安装
WARNING
此部署文档仅适用于容器平台与 tracing 系统集成的场景。
Tracing 组件与 Service Mesh 组件互斥。如果您已经部署了 Service Mesh 组件,请先将其卸载。
本指南面向集群管理员,介绍如何在 Alauda Container Platform 集群上安装 tracing 系统。
前提条件:
- 您可以使用具有
platform-admin-system 权限的账户访问 Alauda Container Platform 集群。
- 您已安装
kubectl CLI。
- 已配置
Elasticsearch 组件用于存储 tracing 数据,包括访问 URL 和 Basic Auth 信息。
安装 Jaeger Operator
使用 Web Console 安装 Jaeger Operator
您可以在 Alauda Container Platform 的 Marketplace → OperatorHub 部分安装 Jaeger Operator,此处列出了可用的 Operators。
步骤
-
在 Web Console 的 Administrator 视图中,选择要部署 Jaeger Operator 的 cluster,然后导航到 Marketplace → OperatorHub。
-
使用搜索框在目录中搜索 Alauda build of Jaeger。单击 Alauda build of Jaeger 标题。
-
阅读 Alauda build of Jaeger 页面上的 Operator 介绍信息。单击 Install。
-
在 Install 页面中:
- 为 Upgrade Strategy 选择 Manual。对于
Manual 审批策略,OLM 将创建更新请求。作为集群管理员,您必须手动批准 OLM 更新请求,才能将 Operator 升级到新版本。
- 选择 stable (Default) 通道。
- 在 Installation Location 中选择 Recommended。将 Operator 安装到推荐的
jaeger-operator 命名空间中,以便 Operator 能够监控并在集群内所有命名空间中可用。
-
单击 Install。
-
验证 Status 显示为 Succeeded,以确认 Jaeger Operator 已正确安装。
-
检查 Jaeger Operator 的所有组件是否都已成功安装。通过终端登录到集群,并运行以下命令:
kubectl -n jaeger-operator get csv
示例输出
NAME DISPLAY VERSION REPLACES PHASE
jaeger-operator.vx.x.0 Jaeger Operator x.x.0 Succeeded
如果 PHASE 字段显示 Succeeded,则表示 Operator 及其组件已成功安装。
部署 Jaeger 实例
可以使用 install-jaeger.sh 脚本安装 Jaeger 实例及其相关资源,该脚本接收三个参数:
--es-url:Elasticsearch 的访问 URL。--es-user-base64:Elasticsearch 的 Basic Auth 用户名,使用 base64 编码。--es-pass-base64:Elasticsearch 的 Basic Auth 密码,使用 base64 编码。
从 DETAILS 中复制安装脚本,登录到要安装的集群,将其保存为 install-jaeger.sh,并在授予执行权限后运行:
DETAILS
#!/bin/bash
set -euo pipefail
CLUSTER_NAME=$(kubectl get configmap global-info -n kube-public -o jsonpath='{.data.clusterName}')
echo "CLUSTER_NAME: ${CLUSTER_NAME}"
# default values
TARGET_NAMESPACE="cpaas-system"
JAEGER_INSTANCE_NAME="jaeger-prod"
JAEGER_BASEPATH_SUFFIX="/acp/jaeger"
JAEGER_ES_INDEX_PREFIX=acp-tracing-$CLUSTER_NAME
# get arg
while [ "$#" -gt 0 ]; do
case $1 in
--es-url=*)
ES_URL="${1#*=}"
;;
--es-user-base64=*)
ES_USER_BASE64="${1#*=}"
;;
--es-pass-base64=*)
ES_PASS_BASE64="${1#*=}"
;;
--target-namespace=*)
TARGET_NAMESPACE="${1#*=}"
;;
--jaeger-instance-name=*)
JAEGER_INSTANCE_NAME="${1#*=}"
;;
--jaeger-basepath-suffix=*)
JAEGER_BASEPATH_SUFFIX="${1#*=}"
;;
--jaeger-es-index-prefix=*)
JAEGER_ES_INDEX_PREFIX="${1#*=}"
;;
*)
echo "unknown argument: $1"
exit 1
;;
esac
shift
done
# print arg
echo "ES_URL: $ES_URL"
echo "ES_USER_BASE64: $ES_USER_BASE64"
echo "ES_PASS_BASE64: $ES_PASS_BASE64"
echo "TARGET_NAMESPACE: $TARGET_NAMESPACE"
echo "JAEGER_INSTANCE_NAME: $JAEGER_INSTANCE_NAME"
echo "JAEGER_BASEPATH_SUFFIX: $JAEGER_BASEPATH_SUFFIX"
echo "JAEGER_ES_INDEX_PREFIX: $JAEGER_ES_INDEX_PREFIX"
# get global-info from ConfigMap
ISSUER_URL=$(kubectl get configmap global-info -n kube-public -o jsonpath='{.data.oidcIssuer}')
