add back logs hostPaths

DataDog · Oct 31, 2024 · 251c84d · 251c84d
1 parent 38a6355
commit 251c84d
Show file tree

Hide file tree

Showing 6 changed files with 60 additions and 40 deletions.
diff --git a/charts/datadog/templates/_components-common-env.yaml b/charts/datadog/templates/_components-common-env.yaml
@@ -64,4 +64,10 @@
 - name: DD_EXCLUDE_PAUSE_CONTAINER
   value: "false"
 {{- end }}
+{{- if .Values.providers.gke.gdc }}
+- name: DD_KUBELET_CLIENT_CRT
+  value: /certs/tls.crt
+- name: DD_KUBELET_CLIENT_KEY
+  value: /certs/tls.key
+{{- end }}
 {{- end }}
diff --git a/charts/datadog/templates/_container-agent.yaml b/charts/datadog/templates/_container-agent.yaml
@@ -57,8 +57,9 @@
 {{- end }}
   env:
     {{- include "containers-common-env" . | nindent 4 }}
-    {{- include "fips-envvar" . | indent 4 }}
-    {{- include "processes-common-envs" . | indent 4 }}
+    {{- include "fips-envvar" . | nindent 4 }}
+    {{- include "processes-common-envs" . | nindent 4 }}
+
     {{- if .Values.datadog.logLevel }}
     - name: DD_LOG_LEVEL
       value: {{ .Values.agents.containers.agent.logLevel | default .Values.datadog.logLevel | quote }}
@@ -203,17 +204,18 @@
     {{- include "additional-env-entries" .Values.agents.containers.agent.env | indent 4 }}
     {{- include "additional-env-dict-entries" .Values.agents.containers.agent.envDict | indent 4 }}
   volumeMounts:
-    {{- if not .Values.providers.gke.gdc }}
     - name: logdatadog
       mountPath: {{ template "datadog.logDirectoryPath" . }}
       readOnly: false # Need RW to write logs
-    {{- end }}
     {{- if eq .Values.targetSystem "linux" }}
     - name: installinfo
       subPath: install_info
       mountPath: /etc/datadog-agent/install_info
       readOnly: true
-    {{- include "linux-container-host-release-volumemounts" . | indent 4 }}
+    - name: tmpdir
+      mountPath: /tmp
+      readOnly: false # Need RW to write to /tmp directory
+    {{- include "linux-container-host-release-volumemounts" . | nindent 4 }}
     {{- if eq (include "should-mount-fips-configmap" .) "true" }}
     {{- include "linux-container-fips-proxy-cfg-volumemount" . | nindent 4 }}
     {{- end }}
@@ -225,21 +227,17 @@
     - name: auth-token
       mountPath: {{ template "datadog.confPath" . }}/auth
       readOnly: false # Need RW to write auth token
-    {{- end -}}
-    {{- if not .Values.providers.gke.gdc }}
-    - name: tmpdir
-      mountPath: /tmp
-      readOnly: false # Need RW to write to /tmp directory
-    {{- include "container-crisocket-volumemounts" . | nindent 4 }}
     {{- end }}
+    {{- include "container-crisocket-volumemounts" . | nindent 4 }}
     {{- include "container-cloudinit-volumemounts" . | nindent 4 }}
     {{- if and .Values.agents.useConfigMap (eq .Values.targetSystem "linux")}}
     - name: datadog-yaml
       mountPath: {{ template "datadog.confPath" . }}/datadog.yaml
       subPath: datadog.yaml
       readOnly: true
     {{- end }}
-    {{- if and (eq .Values.targetSystem "linux") (not .Values.providers.gke.gdc)}}
+    {{- if eq .Values.targetSystem "linux" }}
+    {{- if not .Values.providers.gke.gdc }}
     - name: dsdsocket
       mountPath: {{ (dir .Values.datadog.dogstatsd.socketPath) }}
       readOnly: false
@@ -265,9 +263,10 @@
       mountPath: /etc/passwd
       readOnly: true
     {{- end }}
-    {{- if and (or .Values.datadog.logs.enabled .Values.datadog.logsEnabled) (not .Values.providers.gke.gdc)}}
+    {{- end }}
+    {{- if or .Values.datadog.logs.enabled .Values.datadog.logsEnabled }}
     - name: pointerdir
-      mountPath: /opt/datadog-agent/run
+      mountPath: {{ include "linux-logs-run-path" . }}
       mountPropagation: {{ .Values.datadog.hostVolumeMountPropagation }}
       readOnly: false # Need RW for logs pointer
     - name: logpodpath
@@ -278,7 +277,7 @@
       mountPath: /var/log/containers
       mountPropagation: {{ .Values.datadog.hostVolumeMountPropagation }}
       readOnly: true
-    {{- if not .Values.datadog.criSocketPath }}
+    {{- if and (not .Values.datadog.criSocketPath) (not .Values.providers.gke.gdc) }}
     - name: logdockercontainerpath
       mountPath: /var/lib/docker/containers
       mountPropagation: {{ .Values.datadog.hostVolumeMountPropagation }}
@@ -341,6 +340,10 @@
     {{- if .Values.datadog.kubelet.hostCAPath }}
 {{ include "datadog.kubelet.volumeMount" . | indent 4 }}
     {{- end }}
+    {{- if .Values.providers.gke.gdc }}
+    - name: kubelet-cert-volume
+      mountPath: /certs
+    {{- end }}
 {{- if .Values.agents.volumeMounts }}
 {{ toYaml .Values.agents.volumeMounts | indent 4 }}
 {{- end }}

