You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
= Configuring the distributed tracing platform (Tempo)
8
+
= Configuring the {TempoName} and the {OTELName}
9
9
10
-
You can expose tracing data to the {TempoName}stack by appending a named element and the `zipkin` provider to the `spec.meshConfig.extensionProviders` specification in the `ServiceMehControlPlane`, as shown in the following example. Then, a telemetry custom resource configures Istio proxies to collect trace spans and send them to the Tempo distributor service endpoint.
10
+
You can expose tracing data to the {TempoName} by appending a named element and the `opentelemetry` provider to the `spec.meshConfig.extensionProviders` specification in the `ServiceMeshControlPlane`. Then, a telemetry custom resource configures Istio proxies to collect trace spans and send them to the OpenTelemetry Collector endpoint.
11
11
12
-
You can create a TempoStack instance in the `tracing-system` namespace _after_ creating the `ServiceMeshControlPlane` and the `ServiceMeshMemberRoll` resources.
12
+
//As of July 2, 2024, there is no common attribute for OpenTelemetry Collector.
13
+
14
+
You can create a {OTELName} instance in a mesh namespace and configure it to send tracing data to a tracing platform backend service.
13
15
14
16
.Prerequisites
15
17
16
-
* You have installed the {TempoOperator} and {SMProductName} Operator in the `openshift-operators` namespace.
17
-
* You have created namespaces such as `istio-system` and `tracing-system`.
18
+
* You created a TempoStack instance using the Red Hat {TempoOperator} in the `tracing-system` namespace. For more information, see "Installing {TempoName}" in the "Additional resources" section.
19
+
20
+
* You installed the {OTELOperator} in either the recommended namespace or the `openshift-operators` namespace. For more information, see "Installing the {OTELName}" in the "Additional resources" section.
21
+
22
+
* If using {SMProductName} 2.5 or earlier, set the `spec.tracing.type` parameter of the `ServiceMeshControlPlane` resource to `None` so tracing data can be sent to the OpenTelemetry Collector.
18
23
19
24
.Procedure
20
25
21
-
. Configure the `ServiceMeshControlPlane` resource to define an extension provider:
26
+
. Create an OpenTelemetry Collector instance in a mesh namespace. This example uses the `bookinfo` namespace:
<1> Include the namespace in the `ServiceMeshMemberRoll` member list.
59
+
<2> The sidecar injection annotation is only required when you enable the `spec.security.dataPlane` parameter for mTLS encryption in the `ServiceMeshControlPlane` resource.
60
+
<3> In this example, a TempoStack instance is running in the `tracing-system` namespace. You do not have to include the TempoStack namespace, such as`tracing-system`, in the `ServiceMeshMemberRoll` member list.
61
+
+
62
+
[NOTE]
63
+
====
64
+
You only need to create one instance of the OpenTelemetry Collector in one of the `ServiceMeshMemberRoll` member namespaces.
65
+
====
66
+
67
+
. Check the `otel-collector` pod log and verify that the pod is running.
<1> The `spec.tracing.type` setting defines a deprecated distributed tracing Jaeger instance. Set `spec.tracing.type` to `None` when connecting to a TempoStack using an `extensionProvider` setting.
53
105
+
54
106
[NOTE]
55
107
====
56
-
Create a TempoStack instance _after_ creating the `ServiceMeshControlPlane` and the `ServiceMeshMemberRoll` resources.
108
+
When upgrading from SMCP 2.5 to 2.6, set the `spec.tracing.type` parameter to `None`:
109
+
110
+
.Example SMCP `spec.tracing.type` parameter
111
+
[source,yaml]
112
+
----
113
+
spec:
114
+
tracing:
115
+
type: None
116
+
----
57
117
====
58
118
119
+
. Create a Telemetry resource in the `istio-system` namespace:
120
+
+
121
+
.Example Telemetry resource
122
+
[source,yaml]
123
+
----
124
+
apiVersion: telemetry.istio.io/v1alpha1
125
+
kind: Telemetry
126
+
metadata:
127
+
name: mesh-default
128
+
namespace: istio-system
129
+
spec:
130
+
tracing:
131
+
- providers:
132
+
- name: otel
133
+
randomSamplingPercentage: 100
134
+
----
135
+
136
+
. Verify the `istiod` log.
137
+
59
138
. Configure the Kiali resource specification to enable a Kiali workload traces dashboard. You can use the dashboard to view tracing query results.
