pre release

grafana/values.yaml

@@ -214,9 +214,18 @@ ingress:
   # See https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/#specifying-the-class-of-an-ingress
   ingressClassName: nginx
   # Values can be templated
-  annotations: {}
-    # kubernetes.io/ingress.class: nginx
-    # kubernetes.io/tls-acme: "true"
+  annotations:
+    kubernetes.io/ingress.class: nginx
+    kubernetes.io/tls-acme: "true"
+    nginx.ingress.kubernetes.io/enable-cors: "true"
+    nginx.ingress.kubernetes.io/cors-allow-origin: "*"
+    nginx.ingress.kubernetes.io/proxy-cache: "true"
+    nginx.ingress.kubernetes.io/proxy-cache-path: "/tmp/nginx-cache"
+    nginx.ingress.kubernetes.io/proxy-cache-methods: "GET,HEAD,POST"
+    nginx.ingress.kubernetes.io/proxy-cache-min_uses: "1"
+    nginx.ingress.kubernetes.io/proxy-cache-lock: "on"
+    nginx.ingress.kubernetes.io/proxy-cache-valid: "10m"
+    nginx.ingress.kubernetes.io/proxy-cache-max-size: "100m"  
   labels: {}
   path: /
 
@@ -716,6 +725,7 @@ grafana.ini:
     url: https://grafana.net
   server:
     domain: "{{ if (and .Values.ingress.enabled .Values.ingress.hosts) }}{{ .Values.ingress.hosts | first }}{{ else }}''{{ end }}"
+    #root_url: "http://%(domain)/grafana/"
 ## grafana Authentication can be enabled with the following values on grafana.ini
  # server:
       # The full public facing url you use in browser, used for redirects and emails

network-policy/egress_ip.yaml

@@ -0,0 +1,15 @@
+apiVersion: networking.k8s.io/v1
+kind: NetworkPolicy
+metadata:
+  name: deny-order-svc2item-svc
+  namespace: deepflow-otel-spring-demo
+spec:
+  podSelector:
+    matchLabels:
+      app: svc-order
+  policyTypes:
+    - Egress
+  egress:
+    - to:
+      - ipBlock:
+          cidr: 10.244.3.34/16

network-policy/ingress_ip.yaml

@@ -0,0 +1,10 @@
+apiVersion: networking.k8s.io/v1
+kind: NetworkPolicy
+metadata:
+  name: deny-order-svc2item-svc
+spec:
+  podSelector:
+    matchLabels:
+      app: svc-item
+  policyTypes:
+    - Ingress

obui/create-cert.sh

@@ -0,0 +1,6 @@
+kubectl create secret generic buget-secret \
+    --from-literal=secret_key=12356789 \
+    --from-literal=db_user=yawyd \
+    --from-literal=db_password=1234 \
+    --from-literal=db_name=silverstrikedb \
+    -n app

obui/deployment-front.yaml

@@ -0,0 +1,32 @@
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: obf
+  namespace: observe
+  labels:
+    app.kubernetes.io/name: obf
+spec:
+  selector:
+    matchLabels:
+      app.kubernetes.io/name: obf
+  replicas: 1
+  template:
+    metadata:
+      labels:
+        app.kubernetes.io/name: obf
+    spec:
+      containers:
+        - name: nginx
+          image: registry.cestong.com:8150/cecf/observe-front
+          imagePullPolicy: Always
+          ports:
+            - name: web
+              containerPort: 80
+              protocol: TCP
+          securityContext:
+            allowPrivilegeEscalation: false
+              #runAsGroup: ''
+          env:
+            - name: TZ
+              value: "Asia/Shanghai"

obui/deployment.yaml

@@ -0,0 +1,32 @@
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: obui
+  namespace: observe
+  labels:
+    app.kubernetes.io/name: obui
+spec:
+  selector:
+    matchLabels:
+      app.kubernetes.io/name: obui
+  replicas: 1
+  template:
+    metadata:
+      labels:
+        app.kubernetes.io/name: obui
+    spec:
+      containers:
+        - name: nginx
+          image: registry.cestong.com:8150/cecf/observe-ui
+          imagePullPolicy: Always
+          ports:
+            - name: web
+              containerPort: 80
+              protocol: TCP
+          securityContext:
+            allowPrivilegeEscalation: false
+              #runAsGroup: ''
+          env:
+            - name: TZ
+              value: "Asia/Shanghai"

