newrelic
diff --git a/‎charts/nr-ebpf-agent/Chart.yaml‎
Lines changed: 2 additions & 2 deletions b/‎charts/nr-ebpf-agent/Chart.yaml‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎charts/nr-ebpf-agent/README.md‎
Lines changed: 15 additions & 8 deletions b/‎charts/nr-ebpf-agent/README.md‎
Lines changed: 15 additions & 8 deletions
diff --git a/‎charts/nr-ebpf-agent/templates/nr-ebpf-agent-daemonset.yaml‎
Lines changed: 65 additions & 25 deletions b/‎charts/nr-ebpf-agent/templates/nr-ebpf-agent-daemonset.yaml‎
Lines changed: 65 additions & 25 deletions
@@ -13,7 +13,7 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 1.0.0
+version: 1.1.0
 
 dependencies:
   - name: common-library
@@ -23,7 +23,7 @@ dependencies:
 # incremented each time you make changes to the application. Versions are not expected to
 # follow Semantic Versioning. They should reflect the version the application is using.
 # It is recommended to use it with quotes.
-appVersion: "1.0.0"
+appVersion: "1.1.0"
 home: https://github.com/newrelic/helm-charts
 sources:
   - https://github.com/newrelic/
 
@@ -101,7 +101,15 @@ Options that can be defined globally include `affinity`, `nodeSelector`, `tolera
 | Key | Type | Default | Description |
 |-----|------|---------|-------------|
 | affinity | object | `{}` | Sets all pods' affinities. Can be configured also with `global.affinity` |
-| allowServiceNameRegex | string | `""` | This config acts as a bypass for the dropDataServiceNameRegex config. Service names that match this regex will not have their data dropped by the dropDataServiceNameRegex. If dropDataServiceNameRegex is not defined, this config has no impact on the eBPF agent. |
+| allDataFilters.dropNewRelicBundle | boolean | `true` | Drop data from the newrelic namespace and newrelic-bundle services. (RENAMED from `dropDataNewRelic` for clarity. The old name is deprecated but still supported for backward compatibility). |
+| allDataFilters.dropNamespaces | list | `["kube-system"]` | List of Kubernetes namespaces for which all data should be dropped by the agent. (RENAMED from `dropDataForNamespaces` for clarity. The old name is deprecated but still supported for backward compatibility). |
+| allDataFilters.dropServiceNameRegex | string | `""` | Define a regex to match k8s service names to drop. Example `"kube-dns\|otel-collector\|\\bblah\\b"`. (RENAMED from `dropDataServiceNameRegex` for clarity. The old name is deprecated but still supported for backward compatibility). |
+| allDataFilters.keepServiceNameRegex | string | `""` | This config acts as a bypass for the `dropServiceNameRegex` config. Service names that match this regex will not have their data dropped by the `dropServiceNameRegex`. (RENAMED from `allowServiceNameRegex` for clarity. The old name is deprecated but still supported for backward compatibility). |
+| allDataFilters.dropApmAgentEnabledEntity | boolean | `false` | Drop all data for applications or entities that have New Relic or OTEL APM agents running. |
+| apmDataFilters.apmAgentEnabledEntity | boolean | `false` | Drop eBPF APM data for applications/entities that have NewRelic APM/OTel agents running. |
+| apmDataFilters.dropPodLabels | object | `{}` | Pod labels to match for filtering APM data. Empty map means no label-based filtering. (Example: dropPodLabels: `{ "app": "frontend", "env": "production" }`) |
+| apmDataFilters.dropEntityName | list | `[]` | List of entity names to drop ebpf APM data.|
+| apmDataFilters.keepEntityName | list | `[]` | List of entity names to always keep APM data. By default all entities are kept/enabled. This config bypasses `dropEntityName` filter. |
 | cluster | string | `""` | Name of the Kubernetes cluster to be monitored. Mandatory. Can be configured with `global.cluster` |
 | containerSecurityContext | object | `{}` | Sets all pods' containerSecurityContext. Can be configured also with `global.securityContext.container` |