OIDC_CLIENT_SECRET_REF=$(kubectl get configmap global-info -n kube-public -o jsonpath='{.data.oidcClientSecretRef}')
SYSTEM_NAMESPACE=$(kubectl get configmap global-info -n kube-public -o jsonpath='{.data.systemNamespace}')
if [ -n "$OIDC_CLIENT_SECRET_REF" ]; then
if [ -z "$SYSTEM_NAMESPACE" ]; then
echo "systemNamespace is empty while oidcClientSecretRef is set"
exit 1
fi
CLIENT_ID_BASE64=$(kubectl get secret "$OIDC_CLIENT_SECRET_REF" -n "$SYSTEM_NAMESPACE" -o jsonpath='{.data.client-id}')
CLIENT_SECRET_BASE64=$(kubectl get secret "$OIDC_CLIENT_SECRET_REF" -n "$SYSTEM_NAMESPACE" -o jsonpath='{.data.client-secret}')
if [ -z "$CLIENT_ID_BASE64" ] || [ -z "$CLIENT_SECRET_BASE64" ]; then
echo "client-id or client-secret is empty in secret: $OIDC_CLIENT_SECRET_REF"
exit 1
fi
CLIENT_ID=$(printf '%s' "$CLIENT_ID_BASE64" | base64 --decode)
else
CLIENT_ID=$(kubectl get configmap global-info -n kube-public -o jsonpath='{.data.oidcClientID}')
CLIENT_SECRET=$(kubectl get configmap global-info -n kube-public -o jsonpath='{.data.oidcClientSecret}')
CLIENT_SECRET_BASE64=$(printf '%s' "${CLIENT_SECRET}" | base64 | tr -d '\n')
fi
PLATFORM_URL=$(kubectl get configmap global-info -n kube-public -o jsonpath='{.data.platformURL}')
echo "PLATFORM_URL: ${PLATFORM_URL}"
JAEGER_BASEPATH="clusters/$CLUSTER_NAME$JAEGER_BASEPATH_SUFFIX"
_apply_resource() {
if [ -z "$1" ]; then
echo "Usage: _apply_resource <yaml_content>"
return 1
fi
local yaml_content="$1"
echo "$yaml_content" | kubectl apply -f -
}
_install_configmap() {
local yaml_content=$(cat <<EOF
apiVersion: v1
data:
OAUTH2_PROXY_CLIENT_ID: $CLIENT_ID
OAUTH2_PROXY_COOKIE_SECURE: "false"
OAUTH2_PROXY_EMAIL_DOMAINS: "*"
OAUTH2_PROXY_HTTP_ADDRESS: 0.0.0.0:4180
OAUTH2_PROXY_INSECURE_OIDC_ALLOW_UNVERIFIED_EMAIL: "true"
OAUTH2_PROXY_OIDC_ISSUER_URL: $ISSUER_URL
OAUTH2_PROXY_PROVIDER: oidc
OAUTH2_PROXY_PROXY_PREFIX: /$JAEGER_BASEPATH/oauth2
OAUTH2_PROXY_REDIRECT_URL: $PLATFORM_URL/$JAEGER_BASEPATH/oauth2/callback
OAUTH2_PROXY_SCOPE: openid profile email groups ext
OAUTH2_PROXY_CODE_CHALLENGE_METHOD: "S256"
OAUTH2_PROXY_SKIP_JWT_BEARER_TOKENS: "true"
OAUTH2_PROXY_SKIP_PROVIDER_BUTTON: "true"
OAUTH2_PROXY_SSL_INSECURE_SKIP_VERIFY: "true"
OAUTH2_PROXY_UPSTREAMS: http://127.0.0.1:16686
kind: ConfigMap
metadata:
name: $JAEGER_INSTANCE_NAME-oauth2-proxy
namespace: $TARGET_NAMESPACE
EOF
)
_apply_resource "$yaml_content"
}
_install_secret() {
COOKIE_SECRET=$(dd if=/dev/urandom bs=32 count=1 2>/dev/null | base64 | tr -d -- '\n' | tr -- '+/' '-_')
COOKIE_SECRET_BASE64=$(printf '%s' "${COOKIE_SECRET}" | base64 | tr -d '\n')
local yaml_content=$(cat <<EOF
apiVersion: v1
data:
OAUTH2_PROXY_CLIENT_SECRET: $CLIENT_SECRET_BASE64
OAUTH2_PROXY_COOKIE_SECRET: $COOKIE_SECRET_BASE64
kind: Secret
metadata:
