 additions and 17 deletions.
diff --git a/jaeger/charts/linkerd-jaeger/README.md b/jaeger/charts/linkerd-jaeger/README.md
@@ -125,6 +125,7 @@ Kubernetes: `>=1.22.0-0`
 | webhook.caBundle | string | `""` | Bundle of CA certificates for webhook. If not provided nor injected with cert-manager, then Helm will use the certificate generated for `webhook.crtPEM`. If `webhook.externalSecret` is set to true, this value, injectCaFrom, or injectCaFromSecret must be set, as no certificate will be generated. See the cert-manager [CA Injector Docs](https://cert-manager.io/docs/concepts/ca-injector) for more information. |
 | webhook.collectorSvcAccount | string | `"collector"` | service account associated with the collector instance |
 | webhook.collectorSvcAddr | string | `"collector.linkerd-jaeger:55678"` | collector service address for the proxies to send trace data. Points by default to the linkerd-jaeger collector |
+| webhook.collectorTraceProtocol | string | `"opencensus"` | protocol proxies should use to send trace data. Can be `opencensus` (default) or `opentelemetry` |
 | webhook.crtPEM | string | `""` | Certificate for the webhook. If not provided and not using an external secret then Helm will generate one. |
 | webhook.externalSecret | bool | `false` | Do not create a secret resource for the webhook. If this is set to `true`, the value `webhook.caBundle` must be set or the ca bundle must injected with cert-manager ca injector using `webhook.injectCaFrom` or `webhook.injectCaFromSecret` (see below). |
 | webhook.failurePolicy | string | `"Ignore"` |  |

diff --git a/jaeger/charts/linkerd-jaeger/templates/jaeger-injector.yaml b/jaeger/charts/linkerd-jaeger/templates/jaeger-injector.yaml
@@ -50,6 +50,7 @@ spec:
       containers:
       - args:
         - -collector-svc-addr={{.Values.webhook.collectorSvcAddr}}
+        - -collector-trace-protocol={{.Values.webhook.collectorTraceProtocol}}
         - -collector-svc-account={{.Values.webhook.collectorSvcAccount}}
         - -log-level={{.Values.webhook.logLevel}}
         - -cluster-domain={{.Values.clusterDomain}}

diff --git a/jaeger/charts/linkerd-jaeger/values.yaml b/jaeger/charts/linkerd-jaeger/values.yaml
@@ -102,6 +102,9 @@ collector:
   config:
     receivers:
       opencensus:
+      otlp:
+        protocols:
+          grpc:
     processors:
       batch:
       resource:
@@ -177,7 +180,7 @@ collector:
       extensions: [health_check]
       pipelines:
         traces:
-          receivers: [opencensus]
+          receivers: [opencensus, otlp]
           processors: [resource, k8sattributes, batch]
           exporters: [jaeger]
 
@@ -290,6 +293,9 @@ webhook:
   # -- collector service address for the proxies to send trace data.
   # Points by default to the linkerd-jaeger collector
   collectorSvcAddr: collector.linkerd-jaeger:55678
+  # -- protocol proxies should use to send trace data.
+  # Can be `opencensus` (default) or `opentelemetry`
+  collectorTraceProtocol: opencensus
   # -- service account associated with the collector instance
   collectorSvcAccount: collector
 

diff --git a/jaeger/cmd/testdata/install_collector_disabled.golden b/jaeger/cmd/testdata/install_collector_disabled.golden
diff --git a/jaeger/cmd/testdata/install_default.golden b/jaeger/cmd/testdata/install_default.golden
diff --git a/jaeger/cmd/testdata/install_jaeger_disabled.golden b/jaeger/cmd/testdata/install_jaeger_disabled.golden
diff --git a/jaeger/injector/cmd/main.go b/jaeger/injector/cmd/main.go
@@ -20,6 +20,8 @@ func main() {
 	kubeconfig := cmd.String("kubeconfig", "", "path to kubeconfig")
 	collectorSvcAddr := cmd.String("collector-svc-addr", "",
 		"collector service address for the proxies to send trace data")
+	collectorTraceProtocol := cmd.String("collector-trace-protocol", "",
+		"protocol proxies should use to send trace data.")
 	collectorSvcAccount := cmd.String("collector-svc-account", "",
 		"service account associated with the collector instance")
 	clusterDomain := cmd.String("cluster-domain", "cluster.local", "kubernetes cluster domain")
@@ -31,7 +33,7 @@ func main() {
 	webhook.Launch(
 		context.Background(),
 		[]k8s.APIResource{k8s.NS},
-		mutator.Mutate(*collectorSvcAddr, *collectorSvcAccount, *clusterDomain, *linkerdNamespace),
+		mutator.Mutate(*collectorSvcAddr, *collectorTraceProtocol, *collectorSvcAccount, *clusterDomain, *linkerdNamespace),
 		"linkerd-jaeger-injector",
 		*metricsAddr,
 		*addr,

