Opentelemetry exporter (#531)

* added otlp encode stages

* added some vendor files

* restored encode_ptlp.go

* removed unfinished code for histograms

* added otel support inside transform-network

* removed redundant definition of metricsProcessed metric

* update otel metric to changes in prom metric

* separated spans for src and dst

* create child span only when selector field was present

* added errorCounter operational metric to otel

* refactored metrics items

* minor edits

* removed unused import

* changed flp to netobserv

* added instructions for demo

* updated demo doc

* updated demo.md

README.md

@@ -443,6 +443,8 @@ All the kubernetes fields will be named by appending `output` value
 In addition, if the `parameters` value is not empty, fields with kubernetes labels 
 will be generated, and named by appending `parameters` value to the label keys.   
 
+If `assignee` is set to `otel` then the output fields of `add_kubernetes` will be produced in opentelemetry format.
+
 > Note: kubernetes connection is done using the first available method: 
 > 1. configuration parameter `KubeConfigPath` (in the example above `/tmp/config`) or
 > 2. using `KUBECONFIG` environment variable

contrib/opentelemetry/collector.yaml

@@ -0,0 +1,46 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  annotations:
+    service.beta.openshift.io/inject-cabundle: "true"
+  name: my-otelcol-cabundle
+---
+apiVersion: opentelemetry.io/v1alpha1
+kind: OpenTelemetryCollector
+metadata:
+  name: my-otelcol
+spec:
+  config: |
+    receivers:
+      otlp:
+        protocols:
+          grpc:
+          http:
+    processors:
+      batch:
+
+    exporters:
+      logging:
+        loglevel: info
+
+      otlp/jaeger:
+        endpoint: my-jaeger-collector-headless.jaeger.svc:4317
+        tls:
+          insecure: true
+
+    service:
+      pipelines:
+        traces:
+          receivers: [otlp]
+          processors: [batch]
+          exporters: [logging,otlp/jaeger]
+  mode: deployment
+  resources: {}
+  targetAllocator: {}
+  volumeMounts:
+  - mountPath: /etc/pki/ca-trust/source/service-ca
+    name: cabundle-volume
+  volumes:
+  - configMap:
+      name: my-otelcol-cabundle
+    name: cabundle-volume

contrib/opentelemetry/demo.md

@@ -0,0 +1,91 @@
+
+# Demo of flowlogs-pipeline with Opentelemetry traces and Jaeger
+
+We provide here instructions how to bring up a simple demo that uses the flowlogs-pipeline opentelemetry capability.
+We send trace data to the opentelemetry collector, which is then forwarded to jaeger to be presented in its UI.
+
+We assume we have a kubernetes cluster environment.
+This may be a real cluster such as Openshift cluster or a simulated cluster such as minikube.
+
+We install jaeger and the opentelemetry collector using operators.
+The operators require the existance of cert manager, so we first install cert manager.
+
+```
+kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.8.2/cert-manager.yaml
+```
+
+Wait for all pods in namespace cert-manager to be running.
+
+Install jaeger operator: See https://www.jaegertracing.io/docs/1.52/operator/
+
+```
+kubectl create namespace observability
+kubectl create -f https://github.com/jaegertracing/jaeger-operator/releases/download/v1.52.0/jaeger-operator.yaml -n observability
+```
+
+Wait for operator to be ready
+
+Install jaeger instance.
+In directory githum.com/netobserv/flowlogs-pipeline/contrib/opentelemetry:
+
+```
+kubectl create namespace jaeger
+kubectl apply -f ./jaeger.yaml -n jaeger
+```
+
+Install opentelemetry operator: See https://opentelemetry.io/docs/kubernetes/operator/
+
+```
+kubectl apply -f https://github.com/open-telemetry/opentelemetry-operator/releases/latest/download/opentelemetry-operator.yaml
+```
+
+Wait for operator to be ready.
+
+Install opentelemetry collector instance.
+In directory githum.com/netobserv/flowlogs-pipeline/contrib/opentelemetry:
+
+```
+kubectl create namespace otlp
+kubectl apply -f ./collector.yaml -n otlp
+```
+
+Install ebpf and flowlogs-pipeline.
+In directory githum.com/netobserv/flowlogs-pipeline/contrib/opentelemetry:
+
+```
+kubectl create namespace netobserv
+kubectl apply -f ./perms.yml # (ignore the warnings)
+kubectl apply -f ./flp.yml -n netobserv
+```
+
+(Optional) Install some test workload.
+
+```
+kubectl create namespace mesh-arena
+kubectl apply -f ./mesh-arena.yml -n mesh-arena
+```
+
+Access the jaeger UI.
+On Openshift, connect to jaeger UI at:
+
+```
+oc get route my-jaeger -o jsonpath='{.spec.host}' -n jaeger
+```
+
+Then:
+```
+https://<my-jaeger host address>
+```
+
+On Minikube:
+
+```
+kubectl port-forward --address 0.0.0.0 svc/my-jaeger-query -n jaeger 16686:16686 2>&1 >/dev/null &
+```
+
+Then:
+```
+http://<localhost>:16686
+```
+
+