 | customSecretLicenseKey | string | `""` | In case you don't want to have the license key in your values, this allows you to point to which secret key is the license key located. Can be configured also with `global.customSecretLicenseKey` |
@@ -110,10 +118,6 @@ Options that can be defined globally include `affinity`, `nodeSelector`, `tolera
 | logFilePath | string | `""` | To configure log file path of eBPF Agent. If logging to this path fails, logs will be directed to stdout. |
 | dnsConfig | object | `{}` | Sets pod's dnsConfig. Can be configured also with `global.dnsConfig` |
 | dropAPMEnabledPods | bool | `false` | Drop data from pods that are monitored by New Relic APM via auto attach. |
-| dropDataNewRelic | bool | `true` | Drop data from the newrelic namespace and newrelic-bundle services. |
-| dropDataForEntity | list | `[]` | list entity to ignore the process monitoring based on `NEW_RELIC_APP_NAME` |
-| dropDataForNamespaces | list | `[]` | List of Kubernetes namespaces for which all data should be dropped by the agent. |
-| dropDataServiceNameRegex | string | `""` | Define a regex to match service names to drop. Example "kube-dns|otel-collector|\\bblah\\b" see Golang Docs for Regex syntax https://github.com/google/re2/wiki/Syntax |
 | ebpfAgent.affinity | object | `{}` | Sets ebpfAgent pod affinities. Overrides `affinity` and `global.affinity` |
 | ebpfAgent.containerSecurityContext | object | `{}` | Sets ebpfAgent pod containerSecurityContext. Overrides `containerSecurityContext` and `global.securityContext.container` |
 | ebpfAgent.image.pullPolicy | string | `"IfNotPresent"` | The pull policy is defaulted to IfNotPresent, which skips pulling an image if it already exists. If pullPolicy is defined without a specific value, it is also set to Always. |
@@ -134,6 +138,10 @@ Options that can be defined globally include `affinity`, `nodeSelector`, `tolera
 | kubernetesClusterDomain | string | `"cluster.local"` | Kubernetes cluster domain. |
 | labels | object | `{}` | Additional labels for chart objects. |
 | licenseKey | string | `""` | The license key to use. Can be configured with `global.licenseKey` |
+| networkMetricsDataFilter.dropPodLabels | object | `{}` | Pod labels to match for filtering Network metrics data. Empty map means no label-based filtering. (Example: dropPodLabels: `{ "app": "frontend", "env": "production" }`) |
+| networkMetricsDataFilter.dropEntityName | list | `[]` | List of entity names to drop Network metrics data for |
+| networkMetricsDataFilter.keepEntityName | list | `[]` | List of entity names to always keep Network metrics data. By default all entities are kept/enabled. This config bypasses `dropEntityName` filter. |
+| networkMetricsReporting | string | `true` | Enable network metrics reporting. When enabled, the agent collects and reports network metrics including TCP statistics. RENAMED from `tcpStatsReporting`. The old name is deprecated however backward compatibility is supported. |
 | nodeSelector | object | `{}` | Sets all pods' node selector. Can be configured also with `global.nodeSelector` |
 | nrStaging | bool | `false` | Endpoint to export data to via the otel collector. NR prod (otlp.nr-data.net:443) by default. Staging (staging-otlp.nr-data.net:443) otherwise. |
 | podLabels | object | `{}` | Additional labels for chart pods. |
@@ -188,6 +196,5 @@ If the `nr-ebpf-client` or `nr-ebpf-agent` container logs indicate that the scri
 
 ## Maintainers
 
-* ramkrishankumarN
-* kpattaswamy
-* benkilimnik
+* kkhandelwal
+* bsanwarwala
@@ -41,34 +41,19 @@ spec:
       {{- end }}
       initContainers:
       - name: kernel-header-installer
-        image: docker.io/newrelic/newrelic-ebpf-agent:agent-base-image-latest
-        imagePullPolicy: IfNotPresent
-        command:
-          - "/bin/bash"
-          - "-c"
-          - |
-            # Detect OS and install kernel headers accordingly
-            if [ -f /host/etc/os-release ]; then
-              . /host/etc/os-release
-              if [[ $ID == 'amzn' || $ID == 'centos' || $ID == 'rhel' ]]; then
-                echo 'Detected EKS/Amazon Linux or CentOS/RHEL. Installing kernel-devel...'
