Skip to content

[otel container]: Create otel container for HFT #23666

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
kperumalbfn merged 44 commits into from
Jan 12, 2026
Merged

[otel container]: Create otel container for HFT #23666

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
44 commits
Select commit Hold shift + click to select a range
b44783d
Create otel container for HFT
Janetxxx Aug 11, 2025
9c2e1dd
Set up rules for otel container
Janetxxx Aug 11, 2025
867dae4
set up dep rules for otel container
Janetxxx Aug 11, 2025
72df3d4
update otel vars
Janetxxx Aug 11, 2025
cdab210
add service check and feature support
Janetxxx Sep 15, 2025
0fe2a7c
update otel vars and docker file j2
Janetxxx Nov 3, 2025
ae7d085
add otel service j2 and soft symbolic link
Janetxxx Nov 12, 2025
5544587
fix indentation
Janetxxx Nov 13, 2025
59735c3
fix binary file path
Janetxxx Nov 14, 2025
804de77
add otel service jinja2 file
Janetxxx Nov 16, 2025
128e6b1
add symbolic link
Janetxxx Nov 17, 2025
6f012d0
resolve copilot format comments
Janetxxx Nov 17, 2025
c92c743
Copy otel.serviceto system and disable otel container by default
Janetxxx Nov 23, 2025
75ba8b2
fix typo
Janetxxx Nov 24, 2025
58b6bce
fix core file path in debian extension j2
Janetxxx Nov 29, 2025
893b8f5
fix docker-otel.mk
Janetxxx Nov 29, 2025
e9eebc7
add otel.service file into filesystem root
Janetxxx Dec 1, 2025
b620101
remove redundant service file and disable otel by default
Janetxxx Dec 4, 2025
0b2f172
add static otel config file
Janetxxx Dec 5, 2025
9e0c88f
fix indentation
Janetxxx Dec 5, 2025
367ae36
fix indentation
Janetxxx Dec 5, 2025
0df0c9b
remove otel from protected file
Janetxxx Dec 5, 2025
456e3da
update config file location and install otel debian file
Janetxxx Dec 11, 2025
b037620
update endpoint
Janetxxx Dec 11, 2025
15e6ba0
fix typo when validate the otel config yaml
Janetxxx Dec 11, 2025
bf84774
fix cross-platform support in dockerfile
Janetxxx Dec 12, 2025
e02d29c
fix deb download for armhf
Janetxxx Dec 13, 2025
acea365
fix syntax when arch is armhf
Janetxxx Dec 13, 2025
28333dd
fix syntax in CONFIGURED_ARCH
Janetxxx Dec 14, 2025
99d07b4
change otel config path
Janetxxx Dec 16, 2025
13f724b
Merge branch 'master' into dev/jc/otel-container
Pterosaur Dec 18, 2025
6957337
Fix yml extension
Pterosaur Dec 19, 2025
b84d44d
otel auto start
Pterosaur Dec 19, 2025
cbd9754
Merge branch 'master' into dev/jc/otel-container
Pterosaur Dec 19, 2025
f66260a
Fix copilot comments
Pterosaur Dec 20, 2025
fe44474
Merge branch 'master' into dev/jc/otel-container
Pterosaur Dec 21, 2025
e5af4b4
Merge branch 'master' into dev/jc/otel-container
Pterosaur Dec 21, 2025
f98caac
Add newline
Pterosaur Dec 22, 2025
b00adc1
Merge branch 'master' into dev/jc/otel-container
Pterosaur Dec 29, 2025
7215a1b
Merge branch 'master' into dev/jc/otel-container
Janetxxx Jan 8, 2026
33d3d74
Merge branch 'master' into dev/jc/otel-container
kperumalbfn Jan 8, 2026
37d35d9
Merge branch 'master' into dev/jc/otel-container
Janetxxx Jan 9, 2026
b705491
Merge branch 'master' into dev/jc/otel-container
kperumalbfn Jan 9, 2026
ad2e202
Merge branch 'master' into dev/jc/otel-container
kperumalbfn Jan 9, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions Makefile.work
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -546,6 +546,7 @@ SONIC_BUILD_INSTRUCTION := $(MAKE) \
SONIC_INCLUDE_SYSTEM_GNMI=$(INCLUDE_SYSTEM_GNMI) \
SONIC_INCLUDE_SYSTEM_BMP=$(INCLUDE_SYSTEM_BMP) \
SONIC_INCLUDE_SYSTEM_EVENTD=$(INCLUDE_SYSTEM_EVENTD) \
SONIC_INCLUDE_SYSTEM_OTEL=$(INCLUDE_SYSTEM_OTEL) \
INCLUDE_DHCP_RELAY=$(INCLUDE_DHCP_RELAY) \
INCLUDE_DHCP_SERVER=$(INCLUDE_DHCP_SERVER) \
INCLUDE_MACSEC=$(INCLUDE_MACSEC) \
Expand Down
74 changes: 74 additions & 0 deletions dockers/docker-sonic-otel/Dockerfile.j2
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,74 @@
{% from "dockers/dockerfile-macros.j2" import install_debian_packages, install_python_wheels, copy_files %}
ARG BASE=docker-config-engine-bookworm-{{DOCKER_USERNAME}}:{{DOCKER_USERTAG}}

