feat: Consistent labelling (#1793)

kyma-project · Feb 5, 2025 · 6854520 · 6854520
1 parent f6384aa
commit 6854520
Show file tree

Hide file tree

Showing 31 changed files with 492 additions and 178 deletions.
diff --git a/config/busola/logpipeline_busola_extension_cm.yaml b/config/busola/logpipeline_busola_extension_cm.yaml
@@ -3,7 +3,6 @@ apiVersion: v1
 kind: ConfigMap
 metadata:
   labels:
-    app.kubernetes.io/name: telemetry-logpipelines
     busola.io/extension: resource
     busola.io/extension-version: "0.5"
   name: logpipelines

diff --git a/config/busola/metricpipeline_busola_extension_cm.yaml b/config/busola/metricpipeline_busola_extension_cm.yaml
@@ -3,7 +3,6 @@ apiVersion: v1
 kind: ConfigMap
 metadata:
   labels:
-    app.kubernetes.io/name: telemetry-metricpipelines
     busola.io/extension: resource
     busola.io/extension-version: "0.5"
   name: metricpipelines

diff --git a/config/busola/telemetry_busola_extension_cm.yaml b/config/busola/telemetry_busola_extension_cm.yaml
@@ -3,7 +3,6 @@ apiVersion: v1
 kind: ConfigMap
 metadata:
   labels:
-    app.kubernetes.io/name: telemetry-module
     busola.io/extension: resource
     busola.io/extension-version: "0.5"
   name: module

diff --git a/config/busola/tracepipeline_busola_extension_cm.yaml b/config/busola/tracepipeline_busola_extension_cm.yaml
@@ -3,7 +3,6 @@ apiVersion: v1
 kind: ConfigMap
 metadata:
   labels:
-    app.kubernetes.io/name: telemetry-tracepipelines
     busola.io/extension: resource
     busola.io/extension-version: "0.5"
   name: tracepipelines

diff --git a/config/default/kustomization.yaml b/config/default/kustomization.yaml
@@ -13,12 +13,12 @@ namePrefix: telemetry-
 labels:
 - includeSelectors: false
   pairs:
-    control-plane: telemetry-manager
-    app.kubernetes.io/component: telemetry
-    app.kubernetes.io/part-of: kyma
+    kyma-project.io/module: telemetry
+    app.kubernetes.io/part-of: telemetry
     app.kubernetes.io/name: telemetry-manager
-    app.kubernetes.io/instance: telemetry-manager
-    app.kubernetes.io/managed-by: kustomize
+    app.kubernetes.io/component: controller
+    app.kubernetes.io/managed-by: kyma
+
 resources:
 - ../crd
 - ../rbac

diff --git a/config/development/kustomization.yaml b/config/development/kustomization.yaml
@@ -13,12 +13,11 @@ namePrefix: telemetry-
 labels:
 - includeSelectors: false
   pairs:
-    control-plane: telemetry-manager
-    app.kubernetes.io/component: telemetry
-    app.kubernetes.io/part-of: kyma
+    kyma-project.io/module: telemetry
+    app.kubernetes.io/part-of: telemetry
     app.kubernetes.io/name: telemetry-manager
-    app.kubernetes.io/instance: telemetry-manager
-    app.kubernetes.io/managed-by: kustomize
+    app.kubernetes.io/component: controller
+    app.kubernetes.io/managed-by: kyma
 
 patches:
 - patch: |-

diff --git a/config/samples/operator_v1alpha1_telemetry.yaml b/config/samples/operator_v1alpha1_telemetry.yaml
@@ -2,11 +2,5 @@
 apiVersion: operator.kyma-project.io/v1alpha1
 kind: Telemetry
 metadata:
-  labels:
-    app.kubernetes.io/name: telemetry
-    app.kubernetes.io/instance: default
-    app.kubernetes.io/part-of: telemetry-manager
-    app.kubernetes.io/managed-by: kustomize
-    app.kubernetes.io/created-by: telemetry-manager
   name: default
 
diff --git a/internal/reconciler/logparser/sync.go b/internal/reconciler/logparser/sync.go
@@ -9,6 +9,7 @@ import (
 
 	telemetryv1alpha1 "github.com/kyma-project/telemetry-manager/apis/telemetry/v1alpha1"
 	"github.com/kyma-project/telemetry-manager/internal/fluentbit/config/builder"
+	"github.com/kyma-project/telemetry-manager/internal/resources/fluentbit"
 	k8sutils "github.com/kyma-project/telemetry-manager/internal/utils/k8s"
 )
 