diff --git a/charts/datadog/templates/_container-cri-volumemounts.yaml b/charts/datadog/templates/_container-cri-volumemounts.yaml
@@ -1,5 +1,5 @@
 {{- define "container-crisocket-volumemounts" -}}
-{{- if .Values.datadog.containerRuntimeSupport.enabled }}
+{{- if and (.Values.datadog.containerRuntimeSupport.enabled) (not .Values.providers.gke.gdc) }}
 {{- if eq .Values.targetSystem "linux" }}
 - name: runtimesocketdir
   mountPath: {{ print "/host/" (dir (include "datadog.dockerOrCriSocketPath" .)) | clean }}

diff --git a/charts/datadog/templates/_containers-common-env.yaml b/charts/datadog/templates/_containers-common-env.yaml
@@ -32,9 +32,7 @@
 {{- end }}
 {{- if .Values.providers.gke.gdc }}
 - name: DD_HOSTNAME
-  valueFrom:
-    fieldRef:
-      fieldPath: spec.nodeName
+  value: "$(DD_NODE_NAME)-$(DD_CLUSTER_NAME)"
 {{- end }}
 {{- if eq .Values.targetSystem "linux" }}
 {{- if .Values.providers.eks.ec2.useHostnameFromFile }}
@@ -134,6 +132,10 @@
 {{- if eq .Values.targetSystem "windows" }}
   value: npipe://{{ (include "datadog.dockerOrCriSocketPath" .) | replace "\\" "/" }}
 {{- end }}
+{{- if .Values.providers.gke.gdc }}
+- name: DD_LOGS_CONFIG_RUN_PATH
+  value: {{ include "datadog.hostMountRoot" . }}
+{{- end }}
 {{- end }}
 {{- end }}
 {{- end }}

