From e61757282490227f10db0c23bb043e44c0871822 Mon Sep 17 00:00:00 2001 From: amanagarwal042 Date: Sat, 11 Apr 2026 20:21:45 +0530 Subject: [PATCH 1/2] add chart for controller --- .../Chart.yaml | 13 +- charts/openlit-controller/templates/NOTES.txt | 14 + .../openlit-controller/templates/_helpers.tpl | 98 +++++ .../templates/clusterrole.yaml | 15 + .../templates/clusterrolebinding.yaml | 16 + .../templates/configmap.yaml | 15 + .../templates/daemonset.yaml | 93 +++++ .../templates/serviceaccount.yaml | 13 + charts/openlit-controller/values.yaml | 71 ++++ charts/openlit-operator/.helmignore | 30 -- charts/openlit-operator/README.md | 375 ------------------ .../examples/advanced-instrumentation.yaml | 95 ----- .../examples/basic-instrumentation.yaml | 26 -- .../openinference-instrumentation.yaml | 54 --- charts/openlit-operator/templates/NOTES.txt | 81 ---- .../openlit-operator/templates/_helpers.tpl | 328 --------------- .../templates/clusterrole.yaml | 44 -- .../templates/clusterrolebinding.yaml | 20 - charts/openlit-operator/templates/crd.yaml | 320 --------------- .../templates/deployment.yaml | 109 ----- .../openlit-operator/templates/service.yaml | 23 -- .../templates/serviceaccount.yaml | 20 - charts/openlit-operator/values.yaml | 249 ------------ charts/openlit/Chart.lock | 10 +- charts/openlit/Chart.yaml | 10 +- .../charts/openlit-controller-0.1.0.tgz | Bin 0 -> 3299 bytes charts/openlit/values.yaml | 25 +- 27 files changed, 366 insertions(+), 1801 deletions(-) rename charts/{openlit-operator => openlit-controller}/Chart.yaml (67%) create mode 100644 charts/openlit-controller/templates/NOTES.txt create mode 100644 charts/openlit-controller/templates/_helpers.tpl create mode 100644 charts/openlit-controller/templates/clusterrole.yaml create mode 100644 charts/openlit-controller/templates/clusterrolebinding.yaml create mode 100644 charts/openlit-controller/templates/configmap.yaml create mode 100644 charts/openlit-controller/templates/daemonset.yaml create mode 100644 charts/openlit-controller/templates/serviceaccount.yaml create mode 100644 charts/openlit-controller/values.yaml delete mode 100644 charts/openlit-operator/.helmignore delete mode 100644 charts/openlit-operator/README.md delete mode 100644 charts/openlit-operator/examples/advanced-instrumentation.yaml delete mode 100644 charts/openlit-operator/examples/basic-instrumentation.yaml delete mode 100644 charts/openlit-operator/examples/openinference-instrumentation.yaml delete mode 100644 charts/openlit-operator/templates/NOTES.txt delete mode 100644 charts/openlit-operator/templates/_helpers.tpl delete mode 100644 charts/openlit-operator/templates/clusterrole.yaml delete mode 100644 charts/openlit-operator/templates/clusterrolebinding.yaml delete mode 100644 charts/openlit-operator/templates/crd.yaml delete mode 100644 charts/openlit-operator/templates/deployment.yaml delete mode 100644 charts/openlit-operator/templates/service.yaml delete mode 100644 charts/openlit-operator/templates/serviceaccount.yaml delete mode 100644 charts/openlit-operator/values.yaml create mode 100644 charts/openlit/charts/openlit-controller-0.1.0.tgz diff --git a/charts/openlit-operator/Chart.yaml b/charts/openlit-controller/Chart.yaml similarity index 67% rename from charts/openlit-operator/Chart.yaml rename to charts/openlit-controller/Chart.yaml index 9dbc613..a1efa87 100644 --- a/charts/openlit-operator/Chart.yaml +++ b/charts/openlit-controller/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -name: openlit-operator -description: OpenLIT Kubernetes Operator for Zero-Code AI/ML Application Instrumentation +name: openlit-controller +description: OpenLIT Controller - Zero-code LLM and Agent observability using eBPF type: application -version: 0.2.2 -appVersion: 0.0.2 +version: 0.1.0 +appVersion: "latest" home: https://openlit.io sources: - https://github.com/openlit/openlit @@ -15,9 +15,10 @@ keywords: - observability - opentelemetry - ai - - ml + - llm + - ebpf - instrumentation - monitoring - tracing + - controller icon: https://avatars.githubusercontent.com/u/149867240?s=200&v=4 - diff --git a/charts/openlit-controller/templates/NOTES.txt b/charts/openlit-controller/templates/NOTES.txt new file mode 100644 index 0000000..9baefcb --- /dev/null +++ b/charts/openlit-controller/templates/NOTES.txt @@ -0,0 +1,14 @@ +OpenLIT Controller