-                chroot /host /bin/bash -c "yum install -y kernel-devel-$(uname -r)" || echo 'kernel-devel install failed, proceeding.'
-              elif [[ $ID == 'debian' || $ID == 'ubuntu' ]]; then
-                echo 'Detected Debian/Ubuntu. Installing linux-headers...'
-                chroot /host /bin/bash -c "apt-get update || true && apt-get install -y linux-headers-$(uname -r)" || echo 'linux-headers install failed, proceeding.'
-              else
-                echo "Unsupported OS: $ID"
-                echo "Proceeding without kernel header install."
-              fi
-            else
-              echo "/host/etc/os-release not found"
-              echo "Proceeding without kernel header install."
-            fi
+        image: {{ .Values.ebpfAgent.image.repository }}:agent-base-image-latest
+        imagePullPolicy: {{ .Values.ebpfAgent.image.pullPolicy }}
+        command: ["/scripts/install-headers.sh"]
         securityContext:
           privileged: true
         volumeMounts:
+        - name: installer-script
+          mountPath: /scripts
+          readOnly: true
         - name: host-root-volume
           mountPath: /host
+        - name: kernel-headers-volume
+          mountPath: /kernel-headers
 
       containers:
       - name: nr-ebpf-agent
@@ -124,7 +109,7 @@ spec:
             value: "{{ .Values.ebpfAgent.distroKernelHeadersPath }}"
           {{- end }}
           - name: DEPLOYMENT_NAME
-            value: {{ .Values.cluster }}
+            value: {{ if .Values.global }}{{ .Values.global.cluster | default .Values.cluster }}{{ else }}{{ .Values.cluster }}{{ end }}
           - name: HOST_IP
             valueFrom:
               fieldRef:
@@ -151,8 +136,54 @@ spec:
             value: {{ include "nr-ebpf-agent.service.name" . }}
           - name: APM_DATA_REPORTING
             value: "{{ if hasKey .Values "apmDataReporting" }}{{ .Values.apmDataReporting }}{{ else }}true{{ end }}"
+          - name: NETWORK_METRICS_REPORTING
+            value: "{{ if hasKey .Values "networkMetricsReporting" }}{{ .Values.networkMetricsReporting }}{{ else if hasKey .Values "tcpStatsReporting" }}{{ .Values.tcpStatsReporting }}{{ else }}true{{ end }}"  
+          # ALL Data filtering configuration
+          {{- if .Values.allDataFilters }}
+          - name: DROP_ALL_DATA_FOR_NEW_RELIC
+            value: "{{ if hasKey .Values.allDataFilters "dropNewRelicBundle" }}{{ .Values.allDataFilters.dropNewRelicBundle }}{{ else }}true{{ end }}"
+          - name: DROP_ALL_DATA_FOR_NAMESPACES
+            value: "{{ .Values.allDataFilters.dropNamespaces | join "," }}"
+          - name: DROP_ALL_DATA_FOR_SERVICE_NAME_REGEX
+            value: {{ .Values.allDataFilters.dropServiceNameRegex }}
+          - name: KEEP_ALL_DATA_FOR_SERVICE_NAME_REGEX
+            value: {{ .Values.allDataFilters.keepServiceNameRegex }}
+          - name: DROP_ALL_DATA_FOR_APM_AGENT_ENABLED_ENTITY
+            value: "{{ if hasKey .Values.allDataFilters "dropApmAgentEnabledEntity" }}{{ .Values.allDataFilters.dropApmAgentEnabledEntity }}{{ else }}false{{ end }}"
+          {{- end }}
+          
+          # APM data filtering configuration
+          {{- if .Values.apmDataFilters }}
+          - name: DROP_APM_DATA_FOR_APM_AGENT_ENABLED_ENTITY
