From 34f6bc517b6cbb108b1e2502877ca0f1cd02bb04 Mon Sep 17 00:00:00 2001
From: Marcell Sevcsik <31651557+0sewa0@users.noreply.github.com>
Date: Wed, 20 Nov 2024 15:23:17 +0100
Subject: [PATCH] Remove experimental multiple-osagents-on-node feature-flag
(#4064)
---
doc/api/feature-flags.md | 24 ++-
doc/e2e/features.md | 158 +++++++++++--------
hack/doc/gen_feature_flags.sh | 2 +-
pkg/api/v1beta3/dynakube/feature_flags.go | 6 -
pkg/api/validation/dynakube/oneagent.go | 2 +-
pkg/api/validation/dynakube/oneagent_test.go | 43 -----
6 files changed, 116 insertions(+), 119 deletions(-)
diff --git a/doc/api/feature-flags.md b/doc/api/feature-flags.md
index 29f8886d5e..09c8560081 100644
--- a/doc/api/feature-flags.md
+++ b/doc/api/feature-flags.md
@@ -9,6 +9,7 @@ import "github.com/Dynatrace/dynatrace-operator/pkg/api/v1beta3/dynakube/tmp"
## Index
- [Constants](<#constants>)
+- [func MountAttemptsToTimeout(maxAttempts int) string](<#MountAttemptsToTimeout>)
## Constants
@@ -23,6 +24,8 @@ const (
// Deprecated: AnnotationFeatureDisableActiveGateUpdates use AnnotationFeatureActiveGateUpdates instead.
AnnotationFeatureDisableActiveGateUpdates = AnnotationFeaturePrefix + "disable-activegate-updates"
+ // Deprecated: AnnotationFeatureActiveGateIgnoreProxy use AnnotationFeatureNoProxy instead.
+ AnnotationFeatureActiveGateIgnoreProxy = AnnotationFeaturePrefix + "activegate-ignore-proxy"
AnnotationFeatureActiveGateUpdates = AnnotationFeaturePrefix + "activegate-updates"
@@ -30,13 +33,13 @@ const (
AnnotationFeatureAutomaticK8sApiMonitoring = AnnotationFeaturePrefix + "automatic-kubernetes-api-monitoring"
AnnotationFeatureAutomaticK8sApiMonitoringClusterName = AnnotationFeaturePrefix + "automatic-kubernetes-api-monitoring-cluster-name"
AnnotationFeatureK8sAppEnabled = AnnotationFeaturePrefix + "k8s-app-enabled"
- AnnotationFeatureActiveGateIgnoreProxy = AnnotationFeaturePrefix + "activegate-ignore-proxy"
AnnotationFeatureNoProxy = AnnotationFeaturePrefix + "no-proxy"
- AnnotationFeatureMultipleOsAgentsOnNode = AnnotationFeaturePrefix + "multiple-osagents-on-node"
+ // Deprecated: AnnotationFeatureOneAgentIgnoreProxy use AnnotationFeatureNoProxy instead.
+ AnnotationFeatureOneAgentIgnoreProxy = AnnotationFeaturePrefix + "oneagent-ignore-proxy"
+
AnnotationFeatureOneAgentMaxUnavailable = AnnotationFeaturePrefix + "oneagent-max-unavailable"
- AnnotationFeatureOneAgentIgnoreProxy = AnnotationFeaturePrefix + "oneagent-ignore-proxy"
AnnotationFeatureOneAgentInitialConnectRetry = AnnotationFeaturePrefix + "oneagent-initial-connect-retry-ms"
AnnotationFeatureRunOneAgentContainerPrivileged = AnnotationFeaturePrefix + "oneagent-privileged"
@@ -47,19 +50,32 @@ const (
AnnotationInjectionFailurePolicy = AnnotationFeaturePrefix + "injection-failure-policy"
AnnotationFeatureInitContainerSeccomp = AnnotationFeaturePrefix + "init-container-seccomp-profile"
AnnotationFeatureEnforcementMode = AnnotationFeaturePrefix + "enforcement-mode"
+ AnnotationFeatureReadOnlyOneAgent = AnnotationFeaturePrefix + "oneagent-readonly-host-fs"
// CSI.
