feat: add otel operator and sample configurations (#68)

* feat: add observability logic

* feat: add observability configurations and readme

* fix: re-enable errexit; mistakenly disabled on previous commit.

* feat: create tracing config map and update yaml

* feat: updates to README.md for observability

Author: Jason Schmidt

pulumi/aws/README.md

@@ -29,7 +29,8 @@ vpc - defines and installs the VPC and subnets to use with EKS
               └─certmgr - deploys the open source cert-manager.io helm chart to the EKS cluster
                 └─prometheus - deploys prometheus server, node exporter, and statsd collector for metrics
                   └─grafana - deploys the grafana visualization platform
-                    └─sirius - deploys the Bank of Sirus application to the EKS cluster
+                    └─observability - deploys the OTEL operator and instantiates a simple collector
+                      └─sirius - deploys the Bank of Sirus application to the EKS cluster
                 
 ```
 
@@ -158,6 +159,14 @@ Grafana is deployed and configured with a connection to the prometheus datasourc
 writing, the NGINX Plus KIC dashboard is installed as part of the initial setup. Additional datasources and dashboards
 can be added by the user either in the code, or via the standard Grafana tooling.
 
+### Observability
+
+We deploy the [OTEL Collector Operator](https://github.com/open-telemetry/opentelemetry-collector) along with a simple
+collector. There are several other configurations in the [observability/otel-objects](./observability/otel-objects) 
+directory. See the [README.md](./observability/otel-objects/README.md) file in the 
+[observability/otel-objects](./observability/otel-objects) for more information, including an explaination of the
+default configuration.
+
 ### Demo Application
 
 A forked version of the Google

pulumi/aws/destroy.sh

@@ -91,7 +91,7 @@ if command -v aws > /dev/null; then
   validate_aws_credentials
 fi
 
-k8s_projects=(sirius grafana prometheus certmgr logagent logstore kic-helm-chart)
+k8s_projects=(sirius observability grafana prometheus certmgr logagent logstore kic-helm-chart)
 
 # Test to see if EKS has been destroy AND there are still Kubernetes resources
 # that are being managed by Pulumi. If so, we have to destroy the stack for

pulumi/aws/observability/Pulumi.yaml

@@ -0,0 +1,7 @@
+name: observability
+runtime:
+  name: python
+  options:
+    virtualenv: ../venv
+config: ../config
+description: Deploys OTEL

pulumi/aws/observability/__main__.py

@@ -0,0 +1,79 @@
+import os
+
+import pulumi
+import pulumi_kubernetes as k8s
+from pulumi_kubernetes.yaml import ConfigGroup
+
+from kic_util import pulumi_config
+
+# Removes the status field from the Nginx Ingress Helm Chart, so that i#t is
+# compatible with the Pulumi Chart implementation.
+def remove_status_field(obj):
+    if obj['kind'] == 'CustomResourceDefinition' and 'status' in obj:
+        del obj['status']
+
+def pulumi_eks_project_name():
+    script_dir = os.path.dirname(os.path.abspath(__file__))
+    eks_project_path = os.path.join(script_dir, '..', 'eks')
+    return pulumi_config.get_pulumi_project_name(eks_project_path)
+
+
+def pulumi_ingress_project_name():
+    script_dir = os.path.dirname(os.path.abspath(__file__))
+    ingress_project_path = os.path.join(script_dir, '..', 'kic-helm-chart')
+    return pulumi_config.get_pulumi_project_name(ingress_project_path)
+
+
+def otel_operator_location():
+    script_dir = os.path.dirname(os.path.abspath(__file__))
+    otel_operator_path = os.path.join(script_dir, 'otel-operator', '*.yaml')
+    return otel_operator_path
+
+def otel_deployment_location():
+    script_dir = os.path.dirname(os.path.abspath(__file__))
+    otel_deployment_path = os.path.join(script_dir, 'otel-objects', '*.yaml')
+    return otel_deployment_path
+
+def add_namespace(obj):
+    obj['metadata']['namespace'] = 'observability'
+
+
