implement tracing package and settings package

snapp-incubator · Feb 18, 2024 · 67f0850 · 67f0850
1 parent b954b11
commit 67f0850
Show file tree

Hide file tree

Showing 4 changed files with 66 additions and 50 deletions.
diff --git a/internal/settings/flags.go b/internal/settings/flags.go
@@ -1,3 +1,25 @@
 package settings
 
-func (s Settings) RegisterFlagPointers()
+import "flag"
+
+func (s Settings) BindFlags(fs *flag.FlagSet) {
+	flag.StringVar(&s.MetricsAddress, "metrics-bind-address", ":8080", "The address the metric endpoint binds to.")
+	flag.StringVar(&s.ProbeAddress, "health-probe-bind-address", ":8081", "The address the probe endpoint binds to.")
+	flag.StringVar(&s.AuthServerAddress, "address", ":8082", "The address the authorization service binds to.")
+
+	flag.StringVar(&s.TLS.CertPath, "tls-cert-path", "", "grpc Authentication server TLS certificate")
+	flag.StringVar(&s.TLS.KeyPath, "tls-key-path", "", "grpc Authentication server TLS key")
+	flag.StringVar(&s.TLS.CaPath, "tls-ca-path", "", "grpc Authentication server CA certificate")
+
+	flag.BoolVar(&s.Tracing.Enabled, "enable-tracing", false,
+		"Enable OpenTelemetry Tracing. "+
+			"After enabling this you should add --tracing-provider")
+	flag.StringVar(&s.Tracing.Provider, "tracing-provider", "jaeger",
+		"Tracing provider, for now only 'jaeger'. "+
+			"You should also set OTEL_EXPORTER_JAEGER_AGENT_HOST and OTEL_EXPORTER_JAEGER_AGENT_PORT.")
+	flag.Float64Var(&s.Tracing.SamplingRatio, "tracing-sampling-ratio", 0.001,
+		"Tracing sampling ration sets sampling portion of requests")
+	flag.BoolVar(&s.LeaderElection.Enabled, "leader-elect", false,
+		"Enable leader election for controller manager. "+
+			"Enabling this will ensure there is only one active controller manager.")
+}
diff --git a/internal/settings/settings.go b/internal/settings/settings.go
@@ -19,12 +19,13 @@ type Settings struct {
 	} `yaml:"leaderElection"`
 
 	Tracing struct {
-		Enabled  bool   `yaml:"enabled" env:"ENABLE_TRACING" env-default:"false" env-description:"Enable OpenTelemetry tracing."`
-		Provider string `yaml:"provider" env:"TRACING_PROVIDER" env-default:"jaeger" env-description:"only jaeger is available now"`
+		Enabled       bool    `yaml:"enabled" env:"ENABLE_TRACING" env-default:"false" env-description:"Enable OpenTelemetry tracing."`
+		Provider      string  `yaml:"provider" env:"TRACING_PROVIDER" env-default:"jaeger" env-description:"only jaeger is available now"`
+		SamplingRatio float64 `yaml:"samplingRatio" env:"TRACING_SAMPLING_RATIO" env-default:"0.001" env-description:"sets sampling portion of requests"`
 	} `yaml:"tracing"`
 }
 
 func GetSettings() (st Settings, err error) {
-	cleanenv.ReadEnv(&st)
+	err = cleanenv.ReadEnv(&st)
 	return
 }
diff --git a/main.go b/main.go
@@ -44,6 +44,7 @@ import (
 
 	cerberusv1alpha1 "github.com/snapp-incubator/Cerberus/api/v1alpha1"
 	"github.com/snapp-incubator/Cerberus/controllers"
+	"github.com/snapp-incubator/Cerberus/internal/settings"
 	"github.com/snapp-incubator/Cerberus/pkg/auth"
 	"github.com/snapp-incubator/Cerberus/pkg/tracing"
 	//+kubebuilder:scaffold:imports
@@ -62,51 +63,44 @@ func init() {
 }
 
 func main() {
+	// load settings from env and bind flags for overwrites
+	st, err := settings.GetSettings()
+	if err != nil {
+		reportFatalErrorAndExit(err, "failed-to-load-settings")
+		return
+	}
+	st.BindFlags(flag.CommandLine)
 