@@ -20,7 +21,7 @@ type syncer struct {
 }
 
 func (s *syncer) syncFluentBitConfig(ctx context.Context) error {
-	cm, err := k8sutils.GetOrCreateConfigMap(ctx, s, s.config.ParsersConfigMap)
+	cm, err := k8sutils.GetOrCreateConfigMap(ctx, s, s.config.ParsersConfigMap, fluentbit.Labels())
 	if err != nil {
 		return fmt.Errorf("unable to get parsers configmap: %w", err)
 	}

diff --git a/internal/reconciler/logpipeline/fluentbit/reconciler.go b/internal/reconciler/logpipeline/fluentbit/reconciler.go
@@ -217,7 +217,7 @@ func (r *Reconciler) createOrUpdateFluentBitResources(ctx context.Context, pipel
 		allowedPorts = append(allowedPorts, ports.IstioEnvoy)
 	}
 
-	networkPolicy := commonresources.MakeNetworkPolicy(r.config.DaemonSet, allowedPorts, fluentbit.Labels())
+	networkPolicy := commonresources.MakeNetworkPolicy(r.config.DaemonSet, allowedPorts, fluentbit.Labels(), fluentbit.SelectorLabels())
 	if err := k8sutils.CreateOrUpdateNetworkPolicy(ctx, ownerRefSetter, networkPolicy); err != nil {
 		return fmt.Errorf("failed to create fluent bit network policy: %w", err)
 	}

diff --git a/internal/reconciler/logpipeline/fluentbit/sync.go b/internal/reconciler/logpipeline/fluentbit/sync.go
@@ -14,6 +14,7 @@ import (
 
 	telemetryv1alpha1 "github.com/kyma-project/telemetry-manager/apis/telemetry/v1alpha1"
 	"github.com/kyma-project/telemetry-manager/internal/fluentbit/config/builder"
+	"github.com/kyma-project/telemetry-manager/internal/resources/fluentbit"
 	k8sutils "github.com/kyma-project/telemetry-manager/internal/utils/k8s"
 	logpipelineutils "github.com/kyma-project/telemetry-manager/internal/utils/logpipeline"
 	sharedtypesutils "github.com/kyma-project/telemetry-manager/internal/utils/sharedtypes"
@@ -61,7 +62,7 @@ func (s *syncer) syncFluentBitConfig(ctx context.Context, pipeline *telemetryv1a
 }
 
 func (s *syncer) syncSectionsConfigMap(ctx context.Context, pipeline *telemetryv1alpha1.LogPipeline, deployablePipelines []telemetryv1alpha1.LogPipeline) error {
-	cm, err := k8sutils.GetOrCreateConfigMap(ctx, s, s.config.SectionsConfigMap)
+	cm, err := k8sutils.GetOrCreateConfigMap(ctx, s, s.config.SectionsConfigMap, fluentbit.Labels())
 	if err != nil {
 		return fmt.Errorf("unable to get section configmap: %w", err)
 	}
@@ -100,7 +101,7 @@ func (s *syncer) syncSectionsConfigMap(ctx context.Context, pipeline *telemetryv
 }
 
 func (s *syncer) syncFilesConfigMap(ctx context.Context, pipeline *telemetryv1alpha1.LogPipeline) error {
-	cm, err := k8sutils.GetOrCreateConfigMap(ctx, s, s.config.FilesConfigMap)
+	cm, err := k8sutils.GetOrCreateConfigMap(ctx, s, s.config.FilesConfigMap, fluentbit.Labels())
 	if err != nil {
 		return fmt.Errorf("unable to get files configmap: %w", err)
 	}
@@ -132,7 +133,7 @@ func (s *syncer) syncFilesConfigMap(ctx context.Context, pipeline *telemetryv1al
 
 // Copies HTTP-specific attributes and user-provided variables to a secret that is later used for providing environment variables to the Fluent Bit configuration.
 func (s *syncer) syncEnvConfigSecret(ctx context.Context, logPipelines []telemetryv1alpha1.LogPipeline) error {
-	oldSecret, err := k8sutils.GetOrCreateSecret(ctx, s, s.config.EnvConfigSecret)
+	oldSecret, err := k8sutils.GetOrCreateSecret(ctx, s, s.config.EnvConfigSecret, fluentbit.Labels())
 	if err != nil {
 		return fmt.Errorf("unable to get env secret: %w", err)
 	}
@@ -199,7 +200,7 @@ func (s *syncer) copyConfigSecretData(ctx context.Context, prefix string, value
 // Copies TLS-specific attributes to a secret, that is later mounted as a file, and used in the Fluent Bit configuration
 // (since PEM-encoded strings exceed the maximum allowed length of environment variables on some Linux machines).
 func (s *syncer) syncTLSFileConfigSecret(ctx context.Context, logPipelines []telemetryv1alpha1.LogPipeline) error {
-	oldSecret, err := k8sutils.GetOrCreateSecret(ctx, s, s.config.TLSFileConfigSecret)
+	oldSecret, err := k8sutils.GetOrCreateSecret(ctx, s, s.config.TLSFileConfigSecret, fluentbit.Labels())
 	if err != nil {
 		return fmt.Errorf("unable to get tls config secret: %w", err)
 	}

