kkhandelwal/ebpf otlp port (#2001)

<!--
Thank you for contributing to New Relic's Helm charts. Before you submit
this PR we'd like to
make sure you are aware of our technical requirements:

*
https://github.com/newrelic-experimental/helm-charts/blob/master/CONTRIBUTING.md#technical-requirements

For a quick overview across what we will look at reviewing your PR,
please read
our review guidelines:

*
https://github.com/newrelic-experimental/helm-charts/blob/master/REVIEW_GUIDELINES.md

Following our best practices right from the start will accelerate the
review process and
help get your PR merged quicker.

When updates to your PR are requested, please add new commits and do not
squash the
history. This will make it easier to identify new changes. The PR will
be squashed
anyways when it is merged. Thanks.

For fast feedback, please @-mention maintainers that are listed in the
Chart.yaml file.

Please make sure you test your changes before you push them. Once
pushed, a Github Action
will run across your changes and do some initial checks and linting.
These checks run
very quickly. Please check the results. We would like these checks to
pass before we
even continue reviewing your changes.
-->
#### Is this a new chart
No
#### What this PR does / why we need it:
- Introduce env to configure OTLP port.
- Introduce 2 new env's - `APM_DATA_REPORTING` and `TCP_STATS_REPORTING`
#### Which issue this PR fixes
*(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)`
format, will close that issue when PR gets merged)*
  - fixes #

#### Special notes for your reviewer:

#### Checklist
[Place an '[x]' (no spaces) in all applicable fields. Please remove
unrelated fields.]
- [ ] Chart Version bumped
- [ ] Variables are documented in the README.md
- [ ] Title of the PR starts with chart name (e.g. `[mychartname]`)

# Release Notes to Publish (nr-k8s-otel-collector)
If this PR contains changes in `nr-k8s-otel-collector`, please complete
the following section. All other charts should ignore this section.

<!--BEGIN-RELEASE-NOTES-->
## 🚀 What's Changed
* Tell the world about the latest changes in the chart.
<!--END-RELEASE-NOTES-->

---------

Co-authored-by: bsanwarwala <bsanwarwala@newrelic.com>
Co-authored-by: Aayush garg <agarg@newrelic.com>

Author: 3 people

charts/nr-ebpf-agent/Chart.yaml

@@ -13,7 +13,7 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.4.0
+version: 0.5.0
 
 dependencies:
   - name: common-library
@@ -23,7 +23,7 @@ dependencies:
 # incremented each time you make changes to the application. Versions are not expected to
 # follow Semantic Versioning. They should reflect the version the application is using.
 # It is recommended to use it with quotes.
-appVersion: "0.4.0"
+appVersion: "0.5.0"
 home: https://github.com/newrelic/helm-charts
 sources:
   - https://github.com/newrelic/

charts/nr-ebpf-agent/templates/_helpers.tpl

@@ -59,7 +59,7 @@ Return the cluster name
 Create otel collector receiver endpoint
 */}}
 {{- define "nr-otel-collector-receiver.endpoint" -}}
-{{- printf "dns:///%s.%s.svc.%s:4317" (include "otel-collector.service.name" .) .Release.Namespace .Values.kubernetesClusterDomain }}
+{{- printf "dns:///%s.%s.svc.%s:%v" (include "otel-collector.service.name" .) .Release.Namespace .Values.kubernetesClusterDomain .Values.otelCollector.receiverPort }}
 {{- end }}
 
 {{/*
@@ -108,6 +108,16 @@ Validate the user inputted value when sampling by error rate.
 {{- end -}}
 {{- end -}}
 