<1> If you are not using the default HTTP or gRPC port for Jaeger or Tempo, replace the `in_cluster_url:` port with your custom port.
155
+
<1> The default `query_timeout` integer value is 30 seconds. If you set the value to greater than 30 seconds, you must update `.spec.server.write_timeout` in the Kiali CR and add the annotation `haproxy.router.openshift.io/timeout=50s` to the Kiali route. Both `.spec.server.write_timeout` and `haproxy.router.openshift.io/timeout=` must be greater than `query_timeout`.
156
+
<2> If you are not using the default HTTP or gRPC port, replace the `in_cluster_url:` port with your custom port.
76
157
+
77
158
[NOTE]
78
159
====
79
160
Kiali 1.73 uses the Jaeger Query API, which causes a longer response time depending on Tempo resource limits. If you see a `Could not fetch spans` error message in the Kiali UI, then check your Tempo configuration or reduce the limit per query in Kiali.
80
161
====
81
162
82
-
. Create a TempoStack instance using the Red Hat {TempoOperator} in the `tracing-system` namespace. For more information, see "Installing the distributed tracing platform (Tempo)" in the "Additional resources" section.
163
+
. Send requests to your application.
83
164
84
-
. Apply a Telemetry custom resource for {SMProductShortName} to start the Tempo provider setting.
85
-
+
165
+
. Verify the `istiod` pod logs and the `otel-collector` pod logs.
== Configuring the {TempoName} in a mTLS encrypted Service Mesh member namespace
169
+
170
+
[NOTE]
171
+
====
172
+
You don't need this additional `DestinationRule` configuration if you created a TempoStack instance in a namespace that is not a Service Mesh member namespace.
173
+
====
174
+
175
+
All traffic is TLS encrypted when you enable Service Mesh `dataPlane` mTLS encryption and you create a TempoStack instance in a Service Mesh member namespace such as `tracing-system-mtls`. This encryption is not expected from the Tempo distributed service and returns a TLS error.
176
+
177
+
To fix the TLS error, disable the TLS `trafficPolicy` by applying a `DestinationRule` for Tempo and Kiali:
178
+
179
+
.Example `DestinationRule` Tempo
86
180
[source,yaml]
87
181
----
88
-
apiVersion: telemetry.istio.io/v1alpha1
89
-
kind: Telemetry
182
+
apiVersion: networking.istio.io/v1alpha3
183
+
kind: DestinationRule
90
184
metadata:
91
-
name: mesh-default
92
-
namespace: istio-system
185
+
name: tempo
186
+
namespace: tracing-system-mtls
93
187
spec:
94
-
tracing:
95
-
- providers:
96
-
- name: tempo
97
-
randomSamplingPercentage: 100
188
+
host: "*.tracing-system-mtls.svc.cluster.local"
189
+
trafficPolicy:
190
+
tls:
191
+
mode: DISABLE
98
192
----
99
193
100
-
You can also create an Istio gateway and virtual service resources to expose an {product-title} route for accessing the Tempo Jaeger Query console.
Copy file name to clipboardExpand all lines: modules/ossm-enabling-jaeger.adoc
+2-2Lines changed: 2 additions & 2 deletions
Original file line number
Diff line number
Diff line change
@@ -22,9 +22,9 @@ spec:
22
22
type: Jaeger
23
23
----
24
24
25
-
Currently, the only tracing type that is supported is `Jaeger`.
25
+
In {SMProductName} 2.6, the tracing type `Jaeger` is deprecated and disabled by default.
26
26
27
-
Jaeger is enabled by default. To disable tracing, set `type` to `None`.
27
+
In {SMProductName} 2.5 and earlier, the tracing type `Jaeger` is enabled by default. To disable `Jaeger` tracing, set the `spec.tracing.type` parameter of the `ServiceMeshControlPlane` resource to `None`.
28
28
29
29
The sampling rate determines how often the Envoy proxy generates a trace. You can use the sampling rate option to control what percentage of requests get reported to your tracing system. You can configure this setting based upon your traffic in the mesh and the amount of tracing data you want to collect. You configure `sampling` as a scaled integer representing 0.01% increments. For example, setting the value to `10` samples 0.1% of traces, setting the value to `500` samples 5% of traces, and a setting of `10000` samples 100% of traces.
0 commit comments