contrib/opentelemetry/flp.yml

@@ -0,0 +1,203 @@
+# Example deployment for manual testing with flp
+# It requires loki to be installed
+apiVersion: apps/v1
+kind: DaemonSet
+metadata:
+  name: netobserv-ebpf-agent
+  namespace: netobserv
+  labels:
+    k8s-app: netobserv-ebpf-agent
+spec:
+  selector:
+    matchLabels:
+      k8s-app: netobserv-ebpf-agent
+  template:
+    metadata:
+      labels:
+        k8s-app: netobserv-ebpf-agent
+    spec:
+      serviceAccountName: netobserv
+      hostNetwork: true
+      dnsPolicy: ClusterFirstWithHostNet
+      containers:
+      - name: netobserv-ebpf-agent
+        image: quay.io/netobserv/netobserv-ebpf-agent:main
+        #      imagePullPolicy: Always
+        securityContext:
+          privileged: true
+          runAsUser: 0
+        env:
+          - name: FLOWS_TARGET_HOST
+            value: "flp"
+          - name: FLOWS_TARGET_PORT
+            value: "9999"
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: flp
+  namespace: netobserv
+  labels:
+    k8s-app: flp
+spec:
+  ports:
+    - port: 9999
+      protocol: TCP
+      targetPort: 9999
+      name: flp
+  selector:
+    k8s-app: flp
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: flp
+  namespace: netobserv
+  labels:
+    k8s-app: flp
+spec:
+  selector:
+    matchLabels:
+      k8s-app: flp
+  replicas: 1
+  template:
+    metadata:
+      labels:
+        k8s-app: flp
+    spec:
+      serviceAccountName: netobserv
+      containers:
+        - name: packet-counter
+          image: quay.io/kalmanmeth/flowlogs-pipeline:otlp-amd64
+          ports:
+            - containerPort: 9999
+              hostPort: 9999
+          args:
+            - --config=/etc/flp/config.yaml
+          volumeMounts:
+            - mountPath: /etc/flp
+              name: config-volume
+      volumes:
+        - name: config-volume
+          configMap:
+            name: flp-config
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: flp-config
+  namespace: netobserv
+data:
+  config.yaml: |
+    log-level: debug
+    pipeline:
+      - name: ingest
+      - name: otlp_transform
+        follows: ingest
+      - name: enrich
+        follows: otlp_transform
+      - name: otel
+        follows: enrich
+    parameters:
+      - name: ingest
+        ingest:
+          type: grpc
+          grpc:
+            port: 9999
+      - name: otlp_transform
+        transform:
+          type: generic
+          generic:
+            policy: replace_keys
+            rules:
+              - input: Bytes
+                output: bytes
+                multiplier: 1
+              - input: Packets
+                output: packets
+              - input: DstAddr
+                output: destination.address
+              - input: DstMac
+                output: destination.mac
+              - input: DstHostIP
+                output: destination.host.address
+              - input: DstPort
+                output: destination.port
+              - input: SrcAddr
+                output: source.address
+              - input: SrcMac
+                output: source.mac
+              - input: SrcHostIP
+                output: source.host.address
+              - input: SrcPort
+                output: source.port
+              - input: TimeReceived
+                output: timereceived
+              - input: Proto
+                output: protocol
+      - name: enrich
+        transform:
+          type: network
+          network:
+            rules:
+              - input: source.address
+                output: source.
+                type: add_kubernetes
+                assignee: otel
+              - input: destination.address
+                output: destination.
+                type: add_kubernetes
+                assignee: otel
+      - name: otel
+        encode:
+          type: otlptraces
+          otlptraces:
+            address: my-otelcol-collector-headless.otlp.svc
+            port: 4317
+            connectionType: grpc
+            spanSplitter:
+              - source.
+              - destination.
+---
+kind: ClusterRole
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: netobserv
+  namespace: netobserv
+rules:
+  - apiGroups:
+      - apps
+    resources:
+      - daemonsets
+      - deployments
+      - replicasets
+    verbs:
+      - get
+      - list
+      - watch
+  - apiGroups:
+      - ""
+    resources:
+      - configmaps
+      - namespaces
+      - services
+      - nodes
+      - pods
+    verbs:
+      - get
+      - list
+      - watch
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: netobserv
+  namespace: netobserv
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: netobserv
+subjects:
+  - kind: ServiceAccount
+    name: netobserv
+    namespace: netobserv

contrib/opentelemetry/jaeger.yaml

@@ -0,0 +1,5 @@
+apiVersion: jaegertracing.io/v1
+kind: Jaeger
+metadata:
+  name: my-jaeger
+spec: {}