FROM $BASE AS base

ARG docker_container_name
ARG image_version

## Make apt-get non-interactive
ENV DEBIAN_FRONTEND=noninteractive

# Pass the image_version to container
ENV IMAGE_VERSION=$image_version

RUN apt-get update

{% if docker_sonic_otel_debs.strip() -%}
# Copy locally-built Debian package dependencies
{{ copy_files("debs/", docker_sonic_otel_debs.split(' '), "/debs/") }}

# Install locally-built Debian packages and implicitly install their dependencies
{{ install_debian_packages(docker_sonic_otel_debs.split(' ')) }}
{%- endif %}

# Install dependencies
RUN apt-get install -y \
ca-certificates \
curl \
wget

# Install OpenTelemetry Collector from official .deb package
ARG OTEL_VERSION=0.114.0

# Download and install official .deb package with architecture-specific logic
{% if CONFIGURED_ARCH == "armhf" %}
RUN wget -v -O /tmp/otelcol-contrib.deb \
"https://github.com/open-telemetry/opentelemetry-collector-releases/releases/download/v${OTEL_VERSION}/otelcol-contrib_${OTEL_VERSION}_linux_armv7.deb" && \
dpkg --info /tmp/otelcol-contrib.deb && \
(dpkg -i /tmp/otelcol-contrib.deb || apt-get install -f -y) && \
ln -sf /usr/bin/otelcol-contrib /usr/local/bin/otelcol-contrib && \
rm /tmp/otelcol-contrib.deb
{% elif CONFIGURED_ARCH == "arm64" %}
RUN wget -v -O /tmp/otelcol-contrib.deb \
"https://github.com/open-telemetry/opentelemetry-collector-releases/releases/download/v${OTEL_VERSION}/otelcol-contrib_${OTEL_VERSION}_linux_arm64.deb" && \
dpkg --info /tmp/otelcol-contrib.deb && \
(dpkg -i /tmp/otelcol-contrib.deb || apt-get install -f -y) && \
ln -sf /usr/bin/otelcol-contrib /usr/local/bin/otelcol-contrib && \
rm /tmp/otelcol-contrib.deb
{% else %}
RUN wget -v -O /tmp/otelcol-contrib.deb \
"https://github.com/open-telemetry/opentelemetry-collector-releases/releases/download/v${OTEL_VERSION}/otelcol-contrib_${OTEL_VERSION}_linux_amd64.deb" && \
dpkg --info /tmp/otelcol-contrib.deb && \
(dpkg -i /tmp/otelcol-contrib.deb || apt-get install -f -y) && \
ln -sf /usr/bin/otelcol-contrib /usr/local/bin/otelcol-contrib && \
rm /tmp/otelcol-contrib.deb
Comment on lines +35 to +55
Copy link

Copilot AI Dec 16, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The Dockerfile.j2 downloads and installs the otelcol-contrib .deb using wget and dpkg -i without any checksum or signature verification. If the GitHub release, download channel, or TLS chain is compromised, a malicious package could be substituted and executed during the build and at runtime inside the OTEL container, which has access to SONiC configuration data via the /etc/sonic mount. To mitigate this, verify the .deb’s integrity using a pinned checksum or vendor signature, or consume it via a signed package repository instead of an unauthenticated direct download.