AnnotationFeatureMaxFailedCsiMountAttempts = AnnotationFeaturePrefix + "max-csi-mount-attempts"
+ AnnotationFeatureMaxCsiMountTimeout = AnnotationFeaturePrefix + "max-csi-mount-timeout"
AnnotationFeatureReadOnlyCsiVolume = AnnotationFeaturePrefix + "injection-readonly-volume"
)
```
-
+
```go
const (
+ DefaultMaxCsiMountTimeout = "10m"
DefaultMaxFailedCsiMountAttempts = 10
DefaultMinRequestThresholdMinutes = 15
IstioDefaultOneAgentInitialConnectRetry = 6000
)
```
+
+
+
+## func [MountAttemptsToTimeout]()
+
+```go
+func MountAttemptsToTimeout(maxAttempts int) string
+```
+
+MountAttemptsToTimeout converts the (old) number of csi mount attempts into a time.Duration string. The converted value is based on the exponential backoff's algorithm. The output is string because it's main purpose is to convert the value of an annotation to another annotation.
diff --git a/doc/e2e/features.md b/doc/e2e/features.md
index 833f7a7a87..e7fb8e91a1 100644
--- a/doc/e2e/features.md
+++ b/doc/e2e/features.md
@@ -8,14 +8,14 @@ import "github.com/Dynatrace/dynatrace-operator/test/features/activegate"
## Index
-- [func Feature(t *testing.T, proxySpec *dynatracev1beta2.DynaKubeProxy) features.Feature](<#Feature>)
+- [func Feature(t *testing.T, proxySpec *value.Source) features.Feature](<#Feature>)
-## func [Feature]()
+## func [Feature]()
```go
-func Feature(t *testing.T, proxySpec *dynatracev1beta2.DynaKubeProxy) features.Feature
+func Feature(t *testing.T, proxySpec *value.Source) features.Feature
```
### With proxy
@@ -34,14 +34,32 @@ import "github.com/Dynatrace/dynatrace-operator/test/features/edgeconnect"
## Index
-- [func Feature(t *testing.T) features.Feature](<#Feature>)
+- [func AutomationModeFeature(t *testing.T) features.Feature](<#AutomationModeFeature>)
+- [func NormalModeFeature(t *testing.T) features.Feature](<#NormalModeFeature>)
+- [func ProvisionerModeFeature(t *testing.T) features.Feature](<#ProvisionerModeFeature>)
-
+
-## func [Feature]()
+## func [AutomationModeFeature]()
```go
-func Feature(t *testing.T) features.Feature
+func AutomationModeFeature(t *testing.T) features.Feature
+```
+
+
+
+## func [NormalModeFeature]()
+
+```go
+func NormalModeFeature(t *testing.T) features.Feature
+```
+
+
+
+## func [ProvisionerModeFeature]()
+
+```go
+func ProvisionerModeFeature(t *testing.T) features.Feature
```
# classic
@@ -84,6 +102,24 @@ import "github.com/Dynatrace/dynatrace-operator/test/features/classic/switch_mod
func Feature(t *testing.T) features.Feature
```
+# extensions
+
+```go
+import "github.com/Dynatrace/dynatrace-operator/test/features/extensions"
+```
+
+## Index
+
+- [func Feature(t *testing.T) features.Feature](<#Feature>)
+
+
+
+## func [Feature]()
+
+```go
+func Feature(t *testing.T) features.Feature
+```
+
# applicationmonitoring
```go
@@ -99,7 +135,7 @@ import "github.com/Dynatrace/dynatrace-operator/test/features/applicationmonitor
-## func [LabelVersionDetection]()
+## func [LabelVersionDetection]()
```go
func LabelVersionDetection(t *testing.T) features.Feature
@@ -111,7 +147,7 @@ Verification that build labels are created and set accordingly. The test checks:
-## func [MetadataEnrichment]()
+## func [MetadataEnrichment]()
```go
func MetadataEnrichment(t *testing.T) features.Feature