has been deployed as a DaemonSet. + +It will automatically discover services making LLM API calls on every node. + +Dashboard URL: {{ include "openlit-controller.openlitUrl" . }} +OTLP Endpoint: {{ include "openlit-controller.otlpEndpoint" . }} + +Next steps: + 1. Open the OpenLIT dashboard + 2. Navigate to Instrumentation Hub + 3. Your services will appear automatically + 4. Click "Enable" to start collecting LLM traces and metrics + +For more information, visit: https://docs.openlit.io/latest/controller/overview diff --git a/charts/openlit-controller/templates/_helpers.tpl b/charts/openlit-controller/templates/_helpers.tpl new file mode 100644 index 0000000..f6e2c8b --- /dev/null +++ b/charts/openlit-controller/templates/_helpers.tpl @@ -0,0 +1,98 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "openlit-controller.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +*/}} +{{- define "openlit-controller.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "openlit-controller.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "openlit-controller.labels" -}} +helm.sh/chart: {{ include "openlit-controller.chart" . }} +{{ include "openlit-controller.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +app.kubernetes.io/part-of: openlit +{{- if .Values.additionalLabels }} +{{ toYaml .Values.additionalLabels }} +{{- end }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "openlit-controller.selectorLabels" -}} +app.kubernetes.io/name: {{ include "openlit-controller.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +ServiceAccount name +*/}} +{{- define "openlit-controller.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "openlit-controller.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} + +{{/* +Resolve the OpenLIT dashboard URL. +When config.openlitUrl is set, use it directly. +Otherwise, derive from the parent chart's release name (subchart mode). +*/}} +{{- define "openlit-controller.openlitUrl" -}} +{{- if .Values.config.openlitUrl }} +{{- .Values.config.openlitUrl }} +{{- else }} +{{- printf "http://%s-openlit:%s" .Release.Name "3000" }} +{{- end }} +{{- end }} + +{{/* +Resolve the OTLP endpoint. +When config.otlpEndpoint is set, use it directly. +Otherwise, derive from the parent chart's release name (subchart mode). +*/}} +{{- define "openlit-controller.otlpEndpoint" -}} +{{- if .Values.config.otlpEndpoint }} +{{- .Values.config.otlpEndpoint }} +{{- else }} +{{- printf "http://%s-openlit:%s" .Release.Name "4318" }} +{{- end }} +{{- end }} + +{{/* +Image reference +*/}} +{{- define "openlit-controller.image" -}} +{{- $tag := default .Chart.AppVersion .Values.image.tag }} +{{- printf "%s:%s" .Values.image.repository $tag }} +{{- end }} diff --git a/charts/openlit-controller/templates/clusterrole.yaml b/charts/openlit-controller/templates/clusterrole.yaml new file mode 100644 index 0000000..7bf5763 --- /dev/null +++ b/charts/openlit-controller/templates/clusterrole.yaml @@ -0,0 +1,15 @@ +{{- if .Values.rbac.create }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ include "openlit-controller.fullname" . }} + labels: + {{- include "openlit-controller.labels" . | nindent 4 }} +rules: + - apiGroups: [""] + resources: ["pods", "nodes", "namespaces", "services", "replicationcontrollers"] + verbs: ["get", "list", "watch"] + - apiGroups: ["apps"] + resources: ["deployments", "replicasets", "statefulsets", "daemonsets"] + verbs: ["get", "list", "watch", "patch"] +{{- end }} diff --git a/charts/openlit-controller/templates/clusterrolebinding.yaml b/charts/openlit-controller/templates/clusterrolebinding.yaml new file mode 100644 index 0000000..2286f87 --- /dev/null +++ b/charts/openlit-controller/templates/clusterrolebinding.yaml @@ -0,0 +1,16 @@ +{{- if .Values.rbac.create }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: {{ include "openlit-controller.fullname" . }} + labels: + {{- include "openlit-controller.labels" . | nindent 4 }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ include "openlit-controller.fullname" . }} +subjects: + - kind: ServiceAccount + name: {{ include "openlit-controller.serviceAccountName" . }} + namespace: {{ .Release.Namespace }} +{{- end }} diff --git a/charts/openlit-controller/templates/configmap.yaml b/charts/openlit-controller/templates/configmap.yaml new file mode 100644 index 0000000..247c3ee --- /dev/null +++ b/charts/openlit-controller/templates/configmap.