-
Notifications
You must be signed in to change notification settings - Fork 197
feat: contribute aws eks resource detector #1479
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Open
yiyuan-he
wants to merge
4
commits into
open-telemetry:main
Choose a base branch
from
yiyuan-he:contribute-eks-resource-detector
base: main
Could not load branches
Branch not found: {{ refName }}
Loading
Could not load tags
Nothing to show
Loading
Are you sure you want to change the base?
Some commits from the old base branch may be removed from the timeline,
and old review comments may become outdated.
Open
Changes from all commits
Commits
Show all changes
4 commits
Select commit
Hold shift + click to select a range
eacac6a
feat: contribute aws eks resource detector
yiyuan-he 72cc169
Merge branch 'main' into contribute-eks-resource-detector
yiyuan-he f478585
Merge branch 'main' into contribute-eks-resource-detector
yiyuan-he 0f0a7cb
cleanup unnecessary handling for POST case
yiyuan-he File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
174 changes: 174 additions & 0 deletions
174
resources/aws/lib/opentelemetry/resource/detector/aws/eks.rb
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,174 @@ | ||
# frozen_string_literal: true | ||
|
||
# Copyright The OpenTelemetry Authors | ||
# | ||
# SPDX-License-Identifier: Apache-2.0 | ||
|
||
require 'net/http' | ||
require 'json' | ||
require 'openssl' | ||
require 'uri' | ||
require 'opentelemetry/common' | ||
require 'opentelemetry/semantic_conventions/resource' | ||
|
||
module OpenTelemetry | ||
module Resource | ||
module Detector | ||
module AWS | ||
# EKS contains detect class method for determining EKS resource attributes | ||
module EKS | ||
extend self | ||
|
||
# Container ID length from cgroup file | ||
CONTAINER_ID_LENGTH = 64 | ||
|
||
# HTTP request timeout in seconds | ||
HTTP_TIMEOUT = 5 | ||
|
||
# Kubernetes token and certificate paths | ||
TOKEN_PATH = '/var/run/secrets/kubernetes.io/serviceaccount/token' | ||
CERT_PATH = '/var/run/secrets/kubernetes.io/serviceaccount/ca.crt' | ||
|
||
# Kubernetes API paths | ||
AWS_AUTH_PATH = '/api/v1/namespaces/kube-system/configmaps/aws-auth' | ||
CLUSTER_INFO_PATH = '/api/v1/namespaces/amazon-cloudwatch/configmaps/cluster-info' | ||
|
||
# Create a constant for resource semantic conventions | ||
RESOURCE = OpenTelemetry::SemanticConventions::Resource | ||
|
||
def detect | ||
# Return empty resource if not running on K8s | ||
return OpenTelemetry::SDK::Resources::Resource.create({}) unless k8s? | ||
|
||
resource_attributes = {} | ||
|
||
begin | ||
# Get K8s credentials | ||
cred_value = k8s_cred_value | ||
|
||
# Verify this is an EKS cluster | ||
unless eks?(cred_value) | ||
OpenTelemetry.logger.debug('Could not confirm process is running on EKS') | ||
return OpenTelemetry::SDK::Resources::Resource.create({}) | ||
end | ||
|
||
# Get cluster name and container ID | ||
cluster_name_val = cluster_name(cred_value) | ||
container_id_val = container_id | ||
|
||
if container_id_val.empty? && cluster_name_val.empty? | ||
OpenTelemetry.logger.debug('Neither cluster name nor container ID found on EKS process') | ||
return OpenTelemetry::SDK::Resources::Resource.create({}) | ||
end | ||
|
||
# Set resource attributes | ||
resource_attributes[RESOURCE::CLOUD_PROVIDER] = 'aws' | ||
resource_attributes[RESOURCE::CLOUD_PLATFORM] = 'aws_eks' | ||
resource_attributes[RESOURCE::K8S_CLUSTER_NAME] = cluster_name_val unless cluster_name_val.empty? | ||
