From 251c84d65bfd546c5b14bec91903f92f2f9864b5 Mon Sep 17 00:00:00 2001 From: Fanny Jiang Date: Thu, 31 Oct 2024 15:15:14 -0400 Subject: [PATCH] add back logs hostPaths --- .../templates/_components-common-env.yaml | 6 ++++ .../datadog/templates/_container-agent.yaml | 33 ++++++++++--------- .../_container-cri-volumemounts.yaml | 2 +- .../templates/_containers-common-env.yaml | 8 +++-- .../templates/_daemonset-volumes-linux.yaml | 32 +++++++----------- charts/datadog/templates/_helpers.tpl | 19 ++++++++++- 6 files changed, 60 insertions(+), 40 deletions(-) diff --git a/charts/datadog/templates/_components-common-env.yaml b/charts/datadog/templates/_components-common-env.yaml index 0a58d9114..0ca7b0363 100644 --- a/charts/datadog/templates/_components-common-env.yaml +++ b/charts/datadog/templates/_components-common-env.yaml @@ -64,4 +64,10 @@ - name: DD_EXCLUDE_PAUSE_CONTAINER value: "false" {{- end }} +{{- if .Values.providers.gke.gdc }} +- name: DD_KUBELET_CLIENT_CRT + value: /certs/tls.crt +- name: DD_KUBELET_CLIENT_KEY + value: /certs/tls.key +{{- end }} {{- end }} diff --git a/charts/datadog/templates/_container-agent.yaml b/charts/datadog/templates/_container-agent.yaml index 9255f9a18..64ef5c59e 100644 --- a/charts/datadog/templates/_container-agent.yaml +++ b/charts/datadog/templates/_container-agent.yaml @@ -57,8 +57,9 @@ {{- end }} env: {{- include "containers-common-env" . | nindent 4 }} - {{- include "fips-envvar" . | indent 4 }} - {{- include "processes-common-envs" . | indent 4 }} + {{- include "fips-envvar" . | nindent 4 }} + {{- include "processes-common-envs" . | nindent 4 }} + {{- if .Values.datadog.logLevel }} - name: DD_LOG_LEVEL value: {{ .Values.agents.containers.agent.logLevel | default .Values.datadog.logLevel | quote }} @@ -203,17 +204,18 @@ {{- include "additional-env-entries" .Values.agents.containers.agent.env | indent 4 }} {{- include "additional-env-dict-entries" .Values.agents.containers.agent.envDict | indent 4 }} volumeMounts: - {{- if not .Values.providers.gke.gdc }} - name: logdatadog mountPath: {{ template "datadog.logDirectoryPath" . }} readOnly: false # Need RW to write logs - {{- end }} {{- if eq .Values.targetSystem "linux" }} - name: installinfo subPath: install_info mountPath: /etc/datadog-agent/install_info readOnly: true - {{- include "linux-container-host-release-volumemounts" . | indent 4 }} + - name: tmpdir + mountPath: /tmp + readOnly: false # Need RW to write to /tmp directory + {{- include "linux-container-host-release-volumemounts" . | nindent 4 }} {{- if eq (include "should-mount-fips-configmap" .) "true" }} {{- include "linux-container-fips-proxy-cfg-volumemount" . | nindent 4 }} {{- end }} @@ -225,13 +227,8 @@ - name: auth-token mountPath: {{ template "datadog.confPath" . }}/auth readOnly: false # Need RW to write auth token - {{- end -}} - {{- if not .Values.providers.gke.gdc }} - - name: tmpdir - mountPath: /tmp - readOnly: false # Need RW to write to /tmp directory - {{- include "container-crisocket-volumemounts" . | nindent 4 }} {{- end }} + {{- include "container-crisocket-volumemounts" . | nindent 4 }} {{- include "container-cloudinit-volumemounts" . | nindent 4 }} {{- if and .Values.agents.useConfigMap (eq .Values.targetSystem "linux")}} - name: datadog-yaml @@ -239,7 +236,8 @@ subPath: datadog.yaml readOnly: true {{- end }} - {{- if and (eq .Values.targetSystem "linux") (not .Values.providers.gke.gdc)}} + {{- if eq .Values.targetSystem "linux" }} + {{- if not .Values.providers.gke.gdc }} - name: dsdsocket mountPath: {{ (dir .Values.datadog.dogstatsd.socketPath) }} readOnly: false @@ -265,9 +263,10 @@ mountPath: /etc/passwd readOnly: true {{- end }} - {{- if and (or .Values.datadog.logs.enabled .Values.datadog.logsEnabled) (not .Values.providers.gke.gdc)}} + {{- end }} + {{- if or .Values.datadog.logs.enabled .Values.datadog.logsEnabled }} - name: pointerdir - mountPath: /opt/datadog-agent/run + mountPath: {{ include "linux-logs-run-path" . }} mountPropagation: {{ .Values.datadog.hostVolumeMountPropagation }} readOnly: false # Need RW for logs pointer - name: logpodpath @@ -278,7 +277,7 @@ mountPath: /var/log/containers mountPropagation: {{ .Values.datadog.hostVolumeMountPropagation }} readOnly: true - {{- if not .Values.datadog.criSocketPath }} + {{- if and (not .Values.datadog.criSocketPath) (not .Values.providers.gke.gdc) }} - name: logdockercontainerpath mountPath: /var/lib/docker/containers mountPropagation: {{ .Values.datadog.hostVolumeMountPropagation }} @@ -341,6 +340,10 @@ {{- if .Values.datadog.kubelet.hostCAPath }} {{ include "datadog.kubelet.volumeMount" . | indent 4 }} {{- end }} + {{- if .Values.providers.gke.gdc }} + - name: kubelet-cert-volume + mountPath: /certs + {{- end }} {{- if .Values.agents.volumeMounts }} {{ toYaml .Values.agents.volumeMounts | indent 4 }} {{- end }} diff --git a/charts/datadog/templates/_container-cri-volumemounts.yaml b/charts/datadog/templates/_container-cri-volumemounts.yaml index fa85ce44e..e28e25c72 100644 --- a/charts/datadog/templates/_container-cri-volumemounts.yaml +++ b/charts/datadog/templates/_container-cri-volumemounts.yaml @@ -1,5 +1,5 @@ {{- define "container-crisocket-volumemounts" -}} -{{- if .Values.datadog.containerRuntimeSupport.enabled }} +{{- if and (.Values.datadog.containerRuntimeSupport.enabled) (not .Values.providers.gke.gdc) }} {{- if eq .Values.targetSystem "linux" }} - name: runtimesocketdir mountPath: {{ print "/host/" (dir (include "datadog.dockerOrCriSocketPath" .)) | clean }} diff --git a/charts/datadog/templates/_containers-common-env.yaml b/charts/datadog/templates/_containers-common-env.yaml index cd82d41d9..d6f580fef 100644 --- a/charts/datadog/templates/_containers-common-env.yaml +++ b/charts/datadog/templates/_containers-common-env.yaml @@ -32,9 +32,7 @@ {{- end }} {{- if .Values.providers.gke.gdc }} - name: DD_HOSTNAME - valueFrom: - fieldRef: - fieldPath: spec.nodeName + value: "$(DD_NODE_NAME)-$(DD_CLUSTER_NAME)" {{- end }} {{- if eq .Values.targetSystem "linux" }} {{- if .Values.providers.eks.ec2.useHostnameFromFile }} @@ -134,6 +132,10 @@ {{- if eq .Values.targetSystem "windows" }} value: npipe://{{ (include "datadog.dockerOrCriSocketPath" .) | replace "\\" "/" }} {{- end }} +{{- if .Values.providers.gke.gdc }} +- name: DD_LOGS_CONFIG_RUN_PATH + value: {{ include "datadog.hostMountRoot" . }} +{{- end }} {{- end }} {{- end }} {{- end }} diff --git a/charts/datadog/templates/_daemonset-volumes-linux.yaml b/charts/datadog/templates/_daemonset-volumes-linux.yaml index 853cab765..9a91a297b 100644 --- a/charts/datadog/templates/_daemonset-volumes-linux.yaml +++ b/charts/datadog/templates/_daemonset-volumes-linux.yaml @@ -10,8 +10,7 @@ - hostPath: path: /sys/fs/cgroup name: cgroups -{{- end }} -{{- if and (not (or .Values.providers.gke.autopilot .Values.providers.gke.gdc)) (or .Values.datadog.systemProbe.osReleasePath .Values.datadog.osReleasePath .Values.datadog.sbom.host.enabled) }} +{{- if and (not .Values.providers.gke.autopilot) (or .Values.datadog.systemProbe.osReleasePath .Values.datadog.osReleasePath .Values.datadog.sbom.host.enabled) }} - hostPath: path: {{ .Values.datadog.systemProbe.osReleasePath | default .Values.datadog.osReleasePath }} name: os-release-file @@ -185,19 +184,13 @@ name: {{ .Values.datadog.securityAgent.runtime.policies.configMap }} {{- end }} {{- end }} -{{- if or .Values.datadog.logs.enabled .Values.datadog.logsEnabled }} -{{- if .Values.providers.gke.gdc }} -- name: pointerdir - emptyDir: {} -- name: logpodpath - emptyDir: {} -- name: logscontainerspath - emptyDir: {} -{{- if not .Values.datadog.criSocketPath }} -- name: logdockercontainerpath - emptyDir: {} +{{- if .Values.datadog.containerRuntimeSupport.enabled }} +- hostPath: + path: {{ dir (include "datadog.dockerOrCriSocketPath" .) }} + name: runtimesocketdir +{{- end }} {{- end }} -{{ else }} +{{- if or .Values.datadog.logs.enabled .Values.datadog.logsEnabled }} - hostPath: path: {{ template "datadog.hostMountRoot" . }}/logs name: pointerdir @@ -207,16 +200,15 @@ - hostPath: path: /var/log/containers name: logscontainerspath -{{- if not .Values.datadog.criSocketPath }} +{{- if and (not .Values.datadog.criSocketPath) (not .Values.providers.gke.gdc) }} - hostPath: path: /var/lib/docker/containers name: logdockercontainerpath {{- end }} {{- end }} -{{- end }} -{{- if and (.Values.datadog.containerRuntimeSupport.enabled) (not .Values.providers.gke.gdc) }} -- hostPath: - path: {{ dir (include "datadog.dockerOrCriSocketPath" .) }} - name: runtimesocketdir +{{- if .Values.providers.gke.gdc }} +- secret: + secretName: datadog-kubelet-cert + name: kubelet-cert-volume {{- end }} {{- end -}} diff --git a/charts/datadog/templates/_helpers.tpl b/charts/datadog/templates/_helpers.tpl index b33da4567..c705a3ad6 100644 --- a/charts/datadog/templates/_helpers.tpl +++ b/charts/datadog/templates/_helpers.tpl @@ -199,12 +199,27 @@ Return the container runtime socket Return agent log directory path */}} {{- define "datadog.logDirectoryPath" -}} -{{- if eq .Values.targetSystem "linux" -}} +{{- if and (eq .Values.targetSystem "linux") (not .Values.providers.gke.gdc) -}} /var/log/datadog {{- end -}} {{- if eq .Values.targetSystem "windows" -}} C:/ProgramData/Datadog/logs {{- end -}} +{{- if .Values.providers.gke.gdc -}} +/var/datadog/log +{{- end -}} +{{- end -}} + +{{/* +Return linux agent logs run path +*/}} +{{- define "linux-logs-run-path" -}} +{{- if and (eq .Values.targetSystem "linux") (not .Values.providers.gke.gdc) -}} +/opt/datadog-agent/run +{{- end -}} +{{- if .Values.providers.gke.gdc -}} +/var/datadog +{{- end -}} {{- end -}} {{/* @@ -237,6 +252,8 @@ Return agent host mount root {{- define "datadog.hostMountRoot" -}} {{- if .Values.providers.gke.autopilot -}} /var/autopilot/addon/datadog +{{- else if .Values.providers.gke.gdc -}} +/var/datadog {{- else -}} /var/lib/datadog-agent {{- end -}}