@@ -121,7 +157,7 @@ Verification of the metadata enrichment part of the operator. The test checks th
-## func [ReadOnlyCSIVolume]()
+## func [ReadOnlyCSIVolume]()
```go
func ReadOnlyCSIVolume(t *testing.T) features.Feature
@@ -129,7 +165,7 @@ func ReadOnlyCSIVolume(t *testing.T) features.Feature
-## func [WithoutCSI]()
+## func [WithoutCSI]()
```go
func WithoutCSI(t *testing.T) features.Feature
@@ -176,7 +212,7 @@ import "github.com/Dynatrace/dynatrace-operator/test/features/support_archive"
-## func [Feature]()
+## func [Feature]()
```go
func Feature(t *testing.T) features.Feature
@@ -188,7 +224,7 @@ Verification if support-archive package created by the support-archive command a
-## type [CustomResources]()
+## type [CustomResources]()
```go
type CustomResources struct {
@@ -204,18 +240,18 @@ import "github.com/Dynatrace/dynatrace-operator/test/features/cloudnative"
## Index
-- [func AssessActiveGateContainer(builder *features.FeatureBuilder, dynakube *dynatracev1beta2.DynaKube, trustedCAs []byte)](<#AssessActiveGateContainer>)
+- [func AssessActiveGateContainer(builder *features.FeatureBuilder, dk *dynakube.DynaKube, trustedCAs []byte)](<#AssessActiveGateContainer>)
- [func AssessOneAgentContainer(builder *features.FeatureBuilder, agCrt []byte, trustedCAs []byte)](<#AssessOneAgentContainer>)
- [func AssessSampleContainer(builder *features.FeatureBuilder, sampleApp *sample.App, agCrt []byte, trustedCAs []byte)](<#AssessSampleContainer>)
- [func AssessSampleInitContainers(builder *features.FeatureBuilder, sampleApp *sample.App)](<#AssessSampleInitContainers>)
-- [func DefaultCloudNativeSpec() *dynatracev1beta2.CloudNativeFullStackSpec](<#DefaultCloudNativeSpec>)
+- [func DefaultCloudNativeSpec() *dynakube.CloudNativeFullStackSpec](<#DefaultCloudNativeSpec>)
## func [AssessActiveGateContainer]()
```go
-func AssessActiveGateContainer(builder *features.FeatureBuilder, dynakube *dynatracev1beta2.DynaKube, trustedCAs []byte)
+func AssessActiveGateContainer(builder *features.FeatureBuilder, dk *dynakube.DynaKube, trustedCAs []byte)
```
@@ -236,7 +272,7 @@ func AssessSampleContainer(builder *features.FeatureBuilder, sampleApp *sample.A
-## func [AssessSampleInitContainers]()
+## func [AssessSampleInitContainers]()
```go
func AssessSampleInitContainers(builder *features.FeatureBuilder, sampleApp *sample.App)
@@ -244,10 +280,10 @@ func AssessSampleInitContainers(builder *features.FeatureBuilder, sampleApp *sam
-## func [DefaultCloudNativeSpec]()
+## func [DefaultCloudNativeSpec]()
```go
-func DefaultCloudNativeSpec() *dynatracev1beta2.CloudNativeFullStackSpec
+func DefaultCloudNativeSpec() *dynakube.CloudNativeFullStackSpec
```
# network_problems
@@ -294,38 +330,6 @@ import "github.com/Dynatrace/dynatrace-operator/test/features/cloudnative/upgrad
func Feature(t *testing.T) features.Feature
```
-# network_zones
-
-```go
-import "github.com/Dynatrace/dynatrace-operator/test/features/cloudnative/network_zones"
-```
-
-## Index
-
-- [func Feature(t *testing.T) features.Feature](<#Feature>)
-
-
-
-## func [Feature]()
-
-```go
-func Feature(t *testing.T) features.Feature
-```
-
-Feature defines the overall e2e test for testing OneAgent injection behavior when Dynatrace is configured with a network zone.
