fix: OB-41415 send sidecar metrics to observe directly

obs-gh-virjramakrishnan · obs-gh-virjramakrishnan · commit e563a8e9ed20 · 2025-11-12T11:39:00.000-08:00
Customers have been requesting that we support EKS fargate hosted clusters.
To do this, I add a new fargate mode (off my default) that will install an
otel operator, which will use a sidecar container to query metrics from the
pod it is attached to.
diff --git a/charts/agent/Chart.yaml b/charts/agent/Chart.yaml
@@ -40,11 +40,6 @@ dependencies:
     repository: https://open-telemetry.github.io/opentelemetry-helm-charts
     alias: gateway
     condition: gatewayDeployment.enabled
-  - name: opentelemetry-operator
-    version: 0.93.1
-    repository: https://open-telemetry.github.io/opentelemetry-helm-charts
-    alias: fargate-sidecar-injector
-    condition: node.fargateMode
 maintainers:
   - name: Observe
     email: support@observeinc.com
diff --git a/charts/agent/README.md b/charts/agent/README.md
@@ -586,6 +586,7 @@ This service is a *single-instance deployment*. It's critical that this service
 | node.containers.metrics.enabled | bool | `true` |  |
 | node.containers.metrics.interval | string | `"60s"` |  |
 | node.enabled | bool | `true` | Enables the node-logs-metrics agent daemonset for collection of node logs and metrics. The nodes on which metrics and logs are collected can be configured via `affinity` in the `node-logs-metrics` section below. This should be set to false to disable the node-log-metrics daemonset when running in a serverless environment (ex: EKS Fargate). |
+| node.fargateMode | bool | `false` | Enables collection of metrics from EKS Fargate pods. Off by default |
 | node.forwarder.enabled | bool | `true` |  |
 | node.forwarder.logs.enabled | bool | `true` |  |
 | node.forwarder.metrics.convertCumulativeToDelta | bool | `false` | Converts cumulative metrics to delta metrics; all OTel metrics should be sent to Observe with temporality delta for the best experience. |
diff --git a/charts/agent/templates/_kubeletstats-settings.tpl b/charts/agent/templates/_kubeletstats-settings.tpl
@@ -0,0 +1,56 @@
+{{- define "observe.kubeletstats.receiver" -}}
+kubeletstats:
+  collection_interval: {{.Values.node.containers.metrics.interval}}
+  auth_type: 'serviceAccount'
+  endpoint: {{ .endpoint }}
+  node: '${env:K8S_NODE_NAME}'
+  insecure_skip_verify: true
+  k8s_api_config:
+      auth_type: serviceAccount
+  metric_groups:
+    - node
+    - pod
+    - container
+  metrics:
+    # The following metrics are optional and must be enabled manually as per:
+    # https://github.com/open-telemetry/opentelemetry-collector-contrib/blob/main/receiver/kubeletstatsreceiver/documentation.md#optional-metrics
+    container.cpu.usage:
+      enabled: true
+    container.uptime:
+      enabled: true
+    k8s.container.cpu.node.utilization:
+      enabled: true
+    k8s.container.cpu_limit_utilization:
+      enabled: true
+    k8s.container.cpu_request_utilization:
+      enabled: true
+    k8s.container.memory.node.utilization:
+      enabled: true
+    k8s.container.memory_limit_utilization:
+      enabled: true
+    k8s.container.memory_request_utilization:
+      enabled: true
+    k8s.node.cpu.usage:
+      enabled: true
+    k8s.node.uptime:
+      enabled: true
+    k8s.pod.cpu.node.utilization:
+      enabled: true
+    k8s.pod.cpu.usage:
+      enabled: true
+    k8s.pod.cpu_limit_utilization:
+      enabled: true
+    k8s.pod.cpu_request_utilization:
+      enabled: true
+    k8s.pod.memory.node.utilization:
+      enabled: true
+    k8s.pod.memory_limit_utilization:
+      enabled: true
+    k8s.pod.memory_request_utilization:
+      enabled: true
+    k8s.pod.uptime:
+      enabled: true
+  extra_metadata_labels:
+    - container.id
+{{- end }}
+
diff --git a/charts/agent/templates/_kubeletstats-sidecar.tpl b/charts/agent/templates/_kubeletstats-sidecar.tpl