obui/ingress.yaml

@@ -0,0 +1,21 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: obui
+  namespace: observe
+  annotations:
+    nginx.ingress.kubernetes.io/enable-cors: "true"
+    nginx.ingress.kubernetes.io/cors-allow-origin: "*"
+spec:
+  rules:
+  - host: observe-ui.cecf.base
+    http:
+      paths:
+      - path: /
+        pathType: Prefix
+        backend:
+          service:
+            name: obui
+            port:
+              number: 80
+  ingressClassName: nginx

obui/ingress_rewrite.yaml

@@ -0,0 +1,73 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: obfront
+  namespace: observe
+  annotations:
+    nginx.ingress.kubernetes.io/enable-cors: "true"
+    nginx.ingress.kubernetes.io/cors-allow-origin: "*"
+    nginx.ingress.kubernetes.io/proxy-cache: "true"
+    nginx.ingress.kubernetes.io/proxy-cache-path: "/tmp/nginx-cache"
+    nginx.ingress.kubernetes.io/proxy-cache-methods: "GET,HEAD,POST"
+    nginx.ingress.kubernetes.io/proxy-cache-min_uses: "1"
+    nginx.ingress.kubernetes.io/proxy-cache-lock: "on"
+    nginx.ingress.kubernetes.io/proxy-cache-valid: "10m"
+    nginx.ingress.kubernetes.io/proxy-cache-max-size: "100m"
+spec:
+  rules:
+  - host: observe-ui.cecf.base
+    http:
+      paths:
+      - path: /
+        pathType: Prefix
+        backend:
+          service:
+            name: obf
+            port:
+              number: 80
+  ingressClassName: nginx
+---
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: obui
+  namespace: observe
+  annotations:
+    nginx.ingress.kubernetes.io/rewrite-target: /$1
+spec:
+  rules:
+  - host: observe-ui.cecf.base
+    http:
+      paths:
+      - path: /top/(.*)
+        pathType: Prefix
+        backend:
+          service:
+            name: obui
+            port: 
+              number: 80
+  ingressClassName: nginx
+
+---
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: rewrite2grafana
+  namespace: observe
+  annotations:
+    nginx.ingress.kubernetes.io/enable-cors: "true"
+    nginx.ingress.kubernetes.io/cors-allow-origin: "*"
+    nginx.ingress.kubernetes.io/rewrite-target: /$1
+spec:
+  rules:
+  - host: observe-ui.cecf.base
+    http:
+      paths:
+      - path: /grafana(/|$)(.*) # 匹配外部 Grafana URL，并捕获字符
+        pathType: Prefix
+        backend:
+          service:
+            name: grafana
+            port:
+              number: 80
+  ingressClassName: nginx

obui/pv.yaml

@@ -0,0 +1,23 @@
+ apiVersion: v1
+ kind: PersistentVolume
+ metadata:
+   name: static-file-server-pv
+   namespace: home
+   labels:
+     type: local
+ spec:
+   storageClassName: local
+   capacity:
+     storage: 3Gi
+   accessModes:
+     - ReadWriteOnce
+   hostPath:
+     path: "/data/k8s/storage/static-file-server"
+   nodeAffinity:
+     required:
+       nodeSelectorTerms:
+       - matchExpressions:
+         - key: kubernetes.io/hostname
+           operator: In
+           values:
+           - uranus

obui/pvc.yaml

@@ -0,0 +1,17 @@
+kind: PersistentVolumeClaim
+apiVersion: v1
+metadata:
+  name: static-file-server-pvc
+  namespace: home
+  labels: {}
+  annotations: {}
+spec:
+  accessModes:
+    - ReadWriteOnce
+  resources:
+    limits:
+      storage: 10Gi
+    requests:
+      storage: 3Gi
+  storageClassName: local
+  volumeName: static-file-server-pv

obui/svc-front.yaml

@@ -0,0 +1,16 @@
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: obf
+  namespace: observe
+spec:
+  type: ClusterIP
+  selector:
+    app.kubernetes.io/name: obf
+  ports:
+    - protocol: TCP
+      port: 80
+      targetPort: 80
+      name: "web"
+

