Merge pull request #480 from miguellavalle/collector-ovndbcluster

Add Prometheus metrics support to OVNDBCluster

Author: openshift-merge-bot[bot]

api/bases/ovn.openstack.org_ovndbclusters.yaml

@@ -67,6 +67,10 @@ spec:
                   to use on db creation (in milliseconds)
                 format: int32
                 type: integer
+              exporterImage:
+                description: ExporterImage - Container Image URL for the openstack-network-exporter
+                  metrics sidecar (will be set to environmental default if empty)
+                type: string
               inactivityProbe:
                 default: 60000
                 description: Probe interval for the OVSDB session (in milliseconds)
@@ -76,6 +80,11 @@ spec:
                 default: info
                 description: LogLevel - Set log level info, dbg, emer etc
                 type: string
+              metricsEnabled:
+                default: true
+                description: MetricsEnabled enables the metrics sidecar container
+                  for collecting OVN DB metrics
+                type: boolean
               networkAttachment:
                 description: |-
                   NetworkAttachment is a NetworkAttachment resource name to expose the service to the given network.

api/v1beta1/common.go

@@ -24,6 +24,7 @@ func SetupDefaults() {
 	ovnDbClusterDefaults := OVNDBClusterDefaults{
 		NBContainerImageURL: util.GetEnvVar("RELATED_IMAGE_OVN_NB_DBCLUSTER_IMAGE_URL_DEFAULT", OVNNBContainerImage),
 		SBContainerImageURL: util.GetEnvVar("RELATED_IMAGE_OVN_SB_DBCLUSTER_IMAGE_URL_DEFAULT", OVNSBContainerImage),
+		ExporterImageURL:    util.GetEnvVar("RELATED_IMAGE_OPENSTACK_NETWORK_EXPORTER_IMAGE_URL_DEFAULT", OpenstackNetworkExporterImage),
 	}
 
 	SetupOVNDBClusterDefaults(ovnDbClusterDefaults)

api/v1beta1/ovndbcluster_types.go

@@ -19,10 +19,10 @@ package v1beta1
 import (
 	"fmt"
 
+	topologyv1 "github.com/openstack-k8s-operators/infra-operator/apis/topology/v1beta1"
 	"github.com/openstack-k8s-operators/lib-common/modules/common/condition"
 	"github.com/openstack-k8s-operators/lib-common/modules/common/service"
 	"github.com/openstack-k8s-operators/lib-common/modules/common/tls"
-	topologyv1 "github.com/openstack-k8s-operators/infra-operator/apis/topology/v1beta1"
 	"k8s.io/apimachinery/pkg/util/validation/field"
 
 	corev1 "k8s.io/api/core/v1"
@@ -56,6 +56,10 @@ type OVNDBClusterSpec struct {
 	// ContainerImage - Container Image URL (will be set to environmental default if empty)
 	ContainerImage string `json:"containerImage"`
 
+	// +kubebuilder:validation:Optional
+	// ExporterImage - Container Image URL for the openstack-network-exporter metrics sidecar (will be set to environmental default if empty)
+	ExporterImage string `json:"exporterImage,omitempty"`
+
 	OVNDBClusterSpecCore `json:",inline"`
 }
 
@@ -130,6 +134,11 @@ type OVNDBClusterSpecCore struct {
 	// TopologyRef to apply the Topology defined by the associated CR referenced
 	// by name
 	TopologyRef *topologyv1.TopoRef `json:"topologyRef,omitempty"`
+
+	// +kubebuilder:validation:Optional
+	// +kubebuilder:default=true
+	// MetricsEnabled enables the metrics sidecar container for collecting OVN DB metrics
+	MetricsEnabled *bool `json:"metricsEnabled,omitempty"`
 }
 
 // OVNDBClusterOverrideSpec to override the generated manifest of several child resources.