@@ -1,73 +1,38 @@
 {{- define "observe.sidecar.fargateSidecarMetrics.config" -}}
 
-{{- $kubeletstatsExporters := (list "otlphttp" "debug") -}}
-
 receivers:
-  kubeletstats:
-    collection_interval: {{.Values.node.containers.metrics.interval}}
-    auth_type: 'serviceAccount'
-    endpoint: https://kubernetes.default.svc/api/v1/nodes/${env:K8S_NODE_NAME}/proxy
-    node: '${env:K8S_NODE_NAME}'
-    insecure_skip_verify: true
-    k8s_api_config:
-        auth_type: serviceAccount
-    metric_groups:
-      - node 
-      - pod
-      - container
-    metrics:
-      # The following metrics are optional and must be enabled manually as per:
-      # https://github.com/open-telemetry/opentelemetry-collector-contrib/blob/main/receiver/kubeletstatsreceiver/documentation.md#optional-metrics
-      container.cpu.usage:
-        enabled: true
-      container.uptime:
-        enabled: true
-      k8s.container.cpu.node.utilization:
-        enabled: true
-      k8s.container.cpu_limit_utilization:
-        enabled: true
-      k8s.container.cpu_request_utilization:
-        enabled: true
-      k8s.container.memory.node.utilization:
-        enabled: true
-      k8s.container.memory_limit_utilization:
-        enabled: true
-      k8s.container.memory_request_utilization:
-        enabled: true
-      k8s.node.cpu.usage:
-        enabled: true
-      k8s.node.uptime:
-        enabled: true
-      k8s.pod.cpu.node.utilization:
-        enabled: true
-      k8s.pod.cpu.usage:
-        enabled: true
-      k8s.pod.cpu_limit_utilization:
-        enabled: true
-      k8s.pod.cpu_request_utilization:
-        enabled: true
-      k8s.pod.memory.node.utilization:
-        enabled: true
-      k8s.pod.memory_limit_utilization:
-        enabled: true
-      k8s.pod.memory_request_utilization:
-        enabled: true
-      k8s.pod.uptime:
-        enabled: true
-    extra_metadata_labels:
-      - container.id
+{{- include "observe.kubeletstats.receiver" (dict "Values" .Values "endpoint" "https://kubernetes.default.svc/api/v1/nodes/${env:K8S_NODE_NAME}/proxy") | nindent 2 }}
+
+processors:
+
+{{- include "config.processors.memory_limiter" . | nindent 2 }}
+{{- include "config.processors.batch" . | nindent 2 }}
+{{- include "config.processors.resource_detection.cloud" . | nindent 2 }}
+{{- include "config.processors.attributes.k8sattributes" . | nindent 2 }}
+{{- include "config.processors.resource.observe_common" . | nindent 2 }}
+{{- include "config.processors.deltatocumulative" . | nindent 2 }}
+{{- include "config.processors.attributes.add_empty_service_attributes" . | nindent 2 }}
+{{- include "config.processors.metricstransform.duplicate_k8s_cpu_metrics" . | nindent 2 }}
+{{- include "config.processors.attributes.sidecar_kubeletstats_metrics" . | nindent 2 }}
 
 exporters:
-  otlphttp:
-    endpoint: http://observe-agent-forwarder.observe.svc:4318
-  debug:
-    verbosity: detailed
+{{- include "config.exporters.debug" . | nindent 2 }}
+{{- include "config.exporters.prometheusremotewrite" . | nindent 2 }}
+
+{{ $kubeletstatsExporters := (list "prometheusremotewrite/observe") -}}
+
+{{- if eq .Values.agent.config.global.debug.enabled true }}
+  {{- $kubeletstatsExporters = concat $kubeletstatsExporters ( list "debug/override" ) | uniq }}
+{{- end }}
 
 service:
   pipelines:
     {{- if .Values.node.containers.metrics.enabled }}
       metrics/kubeletstats:
-        receivers: [kubeletstats] # should add processors back eventually
+        receivers: [kubeletstats]
+        processors: [memory_limiter, metricstransform/duplicate_k8s_cpu_metrics, k8sattributes, deltatocumulative/observe, batch, resourcedetection/cloud, resource/observe_common, attributes/debug_source_sidecar_kubeletstats_metrics]
         exporters: [{{ join ", " $kubeletstatsExporters }}]