-
-It does the following to cover the scenario of ensuring OneAgent injection is properly blocked when no ActiveGate is available, and enabled once one is added:
-
-- Creates test a network zone via the tenant helper (can be highly destructive)
-- Configures a DynaKube custom resource without an ActiveGate => no activegate == no networkzone communication
-- Installs a sample application
-- Verifies the sample app pods do NOT have OneAgent injected, validated via pod annotations
-- Updates the DynaKube to add an ActiveGate => so now networkzone communication is possible
-- Restarts the sample app pods
-- Verifies the sample app pods now DO have OneAgent injected
-
-Prerequisites: Have a tenant that has no activegates bound to it.
-
# codemodules
```go
@@ -335,14 +339,14 @@ import "github.com/Dynatrace/dynatrace-operator/test/features/cloudnative/codemo
## Index
- [func InstallFromImage(t *testing.T) features.Feature](<#InstallFromImage>)
-- [func WithProxy(t *testing.T, proxySpec *dynatracev1beta2.DynaKubeProxy) features.Feature](<#WithProxy>)
-- [func WithProxyAndAGCert(t *testing.T, proxySpec *dynatracev1beta2.DynaKubeProxy) features.Feature](<#WithProxyAndAGCert>)
-- [func WithProxyCA(t *testing.T, proxySpec *dynatracev1beta2.DynaKubeProxy) features.Feature](<#WithProxyCA>)
-- [func WithProxyCAAndAGCert(t *testing.T, proxySpec *dynatracev1beta2.DynaKubeProxy) features.Feature](<#WithProxyCAAndAGCert>)
+- [func WithProxy(t *testing.T, proxySpec *value.Source) features.Feature](<#WithProxy>)
+- [func WithProxyAndAGCert(t *testing.T, proxySpec *value.Source) features.Feature](<#WithProxyAndAGCert>)
+- [func WithProxyCA(t *testing.T, proxySpec *value.Source) features.Feature](<#WithProxyCA>)
+- [func WithProxyCAAndAGCert(t *testing.T, proxySpec *value.Source) features.Feature](<#WithProxyCAAndAGCert>)
-## func [InstallFromImage]()
+## func [InstallFromImage]()
```go
func InstallFromImage(t *testing.T) features.Feature
@@ -352,10 +356,10 @@ Verification that the storage in the CSI driver directory does not increase when
-## func [WithProxy]()
+## func [WithProxy]()
```go
-func WithProxy(t *testing.T, proxySpec *dynatracev1beta2.DynaKubeProxy) features.Feature
+func WithProxy(t *testing.T, proxySpec *value.Source) features.Feature
```
Prerequisites: istio service mesh
@@ -364,22 +368,22 @@ Setup: CloudNative deployment with CSI driver
Verification that the operator and all deployed OneAgents are able to communicate over a http proxy.
-Connectivity in the dynatrace namespace and sample application namespace is restricted to the local cluster. Sample application is installed. The test checks if DT_PROXY environment variable is defined in the *dynakube-oneagent* container and the *application container*.
+Connectivity in the dynatrace namespace and sample application namespace is restricted to the local cluster. Sample application is installed. The test checks if DT_PROXY environment variable is defined in the *dynakubeComponents-oneagent* container and the *application container*.
