diff --git a/helm/kagent/templates/controller-configmap.yaml b/helm/kagent/templates/controller-configmap.yaml index aedd314a4..e75be9366 100644 --- a/helm/kagent/templates/controller-configmap.yaml +++ b/helm/kagent/templates/controller-configmap.yaml @@ -56,6 +56,10 @@ data: STREAMING_MAX_BUF_SIZE: {{ .Values.controller.streaming.maxBufSize | quote }} STREAMING_TIMEOUT: {{ .Values.controller.streaming.timeout | quote }} WATCH_NAMESPACES: {{ include "kagent.watchNamespaces" . | quote }} + {{- if .Values.controller.metrics.enabled }} + METRICS_BIND_ADDRESS: ":{{ .Values.controller.metrics.port }}" + METRICS_SECURE: {{ .Values.controller.metrics.secure | quote }} + {{- end }} ZAP_LOG_LEVEL: {{ .Values.controller.loglevel | quote }} {{- $agentHost := "" }} {{- if and .Values.controller.agentDeployment .Values.controller.agentDeployment.host (not (eq .Values.controller.agentDeployment.host "")) }} diff --git a/helm/kagent/templates/controller-deployment.yaml b/helm/kagent/templates/controller-deployment.yaml index ee7119b8e..1cec7e294 100644 --- a/helm/kagent/templates/controller-deployment.yaml +++ b/helm/kagent/templates/controller-deployment.yaml @@ -97,6 +97,11 @@ spec: - name: http containerPort: {{ .Values.controller.service.ports.targetPort }} protocol: TCP + {{- if .Values.controller.metrics.enabled }} + - name: metrics + containerPort: {{ .Values.controller.metrics.port }} + protocol: TCP + {{- end }} resources: {{- toYaml .Values.controller.resources | nindent 12 }} {{- with (.Values.controller.securityContext | default .Values.securityContext) }} diff --git a/helm/kagent/templates/controller-service.yaml b/helm/kagent/templates/controller-service.yaml index 54933c355..37c6a0319 100644 --- a/helm/kagent/templates/controller-service.yaml +++ b/helm/kagent/templates/controller-service.yaml @@ -12,5 +12,11 @@ spec: targetPort: {{ .Values.controller.service.ports.targetPort }} protocol: TCP name: controller + {{- if .Values.controller.metrics.enabled }} + - port: {{ .Values.controller.metrics.port }} + targetPort: {{ .Values.controller.metrics.port }} + protocol: TCP + name: metrics + {{- end }} selector: {{- include "kagent.controller.selectorLabels" . | nindent 4 }} diff --git a/helm/kagent/templates/controller-servicemonitor.yaml b/helm/kagent/templates/controller-servicemonitor.yaml new file mode 100644 index 000000000..57fde9863 --- /dev/null +++ b/helm/kagent/templates/controller-servicemonitor.yaml @@ -0,0 +1,25 @@ +{{- if and .Values.controller.metrics.enabled .Values.controller.metrics.serviceMonitor.enabled (.Capabilities.APIVersions.Has "monitoring.coreos.com/v1/ServiceMonitor") }} +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: {{ include "kagent.fullname" . }}-controller + namespace: {{ include "kagent.namespace" . }} + labels: + {{- include "kagent.labels" . | nindent 4 }} + {{- with .Values.controller.metrics.serviceMonitor.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + selector: + matchLabels: + {{- include "kagent.controller.selectorLabels" . | nindent 6 }} + endpoints: + - port: metrics + interval: {{ .Values.controller.metrics.serviceMonitor.interval }} + scrapeTimeout: {{ .Values.controller.metrics.serviceMonitor.scrapeTimeout }} + {{- if .Values.controller.metrics.secure }} + scheme: https + tlsConfig: + insecureSkipVerify: true + {{- end }} +{{- end }} diff --git a/helm/kagent/tests/controller-deployment_test.yaml b/helm/kagent/tests/controller-deployment_test.yaml index a35a9c227..06aeadc0e 100644 --- a/helm/kagent/tests/controller-deployment_test.yaml +++ b/helm/kagent/tests/controller-deployment_test.yaml @@ -76,6 +76,29 @@ tests: - equal: path: spec.template.spec.containers[0].ports[0].containerPort value: 8083 + - lengthEqual: + path: spec.template.spec.containers[0].ports + count: 1 + + - it: should add metrics port and env vars when enabled + set: + controller.metrics.enabled: true + asserts: + - contains: + path: spec.template.spec.containers[0].ports + content: + name: metrics + containerPort: 9093 + protocol: TCP + template: controller-deployment.yaml + - equal: + path: data.METRICS_BIND_ADDRESS + value: ":9093" + template: controller-configmap.yaml + - equal: + path: data.METRICS_SECURE + value: "false" + template: controller-configmap.yaml - it: should set A2A_BASE_URL with computed default value template: controller-configmap.yaml diff --git a/helm/kagent/tests/controller-service_test.yaml b/helm/kagent/tests/controller-service_test.yaml index f3bb1d97b..ab8864137 100644 --- a/helm/kagent/tests/controller-service_test.yaml +++ b/helm/kagent/tests/controller-service_test.yaml @@ -29,6 +29,9 @@ tests: - equal: path: spec.ports[0].protocol value: TCP + - lengthEqual: + path: spec.ports + count: 1 - it: should have correct selector labels asserts: @@ -68,4 +71,16 @@ tests: asserts: - equal: path: metadata.namespace - value: custom-namespace \ No newline at end of file + value: custom-namespace + + - it: should expose metrics port when enabled + set: + controller.metrics.enabled: true + asserts: + - contains: + path: spec.ports + content: + port: 9093 + targetPort: 9093 + protocol: TCP + name: metrics \ No newline at end of file diff --git a/helm/kagent/tests/controller-servicemonitor_test.yaml b/helm/kagent/tests/controller-servicemonitor_test.yaml new file mode 100644 index 000000000..b327db5b0 --- /dev/null +++ b/helm/kagent/tests/controller-servicemonitor_test.yaml @@ -0,0 +1,46 @@ +suite: test controller servicemonitor +templates: + - controller-servicemonitor.yaml +tests: + - it: should not render by default + asserts: + - hasDocuments: + count: 0 + + - it: should not render when CRD is not installed + set: + controller.metrics.enabled: true + controller.metrics.serviceMonitor.enabled: true + asserts: + - hasDocuments: + count: 0 + + - it: should render ServiceMonitor when both enabled and CRD present + set: + controller.metrics.enabled: true + controller.metrics.serviceMonitor.enabled: true + capabilities: + apiVersions: + - monitoring.coreos.com/v1/ServiceMonitor + asserts: + - isKind: + of: ServiceMonitor + - equal: + path: spec.endpoints[0].port + value: metrics + + - it: should add TLS config when secure is true + set: + controller.metrics.enabled: true + controller.metrics.serviceMonitor.enabled: true + controller.metrics.secure: true + capabilities: + apiVersions: + - monitoring.coreos.com/v1/ServiceMonitor + asserts: + - equal: + path: spec.endpoints[0].scheme + value: https + - equal: + path: spec.endpoints[0].tlsConfig.insecureSkipVerify + value: true diff --git a/helm/kagent/values.yaml b/helm/kagent/values.yaml index 446cc54e7..ca040089b 100644 --- a/helm/kagent/values.yaml +++ b/helm/kagent/values.yaml @@ -222,6 +222,17 @@ controller: ports: port: 8083 targetPort: 8083 + metrics: + enabled: false + port: 9093 + # -- The controller binary defaults to secure=true. Set to false for plain HTTP scraping (most common). + # Note: when the controller Service type is NodePort or LoadBalancer the metrics port will be externally reachable. + secure: false + serviceMonitor: + enabled: false + interval: 30s + scrapeTimeout: 10s + labels: {} env: [] envFrom: []