diff --git a/internal/resources/common/annotations.go b/internal/resources/common/annotations.go
@@ -0,0 +1,18 @@
+package common
+
+const (
+	AnnotationKeyChecksumConfig = "checksum/config"
+
+	AnnotationKeyIstioExcludeInboundPorts      = "traffic.sidecar.istio.io/excludeInboundPorts"
+	AnnotationKeyIstioIncludeOutboundPorts     = "traffic.sidecar.istio.io/includeOutboundPorts"
+	AnnotationKeyIstioIncludeOutboundIPRanges  = "traffic.sidecar.istio.io/includeOutboundIPRanges"
+	AnnotationKeyIstioUserVolumeMount          = "sidecar.istio.io/userVolumeMount"
+	AnnotationKeyIstioInterceptionMode         = "sidecar.istio.io/interceptionMode"
+	AnnotationValueIstioInterceptionModeTProxy = "TPROXY"
+	AnnotationKeyIstioProxyConfig              = "proxy.istio.io/config"
+
+	AnnotationKeyPrometheusScrape = "prometheus.io/scrape"
+	AnnotationKeyPrometheusPort   = "prometheus.io/port"
+	AnnotationKeyPrometheusScheme = "prometheus.io/scheme"
+	AnnotationKeyPrometheusPath   = "prometheus.io/path"
+)
diff --git a/internal/resources/common/labels.go b/internal/resources/common/labels.go
@@ -1,11 +1,49 @@
 package common
 
 const (
-	nameLabelKey = "app.kubernetes.io/name"
+	LabelKeyKymaModule   = "kyma-project.io/module"
+	LabelValueKymaModule = "telemetry"
+
+	LabelKeyK8sName                  = "app.kubernetes.io/name"
+	LabelKeyK8sPartOf                = "app.kubernetes.io/part-of"
+	LabelValueK8sPartOf              = "telemetry"
+	LabelKeyK8sManagedBy             = "app.kubernetes.io/managed-by"
+	LabelValueK8sManagedBy           = "telemetry-manager"
+	LabelKeyK8sComponent             = "app.kubernetes.io/component"
+	LabelValueK8sComponentController = "controller"
+	LabelValueK8sComponentAgent      = "agent"
+	LabelValueK8sComponentGateway    = "gateway"
+	LabelValueK8sComponentMonitor    = "monitor"
+	LabelKeyK8sInstance              = "app.kubernetes.io/instance"
+	LabelValueK8sInstance            = "telemetry"
+	LabelKeyK8sHostname              = "kubernetes.io/hostname"
+	LabelKeyK8sZone                  = "topology.kubernetes.io/zone"
+
+	LabelKeyIstioInject = "sidecar.istio.io/inject"
+
+	LabelKeyTelemetryLogIngest     = "telemetry.kyma-project.io/log-ingest"
+	LabelKeyTelemetryLogExport     = "telemetry.kyma-project.io/log-export"
+	LabelKeyTelemetryTraceIngest   = "telemetry.kyma-project.io/trace-ingest"
+	LabelKeyTelemetryTraceExport   = "telemetry.kyma-project.io/trace-export"
+	LabelKeyTelemetryMetricIngest  = "telemetry.kyma-project.io/metric-ingest"
+	LabelKeyTelemetryMetricExport  = "telemetry.kyma-project.io/metric-export"
+	LabelKeyTelemetryMetricScrape  = "telemetry.kyma-project.io/metric-scrape"
+	LabelKeyTelemetrySelfMonitor   = "telemetry.kyma-project.io/self-monitor"
+	LabelValueTelemetrySelfMonitor = "enabled"
 )
 