name: $JAEGER_INSTANCE_NAME-oauth2-proxy
namespace: $TARGET_NAMESPACE
type: Opaque
---
apiVersion: v1
data:
ES_PASSWORD: $ES_PASS_BASE64
ES_USERNAME: $ES_USER_BASE64
kind: Secret
metadata:
name: $JAEGER_INSTANCE_NAME-es-basic-auth
namespace: $TARGET_NAMESPACE
type: Opaque
EOF
)
_apply_resource "$yaml_content"
}
_install_sa() {
local yaml_content=$(cat <<EOF
apiVersion: v1
kind: ServiceAccount
metadata:
name: $JAEGER_INSTANCE_NAME-sa
namespace: $TARGET_NAMESPACE
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: $JAEGER_INSTANCE_NAME-role
namespace: $TARGET_NAMESPACE
rules:
- apiGroups: [""]
resources: ["secrets"]
verbs: ["get"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: $JAEGER_INSTANCE_NAME-rb
namespace: $TARGET_NAMESPACE
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: $JAEGER_INSTANCE_NAME-role
subjects:
- kind: ServiceAccount
name: $JAEGER_INSTANCE_NAME-sa
namespace: $TARGET_NAMESPACE
EOF
)
_apply_resource "$yaml_content"
}
_install_jaeger() {
local yaml_content=$(cat <<EOF
apiVersion: jaegertracing.io/v1
kind: Jaeger
metadata:
name: $JAEGER_INSTANCE_NAME
namespace: $TARGET_NAMESPACE
spec:
collector:
affinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchLabels:
app.kubernetes.io/name: $JAEGER_INSTANCE_NAME-collector
topologyKey: kubernetes.io/hostname
replicas: 1
resources:
limits:
cpu: "2"
memory: 512Mi
requests:
cpu: 250m
memory: 256Mi
imagePullSecrets:
- name: global-registry-auth
ingress:
enabled: false
labels:
service_name: jaeger
query:
affinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchLabels:
app.kubernetes.io/name: $JAEGER_INSTANCE_NAME-query
topologyKey: kubernetes.io/hostname
annotations:
oauth2-proxy.github.io/image: ""
oauth2-proxy.github.io/inject: "true"
oauth2-proxy.github.io/oidc-configmap: $JAEGER_INSTANCE_NAME-oauth2-proxy
oauth2-proxy.github.io/oidc-secret: $JAEGER_INSTANCE_NAME-oauth2-proxy
oauth2-proxy.github.io/proxyCPULimit: 100m
oauth2-proxy.github.io/proxyMemoryLimit: 128Mi
options:
query:
base-path: /$JAEGER_BASEPATH
replicas: 1
resources:
limits:
cpu: "1"
memory: 512Mi
requests:
cpu: 250m
memory: 256Mi
resources:
limits:
cpu: 100m
memory: 300Mi
requests:
cpu: 100m
memory: 300Mi
sampling:
options: {}
serviceAccount: $JAEGER_INSTANCE_NAME-sa
storage:
dependencies:
enabled: false
resources: {}
schedule: 55 23 * * *
elasticsearch:
name: elasticsearch
nodeCount: 3
redundancyPolicy: SingleRedundancy
esIndexCleaner:
enabled: true
numberOfDays: 7
resources: {}
schedule: 55 23 * * *
esRollover:
resources: {}
schedule: 0 0 * * *
options:
es.asm.cname: $JAEGER_INSTANCE_NAME-es-basic-auth
es.asm.cnamespace: $TARGET_NAMESPACE
es.index-prefix: $JAEGER_ES_INDEX_PREFIX
es.max-span-age: 168h0m0s
es.server-urls: $ES_URL
es.tls.enabled: true
es.tls.skip-host-verify: true
secretName: ""
type: elasticsearch