api/v1beta1/ovndbcluster_webhook.go

@@ -23,20 +23,21 @@ limitations under the License.
 package v1beta1
 
 import (
+	apierrors "k8s.io/apimachinery/pkg/api/errors"
 	"k8s.io/apimachinery/pkg/runtime"
+	"k8s.io/apimachinery/pkg/runtime/schema"
+	"k8s.io/apimachinery/pkg/util/validation/field"
 	ctrl "sigs.k8s.io/controller-runtime"
 	logf "sigs.k8s.io/controller-runtime/pkg/log"
 	"sigs.k8s.io/controller-runtime/pkg/webhook"
 	"sigs.k8s.io/controller-runtime/pkg/webhook/admission"
-	"k8s.io/apimachinery/pkg/util/validation/field"
-	apierrors "k8s.io/apimachinery/pkg/api/errors"
-	"k8s.io/apimachinery/pkg/runtime/schema"
 )
 
 // OVNDBClusterDefaults -
 type OVNDBClusterDefaults struct {
 	NBContainerImageURL string
 	SBContainerImageURL string
+	ExporterImageURL    string
 }
 
 var ovnDbClusterDefaults OVNDBClusterDefaults
@@ -77,6 +78,9 @@ func (spec *OVNDBClusterSpec) Default() {
 			spec.ContainerImage = ovnDbClusterDefaults.SBContainerImageURL
 		}
 	}
+	if spec.ExporterImage == "" {
+		spec.ExporterImage = ovnDbClusterDefaults.ExporterImageURL
+	}
 	spec.OVNDBClusterSpecCore.Default()
 }
 

api/v1beta1/zz_generated.deepcopy.go

@@ -67,6 +67,10 @@ spec:
                   to use on db creation (in milliseconds)
                 format: int32
                 type: integer
+              exporterImage:
+                description: ExporterImage - Container Image URL for the openstack-network-exporter
+                  metrics sidecar (will be set to environmental default if empty)
+                type: string
               inactivityProbe:
                 default: 60000
                 description: Probe interval for the OVSDB session (in milliseconds)
@@ -76,6 +80,11 @@ spec:
                 default: info
                 description: LogLevel - Set log level info, dbg, emer etc
                 type: string
+              metricsEnabled:
+                default: true
+                description: MetricsEnabled enables the metrics sidecar container
+                  for collecting OVN DB metrics
+                type: boolean
               networkAttachment:
                 description: |-
                   NetworkAttachment is a NetworkAttachment resource name to expose the service to the given network.

config/crd/bases/ovn.openstack.org_ovndbclusters.yaml

@@ -706,6 +706,7 @@ func (r *OVNDBClusterReconciler) reconcileNormal(ctx context.Context, instance *
 		}
 
 	}
+
 	Log.Info("Reconciled Service successfully")
 	return ctrl.Result{}, nil
 }
@@ -828,7 +829,14 @@ func (r *OVNDBClusterReconciler) reconcileServices(
 			common.AppSelector:                   serviceName,
 			"statefulset.kubernetes.io/pod-name": ovnPod.Name,
 		}
-		ovndbServiceLabels := util.MergeMaps(ovndbSelectorLabels, map[string]string{"type": ovnv1.ServiceClusterType})
+		// Build service labels - always use cluster type, add metrics label if enabled
+		serviceTypeLabels := map[string]string{"type": ovnv1.ServiceClusterType}
+		// Add metrics label if metrics are enabled and exporter image is specified
+		if instance.Spec.ExporterImage != "" && (instance.Spec.MetricsEnabled == nil || *instance.Spec.MetricsEnabled) {
+			serviceTypeLabels["metrics"] = "enabled"
+		}
+		ovndbServiceLabels := util.MergeMaps(ovndbSelectorLabels, serviceTypeLabels)
+
 		svc, err := service.NewService(
 			ovndbcluster.Service(ovnPod.Name, instance, ovndbServiceLabels, ovndbSelectorLabels),
 			time.Duration(5)*time.Second,
@@ -843,6 +851,23 @@ func (r *OVNDBClusterReconciler) reconcileServices(
 		} else if (ctrlResult != ctrl.Result{}) {
 			return ctrl.Result{}, nil
 		}
+
+		// Check if we need to remove metrics label from existing service
+		needsMetricsRemoval := instance.Spec.ExporterImage == "" || (instance.Spec.MetricsEnabled != nil && !*instance.Spec.MetricsEnabled)
+		if needsMetricsRemoval {
+			// Get the service that was just created/updated
+			existingSvc, err := service.GetServiceWithName(ctx, helper, ovnPod.Name, ovnPod.Namespace)
+			if err == nil && existingSvc != nil {
+				if _, exists := existingSvc.Labels["metrics"]; exists {
+					// Create a patch to remove the metrics label
+					delete(existingSvc.Labels, "metrics")
+					err = r.GetClient().Update(ctx, existingSvc)
+					if err != nil {
+						return ctrl.Result{}, fmt.Errorf("error removing metrics label from service %s: %w", ovnPod.Name, err)
+					}
+				}
+			}
+		}
 		// create service - end
 	}
 