-func MakeDefaultLabels(baseName string) map[string]string {
+func MakeDefaultLabels(baseName string, componentLabelValue string) map[string]string {
+	return map[string]string{
+		LabelKeyK8sName:      baseName,
+		LabelKeyKymaModule:   LabelValueKymaModule,
+		LabelKeyK8sPartOf:    LabelValueK8sPartOf,
+		LabelKeyK8sManagedBy: LabelValueK8sManagedBy,
+		LabelKeyK8sComponent: componentLabelValue,
+	}
+}
+
+func MakeDefaultSelectorLabels(baseName string) map[string]string {
 	return map[string]string{
-		nameLabelKey: baseName,
+		LabelKeyK8sName: baseName,
 	}
 }
diff --git a/internal/resources/common/resources.go b/internal/resources/common/resources.go
@@ -42,7 +42,7 @@ func MakeClusterRoleBinding(name types.NamespacedName) *rbacv1.ClusterRoleBindin
 	return &clusterRoleBinding
 }
 
-func MakeNetworkPolicy(name types.NamespacedName, allowedPorts []int32, labels map[string]string) *networkingv1.NetworkPolicy {
+func MakeNetworkPolicy(name types.NamespacedName, allowedPorts []int32, labels map[string]string, selectorLabels map[string]string) *networkingv1.NetworkPolicy {
 	return &networkingv1.NetworkPolicy{
 		ObjectMeta: metav1.ObjectMeta{
 			Name:      name.Name,
@@ -51,7 +51,7 @@ func MakeNetworkPolicy(name types.NamespacedName, allowedPorts []int32, labels m
 		},
 		Spec: networkingv1.NetworkPolicySpec{
 			PodSelector: metav1.LabelSelector{
-				MatchLabels: labels,
+				MatchLabels: selectorLabels,
 			},
 			PolicyTypes: []networkingv1.PolicyType{
 				networkingv1.PolicyTypeIngress,

diff --git a/internal/resources/fluentbit/resources.go b/internal/resources/fluentbit/resources.go
@@ -15,12 +15,9 @@ import (
 	"k8s.io/utils/ptr"
 
 	"github.com/kyma-project/telemetry-manager/internal/fluentbit/ports"
+	commonresources "github.com/kyma-project/telemetry-manager/internal/resources/common"
 )
 
-const checksumAnnotationKey = "checksum/logpipeline-config"
-const istioExcludeInboundPorts = "traffic.sidecar.istio.io/excludeInboundPorts"
-const fluentbitExportSelector = "telemetry.kyma-project.io/log-export"
-
 type DaemonSetConfig struct {
 	FluentBitImage              string
 	FluentBitConfigPrepperImage string
@@ -54,12 +51,12 @@ func MakeDaemonSet(name types.NamespacedName, checksum string, dsConfig DaemonSe
 	}
 
 	annotations := make(map[string]string)
-	annotations[checksumAnnotationKey] = checksum
-	annotations[istioExcludeInboundPorts] = fmt.Sprintf("%v,%v", ports.HTTP, ports.ExporterMetrics)
+	annotations[commonresources.AnnotationKeyChecksumConfig] = checksum
+	annotations[commonresources.AnnotationKeyIstioExcludeInboundPorts] = fmt.Sprintf("%v,%v", ports.HTTP, ports.ExporterMetrics)
 
 	podLabels := Labels()
-	podLabels["sidecar.istio.io/inject"] = "true"
-	podLabels[fluentbitExportSelector] = "true"
+	podLabels[commonresources.LabelKeyIstioInject] = "true"
+	podLabels[commonresources.LabelKeyTelemetryLogExport] = "true"
 
 	return &appsv1.DaemonSet{
 		TypeMeta: metav1.TypeMeta{},
@@ -70,7 +67,7 @@ func MakeDaemonSet(name types.NamespacedName, checksum string, dsConfig DaemonSe
 		},
 		Spec: appsv1.DaemonSetSpec{
 			Selector: &metav1.LabelSelector{
-				MatchLabels: Labels(),
+				MatchLabels: SelectorLabels(),
 			},
 			Template: corev1.PodTemplateSpec{
 				ObjectMeta: metav1.ObjectMeta{
@@ -254,6 +251,7 @@ func MakeClusterRole(name types.NamespacedName) *rbacv1.ClusterRole {
 		ObjectMeta: metav1.ObjectMeta{
 			Name:      name.Name,
 			Namespace: name.Namespace,
+			Labels:    Labels(),
 		},
 		Rules: []rbacv1.PolicyRule{
 			{
@@ -269,18 +267,18 @@ func MakeClusterRole(name types.NamespacedName) *rbacv1.ClusterRole {
 
 func MakeMetricsService(name types.NamespacedName) *corev1.Service {
 	serviceLabels := Labels()
-	serviceLabels["telemetry.kyma-project.io/self-monitor"] = "enabled"
+	serviceLabels[commonresources.LabelKeyTelemetrySelfMonitor] = commonresources.LabelValueTelemetrySelfMonitor
 