diff --git a/jaeger/injector/mutator/patch.go b/jaeger/injector/mutator/patch.go
@@ -22,6 +22,14 @@ const tpl = `[
       "value": "{{.CollectorSvcAddr}}"
     }
   },
+  {
+    "op": "add",
+    "path": "/spec/{{.ProxyPath}}/env/-",
+    "value": {
+      "name": "LINKERD2_PROXY_TRACE_PROTOCOL",
+      "value": "{{.CollectorTraceProtocol}}"
+    }
+  },
   {
     "op": "add",
     "path": "/spec/{{.ProxyPath}}/env/-",

diff --git a/jaeger/injector/mutator/webhook.go b/jaeger/injector/mutator/webhook.go
@@ -20,23 +20,25 @@ import (
 )
 
 const (
-	collectorSvcAddrAnnotation    = l5dLabels.ProxyConfigAnnotationsPrefix + "/trace-collector"
-	collectorSvcAccountAnnotation = l5dLabels.ProxyConfigAnnotationsPrefixAlpha +
+	collectorSvcAddrAnnotation       = l5dLabels.ProxyConfigAnnotationsPrefix + "/trace-collector"
+	collectorTraceProtocolAnnotation = l5dLabels.ProxyConfigAnnotationsPrefix + "/trace-collector-protocol"
+	collectorSvcAccountAnnotation    = l5dLabels.ProxyConfigAnnotationsPrefixAlpha +
 		"/trace-collector-service-account"
 )
 
 // Params holds the values used in the patch template
 type Params struct {
-	ProxyPath           string
-	CollectorSvcAddr    string
-	CollectorSvcAccount string
-	ClusterDomain       string
-	LinkerdNamespace    string
+	ProxyPath              string
+	CollectorSvcAddr       string
+	CollectorTraceProtocol string
+	CollectorSvcAccount    string
+	ClusterDomain          string
+	LinkerdNamespace       string
 }
 
 // Mutate returns an AdmissionResponse containing the patch, if any, to apply
 // to the proxy
-func Mutate(collectorSvcAddr, collectorSvcAccount, clusterDomain, linkerdNamespace string) webhook.Handler {
+func Mutate(collectorSvcAddr, collectorTraceProtocol, collectorSvcAccount, clusterDomain, linkerdNamespace string) webhook.Handler {
 	return func(
 		_ context.Context,
 		api *k8s.MetadataAPI,
@@ -59,11 +61,12 @@ func Mutate(collectorSvcAddr, collectorSvcAccount, clusterDomain, linkerdNamespa
 			return nil, err
 		}
 		params := Params{
-			ProxyPath:           webhook.GetProxyContainerPath(pod.Spec),
-			CollectorSvcAddr:    collectorSvcAddr,
-			CollectorSvcAccount: collectorSvcAccount,
-			ClusterDomain:       clusterDomain,
-			LinkerdNamespace:    linkerdNamespace,
+			ProxyPath:              webhook.GetProxyContainerPath(pod.Spec),
+			CollectorSvcAddr:       collectorSvcAddr,
+			CollectorTraceProtocol: collectorTraceProtocol,
+			CollectorSvcAccount:    collectorSvcAccount,
+			ClusterDomain:          clusterDomain,
+			LinkerdNamespace:       linkerdNamespace,
 		}
 		if params.ProxyPath == "" || labels.IsTracingEnabled(pod) {
 			return admissionResponse, nil
@@ -104,6 +107,9 @@ func applyOverrides(ns metav1.Object, pod *corev1.Pod, params *Params) {
 	if override, ok := ann[collectorSvcAddrAnnotation]; ok {
 		params.CollectorSvcAddr = override
 	}
+	if override, ok := ann[collectorTraceProtocolAnnotation]; ok {
+		params.CollectorTraceProtocol = override
+	}
 	if override, ok := ann[collectorSvcAccountAnnotation]; ok {
 		params.CollectorSvcAccount = override
 	}