+stack_name = pulumi.get_stack()
+project_name = pulumi.get_project()
+eks_project_name = pulumi_eks_project_name()
+pulumi_user = pulumi_config.get_pulumi_user()
+
+eks_stack_ref_id = f"{pulumi_user}/{eks_project_name}/{stack_name}"
+eks_stack_ref = pulumi.StackReference(eks_stack_ref_id)
+kubeconfig = eks_stack_ref.get_output('kubeconfig').apply(lambda c: str(c))
+eks_stack_ref.get_output('cluster_name').apply(
+    lambda s: pulumi.log.info(f'Cluster name: {s}'))
+
+k8s_provider = k8s.Provider(resource_name=f'ingress-setup-sample', kubeconfig=kubeconfig)
+
+# Create the namespace
+ns = k8s.core.v1.Namespace(resource_name='observability',
+                           metadata={'name': 'observability'},
+                           opts=pulumi.ResourceOptions(provider=k8s_provider))
+
+# Config Manifests: OTEL operator
+otel_operator = otel_operator_location()
+
+otel_op = ConfigGroup(
+    'otel-op',
+    files=[otel_operator],
+    transformations=[remove_status_field], # Need to review w/ operator
+    opts=pulumi.ResourceOptions(depends_on=[ns])
+)
+
+# Config Manifests: OTEL components
+otel_deployment = otel_deployment_location()
+
+otel_dep = ConfigGroup(
+    'otel-dep',
+    files=[otel_deployment],
+    transformations=[add_namespace, remove_status_field], # Need to review w/ operator
+    opts=pulumi.ResourceOptions(depends_on=[ns,otel_op])
+)
+
+

pulumi/aws/observability/otel-objects/README.md

@@ -0,0 +1,44 @@
+## Sample Configurations
+This directory contains a number of sample configurations that can be used with the 
+[OTEL kubernetes operator](https://github.com/open-telemetry/opentelemetry-operator) that is installed as part of the
+MARA project. 
+
+Each configuration currently uses the `simplest` deployment, which uses an in-memory store for data being processed. 
+This is obviously not suited to a production deployment, but it is intended to illustrate the steps required to work 
+with the OTEL deployment.
+
+## Commonality
+
+### Listening Ports
+Each of the sample files is configured to listen on the 
+[OTLP protocol](https://opentelemetry.io/docs/reference/specification/protocol/otlp/). The listen ports configured are:
+* grpc on port 9978
+* http on port 9979
+
+### Logging 
+All of the examples log to the container's stdout. However, the basic configuration is configured to only show the 
+condensed version of the traces being received. In order to see the full traces, you need to set the logging level to
+`DEBUG`. The basic-debug object is configured to do this automatically.
+
+## Configurations
+### `otel-collector.yaml.basic`
+This is the default collector that only listens and logs summary spans to the container's stdout. 
+
+### `otel-collector.yaml.basic`
+This is a variant of the default collector that will output full spans to the container's stdout. 
+
+### `otel-collector.yaml.full`
+This is a more complex variant that contains multiple receivers, processors, and exporters. Please see the file for 
+details.
+
+### `otel-collector.yaml.lightstep`
+This configuration file deploys lightstep as an ingester. Please note you will need to have a 
+[lightstep](https://lightstep.com/) account to use this option, and you will need to add your lightstep access token 
+to the file in the field noted.
+
+## Usage
+By default, the `otel-collector.yaml.basic` configuration is copied into the live `otel-collector.yaml`. The logic for
+this project runs all files ending in `.yaml` as part of the configuration so you simply need to either rename your 
+chosen file to `otel-collector.yaml` or add ensuring only the files you want to use have the `.yaml` extension. 
+
+

pulumi/aws/observability/otel-objects/otel-collector.yaml

@@ -0,0 +1,28 @@
+apiVersion: opentelemetry.io/v1alpha1
+kind: OpenTelemetryCollector
+metadata:
+  name: simplest
+  namespace: observability
+spec:
+  config: |
+    receivers:
+      otlp:
+        protocols:
+          grpc:
+            endpoint: 0.0.0.0:9978