Copilot uses AI. Check for mistakes.
{% endif %}

COPY ["start.sh", "otel.sh", "/usr/bin/"]
RUN chmod +x /usr/bin/start.sh /usr/bin/otel.sh
COPY ["supervisord.conf", "/etc/supervisor/conf.d/"]
COPY ["critical_processes", "/etc/supervisor"]

FROM $BASE

RUN --mount=type=bind,from=base,target=/changes-to-image rsync -axAX --no-D --exclude=/sys --exclude=/proc --exclude=/dev --exclude=resolv.conf /changes-to-image/ /

## Make apt-get non-interactive
ENV DEBIAN_FRONTEND=noninteractive

# Pass the image_version to container
ENV IMAGE_VERSION=$image_version
Copy link

Copilot AI Dec 21, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The image_version ARG is only declared in the first build stage (line 7) but is used in the second stage (line 71) to set the IMAGE_VERSION environment variable. Since the second stage starts with FROM $BASE at line 63, the ARG from the first stage is not available. You need to re-declare the ARG after the FROM statement in the second stage, or pass it through the first stage.

Copilot uses AI. Check for mistakes.

ENTRYPOINT ["/usr/local/bin/supervisord"]

5 changes: 5 additions & 0 deletions dockers/docker-sonic-otel/base_image_files/monit_otel
View file
Open in desktop
Copy link
Contributor

@Pterosaur Pterosaur Dec 8, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What's this file used for?

Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
###############################################################################
## Monit configuration for otel container
###############################################################################
Copy link

Copilot AI Dec 13, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The monit memory check threshold is set to 419430400 bytes (approximately 400 MB), but there's no documentation or justification for this specific value. This threshold should be based on actual memory profiling of the OTEL collector under expected load conditions.

Consider adding a comment explaining how this threshold was determined, or if this is a placeholder value that needs tuning based on actual deployment scenarios.

Suggested change
###############################################################################
###############################################################################
# Memory threshold for OTEL collector is set to 419430400 bytes (400 MB).
# TODO: This value is a placeholder based on initial estimates. It should be adjusted based on actual memory profiling of the OTEL collector under expected load conditions.

Copilot uses AI. Check for mistakes.
check program container_memory_telemetry with path "/usr/bin/memory_checker otel 419430400"
Copy link

Copilot AI Nov 28, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The monit check program name uses "container_memory_telemetry" but should use "container_memory_otel" to match the container name. This is inconsistent with the naming pattern used in other containers (e.g., "container_memory_gnmi" in monit_gnmi).

Suggested change
check program container_memory_telemetry with path "/usr/bin/memory_checker otel 419430400"
check program container_memory_otel with path "/usr/bin/memory_checker otel 419430400"

Copilot uses AI. Check for mistakes.
if status == 3 for 10 times within 20 cycles then exec "/usr/bin/restart_service otel" repeat every 2 cycles
2 changes: 2 additions & 0 deletions dockers/docker-sonic-otel/critical_processes
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
program:otel

38 changes: 38 additions & 0 deletions dockers/docker-sonic-otel/otel.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,38 @@
#!/usr/bin/env bash

EXIT_OTEL_CONFIG_FILE_NOT_FOUND=1
OTEL_CONFIG_FILE=/etc/sonic/otel_config.yml

echo "Starting otel.sh script"
echo "Checking for config file: $OTEL_CONFIG_FILE"

if [ ! -f "$OTEL_CONFIG_FILE" ]; then
echo "ERROR: OTEL config file not found at $OTEL_CONFIG_FILE"
exit $EXIT_OTEL_CONFIG_FILE_NOT_FOUND
fi

echo "Config file found at: $OTEL_CONFIG_FILE"

# Validate the YAML configuration
echo "Validating YAML configuration..."
python3 -c "import yaml; yaml.safe_load(open(\"$OTEL_CONFIG_FILE\"))" 2>&1
if [ $? -ne 0 ]; then
echo "ERROR: YAML configuration is invalid"
exit 1
fi

OTEL_ARGS="--config=$OTEL_CONFIG_FILE"

echo "Checking otelcol-contrib binary"
ls -la /usr/local/bin/otelcol-contrib

if [ ! -x "/usr/local/bin/otelcol-contrib" ]; then
echo "ERROR: otelcol-contrib binary not found or not executable"
exit 1
fi

echo "otel collector args: $OTEL_ARGS"
echo "Starting OTEL Collector with config file: $OTEL_CONFIG_FILE"
Comment on lines +6 to +35
Copy link

Copilot AI Dec 11, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The script includes extensive debug logging (echo statements) that will clutter production logs. Lines 6-7, 15-17, 20-21, 27, 29-30, and 37-38 contain debugging output that should either be removed or wrapped in a conditional debug flag to avoid verbose logging in production environments. Consider using the logger command for important messages and removing unnecessary echo statements.