@@ -985,9 +1010,12 @@ func (r *OVNDBClusterReconciler) generateExternalConfigMaps(
 	cms := []util.Template{
 		// EDP ConfigMap
 		{
-			Name:          "ovncontroller-config",
-			Namespace:     instance.Namespace,
-			Type:          util.TemplateTypeConfig,
+			Name:      "ovncontroller-config",
+			Namespace: instance.Namespace,
+			Type:      util.TemplateTypeNone,
+			AdditionalTemplate: map[string]string{
+				"ovsdb-config": "/ovndbcluster/config/ovsdb-config",
+			},
 			InstanceType:  instance.Kind,
 			Labels:        cmLabels,
 			ConfigOptions: externalTemplateParameters,
@@ -1045,6 +1073,8 @@ func (r *OVNDBClusterReconciler) generateServiceConfigMaps(
 	templateParameters["OVNDB_CERT_PATH"] = ovn_common.OVNDbCertPath
 	templateParameters["OVNDB_KEY_PATH"] = ovn_common.OVNDbKeyPath
 	templateParameters["OVNDB_CACERT_PATH"] = ovn_common.OVNDbCaCertPath
+	templateParameters["OVN_METRICS_CERT_PATH"] = ovn_common.OVNMetricsCertPath
+	templateParameters["OVN_METRICS_KEY_PATH"] = ovn_common.OVNMetricsKeyPath
 
 	cms := []util.Template{
 		// ScriptsConfigMap
@@ -1057,6 +1087,20 @@ func (r *OVNDBClusterReconciler) generateServiceConfigMaps(
 			ConfigOptions: templateParameters,
 		},
 	}
+	// Add ConfigConfigMap for network exporter only if metrics are enabled and exporter image is specified
+	if instance.Spec.ExporterImage != "" && (instance.Spec.MetricsEnabled == nil || *instance.Spec.MetricsEnabled) {
+		cms = append(cms, util.Template{
+			Name:      fmt.Sprintf("%s-config", instance.Name),
+			Namespace: instance.Namespace,
+			Type:      util.TemplateTypeNone,
+			AdditionalTemplate: map[string]string{
+				"openstack-network-exporter.yaml": "/ovndbcluster/config/openstack-network-exporter.yaml",
+			},
+			InstanceType:  instance.Kind,
+			Labels:        cmLabels,
+			ConfigOptions: templateParameters,
+		})
+	}
 	return configmap.EnsureConfigMaps(ctx, h, instance, cms, envVars)
 }
 

controllers/ovndbcluster_controller.go

@@ -23,6 +23,29 @@ func Service(
 		dbPort = DbPortSB
 		raftPort = RaftPortSB
 	}
+
+	ports := []corev1.ServicePort{
+		{
+			Name:     dbPortName,
+			Port:     dbPort,
+			Protocol: corev1.ProtocolTCP,
+		},
+		{
+			Name:     raftPortName,
+			Port:     raftPort,
+			Protocol: corev1.ProtocolTCP,
+		},
+	}
+
+	// Add metrics port if metrics are enabled and exporter image is specified
+	if instance.Spec.ExporterImage != "" && (instance.Spec.MetricsEnabled == nil || *instance.Spec.MetricsEnabled) {
+		ports = append(ports, corev1.ServicePort{
+			Name:     "metrics",
+			Port:     1981,
+			Protocol: corev1.ProtocolTCP,
+		})
+	}
+
 	return &corev1.Service{
 		ObjectMeta: metav1.ObjectMeta{
 			Name:      serviceName,
@@ -31,18 +54,7 @@ func Service(
 		},
 		Spec: corev1.ServiceSpec{
 			Selector: selectorLabels,
-			Ports: []corev1.ServicePort{
-				{
-					Name:     dbPortName,
-					Port:     dbPort,
-					Protocol: corev1.ProtocolTCP,
-				},
-				{
-					Name:     raftPortName,
-					Port:     raftPort,
-					Protocol: corev1.ProtocolTCP,
-				},
-			},
+			Ports:    ports,
 		},
 	}
 }

pkg/ovndbcluster/service.go

@@ -143,6 +143,67 @@ func StatefulSet(
 	// nevertheless, and manual cluster recovery will be needed.
 	terminationGracePeriodSeconds := int64(300)
 