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "openlit-controller.fullname" . }}-config + namespace: {{ .Release.Namespace }} + labels: + {{- include "openlit-controller.labels" . | nindent 4 }} +data: + config.yaml: | + openlit_url: {{ include "openlit-controller.openlitUrl" . | quote }} + otlp_endpoint: {{ include "openlit-controller.otlpEndpoint" . | quote }} + obi_binary_path: "/usr/local/bin/obi" + poll_interval: {{ .Values.config.pollInterval | quote }} + environment: {{ .Values.config.environment | quote }} + cluster_id: {{ .Values.config.clusterId | quote }} diff --git a/charts/openlit-controller/templates/daemonset.yaml b/charts/openlit-controller/templates/daemonset.yaml new file mode 100644 index 0000000..030bab5 --- /dev/null +++ b/charts/openlit-controller/templates/daemonset.yaml @@ -0,0 +1,93 @@ +apiVersion: apps/v1 +kind: DaemonSet +metadata: + name: {{ include "openlit-controller.fullname" . }} + namespace: {{ .Release.Namespace }} + labels: + {{- include "openlit-controller.labels" . | nindent 4 }} +spec: + selector: + matchLabels: + {{- include "openlit-controller.selectorLabels" . | nindent 6 }} + template: + metadata: + labels: + {{- include "openlit-controller.selectorLabels" . | nindent 8 }} + {{- with .Values.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + serviceAccountName: {{ include "openlit-controller.serviceAccountName" . }} + hostPID: true + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + containers: + - name: controller + image: {{ include "openlit-controller.image" . }} + imagePullPolicy: {{ .Values.image.pullPolicy }} + args: ["--config", "/etc/openlit-controller/config.yaml"] + env: + - name: OPENLIT_PROC_ROOT + value: "/host/proc" + - name: NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + {{- if .Values.config.apiKey }} + - name: OPENLIT_API_KEY + value: {{ .Values.config.apiKey | quote }} + {{- end }} + securityContext: + privileged: true + volumeMounts: + - name: proc + mountPath: /host/proc + readOnly: true + - name: sys-kernel-debug + mountPath: /sys/kernel/debug + readOnly: true + - name: bpf + mountPath: /sys/fs/bpf + - name: config + mountPath: /etc/openlit-controller + readOnly: true + {{- with .Values.resources }} + resources: + {{- toYaml . | nindent 12 }} + {{- end }} + volumes: + - name: proc + hostPath: + path: /proc + - name: sys-kernel-debug + hostPath: + path: /sys/kernel/debug + - name: bpf + hostPath: + path: /sys/fs/bpf + - name: config + configMap: + name: {{ include "openlit-controller.fullname" . }}-config + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/charts/openlit-controller/templates/serviceaccount.yaml b/charts/openlit-controller/templates/serviceaccount.yaml new file mode 100644 index 0000000..31d0c68 --- /dev/null +++ b/charts/openlit-controller/templates/serviceaccount.yaml @@ -0,0 +1,13 @@ +{{- if .Values.serviceAccount.create }} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "openlit-controller.serviceAccountName" . }} + namespace: {{ .Release.Namespace }} + labels: + {{- include "openlit-controller.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} diff --git a/charts/openlit-controller/values.yaml b/charts/openlit-controller/values.yaml new file mode 100644 index 0000000..b514271 --- /dev/null +++ b/charts/openlit-controller/values.yaml @@ -0,0 +1,71 @@ +# OpenLIT Controller - Zero-code LLM and Agent observability +# https://docs.openlit.io/latest/controller/overview + +# Number of pods is not configurable — the controller runs as a DaemonSet (one per node). + +# Container image +image: + repository: ghcr.io/openlit/openlit-controller + # Overrides the image tag whose default is the chart appVersion. + tag: "" + pullPolicy: IfNotPresent + +imagePullSecrets: [] +nameOverride: "" +fullnameOverride: "" + +# Controller configuration +# When deployed as a subchart of the openlit chart, openlitUrl and otlpEndpoint +# are auto-derived from the parent release name. Override only when using an +# external OpenLIT instance or deploying the controller standalone. +config: + # URL of the OpenLIT dashboard (required when standalone) + openlitUrl: "" + # OTLP HTTP endpoint for traces and metrics (required when standalone) + otlpEndpoint: "" + # How often the controller polls the dashboard + pollInterval: "60s" + # Deployment environment