Copilot uses AI. Check for mistakes.

exec /usr/local/bin/otelcol-contrib ${OTEL_ARGS}

14 changes: 14 additions & 0 deletions dockers/docker-sonic-otel/start.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
#!/usr/bin/env bash

if [ "${RUNTIME_OWNER}" == "" ]; then
RUNTIME_OWNER="kube"
Comment on lines +3 to +4
Copy link

Copilot AI Dec 19, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The default RUNTIME_OWNER is set to "kube" when the environment variable is not set. This default seems inappropriate for a general-purpose OTEL container that should work in non-Kubernetes environments. Consider using a more appropriate default value or documenting why "kube" is the expected default.

Suggested change
if [ "${RUNTIME_OWNER}" == "" ]; then
RUNTIME_OWNER="kube"
# Default to a generic runtime owner when not explicitly set via the environment.
if [ -z "${RUNTIME_OWNER}" ]; then
RUNTIME_OWNER="default"

Copilot uses AI. Check for mistakes.
fi

CTR_SCRIPT="/usr/share/sonic/scripts/container_startup.py"
if test -f ${CTR_SCRIPT}
then
${CTR_SCRIPT} -f otel -o ${RUNTIME_OWNER} -v ${IMAGE_VERSION}
fi

mkdir -p /var/sonic
echo "# Config files managed by sonic-config-engine" > /var/sonic/config_status
58 changes: 58 additions & 0 deletions dockers/docker-sonic-otel/supervisord.conf
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,58 @@
[supervisord]
logfile_maxbytes=1MB
logfile_backups=2
nodaemon=true

[eventlistener:dependent-startup]
command=python3 -m supervisord_dependent_startup
autostart=true
autorestart=unexpected
startretries=0
exitcodes=0,3
events=PROCESS_STATE
buffer_size=1024

[eventlistener:supervisor-proc-exit-listener]
command=/usr/local/bin/supervisor-proc-exit-listener --container-name otel
Copy link

Copilot AI Dec 20, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The supervisor-proc-exit-listener command path is inconsistent with other containers. All other containers in the codebase use "/usr/bin/supervisor-proc-exit-listener-rs" but this uses "/usr/local/bin/supervisor-proc-exit-listener". This should be updated to match the standard path used across the system.

Suggested change
command=/usr/local/bin/supervisor-proc-exit-listener --container-name otel
command=/usr/bin/supervisor-proc-exit-listener-rs --container-name otel

Copilot uses AI. Check for mistakes.
events=PROCESS_STATE_EXITED,PROCESS_STATE_RUNNING
autostart=true
autorestart=unexpected
buffer_size=1024

[program:rsyslogd]
command=/usr/sbin/rsyslogd -n -iNONE
priority=1
autostart=false
autorestart=true
stdout_logfile=NONE
stdout_syslog=true
stderr_logfile=NONE
stderr_syslog=true
dependent_startup=true

[program:start]
command=/usr/bin/start.sh
priority=2
autostart=false
autorestart=false
startsecs=0
stdout_logfile=NONE
stdout_syslog=true
stderr_logfile=NONE
stderr_syslog=true
dependent_startup=true
dependent_startup_wait_for=rsyslogd:running

[program:otel]
command=/usr/bin/otel.sh
priority=3
autostart=false
autorestart=true
startsecs=0
stdout_logfile=NONE
stdout_syslog=true
stderr_logfile=NONE
stderr_syslog=true
dependent_startup=true
dependent_startup_wait_for=start:exited

15 changes: 15 additions & 0 deletions files/build_templates/otel.service.j2
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,15 @@
[Unit]
Description=Otel container
Copy link

Copilot AI Nov 28, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The description uses "Otel" but should use "OTEL" to match the naming convention for acronyms used in other service descriptions (e.g., "GNMI container", "P4RT App container"). OTEL stands for OpenTelemetry and should be in all caps.