strategy: production
tolerations:
- effect: NoSchedule
key: node-role.kubernetes.io/control-plane
operator: Exists
- effect: NoSchedule
key: node-role.kubernetes.io/master
operator: Exists
ui:
options:
dependencies:
menuEnabled: false
EOF
)
_apply_resource "$yaml_content"
}
_install_pod_monitor() {
local yaml_content=$(cat <<EOF
apiVersion: monitoring.coreos.com/v1
kind: PodMonitor
metadata:
labels:
monitoring: pods
prometheus: kube-prometheus
name: $JAEGER_INSTANCE_NAME-monitor
namespace: $TARGET_NAMESPACE
spec:
jobLabel: app.kubernetes.io/name
namespaceSelector:
matchNames:
- $TARGET_NAMESPACE
podMetricsEndpoints:
- interval: 60s
path: /metrics
port: admin-http
selector:
matchLabels:
app.kubernetes.io/instance: $JAEGER_INSTANCE_NAME
EOF
)
_apply_resource "$yaml_content"
}
_install_ingress() {
local alb_annotation=""
if [[ "$CLUSTER_NAME" == "global" ]]; then
alb_annotation=$(cat <<EOF
alb.ingress.cpaas.io/rewrite-request: |
{"headers_var":{"Authorization":"cookie_cpaas_id_token"}}
EOF
)
fi
local ingress_class=""
if [[ "$CLUSTER_NAME" != "global" ]]; then
ingress_class=" ingressClassName: cpaas-system"
fi
local yaml_content=$(cat <<EOF
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: $JAEGER_INSTANCE_NAME-query
namespace: $TARGET_NAMESPACE
annotations:
nginx.ingress.kubernetes.io/enable-cors: "true"
$alb_annotation
spec:
$ingress_class
rules:
- http:
paths:
- path: /$JAEGER_BASEPATH
pathType: ImplementationSpecific
backend:
service:
name: $JAEGER_INSTANCE_NAME-query
port:
number: 4180
EOF
)
_apply_resource "$yaml_content"
}
# final install
_install_configmap
_install_secret
_install_sa
_install_jaeger
_install_pod_monitor
_install_ingress
echo "Jaeger UI access address: $PLATFORM_URL/$JAEGER_BASEPATH"
echo "Jaeger installation completed"
脚本执行示例:
./install-jaeger.sh --es-url='https://xxx' --es-user-base64='xxx' --es-pass-base64='xxx'
脚本输出示例:
CLUSTER_NAME: <cluster>
ES_URL: https://xxx
ES_USER_BASE64: xxx
ES_PASS_BASE64: xxx
TARGET_NAMESPACE: cpaas-system
JAEGER_INSTANCE_NAME: jaeger-prod
JAEGER_BASEPATH_SUFFIX: /acp/jaeger
JAEGER_ES_INDEX_PREFIX: acp-tracing-<cluster>
PLATFORM_URL: https://xxx
configmap/jaeger-prod-oauth2-proxy created
secret/jaeger-prod-oauth2-proxy created
secret/jaeger-prod-es-basic-auth created
serviceaccount/jaeger-prod-sa created
role.rbac.authorization.k8s.io/jaeger-prod-role created
rolebinding.rbac.authorization.k8s.io/jaeger-prod-rb created
jaeger.jaegertracing.io/jaeger-prod created
podmonitor.monitoring.coreos.com/jaeger-prod-monitor created
ingress.networking.k8s.io/jaeger-prod-query created
Jaeger UI access address: <platform-url>/clusters/<cluster>/acp/jaeger
Jaeger installation completed
安装 OpenTelemetry Operator
使用 Web Console 安装 OpenTelemetry Operator
您可以在 Alauda Container Platform 的 Marketplace → OperatorHub 部分安装 OpenTelemetry Operator,此处列出了可用的 Operators。
