Skip to content

feat(PVO11Y-4928): Implement Otel sidecar for Konflux UI #8365

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 13 commits into from
Oct 8, 2025
Merged

feat(PVO11Y-4928): Implement Otel sidecar for Konflux UI #8365

Show file tree
Hide file tree
Changes from 7 commits
Commits
Show all changes
13 commits
Select commit Hold shift + click to select a range
8e93cea
feat(KONFLUX-5285): Implement Otel sidecar for Konflux UI
martysp21 Sep 29, 2025
0586584
Fix: Correct configuration location in the command section
martysp21 Sep 30, 2025
2f817a4
Merge branch 'redhat-appstudio:main' into Otel_Sidecar_Konflux_ui_stage
martysp21 Oct 2, 2025
793ba87
Merge branch 'main' into Otel_Sidecar_Konflux_ui_stage
TominoFTW Oct 3, 2025
a959490
Update security context to run as non root
martysp21 Oct 3, 2025
e15962f
Update resource limit and request
martysp21 Oct 3, 2025
6968bbf
Change used image. Apply truncation of logs by otel.
martysp21 Oct 6, 2025
6922f75
Change used image tag to a specific one
martysp21 Oct 6, 2025
9944313
Correct logs mount in otel. Add Config mounting in kustomization.
martysp21 Oct 7, 2025
91f20b1
R Renamed the conf to config for consistency.
martysp21 Oct 7, 2025
e904882
Merge branch 'main' into Otel_Sidecar_Konflux_ui_stage
raks-tt Oct 7, 2025
6000f1a
Fix file reference in kustomization.
martysp21 Oct 8, 2025
0530f8f
Merge branch 'main' into Otel_Sidecar_Konflux_ui_stage
martysp21 Oct 8, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 3 additions & 0 deletions components/konflux-ui/staging/base/proxy/nginx.conf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,9 @@ http {
access_log /dev/stderr upstreamlog;
error_log /dev/stderr;

log_format combined_custom '$remote_addr - $remote_user [$time_local] "$request" $status $body_bytes_sent "$http_referer" "$http_user_agent"';
access_log /var/log/nginx/access.log combined_custom;

sendfile on;
tcp_nopush on;
tcp_nodelay on;
Expand Down
43 changes: 43 additions & 0 deletions components/konflux-ui/staging/base/proxy/otel-collector-conf.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,43 @@
receivers:
filelog/nginx:
include:
- /var/log/nginx/access.log
start_at: beginning
max_log_size: 100MiB
operators:
- type: regex_parser
regex: '^(?P<remote_addr>[^ ]*) - (?P<remote_user>[^ ]*) \[(?P<time_local>[^\]]*)\] "(?P<method>[^ ]*) (?P<path>[^ ]*) (?P<protocol>[^"]*)" (?P<status>\d+) (?P<body_bytes_sent>\d+) "(?P<http_referer>[^"]*)" "(?P<http_user_agent>[^"]*)"$'
processors:
transform/status_to_int:
log_statements:
- context: log
statements:
- set(attributes["status_int"], Int(attributes["status"]))

exporters:
prometheus:
endpoint: "0.0.0.0:8889"

connectors:
count:
logs:
nginx_otel_http_request_errors:
description: HTTP 4xx and 5xx errors from NGINX
conditions:
- 'attributes["status_int"] >= 400 and attributes["status_int"] < 600'
attributes:
- key: method
value: attributes["method"]
- key: status
value: attributes["status"]

service:
pipelines:
logs:
receivers: [filelog/nginx]
processors: [transform/status_to_int]
exporters: [count]
metrics:
receivers: [count]
processors: []
exporters: [prometheus]
59 changes: 59 additions & 0 deletions components/konflux-ui/staging/base/proxy/proxy.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -150,6 +150,42 @@ spec:
readOnlyRootFilesystem: true
runAsNonRoot: true
runAsUser: 1001
- image: quay.io/factory2/otel-collector-sp/otel-binary-image:latest
name: otel-collector
command: ["/usr/local/bin/otel-collector-sp", "--config", "/conf/otel-collector-config.yaml"]
ports:
- containerPort: 8889
name: otel-metrics
volumeMounts:
- name: nginx-logs
mountPath: /var/log/nginx
- mountPath: /conf/otel-collector-config.yaml
subPath: otel-collector-config.yaml
name: otel-collector-config
readOnly: true
readinessProbe:
httpGet:
path: /
port: 8889
initialDelaySeconds: 5
periodSeconds: 5
livenessProbe:
httpGet:
path: /
port: 8889
initialDelaySeconds: 30
periodSeconds: 60
securityContext:
readOnlyRootFilesystem: true
runAsNonRoot: true
runAsUser: 1001
resources:
limits:
cpu: 150m
memory: 256Mi
requests:
cpu: 50m
memory: 128Mi
- image: quay.io/oauth2-proxy/oauth2-proxy@sha256:3da33b9670c67bd782277f99acadf7026f75b9507bfba2088eb2d497266ef7fc
name: oauth2-proxy
env:
Expand Down Expand Up @@ -212,6 +248,13 @@ spec:
secretName: proxy
- name: static-content
emptyDir: {}
- configMap:
defaultMode: 420
name: otel-collector-config
items:
- key: otel-collector-conf.yaml
path: otel-collector-config.yaml
name: otel-collector-config
---
apiVersion: v1
kind: Service
Expand All @@ -234,6 +277,10 @@ spec:
port: 9443
protocol: TCP
targetPort: web-tls
- name: otel-metrics
protocol: TCP
port: 8889
targetPort: 8889
selector:
app: proxy
---
Expand Down Expand Up @@ -300,3 +347,15 @@ subjects:
- kind: ServiceAccount
name: proxy
namespace: konflux-ui
---
apiVersion: monitoring.coreos.com/v1
kind: ServiceMonitor
metadata:
name: nginx-proxy-monitor
spec:
selector:
matchLabels:
app: nginx-proxy
endpoints:
- port: otel-metrics
interval: 15s
Loading