resource_attributes[RESOURCE::CONTAINER_ID] = container_id_val unless container_id_val.empty? | ||
rescue StandardError => e | ||
OpenTelemetry.logger.debug("EKS resource detection failed: #{e.message}") | ||
return OpenTelemetry::SDK::Resources::Resource.create({}) | ||
end | ||
|
||
resource_attributes.delete_if { |_key, value| value.nil? || value.empty? } | ||
OpenTelemetry::SDK::Resources::Resource.create(resource_attributes) | ||
end | ||
|
||
private | ||
|
||
# Check if running on K8s | ||
# | ||
# @return [Boolean] true if running on K8s | ||
def k8s? | ||
File.exist?(TOKEN_PATH) && File.exist?(CERT_PATH) | ||
end | ||
|
||
# Get K8s token | ||
# | ||
# @return [String] K8s token | ||
# @raise [StandardError] if token could not be read | ||
def k8s_cred_value | ||
token = File.read(TOKEN_PATH).strip | ||
"Bearer #{token}" | ||
rescue StandardError => e | ||
OpenTelemetry.logger.debug("Failed to get k8s token: #{e.message}") | ||
raise e | ||
end | ||
|
||
# Check if running on EKS | ||
# | ||
# @param cred_value [String] K8s credentials | ||
# @return [Boolean] true if running on EKS | ||
def eks?(cred_value) | ||
# Just try to to access the aws-auth configmap | ||
# If it exists and we can access it, we're on EKS | ||
aws_http_request(AWS_AUTH_PATH, cred_value) | ||
true | ||
rescue StandardError | ||
false | ||
end | ||
|
||
# Get EKS cluster name | ||
# | ||
# @param cred_value [String] K8s credentials | ||
# @return [String] Cluster name or empty string if not found | ||
def cluster_name(cred_value) | ||
begin | ||
response = aws_http_request(CLUSTER_INFO_PATH, cred_value) | ||
cluster_info = JSON.parse(response) | ||
return cluster_info['data']['cluster.name'] if cluster_info['data'] && cluster_info['data']['cluster.name'] | ||
rescue StandardError => e | ||
OpenTelemetry.logger.debug("Cannot get cluster name on EKS: #{e.message}") | ||
end | ||
'' | ||
end | ||
|
||
# Get container ID from cgroup file | ||
# | ||
# @return [String] Container ID or empty string if not found | ||
def container_id | ||
begin | ||
File.open('/proc/self/cgroup', 'r') do |file| | ||
file.each_line do |line| | ||
line = line.strip | ||
# Look for container ID (64 chars) at the end of the line | ||
return line[-CONTAINER_ID_LENGTH..-1] if line.length > CONTAINER_ID_LENGTH | ||
end | ||
end | ||
rescue StandardError => e | ||
OpenTelemetry.logger.debug("Failed to get container ID on EKS: #{e.message}") | ||
end | ||
'' | ||
end | ||
|
||
# Make HTTP GET request to K8s API | ||
# | ||
# @param path [String] API path | ||
# @param cred_value [String] Authorization header value | ||
# @return [String] Response body | ||
# @raise [StandardError] if request fails | ||
def aws_http_request(path, cred_value) | ||
uri = URI.parse("https://kubernetes.default.svc#{path}") | ||
http = Net::HTTP.new(uri.host, uri.port) | ||
http.use_ssl = true | ||
http.verify_mode = OpenSSL::SSL::VERIFY_PEER | ||
http.ca_file = CERT_PATH | ||
http.open_timeout = HTTP_TIMEOUT | ||
http.read_timeout = HTTP_TIMEOUT | ||
|
||
request = Net::HTTP::Get.new(uri) | ||
request['Authorization'] = cred_value | ||
|
||
OpenTelemetry::Common::Utilities.untraced do | ||
response = http.request(request) | ||
raise "HTTP request failed with status #{response.code}" unless response.is_a?(Net::HTTPSuccess) | ||
|
||
response.body | ||
end | ||
end | ||
end | ||
end | ||
end | ||
end | ||
end |
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Uh oh!
There was an error while loading. Please reload this page.