Suggested change
Description=Otel container
Description=OTEL container

Copilot uses AI. Check for mistakes.
Copy link

Copilot AI Dec 21, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The service description uses "Otel" with mixed case, but the standard abbreviation is "OTEL" (all caps) for OpenTelemetry. This should be changed to "OTEL container" for consistency with other services like "GNMI container" and "Telemetry container", and to match industry standard naming for OpenTelemetry.

Suggested change
Description=Otel container
Description=OTEL container

Copilot uses AI. Check for mistakes.
Requires=database.service
Copy link

Copilot AI Dec 11, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The systemd service ordering creates a potential dependency conflict. The service specifies "Before=swss.service" (line 4) and "After=sonic.target" (line 6), but swss.service typically starts after sonic.target as well. Additionally, the otel service only requires database.service but doesn't have an After dependency on it, which could lead to race conditions during startup. Consider adding "After=database.service" after line 3 to ensure proper startup ordering, and verify that the Before=swss.service ordering is actually required for HFT functionality.

Suggested change
Requires=database.service
Requires=database.service
After=database.service

Copilot uses AI. Check for mistakes.
Before=swss.service
BindsTo=sonic.target
After=sonic.target
StartLimitIntervalSec=1200
StartLimitBurst=3

[Service]
User={{ sonicadmin_user }}
ExecStartPre=/usr/local/bin/{{docker_container_name}}.sh start
ExecStart=/usr/local/bin/{{docker_container_name}}.sh wait
ExecStop=/usr/local/bin/{{docker_container_name}}.sh stop
RestartSec=30
Copy link

Copilot AI Dec 11, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The systemd service file is missing an [Install] section. Most other SONiC service files include an [Install] section with "WantedBy=sonic.target" to enable the service to be started by systemd. Without this section, the service may not be properly integrated into the system startup sequence. Add an [Install] section with "WantedBy=sonic.target" at the end of the file for consistency with other services like gnmi.service, telemetry.service, etc.

Suggested change
RestartSec=30
RestartSec=30
[Install]
WantedBy=sonic.target

Copilot uses AI. Check for mistakes.
8 changes: 8 additions & 0 deletions files/build_templates/sonic_debian_extension.j2
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -647,6 +647,13 @@ sudo LANG=C chroot $FILESYSTEM_ROOT systemctl disable dash-engine

{%- endif %}

{%- if include_system_otel == "y" %}

# Copy OTEL configuration files
sudo cp $IMAGE_CONFIGS/otel/otel_config.yml $FILESYSTEM_ROOT/etc/sonic/

{%- endif %}

# Copy platform topology configuration scripts
sudo cp $IMAGE_CONFIGS/config-topology/config-topology.service $FILESYSTEM_ROOT_USR_LIB_SYSTEMD_SYSTEM
echo "config-topology.service" | sudo tee -a $GENERATED_SERVICE_FILE
Expand Down Expand Up @@ -1041,6 +1048,7 @@ sudo LANG=C cp $SCRIPTS_DIR/database.sh $FILESYSTEM_ROOT/usr/local/bin/database.
sudo LANG=C cp $SCRIPTS_DIR/snmp.sh $FILESYSTEM_ROOT/usr/local/bin/snmp.sh
sudo LANG=C cp $SCRIPTS_DIR/telemetry.sh $FILESYSTEM_ROOT/usr/local/bin/telemetry.sh
sudo LANG=C cp $SCRIPTS_DIR/gnmi.sh $FILESYSTEM_ROOT/usr/local/bin/gnmi.sh
sudo LANG=C cp $SCRIPTS_DIR/otel.sh $FILESYSTEM_ROOT/usr/local/bin/otel.sh
sudo LANG=C cp $SCRIPTS_DIR/bmp.sh $FILESYSTEM_ROOT/usr/local/bin/bmp.sh
sudo LANG=C cp $SCRIPTS_DIR/mgmt-framework.sh $FILESYSTEM_ROOT/usr/local/bin/mgmt-framework.sh
sudo LANG=C cp $SCRIPTS_DIR/asic_status.sh $FILESYSTEM_ROOT/usr/local/bin/asic_status.sh
Expand Down
1 change: 1 addition & 0 deletions files/image_config/logrotate/rsyslog.j2
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -32,6 +32,7 @@
/var/log/telemetry.log
/var/log/stpd.log
/var/log/gnmi.log
/var/log/otel.log
/var/log/frr/bgpd.log
/var/log/frr/zebra.log
/var/log/swss/sairedis*.rec
Expand Down
38 changes: 38 additions & 0 deletions files/image_config/otel/otel_config.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,38 @@
receivers:
otlp:
protocols:
grpc:
endpoint: "127.0.0.1:4317"
http:
endpoint: "127.0.0.1:4318"