label + environment: "production" + # Cluster identifier for multi-cluster setups + clusterId: "default" + # API key for authenticating with the dashboard (optional) + apiKey: "" + +# ServiceAccount configuration +serviceAccount: + create: true + name: "" + annotations: {} + +# RBAC configuration +rbac: + create: true + +# Pod resource limits +resources: + requests: + cpu: 100m + memory: 128Mi + limits: + cpu: 500m + memory: 512Mi + +# Tolerations — defaults allow scheduling on all nodes (including masters) +tolerations: + - effect: NoSchedule + operator: Exists + - effect: NoExecute + operator: Exists + +# Node selector for restricting which nodes run the controller +nodeSelector: {} + +# Pod affinity rules +affinity: {} + +# Additional labels to add to all resources +additionalLabels: {} + +# Annotations to add to controller pods +podAnnotations: {} diff --git a/charts/openlit-operator/.helmignore b/charts/openlit-operator/.helmignore deleted file mode 100644 index f1dab55..0000000 --- a/charts/openlit-operator/.helmignore +++ /dev/null @@ -1,30 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*.orig -*~ -# Various IDEs -.project -.idea/ -*.tmproj -.vscode/ - -# Helm specific -.helmignore -OWNERS -*.md -examples/ -tests/ diff --git a/charts/openlit-operator/README.md b/charts/openlit-operator/README.md deleted file mode 100644 index 731c9c3..0000000 --- a/charts/openlit-operator/README.md +++ /dev/null @@ -1,375 +0,0 @@ -# OpenLIT Operator Helm Chart - -This Helm chart deploys the OpenLIT Kubernetes operator for zero-code AI/ML application instrumentation. - -## Prerequisites - -- Kubernetes 1.20+ -- Helm 3.8+ - -## Installation - -### Add the OpenLIT Helm repository - -```bash -helm repo add openlit https://openlit.github.io/helm/ -helm repo update -``` - -### Install the operator - -```bash -# Basic installation (creates namespace automatically) -helm install openlit-operator openlit/openlit-operator \ - --create-namespace --namespace openlit - -# With custom values -helm install openlit-operator openlit/openlit-operator \ - --create-namespace --namespace openlit \ - --set image.tag=v1.0.0 \ - --set observability.logLevel=debug -``` - -### Install from source - -```bash -# Clone the repository -git clone https://github.com/openlit/openlit.git -cd openlit/operator/helm - -# Install the chart (create namespace if needed) -helm install openlit-operator ./openlit-operator \ - --create-namespace --namespace openlit -``` - -## Version Management - -The Helm chart automatically synchronizes versions between the operator and instrumentation images for consistency. Here are some common scenarios: - -### Synchronized Versions (Recommended) - -```bash -# All components use v1.2.0 -helm install openlit-operator ./openlit-operator \ - --create-namespace --namespace openlit \ - --set image.tag=v1.2.0 - -# This will result in: -# - Operator: ghcr.io/openlit/openlit-operator:v1.2.0 -# - OpenLIT: ghcr.io/openlit/openlit-ai-instrumentation:v1.2.0 -# - OpenInference: ghcr.io/openlit/openinference-ai-instrumentation:v1.2.0 -# - OpenLLMetry: ghcr.io/openlit/openllmetry-ai-instrumentation:v1.2.0 -``` - -### Mixed Versions (Advanced) - -```bash -# Operator v1.2.0, but OpenInference uses v0.8.0 -helm install openlit-operator ./openlit-operator \ - --create-namespace --namespace openlit \ - --set image.tag=v1.2.0 \ - --set providerImages.openinference.tag=v0.8.0 - -# This will result in: -# - Operator: ghcr.io/openlit/openlit-operator:v1.2.0 -# - OpenLIT: ghcr.io/openlit/openlit-ai-instrumentation:v1.2.0 -# - OpenInference: ghcr.io/openlit/openinference-ai-instrumentation:v0.8.0 -# - OpenLLMetry: ghcr.io/openlit/openllmetry-ai-instrumentation:v1.2.0 -``` - -### Development/Latest Versions - -```bash -# Use latest for development -helm install openlit-operator ./openlit-operator \ - --create-namespace --namespace openlit \ - --set image.tag=latest - -# This automatically sets all provider images to latest as well -``` - -### How Provider Selection Works - -The operator automatically selects the correct image when you create an AutoInstrumentation resource: - -```yaml -# This will use ghcr.io/openlit/openinference-ai-instrumentation:v1.2.0 -apiVersion: openlit.io/v1alpha1 -kind: AutoInstrumentation -metadata: - name: my-instrumentation -spec: - python: - instrumentation: - provider: openinference # Operator selects the right image - # ... rest of config -``` - -If you installed the operator with `--set image.tag=v1.2.0`, the operator will automatically use `ghcr.io/openlit/openinference-ai-instrumentation:v1.2.0` for any AutoInstrumentation resources that specify `provider: openinference`. - -## Configuration - -The following table lists the configurable parameters of the OpenLIT operator chart and their default values. - -### Global Configuration - -| Parameter | Description | Default | -|-----------|-------------|---------| -| `global.namespace` | Override namespace for all resources | `""` | -| `global.commonLabels` | Common labels to add to all resources | `{}` | -| `global.commonAnnotations` | Common annotations to add to all resources | `{}` | - -### Image Configuration - -| Parameter | Description | Default | -|-----------|-------------|---------| -| `image.repository` | Operator image repository | `ghcr.io/openlit/openlit-operator` | -| `image.tag` | Operator image tag | `""` (uses Chart.AppVersion) | -| `image.pullPolicy` | Image pull policy | `IfNotPresent` | -| `image.pullSecrets` | Image pull secrets | `[]` | - -#### Provider Images & Version Synchronization - -The operator dynamically selects instrumentation images based on the provider specified in AutoInstrumentation CRs. By default, all provider images use the same version as the operator for consistency: - -| Parameter | Description | Default Behavior | -|-----------|-------------|------------------| -| `providerImages.openlit.repository` | OpenLIT provider image | `ghcr.io/openlit/openlit-ai-instrumentation` | -| `providerImages.openlit.tag` | OpenLIT provider image tag | `""` (uses operator tag → Chart.AppVersion) | -| `providerImages.openinference.repository` | OpenInference provider image | `ghcr.io/openlit/openinference-ai-instrumentation` | -| `providerImages.openinference.tag` | OpenInference provider image tag | `""` (uses operator tag → Chart.AppVersion) | -| `providerImages.openllmetry.repository` | OpenLLMetry provider image | `ghcr.io/openlit/openllmetry-ai-instrumentation` | -| `providerImages.openllmetry.tag` | OpenLLMetry provider image tag | `""` (uses operator tag → Chart.AppVersion) | -| `instrumentation.defaultProvider` | Default provider for fallback scenarios | `openlit` | - -**How Image Selection Works:** -1. AutoInstrumentation CR specifies provider (e.g., `spec.python.instrumentation.provider: openinference`) -2. Operator looks up the corresponding image from `providerImages.{provider}` -3. If no provider-specific tag is set, uses operator's image tag -4. For operator's own init image default, uses the `defaultProvider` image - -**Version Fallback Order:** -1. Provider-specific tag (if set) -2. Operator image tag (if set) -3. Chart.AppVersion (default) - -### Deployment Configuration - -| Parameter | Description | Default | -|-----------|-------------|---------| -| `deployment.replicas` | Number of operator replicas | `1` | -| `deployment.strategy` | Deployment strategy | `RollingUpdate` | -| `deployment.podAnnotations` | Pod annotations | `{}` | -| `deployment.podLabels` | Pod labels | `{}` | -| `deployment.nodeSelector` | Node selector | `{}` | -| `deployment.tolerations` | Tolerations | See values.yaml | -| `deployment.affinity` | Affinity | `{}` | - -### Resource Configuration - -| Parameter | Description | Default | -|-----------|-------------|---------| -| `resources.requests.cpu` | CPU request | `100m` | -| `resources.requests.memory` | Memory request | `128Mi` | -| `resources.limits.cpu` | CPU limit | `500m` | -| `resources.limits.memory` | Memory limit | `512Mi` | - -### Webhook Configuration - -| Parameter | Description | Default | -|-----------|-------------|---------| -| `webhook.server.port` | Webhook server port | `9443` | -| `webhook.server.path` | Webhook server path | `/mutate` | -| `webhook.server.certDir` | Certificate directory | `/tmp/k8s-webhook-server/serving-certs` | -| `webhook.failurePolicy` | Webhook failure policy | `Ignore` | -| `webhook.reinvocationPolicy` | Webhook reinvocation policy | `Never` | -| `webhook.service.type` | Service type | `ClusterIP` | -| `webhook.service.port` | Service port | `443` | -| `webhook.service.targetPort` | Service target port | `9443` | - -### TLS Configuration - -| Parameter | Description | Default | -|-----------|-------------|---------| -| `tls.validityDays` | Certificate validity in days | `365` | -| `tls.refreshDays` | Certificate refresh threshold in days | `30` | -| `tls.secretName` | Secret name for certificates | `""` (auto-generated) | - -### Observability Configuration - -| Parameter | Description | Default | -|-----------|-------------|---------| -| `observability.logLevel` | Log level (debug, info, warn, error) | `info` | -| `observability.selfMonitoringEnabled` | Enable operator self-monitoring | `false` | -| `observability.otel.endpoint` | OTLP endpoint for operator telemetry | `""` | -| `observability.otel.headers` | OTLP headers | `""` | - -### RBAC Configuration - -| Parameter | Description | Default | -|-----------|-------------|---------| -| `serviceAccount.create` | Create service account | `true` | -| `serviceAccount.name` | Service account name | `""` (auto-generated) | -| `serviceAccount.annotations` | Service account annotations | `{}` | -| `rbac.create` | Create RBAC resources | `true` | - -### CRD Configuration - -| Parameter | Description | Default | -|-----------|-------------|---------| -| `crd.install` | Install CRD | `true` | -| `crd.annotations` | CRD annotations | `{}` | - -## Usage Examples - -### Basic AutoInstrumentation Configuration - -```yaml -apiVersion: openlit.io/v1alpha1 -kind: AutoInstrumentation -metadata: - name: openlit-instrumentation - namespace: default -spec: - selector: - matchLabels: - openlit.io/instrument: "true" - otlp: - endpoint: "http://openlit.default.svc.cluster.local:4318" - python: - instrumentation: - provider: openlit - version: latest -``` - -### Advanced Configuration with Custom Packages - -```yaml -apiVersion: openlit.io/v1alpha1 -kind: AutoInstrumentation -metadata: - name: advanced-instrumentation - namespace: production -spec: - selector: - matchLabels: - app.type: "ai-application" - matchExpressions: - - key: "environment" - operator: In - values: ["production", "staging"] - otlp: - endpoint: "https://otel-collector.monitoring.svc.cluster.local:4318" - headers: "authorization=Bearer " - timeout: 30 - python: - instrumentation: - provider: openlit - version: "1.0.0" - customPackages: "my-custom-package==1.0.0,another-package" - env: - - name: CUSTOM_CONFIG - value: "production" - - name: API_KEY - valueFrom: - secretKeyRef: - name: api-secrets - key: openai-key - resource: - environment: production -``` - -### Instrumentation with OpenInference Provider - -```yaml -apiVersion: openlit.io/v1alpha1 -kind: AutoInstrumentation -metadata: - name: openinference-instrumentation - namespace: default -spec: - selector: - matchLabels: - provider: "openinference" - otlp: - endpoint: "http://openlit.default.svc.cluster.local:4318" - python: - instrumentation: - provider: openinference - version: latest -``` - -## Instrumenting Applications - -To instrument your applications, add the appropriate labels to your pods: - -```bash -# Label existing pods -kubectl label pods my-app-pod openlit.io/instrument=true - -# Update deployment to add labels to new pods -kubectl patch deployment my-app -p '{"spec":{"template":{"metadata":{"labels":{"openlit.io/instrument":"true"}}}}}' -``` - -Or add labels directly to your deployment YAML: - -```yaml -apiVersion: apps/v1 -kind: Deployment -metadata: - name: my-ai-app -spec: - template: - metadata: - labels: - openlit.io/instrument: "true" - app.type: "ai-application" - spec: - containers: - - name: app - image: my-ai-app:latest -``` - -## Uninstallation - -```bash -# Uninstall the operator -helm uninstall openlit-operator - -# Clean up CRDs (if needed) -kubectl delete crd autoinstrumentations.openlit.io -``` - -## Troubleshooting - -1. **Check operator status:** - ```bash - kubectl get pods -n openlit - kubectl logs -n openlit deployment/openlit-operator - ``` - -2. **Verify AutoInstrumentation resources:** - ```bash - kubectl get autoinstrumentations -A - kubectl describe autoinstrumentation my-instrumentation - ``` - -3. **Check webhook configuration:** - ```bash - kubectl get mutatingwebhookconfigurations - kubectl describe mutatingwebhookconfigurations openlit-instrumentation-webhook - ``` - -4. **Inspect instrumented pods:** - ```bash - kubectl describe pod my-instrumented-pod - kubectl logs my-instrumented-pod -c init-openlit - ``` - -## Contributing - -Contributions are welcome! Please