diff --git a/charts/datadog/templates/_daemonset-volumes-linux.yaml b/charts/datadog/templates/_daemonset-volumes-linux.yaml
@@ -10,8 +10,7 @@
 - hostPath:
     path: /sys/fs/cgroup
   name: cgroups
-{{- end }}
-{{- if and (not (or .Values.providers.gke.autopilot .Values.providers.gke.gdc)) (or .Values.datadog.systemProbe.osReleasePath .Values.datadog.osReleasePath .Values.datadog.sbom.host.enabled) }}
+{{- if and (not .Values.providers.gke.autopilot) (or .Values.datadog.systemProbe.osReleasePath .Values.datadog.osReleasePath .Values.datadog.sbom.host.enabled) }}
 - hostPath:
     path: {{ .Values.datadog.systemProbe.osReleasePath | default .Values.datadog.osReleasePath }}
   name: os-release-file
@@ -185,19 +184,13 @@
     name: {{ .Values.datadog.securityAgent.runtime.policies.configMap }}
 {{- end }}
 {{- end }}
-{{- if or .Values.datadog.logs.enabled .Values.datadog.logsEnabled }}
-{{- if .Values.providers.gke.gdc }}
-- name: pointerdir
-  emptyDir: {}
-- name: logpodpath
-  emptyDir: {}
-- name: logscontainerspath
-  emptyDir: {}
-{{- if not .Values.datadog.criSocketPath }}
-- name: logdockercontainerpath
-  emptyDir: {}
+{{- if .Values.datadog.containerRuntimeSupport.enabled }}
+- hostPath:
+    path: {{ dir (include "datadog.dockerOrCriSocketPath" .) }}
+  name: runtimesocketdir
+{{- end }}
 {{- end }}
-{{ else }}
+{{- if or .Values.datadog.logs.enabled .Values.datadog.logsEnabled }}
 - hostPath:
     path: {{ template "datadog.hostMountRoot" . }}/logs
   name: pointerdir
@@ -207,16 +200,15 @@
 - hostPath:
     path: /var/log/containers
   name: logscontainerspath
-{{- if not .Values.datadog.criSocketPath }}
+{{- if and (not .Values.datadog.criSocketPath) (not .Values.providers.gke.gdc) }}
 - hostPath:
     path: /var/lib/docker/containers
   name: logdockercontainerpath
 {{- end }}
 {{- end }}
-{{- end }}
-{{- if and (.Values.datadog.containerRuntimeSupport.enabled) (not .Values.providers.gke.gdc) }}
-- hostPath:
-    path: {{ dir (include "datadog.dockerOrCriSocketPath" .) }}
-  name: runtimesocketdir
+{{- if .Values.providers.gke.gdc }}
+- secret:
+    secretName: datadog-kubelet-cert
+  name: kubelet-cert-volume
 {{- end }}
 {{- end -}}
diff --git a/charts/datadog/templates/_helpers.tpl b/charts/datadog/templates/_helpers.tpl
@@ -199,12 +199,27 @@ Return the container runtime socket
 Return agent log directory path
 */}}
 {{- define "datadog.logDirectoryPath" -}}
-{{- if eq .Values.targetSystem "linux" -}}
+{{- if and (eq .Values.targetSystem "linux") (not .Values.providers.gke.gdc) -}}
 /var/log/datadog
 {{- end -}}
 {{- if eq .Values.targetSystem "windows" -}}
 C:/ProgramData/Datadog/logs
 {{- end -}}
+{{- if .Values.providers.gke.gdc -}}
+/var/datadog/log
+{{- end -}}
+{{- end -}}
+
+{{/*
+Return linux agent logs run path
+*/}}
+{{- define "linux-logs-run-path" -}}
+{{- if and (eq .Values.targetSystem "linux") (not .Values.providers.gke.gdc) -}}
+/opt/datadog-agent/run
+{{- end -}}
+{{- if .Values.providers.gke.gdc -}}
+/var/datadog
+{{- end -}}
 {{- end -}}
 
 {{/*
@@ -237,6 +252,8 @@ Return agent host mount root
 {{- define "datadog.hostMountRoot" -}}
 {{- if .Values.providers.gke.autopilot -}}
 /var/autopilot/addon/datadog
+{{- else if .Values.providers.gke.gdc -}}
+/var/datadog
 {{- else -}}
 /var/lib/datadog-agent
 {{- end -}}