-    {{- end -}}
-{{- end }}
+    {{- else }}
+      {{- fail "node.containers.metrics.enabled must be true for Fargate sidecar - otherwise no telemetry will be collected" }}
+    {{- end }}
+{{- end }}
diff --git a/charts/agent/templates/_node-logs-metrics-config.tpl b/charts/agent/templates/_node-logs-metrics-config.tpl
@@ -70,59 +70,13 @@ receivers:
       network: null
   {{ end -}}
   {{- if .Values.node.containers.metrics.enabled }}
-  kubeletstats:
-    collection_interval: {{.Values.node.containers.metrics.interval}}
-    auth_type: 'serviceAccount'
-    endpoint: {{ if .Values.node.kubeletstats.useNodeIp }}"${env:K8S_NODE_IP}:10250"{{ else }}"${env:K8S_NODE_NAME}:10250"{{ end }}
-    node: '${env:K8S_NODE_NAME}'
-    insecure_skip_verify: true
-    k8s_api_config:
-        auth_type: serviceAccount
-    metric_groups:
-      - node
-      - pod
-      - container
-    metrics:
-      # The following metrics are optional and must be enabled manually as per:
-      # https://github.com/open-telemetry/opentelemetry-collector-contrib/blob/main/receiver/kubeletstatsreceiver/documentation.md#optional-metrics
-      container.cpu.usage:
-        enabled: true
-      container.uptime:
-        enabled: true
-      k8s.container.cpu.node.utilization:
-        enabled: true
-      k8s.container.cpu_limit_utilization:
-        enabled: true
-      k8s.container.cpu_request_utilization:
-        enabled: true
-      k8s.container.memory.node.utilization:
-        enabled: true
-      k8s.container.memory_limit_utilization:
-        enabled: true
-      k8s.container.memory_request_utilization:
-        enabled: true
-      k8s.node.cpu.usage:
-        enabled: true
-      k8s.node.uptime:
-        enabled: true
-      k8s.pod.cpu.node.utilization:
-        enabled: true
-      k8s.pod.cpu.usage:
-        enabled: true
-      k8s.pod.cpu_limit_utilization:
-        enabled: true
-      k8s.pod.cpu_request_utilization:
-        enabled: true
-      k8s.pod.memory.node.utilization:
-        enabled: true
-      k8s.pod.memory_limit_utilization:
-        enabled: true
-      k8s.pod.memory_request_utilization:
-        enabled: true
-      k8s.pod.uptime:
-        enabled: true
-    extra_metadata_labels:
-      - container.id
+  {{- $endpoint := "" }}
+  {{- if .Values.node.kubeletstats.useNodeIp }}
+    {{- $endpoint = "\"${env:K8S_NODE_IP}:10250\"" }}
+  {{- else }}
+    {{- $endpoint = "\"${env:K8S_NODE_NAME}:10250\"" }}
+  {{- end }}
+  {{- include "observe.kubeletstats.receiver" (dict "Values" .Values "endpoint" $endpoint) | nindent 2 }}
   {{ end -}}
   {{- if .Values.node.containers.logs.enabled }}
   filelog:
diff --git a/charts/agent/templates/kubeletstats-sidecar.yaml b/charts/agent/templates/kubeletstats-sidecar.yaml
@@ -1,15 +1,27 @@
-{{- if .Values.node.fargateSidecar.enabled }}
+{{- if .Values.node.fargateMode }}
 apiVersion: opentelemetry.io/v1beta1
 kind: OpenTelemetryCollector
 metadata:
   name: fargate-sidecar-metrics
 spec:
   mode: sidecar
+  image: "ghcr.io/open-telemetry/opentelemetry-collector-releases/opentelemetry-collector-contrib:latest"
   env:
     - name: K8S_NODE_NAME
       valueFrom:
         fieldRef:
           fieldPath: spec.nodeName
+    - name: OBSERVE_CLUSTER_NAME
+      value: "{{ .Values.cluster.name }}"
+    - name: OBSERVE_CLUSTER_UID
+      valueFrom:
+        configMapKeyRef:
+          name: cluster-info
+          key: id
+    - name: OBSERVE_PROMETHEUS_ENDPOINT
+      value: "{{ .Values.observe.collectionEndpoint.value }}v1/prometheus"
+    - name: OBSERVE_AUTHORIZATION_HEADER
+      value: "Bearer {{ .Values.observe.token.value }}"
   config:
     {{- include "observe.sidecar.applyFargateSidecarMetricsConfig" . | nindent 4 }}
   initContainers:
diff --git a/charts/agent/values.yaml b/charts/agent/values.yaml
@@ -47,7 +47,8 @@ node:
   # -- Enables the node-logs-metrics agent daemonset for collection of node logs and metrics.
   # The nodes on which metrics and logs are collected can be configured via `affinity` in the `node-logs-metrics` section below.
   # This should be set to false to disable the node-log-metrics daemonset when running in a serverless environment (ex: EKS Fargate).
-  enabled: false
+  enabled: true
+  # -- Enables collection of metrics from EKS Fargate pods. Off by default
   fargateMode: false
   # collects host level metrics from node
   metrics:
@@ -101,7 +102,6 @@ node:
     # this resolves issues similar to https://github.com/open-telemetry/opentelemetry-collector-contrib/issues/26481#issuecomment-1720797914 for `no such host` or `connection refused`.
     useNodeIp: false
   forwarder:
-    mode: deployment
     enabled: true
     traces:
       enabled: true
@@ -254,10 +254,6 @@ agent:
     #       exporters:
     #         - otlphttp/extra
     #         - otlphttp/observe/forward/trace
-    
-    # -- Additional OTel collector config for fargate-sidecar-metrics custom resource
-    fargateSidecarMetrics:
-    # Put any OTel config overrides here.
 
     # -- Additional OTel collector config for gateway deployment
     gateway:
@@ -1020,7 +1016,7 @@ monitor:
 forwarder:
   # -- The forwarder is run as a daemonset by default, but can be run as a deployment by setting mode to "deployment". Deployment mode
   # must be used when running in a serverless environment (ex: EKS Fargate) where daemonsets are not supported.
-  mode: deployment
+  mode: daemonset
 
   # -- The `replicaCount` is only used when `mode` is set to "deployment". It is ignored when `mode` is set to "daemonset".
   # In deployment mode, this sets the number of replicas (ie the number of forwarder pods to run).
@@ -1330,27 +1326,3 @@ gateway:
     - name: observe-agent-deployment-config
       mountPath: /observe-agent-conf
   # ----------------------------------------- #
-image:
-  repository: "otel/opentelemetry-collector-k8s"
-
-
-fargate-sidecar-injector:
-
-  # -- This is an otel operator that will inject a sidecar container into all pods in the cluster. This is only needed when running 
-  # in a serverless environment (ex: EKS Fargate) where daemonsets are not supported.
-
-  replicaCount: 1
-
-  # ----------------------------------------- #
-  # Different for each deployment/daemonset #
-  nameOverride: "fargate-sidecar-injector"
-  # !!! IMPORTANT !!! This needs to have same value as namespaceOverride in cluster above
-  namespaceOverride: "observe"
-  # for now, use defaults for the rest of the values
-  # ----------------------------------------- #
-  manager:
-    collectorImage:
-      repository: observeinc/observe-agent
-      tag: 2.8.1
-
-
diff --git a/cluster_role.yaml b/cluster_role.yaml
diff --git a/forwarder-deploy.yaml b/forwarder-deploy.yaml
diff --git a/operator-values.yaml b/operator-values.yaml
