feat: Add new manifest for Retina with Hubble #437

jimassa · 2024-06-04T17:01:35Z

Description

This PR adds the deployment files, values as well as make targets for our hubble milestone.

Related Issue

If this pull request is related to any issue, please mention it here. Additionally, make sure that the issue is assigned to you before submitting this pull request.

Checklist

I have read the contributing documentation.
I signed and signed-off the commits (git commit -S -s ...). See this documentation on signing commits.
I have correctly attributed the author(s) of the code.
I have tested the changes locally.
I have followed the project's style guidelines.
I have updated the documentation, if necessary.
I have added tests, if applicable.

Screenshots (if applicable) or Testing Completed

Please add any relevant screenshots or GIFs to showcase the changes made.

Additional Notes

Add any additional notes or context about the pull request here.

Testing Done.

> make helm-install-hubble
helm upgrade --install retina ./deploy/hubble/manifests/controller/helm/retina/ \
        --namespace kube-system \
        --set operator.enabled=true \
        --set operator.repository=ghcr.io/microsoft/retina/retina-operator \
        --set operator.tag=v0.0.2 \
        --set agent.enabled=true \
        --set agent.repository=ghcr.io/microsoft/retina/retina-agent \
        --set agent.tag=v0.0.2 \
        --set agent.init.enabled=true \
        --set agent.init.repository=ghcr.io/microsoft/retina/retina-init \
        --set agent.init.tag=v0.0.2 \
        --set logLevel=info \
        --set hubble.tls.enabled=true \
        --set hubble.relay.tls.server.enabled=true \
        --set hubble.tls.auto.enabled=true \
        --set hubble.tls.auto.method=cronJob \
        --set hubble.tls.auto.certValidityDuration=1 \
        --set hubble.tls.auto.schedule="*/10 * * * *"
WARNING: Kubernetes configuration file is group-readable. This is insecure. Location: /mnt/c/Users/jacquesmassa/.kube/config
WARNING: Kubernetes configuration file is world-readable. This is insecure. Location: /mnt/c/Users/jacquesmassa/.kube/config
Release "retina" does not exist. Installing it now.
NAME: retina

The following pods are present on the cluster

hubble-generate-certs-wfrv8          0/1     ImagePullBackOff    0             23s   10.224.1.172   aksws22000001                       <none>           <none>
hubble-relay-5447fc485b-6ghwv        0/1     ContainerCreating   0             23s   <none>         aks-nodepool1-36764280-vmss000002   <none>           <none>
hubble-ui-5d879774f8-m5zkn           0/2     ContainerCreating   0             23s   <none>         aks-nodepool1-36764280-vmss000002   <none>           <none>

retina-agent-29pt7                   0/1     Init:0/1            0             24s   10.224.0.4     aks-arm64-36764280-vmss000000       <none>           <none>
retina-agent-85c6d                   0/1     Init:0/1            0             23s   10.224.1.248   aks-nodepool1-36764280-vmss000002   <none>           <none>
retina-agent-nn4m4                   0/1     Init:0/1            0             24s   10.224.2.241   aks-nodepool1-36764280-vmss000000   <none>           <none>
retina-agent-ztbkq                   0/1     Init:0/1            0             24s   10.224.3.234   aks-nodepool1-36764280-vmss000001   <none>           <none>
retina-operator-5d59dcc578-7ffkj     0/1     Error               2 (21s ago)   23s   10.224.4.154   aks-nodepool1-36764280-vmss000001   <none>           <none>

The following services are also found

> kubectl get service -n kube-system -o wide
NAME                              TYPE        CLUSTER-IP     EXTERNAL-IP   PORT(S)              AGE     SELECTOR
hubble-peer                       ClusterIP   10.0.172.234   <none>        80/TCP               6m57s   k8s-app=retina
hubble-relay                      ClusterIP   10.0.128.85    <none>        443/TCP              6m57s   k8s-app=hubble-relay
hubble-ui                         ClusterIP   10.0.174.210   <none>        80/TCP               6m57s   k8s-app=hubble-ui
retina-svc                        ClusterIP   10.0.180.180   <none>        10093/TCP            6m57s   app=retina

configmaps

> kubectl get configmaps -n kube-system
NAME                                                   DATA   AGE
hubble-relay-config                                    1      12m
hubble-ui-nginx                                        1      12m
retina-config                                          16     12m
retina-operator-config                                 5      12m

cluster roles

> kubectl get clusterroles -o wide | grep retina

retina-cluster-reader                                                     2024-06-06T17:51:56Z
retina-operator-role                                                      2024-06-06T17:51:56Z
> kubectl get clusterroles -o wide | grep hubble

hubble-generate-certs                                                     2024-06-06T17:51:56Z
hubble-ui                                                                 2024-06-06T17:51:56Z

Please refer to the CONTRIBUTING.md file for more information on how to contribute to this project.