步骤
-
在 Web Console 的 Administrator 视图中,选择要部署 OpenTelemetry Operator 的 cluster,然后导航到 Marketplace → OperatorHub。
-
使用搜索框在目录中搜索 Alauda build of OpenTelemetry。单击 Alauda build of OpenTelemetry 标题。
-
阅读 Alauda build of OpenTelemetry 页面上的 Operator 介绍信息。单击 Install。
-
在 Install 页面中:
- 为 Upgrade Strategy 选择 Manual。对于
Manual 审批策略,OLM 将创建更新请求。作为集群管理员,您必须手动批准 OLM 更新请求,才能将 Operator 升级到新版本。
- 选择 alpha (Default) 通道。
- 在 Installation Location 中选择 Recommended。将 Operator 安装到推荐的
opentelemetry-operator 命名空间中,以便 Operator 能够监控并在集群内所有命名空间中可用。
-
单击 Install。
-
验证 Status 显示为 Succeeded,以确认 OpenTelemetry Operator 已正确安装。
-
检查 OpenTelemetry Operator 的所有组件是否都已成功安装。通过终端登录到集群,并运行以下命令:
kubectl -n opentelemetry-operator get csv
示例输出
NAME DISPLAY VERSION REPLACES PHASE
openTelemetry-operator.vx.x.0 OpenTelemetry Operator x.x.0 Succeeded
如果 PHASE 字段显示 Succeeded,则表示 Operator 及其组件已成功安装。
部署 OpenTelemetry 实例
可以使用 install-otel.sh 脚本安装 OpenTelemetry 实例及其相关资源。
从 DETAILS 中复制安装脚本,登录到要安装的集群,将其保存为 install-otel.sh,并在授予执行权限后运行:
DETAILS
#!/bin/bash
set -euo pipefail
TARGET_NAMESPACE="cpaas-system"
# get global-info from ConfigMap
CLUSTER_NAME=$(kubectl get configmap global-info -n kube-public -o jsonpath='{.data.clusterName}')
echo "CLUSTER_NAME: ${CLUSTER_NAME}"
_apply_resource() {
if [ -z "$1" ]; then
echo "Usage: _apply_resource <yaml_content>"
return 1
fi
local yaml_content="$1"
echo "$yaml_content" | kubectl apply -f -
}
_install_rbac() {
local yaml_content=$(cat <<EOF
apiVersion: v1
imagePullSecrets:
- name: global-registry-auth
kind: ServiceAccount
metadata:
name: otel-collector
namespace: $TARGET_NAMESPACE
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: otel-collector:cpaas-system:cluster-admin
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:
- kind: ServiceAccount
name: otel-collector
namespace: $TARGET_NAMESPACE
EOF
)
_apply_resource "$yaml_content"
}
_install_otel_collector() {
local yaml_content=$(cat <<EOF
apiVersion: opentelemetry.io/v1beta1
kind: OpenTelemetryCollector
metadata:
name: otel
namespace: $TARGET_NAMESPACE
spec:
affinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchLabels:
app: otel-collector
topologyKey: kubernetes.io/hostname
config:
exporters:
debug: {}
otlp:
balancer_name: round_robin
endpoint: dns:///jaeger-prod-collector-headless.$TARGET_NAMESPACE:4317
tls:
insecure: true
prometheus:
endpoint: 0.0.0.0:8889
extensions:
health_check:
endpoint: 0.0.0.0:13133
processors:
batch: {}
filter/metric_apis:
metrics:
datapoint:
- attributes["http.route"] == "/actuator/health" or attributes["uri"] == "/actuator/health"
- attributes["http.route"] == "/actuator/prometheus" or attributes["uri"] == "/actuator/prometheus"
transform:
metric_statements:
- context: datapoint
statements:
- delete_key(attributes, "inner.client.ms.name")