processors:
batch:
timeout: 1s
send_batch_size: 1000

Copy link

Copilot AI Dec 11, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The default configuration only includes a debug exporter which outputs to logs. While this is suitable for initial testing, production deployments will need to configure actual exporters (e.g., OTLP, Prometheus, etc.). Consider adding a comment in the configuration file indicating that this is a default/example configuration and that users should customize the exporters section for their specific telemetry backend.

Suggested change
# NOTE: This is a default/example configuration using the debug exporter.
# For production deployments, customize the exporters section below to use an actual telemetry backend (e.g., OTLP, Prometheus, Jaeger, etc.).

Copilot uses AI. Check for mistakes.
exporters:
Copy link

Copilot AI Dec 13, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The "debug" exporter with "verbosity: detailed" is configured in the OTEL pipeline, which will log all telemetry data at a detailed level. This is likely intended for development/testing but could generate excessive log volume in production and potentially expose sensitive operational data.

For production deployments, consider using a more appropriate exporter (e.g., otlp, prometheus) or at minimum reduce the verbosity level to "normal" or "basic". If this is intended as a default configuration that users should customize, add a comment noting this is a development/testing configuration.

Suggested change
exporters:
exporters:
# The "debug" exporter with "verbosity: detailed" is intended for development/testing only.
# Do NOT use this configuration in production as it may generate excessive logs and expose sensitive data.

Copilot uses AI. Check for mistakes.
debug:
Copy link

Copilot AI Dec 21, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The default OTEL configuration uses the 'debug' exporter with detailed verbosity, which outputs telemetry data to stdout/logs. This is suitable for development and testing but may not be appropriate for production use. Consider adding documentation or comments explaining that this configuration needs to be customized for production deployments with appropriate exporters (e.g., OTLP, Prometheus, etc.) configured to send data to actual telemetry backends.

Suggested change
debug:
debug:
# NOTE: The 'debug' exporter writes telemetry data to stdout/logs and is intended
# for development and testing only. For production deployments, customize this
# configuration to use one or more exporters that send data to your telemetry
# backend (for example 'otlp', 'prometheus', etc.).

Copilot uses AI. Check for mistakes.
verbosity: detailed

Copy link

Copilot AI Nov 28, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Trailing whitespace at end of line.

Suggested change

Copilot uses AI. Check for mistakes.
Copy link

Copilot AI Dec 4, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Trailing whitespace at the end of the line. This should be removed to maintain code cleanliness.

Suggested change

Copilot uses AI. Check for mistakes.
Copy link

Copilot AI Dec 16, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Trailing whitespace detected after the debug: exporter definition. While this doesn't affect YAML parsing, it's a style issue that should be removed for consistency and cleanliness.

Suggested change

Copilot uses AI. Check for mistakes.
Copy link

Copilot AI Dec 20, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There is trailing whitespace after "debug:" on this line. This should be removed for code cleanliness.

Suggested change

Copilot uses AI. Check for mistakes.
service:
telemetry:
logs:
level: "info"

pipelines:
metrics:
receivers: [otlp]
processors: [batch]
exporters: [debug]

logs:
receivers: [otlp]
processors: [batch]
exporters: [debug]

traces:
receivers: [otlp]
processors: [batch]
exporters: [debug]

7 changes: 7 additions & 0 deletions files/image_config/rsyslog/rsyslog.d/00-sonic.conf.j2
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -47,10 +47,17 @@ if $msg startswith " telemetry" or ($msg startswith " dialout" )then {
stop
}

## otel rules
if $msg startswith " otel" then {
/var/log/otel.log
stop
}

## stpd rules
if $programname contains "stp" then {
if not ($msg contains "STP_SYSLOG") then {
/var/log/stpd.log
stop
}
}

1 change: 1 addition & 0 deletions files/scripts/otel.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
service_mgmt.sh
3 changes: 3 additions & 0 deletions rules/config
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -122,6 +122,9 @@ INCLUDE_SYSTEM_EVENTD = y
# INCLUDE_SYSTEM_TELEMETRY - build docker-sonic-telemetry for system telemetry support
INCLUDE_SYSTEM_TELEMETRY = n