anubhabMajumdar

Please include details of Testing Done. Confirm if all the components are deployed, even if not running:

retina-agent
retina-operator
hubble-relay pod and svc
hubble-ui pod and sec
all cluster roles
configmaps
anything else in the deployment scripts

Makefile

snguyen64 · 2024-06-07T15:21:05Z

.github/workflows/release-charts.yaml

@@ -40,7 +40,7 @@ jobs:
        run: |
          set -euo pipefail
          export TAG=$(make version)
-          helm package ./deploy/manifests/controller/helm/retina --version $TAG
+          helm package ./deploy/legacy/manifests/controller/helm/retina --version $TAG


So we are still using legacy charts? Will we eventually merge the hubble charts with the legacy charts? What is the strategy for this

fix import replace usage of manifest to add legacy replace usage of manifest to add legacy remove unused file update legacy manifest reference fix directories update path to use single folders add new make targets update images and tag references

VincentS · 2024-06-25T14:10:44Z

I am currently using the "Legacy" chart of Retina here some remarks regarding it:

Instead of moving it to Legacy and overwrite the upstream version rename the charts / directories to:

retina-hubble with the dashboards directory also named retina-hubble-dashboards, ...
retina with the dashboards directory also named retina-dashboards for the legacy stuff
following this naming scheme everywhere else

Do proper semantic versioning of the Helm chart otherwise its hard to deploy / maintain if there are changes without version change.
The current chart has several issues / bugs so tests for the chart would be great :D

@jimassa @snguyen64

github-actions · 2024-07-28T00:21:29Z

This PR will be closed in 7 days due to inactivity.

VincentS · 2024-08-05T13:20:37Z

This PR was merged with 6aef3e3 without fixing any of the outstanding issues of the old and new chart in the first place @jimassa @snguyen64 @rbtr

github-actions · 2024-09-05T00:20:27Z

This PR will be closed in 7 days due to inactivity.

github-actions · 2024-09-12T00:20:51Z

Pull request closed due to inactivity.

jimassa added this to the Hubble milestone Jun 4, 2024

jimassa linked an issue Jun 4, 2024 that may be closed by this pull request

feat: Add new manifest for Retina with Hubble #420

Open

jimassa changed the title ~~move manifest in legacy and update references~~ feat: Add new manifest for Retina with Hubble Jun 4, 2024

anubhabMajumdar reviewed Jun 6, 2024

View reviewed changes

Makefile Outdated Show resolved Hide resolved

Makefile Outdated Show resolved Hide resolved

jimassa marked this pull request as ready for review June 6, 2024 18:01

jimassa requested a review from a team as a code owner June 6, 2024 18:01

jimassa requested review from nddq and snguyen64 June 6, 2024 18:01

snguyen64 reviewed Jun 7, 2024

View reviewed changes

jimassa force-pushed the jmassa/retina-hubble-manifest branch from 36be13c to 4ab8ad0 Compare June 7, 2024 18:03

github-actions bot added the meta/waiting-for-author Blocked and waiting on the author label Jul 28, 2024

rbtr removed the meta/waiting-for-author Blocked and waiting on the author label Jul 29, 2024

github-actions bot added the meta/waiting-for-author Blocked and waiting on the author label Sep 5, 2024

github-actions bot closed this Sep 12, 2024

github-actions bot deleted the jmassa/retina-hubble-manifest branch September 12, 2024 00:20

whatnick mentioned this pull request Sep 21, 2024

Update Chart published #632

Open

huntergregory added the control-plane/hubble label Oct 1, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

feat: Add new manifest for Retina with Hubble #437

feat: Add new manifest for Retina with Hubble #437

jimassa commented Jun 4, 2024 •

edited

Loading

anubhabMajumdar left a comment

snguyen64 Jun 7, 2024

VincentS commented Jun 25, 2024 •

edited

Loading

github-actions bot commented Jul 28, 2024

VincentS commented Aug 5, 2024

github-actions bot commented Sep 5, 2024

github-actions bot commented Sep 12, 2024

feat: Add new manifest for Retina with Hubble #437

feat: Add new manifest for Retina with Hubble #437

Conversation

jimassa commented Jun 4, 2024 • edited Loading

Description

Related Issue

Checklist

Screenshots (if applicable) or Testing Completed

Additional Notes

anubhabMajumdar left a comment

Choose a reason for hiding this comment

snguyen64 Jun 7, 2024

Choose a reason for hiding this comment

VincentS commented Jun 25, 2024 • edited Loading

github-actions bot commented Jul 28, 2024

VincentS commented Aug 5, 2024

github-actions bot commented Sep 5, 2024

github-actions bot commented Sep 12, 2024

jimassa commented Jun 4, 2024 •

edited

Loading

VincentS commented Jun 25, 2024 •

edited

Loading