-## func [WithProxyAndAGCert]()
+## func [WithProxyAndAGCert]()
```go
-func WithProxyAndAGCert(t *testing.T, proxySpec *dynatracev1beta2.DynaKubeProxy) features.Feature
+func WithProxyAndAGCert(t *testing.T, proxySpec *value.Source) features.Feature
```
-## func [WithProxyCA]()
+## func [WithProxyCA]()
```go
-func WithProxyCA(t *testing.T, proxySpec *dynatracev1beta2.DynaKubeProxy) features.Feature
+func WithProxyCA(t *testing.T, proxySpec *value.Source) features.Feature
```
@@ -387,7 +391,7 @@ func WithProxyCA(t *testing.T, proxySpec *dynatracev1beta2.DynaKubeProxy) featur
## func [WithProxyCAAndAGCert]()
```go
-func WithProxyCAAndAGCert(t *testing.T, proxySpec *dynatracev1beta2.DynaKubeProxy) features.Feature
+func WithProxyCAAndAGCert(t *testing.T, proxySpec *value.Source) features.Feature
```
# _default
@@ -467,3 +471,29 @@ import "github.com/Dynatrace/dynatrace-operator/test/features/cloudnative/switch
```go
func Feature(t *testing.T) features.Feature
```
+
+# consts
+
+```go
+import "github.com/Dynatrace/dynatrace-operator/test/features/consts"
+```
+
+## Index
+
+- [Constants](<#constants>)
+
+## Constants
+
+
+
+```go
+const (
+ AgCertificate = "custom-cas/agcrt.pem"
+ AgCertificateAndPrivateKey = "custom-cas/agcrtkey.p12"
+ AgCertificateAndPrivateKeyField = "server.p12"
+ AgSecretName = "ag-ca"
+ DevRegistryPullSecretName = "devregistry"
+ EecImageRepo = "478983378254.dkr.ecr.us-east-1.amazonaws.com/dynatrace/dynatrace-eec"
+ EecImageTag = "1.303.0.20240930-183404"
+)
+```
diff --git a/hack/doc/gen_feature_flags.sh b/hack/doc/gen_feature_flags.sh
index 4d74fb62c1..2c51c98e3d 100755
--- a/hack/doc/gen_feature_flags.sh
+++ b/hack/doc/gen_feature_flags.sh
@@ -1,7 +1,7 @@
#!/bin/sh
gomarkdoc_header=""
script_header=""
-doc_dir="./pkg/api/v1beta2/dynakube"
+doc_dir="./pkg/api/v1beta3/dynakube"
output_dir="./doc/api"
output_file="feature-flags.md"
output=""
diff --git a/pkg/api/v1beta3/dynakube/feature_flags.go b/pkg/api/v1beta3/dynakube/feature_flags.go
index 056f8712f4..0686f72e69 100644
--- a/pkg/api/v1beta3/dynakube/feature_flags.go
+++ b/pkg/api/v1beta3/dynakube/feature_flags.go
@@ -55,7 +55,6 @@ const (
// Deprecated: AnnotationFeatureOneAgentIgnoreProxy use AnnotationFeatureNoProxy instead.
AnnotationFeatureOneAgentIgnoreProxy = AnnotationFeaturePrefix + "oneagent-ignore-proxy"
- AnnotationFeatureMultipleOsAgentsOnNode = AnnotationFeaturePrefix + "multiple-osagents-on-node"
AnnotationFeatureOneAgentMaxUnavailable = AnnotationFeaturePrefix + "oneagent-max-unavailable"
AnnotationFeatureOneAgentInitialConnectRetry = AnnotationFeaturePrefix + "oneagent-initial-connect-retry-ms"
AnnotationFeatureRunOneAgentContainerPrivileged = AnnotationFeaturePrefix + "oneagent-privileged"
@@ -200,11 +199,6 @@ func (dk *DynaKube) FeatureReadOnlyOneAgent() bool {
return dk.getFeatureFlagRaw(AnnotationFeatureReadOnlyOneAgent) != falsePhrase
}
-// FeatureEnableMultipleOsAgentsOnNode is a feature flag to enable multiple osagents running on the same host.
