Skip to content

Add OpenTelemetry support on yarp container#2750

Merged
benjaminpetit merged 9 commits intodotnet:mainfrom
benjaminpetit:container/optl
Mar 19, 2025
Merged

Add OpenTelemetry support on yarp container#2750
benjaminpetit merged 9 commits intodotnet:mainfrom
benjaminpetit:container/optl

Conversation

@benjaminpetit
Copy link
Member

@benjaminpetit benjaminpetit commented Feb 13, 2025

Add opentelemetry support for the yarp container.

The main issue with the current solution is that when running in Aspire, the container will try to export telemetry to host.docker.internal, which will trigger a SSL error, since the dev cert is only made for localhost .

For the moment, I propose that we ignore this error when running in development.

Other option:

  • require the certificate to be present in the docker at runtime, and ignore only the name missmatch
  • require the cert to be valid for host.docker.internal, and manually trust the cert at runtime (requiring switching to a non distroless base image)

MihaZupan
MihaZupan reviewed Feb 13, 2025
View reviewed changes
MihaZupan
MihaZupan reviewed Feb 17, 2025
View reviewed changes
MihaZupan
MihaZupan reviewed Feb 17, 2025
View reviewed changes
src/Application/Extensions.cs Outdated
if (useOtlpExporter)
{

if (string.Equals(Environment.GetEnvironmentVariable("YARP_UNSAFE_SKIP_OLTP_CERT_VALIDATION"), "true", StringComparison.InvariantCultureIgnoreCase))
Copy link
Member

@MihaZupan MihaZupan Feb 17, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nit: If this is otherwise equivalent, can we change this to something like?

builder.Services.Configure<OtlpExporterOptions>(options =>
{
    options.HttpClientFactory = () =>
    {
        var handler = new HttpClientHandler();
    
        if (string.Equals(Environment.GetEnvironmentVariable("YARP_UNSAFE_SKIP_OLTP_CERT_VALIDATION"), "true", StringComparison.InvariantCultureIgnoreCase))
        {
            handler.ServerCertificateCustomValidationCallback = HttpClientHandler.DangerousAcceptAnyServerCertificateValidator;
        }
    
        return new HttpClient(handler);
    }
});

builder.Services.AddOpenTelemetry()
    .WithLogging(logging => logging.AddOtlpExporter())
    .WithMetrics(metrics => metrics.AddOtlpExporter())
    .WithTracing(tracing => tracing.AddOtlpExporter());

Copy link
Member

@MihaZupan MihaZupan Mar 6, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

My comment here was more so about potential subtle differenes in behavior between the two (is the handler configured the same?), not just DangerousAcceptAnyServerCertificateValidator.

Right now it's not obvious that the environment variable will only change the cert validation.

WeihanLi
WeihanLi reviewed Mar 6, 2025
View reviewed changes
MihaZupan
MihaZupan approved these changes Mar 6, 2025
View reviewed changes
src/Application/Extensions.cs Outdated
if (useOtlpExporter)
{

if (string.Equals(Environment.GetEnvironmentVariable("YARP_UNSAFE_SKIP_OLTP_CERT_VALIDATION"), "true", StringComparison.InvariantCultureIgnoreCase))
Copy link
Member

@MihaZupan MihaZupan Mar 6, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

My comment here was more so about potential subtle differenes in behavior between the two (is the handler configured the same?), not just DangerousAcceptAnyServerCertificateValidator.

Right now it's not obvious that the environment variable will only change the cert validation.

MihaZupan
MihaZupan reviewed Mar 6, 2025
View reviewed changes
@bbartels
Copy link

bbartels commented Mar 12, 2025

Would really love for this to get merged!

@benjaminpetit benjaminpetit merged commit 0766f46 into dotnet:main Mar 19, 2025
7 checks passed
@MihaZupan MihaZupan added this to the YARP 3.0 milestone Mar 19, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@MihaZupan MihaZupan MihaZupan approved these changes

+1 more reviewer

@WeihanLi WeihanLi WeihanLi left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

YARP 3.0

Development

Successfully merging this pull request may close these issues.

4 participants

@benjaminpetit @bbartels @WeihanLi @MihaZupan