+	// Create container list starting with the main ovndbcluster container
+	containers := []corev1.Container{
+		{
+			Name:                     serviceName,
+			Command:                  cmd,
+			Args:                     args,
+			Image:                    instance.Spec.ContainerImage,
+			Env:                      env.MergeEnvs([]corev1.EnvVar{}, envVars),
+			VolumeMounts:             volumeMounts,
+			Resources:                instance.Spec.Resources,
+			ReadinessProbe:           readinessProbe,
+			LivenessProbe:            livenessProbe,
+			StartupProbe:             startupProbe,
+			Lifecycle:                lifecycle,
+			TerminationMessagePolicy: corev1.TerminationMessageFallbackToLogsOnError,
+		},
+	}
+
+	// Add metrics sidecar container if MetricsEnabled is true (default) and exporter image is specified
+	if instance.Spec.ExporterImage != "" && (instance.Spec.MetricsEnabled == nil || *instance.Spec.MetricsEnabled) {
+		metricsVolumeMounts := []corev1.VolumeMount{
+			{
+				Name:      "ovsdb-rundir",
+				MountPath: "/tmp",
+			},
+			{
+				Name:      "config",
+				MountPath: "/etc/config",
+				ReadOnly:  true,
+			},
+		}
+
+		// add TLS volume mounts if TLS is enabled - use dedicated metrics certificate
+		if instance.Spec.TLS.Enabled() {
+			metricsSvc := tls.Service{
+				SecretName: "cert-ovn-metrics",
+				CertMount:  ptr.To(ovn_common.OVNMetricsCertPath),
+				KeyMount:   ptr.To(ovn_common.OVNMetricsKeyPath),
+				CaMount:    ptr.To(ovn_common.OVNDbCaCertPath), // Use the same CA for now
+			}
+			// Add the metrics certificate volume to the main volumes list
+			// Use "metrics-certs" as volume name to stay within 63 char limit
+			volumes = append(volumes, metricsSvc.CreateVolume("metrics-certs"))
+			metricsVolumeMounts = append(metricsVolumeMounts, metricsSvc.CreateVolumeMounts("metrics-certs")...)
+		}
+
+		metricsContainer := corev1.Container{
+			Name:    "openstack-network-exporter",
+			Image:   instance.Spec.ExporterImage,
+			Command: []string{"/app/openstack-network-exporter"},
+			Env: []corev1.EnvVar{
+				{
+					Name:  "OPENSTACK_NETWORK_EXPORTER_YAML",
+					Value: "/etc/config/openstack-network-exporter.yaml",
+				},
+			},
+			VolumeMounts: metricsVolumeMounts,
+		}
+		containers = append(containers, metricsContainer)
+	}
+
 	statefulset := &appsv1.StatefulSet{
 		ObjectMeta: metav1.ObjectMeta{
 			Name:      serviceName,
@@ -163,22 +224,7 @@ func StatefulSet(
 				Spec: corev1.PodSpec{
 					TerminationGracePeriodSeconds: &terminationGracePeriodSeconds,
 					ServiceAccountName:            instance.RbacResourceName(),
-					Containers: []corev1.Container{
-						{
-							Name:                     serviceName,
-							Command:                  cmd,
-							Args:                     args,
-							Image:                    instance.Spec.ContainerImage,
-							Env:                      env.MergeEnvs([]corev1.EnvVar{}, envVars),
-							VolumeMounts:             volumeMounts,
-							Resources:                instance.Spec.Resources,
-							ReadinessProbe:           readinessProbe,
-							LivenessProbe:            livenessProbe,
-							StartupProbe:             startupProbe,
-							Lifecycle:                lifecycle,
-							TerminationMessagePolicy: corev1.TerminationMessageFallbackToLogsOnError,
-						},
-					},
+					Containers:                    containers,
 				},
 			},
 		},