+            value: "{{ if hasKey .Values.apmDataFilters "apmAgentEnabledEntity" }}{{ .Values.apmDataFilters.apmAgentEnabledEntity }}{{ else }}true{{ end }}"
+          {{- if .Values.apmDataFilters.dropPodLabels }}
+          - name: DROP_APM_DATA_FOR_POD_LABELS
+            value: "{{ range $key, $value := .Values.apmDataFilters.dropPodLabels }}{{ $key }}={{ $value }},{{ end }}"
+          {{- end }}
+          - name: DROP_APM_DATA_FOR_ENTITY_NAME
+            value: "{{ .Values.apmDataFilters.dropEntityName | join "," }}"
+          - name: KEEP_APM_DATA_FOR_ENTITY_NAME
+            value: "{{ .Values.apmDataFilters.keepEntityName | join "," }}"
+          {{- end }}
+
+          # Network metrics data filtering configuration
+          {{- if .Values.networkMetricsDataFilter }}
+          {{- if .Values.networkMetricsDataFilter.dropPodLabels }}
+          - name: DROP_NETWORK_METRICS_DATA_FOR_POD_LABELS
+            value: "{{ range $key, $value := .Values.networkMetricsDataFilter.dropPodLabels }}{{ $key }}={{ $value }},{{ end }}"
+          {{- end }}
+          - name: DROP_NETWORK_METRICS_DATA_FOR_ENTITY_NAME
+            value: "{{ .Values.networkMetricsDataFilter.dropEntityName | join "," }}"
+          - name: KEEP_NETWORK_METRICS_DATA_FOR_ENTITY_NAME
+            value: "{{ .Values.networkMetricsDataFilter.keepEntityName | join "," }}"
+          {{- end }}
+
+          # DEPRECATED: The following environment variables are deprecated and kept for backward compatibility.
+          # If you are using an older configuration file with a newer Helm chart version, these settings will still work.
+          # However, please update your configuration to use the new filtering mechanisms.
+          # These variables will be removed in a future release.
           - name: TCP_STATS_REPORTING
-            value: "{{ if hasKey .Values "tcpStatsReporting" }}{{ .Values.tcpStatsReporting }}{{ else }}true{{ end }}"
+            value: "{{ if hasKey .Values "networkMetricsReporting" }}{{ .Values.networkMetricsReporting }}{{ else if hasKey .Values "tcpStatsReporting" }}{{ .Values.tcpStatsReporting }}{{ else }}true{{ end }}"
           - name: DROP_DATA_NEW_RELIC
             value: "{{ if hasKey .Values "dropDataNewRelic" }}{{ .Values.dropDataNewRelic }}{{ else }}true{{ end }}"
           - name: DROP_APM_ENABLED_PODS
@@ -172,6 +203,9 @@ spec:
           - name: sys-volume
             mountPath: /sys
             readOnly: true
+          - name: kernel-headers-volume
+            mountPath: /kernel-headers
+            readOnly: true
           {{- if (hasKey .Values "tls") }}
           {{- if eq .Values.tls.enabled true }}
           - name: cert
@@ -185,6 +219,10 @@ spec:
       restartPolicy: Always
       serviceAccountName: {{ include "nr-ebpf-agent.service.name" . }}
       volumes:
+      - name: installer-script
+        configMap:
+          name: {{ include "nr-ebpf-agent.fullname" . }}-installer-script
+          defaultMode: 0755
       - name: host-root-volume
         hostPath:
           path: /
@@ -193,6 +231,8 @@ spec:
         hostPath:
           path: /sys
           type: Directory
+      - name: kernel-headers-volume
+        emptyDir: {}
       {{- if (hasKey .Values "tls") }}
       {{- if eq .Values.tls.enabled true }}
       - name: cert