-	flag.StringVar(&metricsAddr, "metrics-bind-address", ":8080", "The address the metric endpoint binds to.")
-	flag.StringVar(&probeAddr, "health-probe-bind-address", ":8081", "The address the probe endpoint binds to.")
-	flag.StringVar(&authAddr, "address", ":8082", "The address the authorization service binds to.")
-
-	flag.StringVar(&tlsCertPath, "tls-cert-path", "", "grpc Authentication server TLS certificate")
-	flag.StringVar(&tlsKeyPath, "tls-key-path", "", "grpc Authentication server TLS key")
-	flag.StringVar(&tlsCaPath, "tls-ca-path", "", "grpc Authentication server CA certificate")
-
-	flag.BoolVar(&enableTracing, "enable-tracing", false,
-		"Enable OpenTelemetry Tracing. "+
-			"After enabling this you should add --tracing-provider")
-	flag.StringVar(&tracingProvider, "tracing-provider", "jaeger",
-		"Tracing provider, for now only 'jaeger'. "+
-			"You should also set OTEL_EXPORTER_JAEGER_AGENT_HOST and OTEL_EXPORTER_JAEGER_AGENT_PORT.")
-	flag.BoolVar(&enableLeaderElection, "leader-elect", false,
-		"Enable leader election for controller manager. "+
-			"Enabling this will ensure there is only one active controller manager.")
-
+	// bind zap flags
 	opts := zap.Options{
 		Development: true,
 	}
 	opts.BindFlags(flag.CommandLine)
 	flag.Parse()
 
+	// add zapper to controller
 	ctrl.SetLogger(zap.New(zap.UseFlagOptions(&opts)))
 
-	var err error
-	if enableTracing {
-		if tracingProvider == "jaeger" {
-			err = tracing.SetTracingProvider(tracing.JaegerTracing)
+	if st.Tracing.Enabled {
+		if st.Tracing.Provider == "jaeger" {
+			err = tracing.SetTracingProvider(tracing.JaegerTracing, st.Tracing.SamplingRatio)
 		} else {
 			reportFatalErrorAndExit(fmt.Errorf("invalid-tracing-provider"), "unable to setup environment")
+			return
 		}
 	}
 	if err != nil {
 		reportFatalErrorAndExit(err, "setup tracing provider encountered error")
+		return
 	}
 
-	listener, srv, authenticator, err := setupAuthenticationServer(authAddr, tlsCertPath, tlsKeyPath, tlsCaPath)
+	listener, srv, authenticator, err := setupAuthenticationServer(st)
 	if err != nil {
 		reportFatalErrorAndExit(err, "unable to setup authentication server")
+		return
 	}
 
-	mgr, err := setupManager(metricsAddr, probeAddr, enableLeaderElection, authenticator)
+	mgr, err := setupManager(st, authenticator)
 	if err != nil {
 		reportFatalErrorAndExit(err, "unable to setup manager")
 	}
@@ -133,9 +127,7 @@ func main() {
 }
 