obui/svc.yaml

@@ -0,0 +1,16 @@
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: obui
+  namespace: observe
+spec:
+  type: ClusterIP
+  selector:
+    app.kubernetes.io/name: obui
+  ports:
+    - protocol: TCP
+      port: 80
+      targetPort: 80
+      name: "web"
+

opentelemetry-collector/values.yaml

@@ -155,7 +155,7 @@ config:
         exporters:
           - otlp
           - clickhouse
-          - kafka
+          #- kafka
         processors:
           - memory_limiter
           - batch

opentelemetry-demo/charts/opentelemetry-collector/values.yaml

@@ -142,17 +142,17 @@ config:
 
 image:
   # If you want to use the core image `otel/opentelemetry-collector`, you also need to change `command.name` value to `otelcol`.
-  repository: otel/opentelemetry-collector-contrib
+  repository: registry.cestong.com:8150/cecf/opentelemetry-collector-contrib
   pullPolicy: IfNotPresent
   # Overrides the image tag whose default is the chart appVersion.
-  tag: ""
+  tag: "latest"
   # When digest is set to a non-empty value, images will be pulled by digest (regardless of tag value).
   digest: ""
 imagePullSecrets: []
 
 # OpenTelemetry Collector executable
 command:
-  name: otelcol-contrib
+  name: otelcontribcol
   extraArgs: []
 
 serviceAccount:

opentelemetry-demo/ingress.yaml

@@ -2,7 +2,7 @@ apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
   name: otel-demo-ingress
-  namespace: otel-demo
+  namespace: observe
   annotations: {}
 spec:
   rules:
@@ -13,7 +13,7 @@ spec:
         pathType: Prefix
         backend:
           service:
-            name: otel-demo-frontendproxy
+            name: opentelemetry-demo-frontendproxy
             port:
               number: 8080
   ingressClassName: nginx

opentelemetry-demo/values.yaml

@@ -627,16 +627,35 @@ opentelemetry-collector:
 
     exporters:
       ## Create an exporter to Jaeger using the standard `otlp` export format
-      otlp:
-        endpoint: '{{ include "otel-demo.name" . }}-jaeger-collector:4317'
-        tls:
-          insecure: true
+      #otlp:
+      #  endpoint: '{{ include "otel-demo.name" . }}-jaeger-collector:4317'
+      #  tls:
+      #    insecure: true
       # Create an exporter to Prometheus (metrics)
       prometheus:
         endpoint: '0.0.0.0:9464'
         resource_to_telemetry_conversion:
           enabled: true
         enable_open_metrics: true
+      otlp:
+        endpoint: "tempo.observe.svc.cluster.local:4317"
+        tls:
+            insecure: true
+      clickhouse:
+        endpoint: "tcp://clickhouse-headless.observe.svc.cluster.local:9000?dial_timeout=10s&compress=lz4"
+        database: otel
+        username: default
+        password: "cecf@cestong.com"
+        ttl_days: 10
+        #logs_table: otel_logs
+        #traces_table: otel_traces
+        #metrics_table: otel_metrics
+        timeout: 5s
+        retry_on_failure:
+          enabled: true
+          initial_interval: 5s
+          max_interval: 30s
+          max_elapsed_time: 300s
 
     processors:
       # Make use of the spanmetrics processor to compute RED metrics from all tracing spans
@@ -647,9 +666,12 @@ opentelemetry-collector:
       pipelines:
         traces:
           processors: [memory_limiter, spanmetrics, batch]
-          exporters: [otlp, logging]
+          exporters: [otlp, logging, clickhouse]
         metrics:
-          exporters: [prometheus, logging]
+          exporters: [prometheus, logging, clickhouse]
+        logs:
+          exporters: [logging, clickhouse]
+          
 
 jaeger:
   enabled: true
@@ -680,7 +702,7 @@ jaeger:
     enabled: false
 
 prometheus:
-  enabled: true
+  enabled: false
   alertmanager:
     enabled: false
   configmapReload:

prometheus/values.yaml

@@ -623,7 +623,7 @@ serverFiles:
       - job_name: prometheus
         static_configs:
           - targets:
-            - localhost:9090
+            - "localhost:9090"
 
       # A scrape configuration for running Prometheus on a Kubernetes cluster.
       # This uses separate scrape configs for cluster components (i.e. API server, node)

skywalking-showcase

@@ -0,0 +1 @@
+Subproject commit 93e8f644ee3f288f014a26696547a5a05e059108