+{{/*
+Validate that receiverPort is not less than 1024 (privileged port range).
+*/}}
+{{- define "validate.receiverPort" -}}
+{{- $port := .Values.otelCollector.receiverPort | int -}}
+{{- if lt $port 1025 -}}
+{{- fail (printf "Error: receiverPort must be > 1024 (got %d). Ports below 1024 are privileged ports and should not be used." $port) -}}
+{{- end -}}
+{{- end -}}
+
 {{/*
 Pass environment variables to the agent container if tracing a specific protocol is to be disabled.
 */}}

charts/nr-ebpf-agent/templates/nr-ebpf-agent-daemonset.yaml

@@ -144,6 +144,10 @@ spec:
             value: {{ include "nr-ebpf-agent.service.name" . }}
           - name: IS_INSECURE
             value: "True"
+          - name: APM_DATA_REPORTING
+            value: "{{ if hasKey .Values "apmDataReporting" }}{{ .Values.apmDataReporting }}{{ else }}true{{ end }}"
+          - name: TCP_STATS_REPORTING
+            value: "{{ if hasKey .Values "tcpStatsReporting" }}{{ .Values.tcpStatsReporting }}{{ else }}true{{ end }}"
         securityContext:
           privileged: true
         volumeMounts:

charts/nr-ebpf-agent/templates/otel-collector-config.yaml

@@ -11,7 +11,7 @@ data:
         otlp:
           protocols:
             grpc:
-              endpoint: $RECEIVER_ENDPOINT:4317
+              endpoint: $RECEIVER_ENDPOINT:$RECEIVER_PORT
               {{- if (hasKey .Values "tls") }}
               {{- if eq .Values.tls.enabled true }}
               tls:

charts/nr-ebpf-agent/templates/otel-collector-daemonset.yaml

@@ -56,7 +56,7 @@ spec:
         resources: {{- toYaml .Values.otelCollector.resources | nindent 10}}
         ports:
           - name: otlp
-            containerPort: 4317
+            containerPort: {{ .Values.otelCollector.receiverPort }}
             protocol: TCP
         volumeMounts:
           - name: data
@@ -81,6 +81,9 @@ spec:
               fieldRef:
                 apiVersion: v1
                 fieldPath: status.podIP
+        {{- include "validate.receiverPort" . }}
+          - name: RECEIVER_PORT
+            value: "{{ .Values.otelCollector.receiverPort }}"
           - name: NEW_RELIC_LICENSE_KEY
             valueFrom:
               secretKeyRef:

charts/nr-ebpf-agent/templates/otel-collector-service.yaml

@@ -8,13 +8,13 @@ metadata:
     component: otel-collector
     {{- include "newrelic.common.labels" . | nindent 4 }}
 spec:
-  # The OTel collector pod will use a service containing a clusterIP and port 4317 to interface via.
+  # The OTel collector pod will use a service containing a clusterIP and the configured receiver port to interface via.
   type: ClusterIP
   selector:
     {{- include "newrelic.common.labels.selectorLabels" . | nindent 4 }}
     component: otel-collector
   ports:
     - name: otlp-grpc
-      port: 4317
+      port: {{ .Values.otelCollector.receiverPort }}
       protocol: TCP
-      targetPort: 4317
+      targetPort: {{ .Values.otelCollector.receiverPort }}

charts/nr-ebpf-agent/values.yaml

@@ -35,10 +35,10 @@ allowServiceNameRegex: ""
 dropDataForEntity: []
 # -- The primary lever to control RAM use of the eBPF agent. Specified in MiB.
 tableStoreDataLimitMB: "250"
-# -- The source connectors (and data export scripts) to enable.
-# Note that socket_tracer tracks http, mysql, redis, mongodb, amqp, cassandra, dns, and postgresql
-# while tcp_stats tracks TCP metrics.
-# stirlingSources: "socket_tracer,tcp_stats"
+# -- Enable APM data reporting. When enabled, the agent collects and reports application performance monitoring data
+apmDataReporting: true
+# -- Enable TCP statistics reporting. When enabled, the agent collects and reports low level tcp metrics and starts network monitoring
+tcpStatsReporting: true
 
 # The protocols to enable for tracing in the socket_tracer. There is an ability to configure span export if it is enabled.
 # Each protocol has the flexibility to selectively enable the type of OTLP data to export.
@@ -166,6 +166,8 @@ otelCollector:
   podSecurityContext: {}
   # -- Sets otelCollector pod containerSecurityContext. Overrides `containerSecurityContext` and `global.securityContext.container`
   containerSecurityContext: {}
+  # -- Port on which the OTLP receiver listens for gRPC connections.
+  receiverPort: 4317
   collector:
     serviceAccount:
       # -- Annotations for the OTel collector service account.