 	return &corev1.Service{
 		ObjectMeta: metav1.ObjectMeta{
 			Name:      fmt.Sprintf("%s-metrics", name.Name),
 			Namespace: name.Namespace,
 			Labels:    serviceLabels,
 			Annotations: map[string]string{
-				"prometheus.io/scrape": "true",
-				"prometheus.io/port":   strconv.Itoa(ports.HTTP),
-				"prometheus.io/scheme": "http",
-				"prometheus.io/path":   "/api/v2/metrics/prometheus",
+				commonresources.AnnotationKeyPrometheusScrape: "true",
+				commonresources.AnnotationKeyPrometheusPort:   strconv.Itoa(ports.HTTP),
+				commonresources.AnnotationKeyPrometheusScheme: "http",
+				commonresources.AnnotationKeyPrometheusPath:   "/api/v2/metrics/prometheus",
 			},
 		},
 		Spec: corev1.ServiceSpec{
@@ -292,25 +290,25 @@ func MakeMetricsService(name types.NamespacedName) *corev1.Service {
 					TargetPort: intstr.FromString("http"),
 				},
 			},
-			Selector: Labels(),
+			Selector: SelectorLabels(),
 			Type:     corev1.ServiceTypeClusterIP,
 		},
 	}
 }
 
 func MakeExporterMetricsService(name types.NamespacedName) *corev1.Service {
 	serviceLabels := Labels()
-	serviceLabels["telemetry.kyma-project.io/self-monitor"] = "enabled"
+	serviceLabels[commonresources.LabelKeyTelemetrySelfMonitor] = commonresources.LabelValueTelemetrySelfMonitor
 
 	return &corev1.Service{
 		ObjectMeta: metav1.ObjectMeta{
 			Name:      fmt.Sprintf("%s-exporter-metrics", name.Name),
 			Namespace: name.Namespace,
 			Labels:    serviceLabels,
 			Annotations: map[string]string{
-				"prometheus.io/scrape": "true",
-				"prometheus.io/port":   strconv.Itoa(ports.ExporterMetrics),
-				"prometheus.io/scheme": "http",
+				commonresources.AnnotationKeyPrometheusScrape: "true",
+				commonresources.AnnotationKeyPrometheusPort:   strconv.Itoa(ports.ExporterMetrics),
+				commonresources.AnnotationKeyPrometheusScheme: "http",
 			},
 		},
 		Spec: corev1.ServiceSpec{
@@ -322,7 +320,7 @@ func MakeExporterMetricsService(name types.NamespacedName) *corev1.Service {
 					TargetPort: intstr.FromString("http-metrics"),
 				},
 			},
-			Selector: Labels(),
+			Selector: SelectorLabels(),
 			Type:     corev1.ServiceTypeClusterIP,
 		},
 	}
@@ -423,8 +421,15 @@ end
 }
 
 func Labels() map[string]string {
-	return map[string]string{
-		"app.kubernetes.io/name":     "fluent-bit",
-		"app.kubernetes.io/instance": "telemetry",
-	}
+	result := commonresources.MakeDefaultLabels("fluent-bit", commonresources.LabelValueK8sComponentAgent)
+	result[commonresources.LabelKeyK8sInstance] = commonresources.LabelValueK8sInstance
+
+	return result
+}
+
+func SelectorLabels() map[string]string {
+	result := commonresources.MakeDefaultSelectorLabels("fluent-bit")
+	result[commonresources.LabelKeyK8sInstance] = commonresources.LabelValueK8sInstance
+
+	return result
 }
diff --git a/internal/resources/fluentbit/resources_test.go b/internal/resources/fluentbit/resources_test.go
@@ -25,7 +25,7 @@ func TestMakeDaemonSet(t *testing.T) {
 	}
 
 	expectedAnnotations := map[string]string{
-		"checksum/logpipeline-config":                  checksum,
+		"checksum/config": checksum,
 		"traffic.sidecar.istio.io/excludeInboundPorts": "2020,2021",
 	}
 	daemonSet := MakeDaemonSet(name, checksum, ds)
@@ -39,6 +39,10 @@ func TestMakeDaemonSet(t *testing.T) {
 	}, daemonSet.Spec.Selector.MatchLabels)
 	require.Equal(t, map[string]string{
 		"app.kubernetes.io/name":               "fluent-bit",
+		"kyma-project.io/module":               "telemetry",
+		"app.kubernetes.io/part-of":            "telemetry",
+		"app.kubernetes.io/component":          "agent",
+		"app.kubernetes.io/managed-by":         "telemetry-manager",
 		"app.kubernetes.io/instance":           "telemetry",
 		"sidecar.istio.io/inject":              "true",
 		"telemetry.kyma-project.io/log-export": "true",