-func (dk *DynaKube) FeatureEnableMultipleOsAgentsOnNode() bool {
- return dk.getFeatureFlagRaw(AnnotationFeatureMultipleOsAgentsOnNode) == truePhrase
-}
-
// FeatureActiveGateAppArmor is a feature flag to enable AppArmor in ActiveGate container.
func (dk *DynaKube) FeatureActiveGateAppArmor() bool {
return dk.getFeatureFlagRaw(AnnotationFeatureActiveGateAppArmor) == truePhrase
diff --git a/pkg/api/validation/dynakube/oneagent.go b/pkg/api/validation/dynakube/oneagent.go
index f7b3e31fe6..e0d11231e7 100644
--- a/pkg/api/validation/dynakube/oneagent.go
+++ b/pkg/api/validation/dynakube/oneagent.go
@@ -60,7 +60,7 @@ func conflictingOneAgentConfiguration(_ context.Context, _ *Validator, dk *dynak
}
func conflictingOneAgentNodeSelector(ctx context.Context, dv *Validator, dk *dynakube.DynaKube) string {
- if (!dk.LogMonitoring().IsStandalone() && !dk.NeedsOneAgent()) || dk.FeatureEnableMultipleOsAgentsOnNode() {
+ if !dk.LogMonitoring().IsStandalone() && !dk.NeedsOneAgent() {
return ""
}
diff --git a/pkg/api/validation/dynakube/oneagent_test.go b/pkg/api/validation/dynakube/oneagent_test.go
index ca60693cc1..b56983e594 100644
--- a/pkg/api/validation/dynakube/oneagent_test.go
+++ b/pkg/api/validation/dynakube/oneagent_test.go
@@ -176,25 +176,6 @@ func TestConflictingNodeSelector(t *testing.T) {
},
}, &defaultCSIDaemonSet)
})
- t.Run(`valid dynakube specs with multitenant hostMonitoring`, func(t *testing.T) {
- assertAllowedWithWarnings(t, 0,
- newCloudNativeDynakube("dk1", map[string]string{
- dynakube.AnnotationFeatureMultipleOsAgentsOnNode: "true",
- }, "1"),
- newCloudNativeDynakube("dk2", map[string]string{
- dynakube.AnnotationFeatureMultipleOsAgentsOnNode: "true",
- }, "2"),
- &defaultCSIDaemonSet)
-
- assertAllowedWithWarnings(t, 0,
- newCloudNativeDynakube("dk1", map[string]string{
- dynakube.AnnotationFeatureMultipleOsAgentsOnNode: "true",
- }, "1"),
- newCloudNativeDynakube("dk2", map[string]string{
- dynakube.AnnotationFeatureMultipleOsAgentsOnNode: "true",
- }, "1"),
- &defaultCSIDaemonSet)
- })
t.Run(`invalid dynakube specs`, func(t *testing.T) {
assertDenied(t,
[]string{fmt.Sprintf(errorNodeSelectorConflict, "conflicting-dk")},
@@ -230,30 +211,6 @@ func TestConflictingNodeSelector(t *testing.T) {
},
}, &defaultCSIDaemonSet)
})
- t.Run(`invalid dynakube specs with multitenant hostMonitoring`, func(t *testing.T) {
- assertDenied(t, nil,
- newCloudNativeDynakube("dk1", map[string]string{
- dynakube.AnnotationFeatureMultipleOsAgentsOnNode: "false",
- }, "1"),
- newCloudNativeDynakube("dk2", map[string]string{
- dynakube.AnnotationFeatureMultipleOsAgentsOnNode: "true",
- }, "1"),
- &defaultCSIDaemonSet)
-
- assertDenied(t, nil,
- newCloudNativeDynakube("dk1", map[string]string{
- dynakube.AnnotationFeatureMultipleOsAgentsOnNode: "false",
- }, "1"),
- newCloudNativeDynakube("dk2", map[string]string{
- dynakube.AnnotationFeatureMultipleOsAgentsOnNode: "false",
- }, "1"),
- &defaultCSIDaemonSet)
-
- assertDenied(t, nil,
- newCloudNativeDynakube("dk1", map[string]string{}, "1"),
- newCloudNativeDynakube("dk2", map[string]string{}, "1"),
- &defaultCSIDaemonSet)
- })
t.Run(`invalid dynakube specs with existing log module`, func(t *testing.T) {
assertDenied(t, []string{fmt.Sprintf(errorNodeSelectorConflict, "dk-lm")},
newCloudNativeDynakube("dk-cm", map[string]string{}, "1"),