- delete_key(attributes, "inner.client.ms.namespace")
- delete_key(attributes, "inner.client.cluster.name")
- delete_key(attributes, "inner.client.env.type")
- set(attributes["namespace"], resource.attributes["k8s.namespace.name"])
- set(attributes["container"], resource.attributes["k8s.container.name"])
- set(attributes["service_name"], resource.attributes["service.name"])
- set(attributes["pod"], resource.attributes["k8s.pod.name"])
memory_limiter:
check_interval: 5s
limit_percentage: 85
spike_limit_percentage: 25
receivers:
otlp:
protocols:
grpc:
endpoint: 0.0.0.0:4317
http:
endpoint: 0.0.0.0:4318
service:
extensions:
- health_check
pipelines:
metrics:
exporters:
- debug
- prometheus
processors:
- memory_limiter
- filter/metric_apis
- transform
- batch
receivers:
- otlp
traces:
exporters:
- debug
- otlp
processors:
- memory_limiter
- batch
receivers:
- otlp
telemetry:
logs:
level: info
metrics:
address: 0.0.0.0:8888
level: detailed
managementState: managed
mode: deployment
replicas: 1
resources:
limits:
cpu: "2"
memory: 1Gi
requests:
cpu: 250m
memory: 512Mi
securityContext:
readOnlyRootFilesystem: true
runAsNonRoot: true
serviceAccount: otel-collector
tolerations:
- effect: NoSchedule
key: node-role.kubernetes.io/control-plane
operator: Exists
- effect: NoSchedule
key: node-role.kubernetes.io/master
operator: Exists
upgradeStrategy: automatic
EOF
)
_apply_resource "$yaml_content"
}
_install_instrumentation() {
local yaml_content=$(cat <<EOF
apiVersion: opentelemetry.io/v1alpha1
kind: Instrumentation
metadata:
name: acp-common-java
namespace: $TARGET_NAMESPACE
spec:
env:
- name: SERVICE_CLUSTER
value: "$CLUSTER_NAME"
- name: OTEL_TRACES_EXPORTER
value: otlp
- name: OTEL_METRICS_EXPORTER
value: otlp
- name: OTEL_EXPORTER_OTLP_ENDPOINT
value: http://otel-collector.$TARGET_NAMESPACE:4317
- name: OTEL_SERVICE_NAME
value: \$(SERVICE_NAME).\$(SERVICE_NAMESPACE)
- name: OTEL_RESOURCE_ATTRIBUTES
value: service.namespace=\$(SERVICE_NAMESPACE),cluster.name=\$(SERVICE_CLUSTER)
sampler:
type: parentbased_traceidratio
argument: "1"
EOF
)
_apply_resource "$yaml_content"
}
_install_service_monitor() {
local yaml_content=$(cat <<EOF
apiVersion: monitoring.coreos.com/v1
kind: ServiceMonitor
metadata:
labels:
monitoring: services
prometheus: kube-prometheus
name: otel-collector-monitoring
namespace: $TARGET_NAMESPACE
spec:
endpoints:
- interval: 60s
path: /metrics
port: monitoring
jobLabel: app.kubernetes.io/name
namespaceSelector:
matchNames:
- $TARGET_NAMESPACE
selector:
matchLabels:
app.kubernetes.io/instance: $TARGET_NAMESPACE.otel
operator.opentelemetry.io/collector-service-type: monitoring
---
apiVersion: monitoring.coreos.com/v1
kind: ServiceMonitor
metadata:
labels:
monitoring: services
prometheus: kube-prometheus
name: otel-collector