# INCLUDE_SYSTEM_OTEL - build docker-sonic-otel for High Frequency Telemetry (HFT) support
INCLUDE_SYSTEM_OTEL = y

# INCLUDE_ICCPD - build docker-iccpd for mclag support
INCLUDE_ICCPD = n

Expand Down
11 changes: 11 additions & 0 deletions rules/docker-otel.dep
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
DPATH := $($(DOCKER_OTEL)_PATH)
DEP_FILES := $(SONIC_COMMON_FILES_LIST) rules/docker-otel.mk rules/docker-otel.dep
DEP_FILES += $(SONIC_COMMON_BASE_FILES_LIST)
DEP_FILES += $(shell git ls-files $(DPATH))

$(DOCKER_OTEL)_CACHE_MODE := GIT_CONTENT_SHA
$(DOCKER_OTEL)_DEP_FLAGS := $(SONIC_COMMON_FLAGS_LIST)
$(DOCKER_OTEL)_DEP_FILES := $(DEP_FILES)

$(eval $(call add_dbg_docker,$(DOCKER_OTEL),$(DOCKER_OTEL_DBG)))

40 changes: 40 additions & 0 deletions rules/docker-otel.mk
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,40 @@
# docker image for otel collector

DOCKER_OTEL_STEM = docker-sonic-otel
DOCKER_OTEL = $(DOCKER_OTEL_STEM).gz
DOCKER_OTEL_DBG = $(DOCKER_OTEL_STEM)-$(DBG_IMAGE_MARK).gz

$(DOCKER_OTEL)_PATH = $(DOCKERS_PATH)/$(DOCKER_OTEL_STEM)

$(DOCKER_OTEL)_DBG_DEPENDS = $($(DOCKER_CONFIG_ENGINE_BOOKWORM)_DBG_DEPENDS)
$(DOCKER_OTEL)_LOAD_DOCKERS += $(DOCKER_CONFIG_ENGINE_BOOKWORM)
$(DOCKER_OTEL)_VERSION = 1.0.0
$(DOCKER_OTEL)_PACKAGE_NAME = otel
$(DOCKER_OTEL)_DBG_IMAGE_PACKAGES = $($(DOCKER_CONFIG_ENGINE_BOOKWORM)_DBG_IMAGE_PACKAGES)

SONIC_DOCKER_IMAGES += $(DOCKER_OTEL)
SONIC_BOOKWORM_DOCKERS += $(DOCKER_OTEL)
ifeq ($(INCLUDE_SYSTEM_OTEL), y)
SONIC_INSTALL_DOCKER_IMAGES += $(DOCKER_OTEL)
endif

SONIC_DOCKER_DBG_IMAGES += $(DOCKER_OTEL_DBG)
SONIC_BOOKWORM_DBG_DOCKERS += $(DOCKER_OTEL_DBG)
ifeq ($(INCLUDE_SYSTEM_OTEL), y)
SONIC_INSTALL_DOCKER_DBG_IMAGES += $(DOCKER_OTEL_DBG)
endif

$(DOCKER_OTEL)_CONTAINER_NAME = otel
$(DOCKER_OTEL)_RUN_OPT += -t
$(DOCKER_OTEL)_RUN_OPT += -v /etc/sonic:/etc/sonic:ro
$(DOCKER_OTEL)_RUN_OPT += -v /etc/localtime:/etc/localtime:ro
$(DOCKER_OTEL)_RUN_OPT += -v /:/mnt/host:ro
$(DOCKER_OTEL)_RUN_OPT += -v /tmp:/mnt/host/tmp:rw
$(DOCKER_OTEL)_RUN_OPT += -v /var/tmp:/mnt/host/var/tmp:rw
$(DOCKER_OTEL)_RUN_OPT += --pid=host
$(DOCKER_OTEL)_RUN_OPT += --privileged
$(DOCKER_OTEL)_RUN_OPT += --userns=host

$(DOCKER_OTEL)_BASE_IMAGE_FILES += monit_otel:/etc/monit/conf.d

Copy link

Copilot AI Dec 21, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Missing newline at end of file. Add a blank line at the end for consistency with other makefile rules.

Suggested change

Copilot uses AI. Check for mistakes.

Loading
Loading