+          http:
+            endpoint: 0.0.0.0:9979
+
+    processors:
+      batch:
+
+    exporters:
+      logging:
+        logLevel:
+
+    service:
+      pipelines:
+        traces:
+          receivers: [otlp]
+          processors: [batch]
+          exporters: [logging]

pulumi/aws/observability/otel-objects/otel-collector.yaml.basic

@@ -0,0 +1,28 @@
+apiVersion: opentelemetry.io/v1alpha1
+kind: OpenTelemetryCollector
+metadata:
+  name: simplest
+  namespace: observability
+spec:
+  config: |
+    receivers:
+      otlp:
+        protocols:
+          grpc:
+            endpoint: 0.0.0.0:9978
+          http:
+            endpoint: 0.0.0.0:9979
+
+    processors:
+      batch:
+
+    exporters:
+      logging:
+        logLevel:
+
+    service:
+      pipelines:
+        traces:
+          receivers: [otlp]
+          processors: [batch]
+          exporters: [logging]

pulumi/aws/observability/otel-objects/otel-collector.yaml.basic-debug

@@ -0,0 +1,28 @@
+apiVersion: opentelemetry.io/v1alpha1
+kind: OpenTelemetryCollector
+metadata:
+  name: simplest
+  namespace: observability
+spec:
+  config: |
+    receivers:
+      otlp:
+        protocols:
+          grpc:
+            endpoint: 0.0.0.0:9978
+          http:
+            endpoint: 0.0.0.0:9979
+
+    processors:
+      batch:
+
+    exporters:
+      logging:
+        logLevel: debug
+
+    service:
+      pipelines:
+        traces:
+          receivers: [otlp]
+          processors: [batch]
+          exporters: [logging]

pulumi/aws/observability/otel-objects/otel-collector.yaml.full

@@ -0,0 +1,65 @@
+apiVersion: opentelemetry.io/v1alpha1
+kind: OpenTelemetryCollector
+metadata:
+  name: simplest
+  namespace: observability
+spec:
+  config: |
+    extensions:
+      health_check:
+      pprof:
+        endpoint: 0.0.0.0:1777
+      zpages:
+        endpoint: 0.0.0.0:55679
+    
+    receivers:
+      otlp:
+        protocols:
+          grpc:
+            endpoint: 0.0.0.0:9978
+          http:
+            endpoint: 0.0.0.0:9979
+      opencensus:
+      jaeger:
+        protocols:
+          grpc:
+          thrift_binary:
+          thrift_compact:
+          thrift_http:
+      zipkin:
+    
+      # Collect own metrics
+      prometheus:
+        config:
+          scrape_configs:
+            - job_name: 'otel-collector'
+              scrape_interval: 120s
+              static_configs:
+                - targets: [ '0.0.0.0:8080']
+              metrics_path: '/z/prometheus'
+    
+    processors:
+      batch:
+    
+    exporters:
+      prometheus:
+        endpoint: "0.0.0.0:8889"
+    
+      logging:
+        logLevel: debug
+    
+      jaeger:
+        endpoint: "0.0.0.0:14250"
+     
+    service:
+      pipelines:
+        traces:
+          receivers: [otlp, opencensus, jaeger, zipkin]
+          processors: [batch]
+          exporters: [logging, jaeger]
+        metrics:
+          receivers: [otlp, opencensus, prometheus]
+          processors: [batch]
+          exporters: [logging]
+    
+      extensions: [health_check, pprof, zpages]

pulumi/aws/observability/otel-objects/otel-collector.yaml.lightstep

@@ -0,0 +1,35 @@
+apiVersion: opentelemetry.io/v1alpha1
+kind: OpenTelemetryCollector
+metadata:
+  name: simplest
+  namespace: observability
+spec:
+  config: |
+    receivers:
+      otlp:
+        protocols:
+          grpc:
+            endpoint: 0.0.0.0:9978
+          http:
+            endpoint: 0.0.0.0:9979
+
+    exporters:
+      logging:
+      otlp:
+        endpoint: ingest.lightstep.com:443
+        headers:
+          "lightstep-access-token":"YOURTOKEN"
+
+    processors:
+      batch:
+
+    service:
+      pipelines:
+        traces:
+          receivers: [otlp]
+          processors: [batch]
+          exporters: [logging, otlp]
+        metrics:
+          receivers: [otlp]
+          processors: [batch]
+          exporters: [logging, otlp]