 func setupManager(
-	metricsAddr string,
-	probeAddr string,
-	enableLeaderElection bool,
+	st settings.Settings,
 	cache controllers.ProcessCache,
 ) (ctrl.Manager, error) {
 	mgr, err := ctrl.NewManager(ctrl.GetConfigOrDie(), ctrl.Options{
@@ -144,11 +136,12 @@ func setupManager(
 			Port: 9443,
 		}),
 		Metrics: metricsserver.Options{
-			BindAddress: metricsAddr,
+			BindAddress: st.MetricsAddress,
 		},
-		HealthProbeBindAddress: probeAddr,
-		LeaderElection:         enableLeaderElection,
-		LeaderElectionID:       "f5d1781e.snappcloud.io",
+		HealthProbeBindAddress: st.ProbeAddress,
+		LeaderElection:         st.LeaderElection.Enabled,
+		LeaderElectionID:       st.LeaderElection.ID,
+
 		// limit Manager to cerberus namespace
 		NewCache: func(config *rest.Config, opts controllercache.Options) (controllercache.Cache, error) {
 			opts.ByObject = make(map[client.Object]controllercache.ByObject)
@@ -183,7 +176,7 @@ func setupManager(
 		Client:   mgr.GetClient(),
 		Scheme:   mgr.GetScheme(),
 		Cache:    cache,
-		ReadOnly: !enableLeaderElection,
+		ReadOnly: !st.LeaderElection.Enabled,
 	}).SetupWithManager(mgr); err != nil {
 		setupLog.Error(err, "unable to create controller", "controller", "AccessToken")
 		return nil, err
@@ -192,7 +185,7 @@ func setupManager(
 		Client:   mgr.GetClient(),
 		Scheme:   mgr.GetScheme(),
 		Cache:    cache,
-		ReadOnly: !enableLeaderElection,
+		ReadOnly: !st.LeaderElection.Enabled,
 	}).SetupWithManager(mgr); err != nil {
 		setupLog.Error(err, "unable to create controller", "controller", "WebService")
 		return nil, err
@@ -201,7 +194,7 @@ func setupManager(
 		Client:   mgr.GetClient(),
 		Scheme:   mgr.GetScheme(),
 		Cache:    cache,
-		ReadOnly: !enableLeaderElection,
+		ReadOnly: !st.LeaderElection.Enabled,
 	}).SetupWithManager(mgr); err != nil {
 		setupLog.Error(err, "unable to create controller", "controller", "WebserviceAccessBinding")
 		return nil, err
@@ -222,8 +215,8 @@ func setupHealthChecks(mgr ctrl.Manager) error {
 	return nil
 }
 
-func setupAuthenticationServer(listenAddress, tlsCertPath, tlsKeyPath, tlsCaPath string) (net.Listener, *grpc.Server, *auth.Authenticator, error) {
-	listener, err := net.Listen("tcp", listenAddress)
+func setupAuthenticationServer(st settings.Settings) (net.Listener, *grpc.Server, *auth.Authenticator, error) {
+	listener, err := net.Listen("tcp", st.AuthServerAddress)
 	if err != nil {
 		setupLog.Error(err, "problem in binding authorization service")
 		return nil, nil, nil, err
@@ -233,8 +226,8 @@ func setupAuthenticationServer(listenAddress, tlsCertPath, tlsKeyPath, tlsCaPath
 		grpc.MaxConcurrentStreams(1 << 20),
 	}
 
-	if tlsCertPath != "" && tlsKeyPath != "" {
-		creds, err := auth.NewServerCredentials(tlsCertPath, tlsKeyPath, tlsCaPath)
+	if st.TLS.CertPath != "" && st.TLS.KeyPath != "" {
+		creds, err := auth.NewServerCredentials(st.TLS.CertPath, st.TLS.KeyPath, st.TLS.CaPath)
 		if err != nil {
 			return nil, nil, nil, err
 		}

diff --git a/pkg/tracing/tracing.go b/pkg/tracing/tracing.go
@@ -14,6 +14,7 @@ import (
 
 const (
 	CerberusTracerName = "cerberus"
+	ServiceName        = "cerberus"
 	JaegerTracing      = "jaeger"
 )
 
@@ -23,22 +24,21 @@ func init() {
 	cerberusTracer = otel.Tracer(CerberusTracerName)
 }
 
-func SetTracingProvider(provider string) error {
+func SetTracingProvider(provider string, samplingRation float64) error {
 	if provider == JaegerTracing {
 		exporter, err := jaeger.New(jaeger.WithAgentEndpoint())
 		if err != nil {
-			return nil, err
+			return err
 		}
-		tp := tracesdk.NewTracerProvider(
+		cerberusTracer = tracesdk.NewTracerProvider(
 			tracesdk.WithBatcher(exporter),
-			tracesdk.WithSampler(tracesdk.ParentBased(tracesdk.TraceIDRatioBased(samplerRatio))),
-			// Record information about this application in a Resource.
+			tracesdk.WithSampler(tracesdk.ParentBased(tracesdk.TraceIDRatioBased(samplingRation))),
 			tracesdk.WithResource(resource.NewWithAttributes(
 				semconv.SchemaURL,
-				semconv.ServiceNameKey.String(serviceName),
+				semconv.ServiceNameKey.String(ServiceName),
 			)),
-		)
-		return tp, nil
+		).Tracer(CerberusTracerName)
+		return nil
 
 	}
 	return fmt.Errorf("invalid-tracing-provider")