namespace: $TARGET_NAMESPACE
spec:
endpoints:
- honorLabels: true
interval: 60s
path: /metrics
port: prometheus
jobLabel: app.kubernetes.io/name
namespaceSelector:
matchNames:
- $TARGET_NAMESPACE
selector:
matchLabels:
app.kubernetes.io/instance: $TARGET_NAMESPACE.otel
operator.opentelemetry.io/collector-service-type: base
EOF
)
_apply_resource "$yaml_content"
}
_install_rbac
_install_otel_collector
_install_instrumentation
_install_service_monitor
echo "OpenTelemetry installation completed"
脚本执行示例:
脚本输出示例:
CLUSTER_NAME: cluster-xxx
serviceaccount/otel-collector created
clusterrolebinding.rbac.authorization.k8s.io/otel-collector:cpaas-system:cluster-admin created
opentelemetrycollector.opentelemetry.io/otel created
instrumentation.opentelemetry.io/acp-common-java created
servicemonitor.monitoring.coreos.com/otel-collector-monitoring created
servicemonitor.monitoring.coreos.com/otel-collector created
OpenTelemetry installation completed
启用功能开关
当前 tracing 系统处于 Alpha 阶段,您需要在 Feature Switch 视图中手动启用 acp-tracing-ui 功能开关。
然后,导航到 Container Platform 视图,并进入 Observability → Tracing,即可查看 tracing 功能。
卸载 Tracing
删除 OpenTelemetry 实例
登录到已安装的集群,并执行以下命令删除 OpenTelemetry 实例及其相关资源。
kubectl -n cpaas-system delete servicemonitor otel-collector-monitoring
kubectl -n cpaas-system delete servicemonitor otel-collector
kubectl -n cpaas-system delete instrumentation acp-common-java
kubectl -n cpaas-system delete opentelemetrycollector otel
kubectl delete clusterrolebinding otel-collector:cpaas-system:cluster-admin
kubectl -n cpaas-system delete serviceaccount otel-collector
卸载 OpenTelemetry Operator
您可以在 Web Console 的 Administrator 视图中卸载 OpenTelemetry Operator。
步骤
- 从 Marketplace → OperatorHub → 使用 search box 搜索
Alauda build of OpenTelemetry。
- 单击 Alauda build of OpenTelemetry 标题进入其详情页面。
- 在 Alauda build of OpenTelemetry 详情页面中,单击右上角的 Uninstall 按钮。
- 在 Uninstall "opentelemetry-operator"? 窗口中,单击 Uninstall。
删除 Jaeger 实例
登录到已安装的集群,并执行以下命令删除 Jaeger 实例及其相关资源。
kubectl -n cpaas-system delete ingress jaeger-prod-query
kubectl -n cpaas-system delete podmonitor jaeger-prod-monitor
kubectl -n cpaas-system delete jaeger jaeger-prod
kubectl -n cpaas-system delete rolebinding jaeger-prod-rb
kubectl -n cpaas-system delete role jaeger-prod-role
kubectl -n cpaas-system delete serviceaccount jaeger-prod-sa
kubectl -n cpaas-system delete secret jaeger-prod-oauth2-proxy
kubectl -n cpaas-system delete secret jaeger-prod-es-basic-auth
kubectl -n cpaas-system delete configmap jaeger-prod-oauth2-proxy
卸载 Jaeger Operator
您可以在 Web Console 的 Administrator 视图中卸载 Jaeger Operator。
步骤
- 从 Marketplace → OperatorHub → 使用 search box 搜索
Alauda build of Jaeger。
- 单击 Alauda build of Jaeger 标题进入其详情页面。
- 在 Alauda build of Jaeger 详情页面中,单击右上角的 Uninstall 按钮。
- 在 Uninstall "jaeger-operator"? 窗口中,单击 Uninstall。