see the [contributing guide](https://github.com/openlit/openlit/blob/main/CONTRIBUTING.md) for more details. - -## License - -This chart is licensed under the Apache License 2.0. See [LICENSE](https://github.com/openlit/openlit/blob/main/LICENSE) for more details. diff --git a/charts/openlit-operator/examples/advanced-instrumentation.yaml b/charts/openlit-operator/examples/advanced-instrumentation.yaml deleted file mode 100644 index e50d31f..0000000 --- a/charts/openlit-operator/examples/advanced-instrumentation.yaml +++ /dev/null @@ -1,95 +0,0 @@ -# Advanced OpenLIT AutoInstrumentation Example -# This demonstrates advanced configuration options including custom packages, -# environment variables, and complex pod selection - -apiVersion: openlit.io/v1alpha1 -kind: AutoInstrumentation -metadata: - name: advanced-openlit-instrumentation - namespace: production -spec: - # Advanced pod selection with labels and expressions - selector: - matchLabels: - app.type: "ai-application" - team: "ml-platform" - matchExpressions: - - key: "environment" - operator: In - values: ["production", "staging"] - - key: "framework" - operator: In - values: ["django", "fastapi", "flask"] - - # Ignore certain pods even if they match the selector - ignore: - matchLabels: - skip-instrumentation: "true" - openlit.ignore: "true" - - # OTLP configuration with headers and timeout - otlp: - endpoint: "https://otel-collector.monitoring.svc.cluster.local:4318" - headers: "authorization=Bearer ,x-tenant-id=production" - timeout: 30 - - # Advanced Python instrumentation configuration - python: - instrumentation: - enabled: true - provider: openlit - version: "1.0.0" - imagePullPolicy: IfNotPresent - - # Custom packages to install alongside instrumentation - customPackages: "my-custom-tracer==2.1.0,prometheus-client>=0.15.0,redis>=4.0.0" - - # Custom init container image (optional) - # customInitImage: "ghcr.io/openlit/openlit-ai-instrumentation:v1.0.0" - - # Environment variables to inject into instrumented containers - env: - - name: OPENLIT_APPLICATION_NAME - value: "ml-inference-service" - - name: OPENLIT_VERSION - value: "v2.1.0" - - name: CUSTOM_TRACE_CONFIG - value: "high-verbosity" - - # Environment variables from secrets - - name: OPENAI_API_KEY - valueFrom: - secretKeyRef: - name: ai-service-secrets - key: openai-api-key - - name: ANTHROPIC_API_KEY - valueFrom: - secretKeyRef: - name: ai-service-secrets - key: anthropic-api-key - optional: true - - # Environment variables from configmaps - - name: MODEL_CONFIG - valueFrom: - configMapKeyRef: - name: ml-model-config - key: default-model - - # Environment variables from pod fields - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: POD_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: NODE_NAME - valueFrom: - fieldRef: - fieldPath: spec.nodeName - - # Resource attributes for telemetry - resource: - environment: production diff --git a/charts/openlit-operator/examples/basic-instrumentation.yaml b/charts/openlit-operator/examples/basic-instrumentation.yaml deleted file mode 100644 index f92304f..0000000 --- a/charts/openlit-operator/examples/basic-instrumentation.yaml +++ /dev/null @@ -1,26 +0,0 @@ -# Basic OpenLIT AutoInstrumentation Example -# This creates a simple instrumentation configuration that will instrument -# all pods with the label "openlit.io/instrument=true" - -apiVersion: openlit.io/v1alpha1 -kind: AutoInstrumentation -metadata: - name: basic-openlit-instrumentation - namespace: default -spec: - # Select pods with this label - selector: - matchLabels: - openlit.io/instrument: "true" - - # OTLP configuration - update endpoint to match your setup - otlp: - endpoint: "http://openlit.default.svc.cluster.local:4318" - - # Python instrumentation settings - python: - instrumentation: - # Use OpenLIT provider with latest version - provider: openlit - version: latest - enabled: true diff --git a/charts/openlit-operator/examples/openinference-instrumentation.yaml b/charts/openlit-operator/examples/openinference-instrumentation.yaml deleted file mode 100644 index ae9a361..0000000 --- a/charts/openlit-operator/examples/openinference-instrumentation.yaml +++ /dev/null @@ -1,54 +0,0 @@ -# OpenInference Provider Example -# This example shows how to use the OpenInference instrumentation provider -# which provides comprehensive AI/ML framework instrumentation - -apiVersion: openlit.io/v1alpha1 -kind: AutoInstrumentation -metadata: - name: openinference-instrumentation - namespace: ai-workloads -spec: - # Select pods using OpenInference - selector: - matchLabels: - instrumentation.provider: "openinference" - app.category: "ai-ml" - - # OTLP endpoint (OpenInference works with OpenLIT backend) - otlp: - endpoint: "http://openlit.openlit.svc.cluster.local:4318" - timeout: 30 - - # OpenInference Python instrumentation - python: - instrumentation: - enabled: true - provider: openinference # Use OpenInference provider - version: latest - - # Additional packages specific to your AI/ML stack - customPackages: "langchain>=0.1.0,llama-index>=0.9.0,openai>=1.0.0" - - # Environment variables for OpenInference configuration - env: - - name: OTEL_SERVICE_NAME - value: "ai-chat-service" - - name: OTEL_DEPLOYMENT_ENVIRONMENT - value: "production" - - # API keys for AI services - - name: OPENAI_API_KEY - valueFrom: - secretKeyRef: - name: ai-api-keys - key: openai - - name: ANTHROPIC_API_KEY - valueFrom: - secretKeyRef: - name: ai-api-keys - key: anthropic - optional: true - - # Resource configuration - resource: - environment: production diff --git a/charts/openlit-operator/templates/NOTES.txt b/charts/openlit-operator/templates/NOTES.txt deleted file mode 100644 index 2b0e55d..0000000 --- a/charts/openlit-operator/templates/NOTES.txt +++ /dev/null @@ -1,81 +0,0 @@ -🚀 OpenLIT Operator has been successfully installed! - -📊 **Installation Details:** - Namespace: {{ include "openlit-operator.namespace" . }} - Release: {{ .Release.Name }} - Chart: {{ .Chart.Name }}-{{ .Chart.Version }} - -🔧 **Operator Configuration:** - {{- if .Values.deployment.replicas }} - Replicas: {{ .Values.deployment.replicas }} - {{- end }} - {{- if .Values.observability.logLevel }} - Log Level: {{ .Values.observability.logLevel }} - {{- end }} - {{- if .Values.webhook.failurePolicy }} - Webhook Failure Policy: {{ .Values.webhook.failurePolicy }} - {{- end }} - -🎯 **Next Steps:** - -1. **Verify the operator is running:** - kubectl get pods -n {{ include "openlit-operator.namespace" . }} - -2. **Check operator logs:** - kubectl logs -n {{ include "openlit-operator.namespace" . }} deployment/{{ include "openlit-operator.fullname" . }} - -3. **Create an AutoInstrumentation configuration:** - Create a YAML file with your instrumentation settings: - - ```yaml - apiVersion: openlit.io/v1alpha1 - kind: AutoInstrumentation - metadata: - name: my-instrumentation - namespace: {{ include "openlit-operator.namespace" . }} - spec: - selector: - matchLabels: - openlit.io/instrument: "true" - otlp: - endpoint: "http://openlit.{{ include "openlit-operator.namespace" . }}.svc.cluster.local:4318" - python: - instrumentation: - provider: {{ .Values.instrumentation.defaultProvider }} - version: {{ .Values.instrumentation.defaultVersion }} - ``` - -4. **Apply the configuration:** - kubectl apply -f your-instrumentation.yaml - -5. **Label your application pods for instrumentation:** - kubectl label pods openlit.io/instrument=true - - Or for deployments: - kubectl patch deployment -p '{"spec":{"template":{"metadata":{"labels":{"openlit.io/instrument":"true"}}}}}' - -📚 **Resources:** - - Documentation: https://docs.openlit.io - - GitHub: https://github.com/openlit/openlit - - Examples: https://github.com/openlit/openlit/tree/main/examples - -⚙️ **Configuration:** - {{- if .Values.crd.install }} - ✅ CRD installed and ready for AutoInstrumentation resources - {{- else }} - ⚠️ CRD installation disabled - make sure it's installed separately - {{- end }} - - {{- if .Values.rbac.create }} - ✅ RBAC configured with necessary permissions - {{- else }} - ⚠️ RBAC creation disabled - ensure proper permissions exist - {{- end }} - -🔍 **Troubleshooting:** - - Check operator status: kubectl get deployment -n {{ include "openlit-operator.namespace" . }} - - View AutoInstrumentation resources: kubectl get autoinstrumentations -A - - Check webhook configuration: kubectl get mutatingwebhookconfigurations - - Inspect pod mutations: kubectl describe pod - -For more help, visit: https://docs.openlit.io/latest/troubleshooting diff --git a/charts/openlit-operator/templates/_helpers.tpl b/charts/openlit-operator/templates/_helpers.tpl deleted file mode 100644 index 5bc90c2..0000000 --- a/charts/openlit-operator/templates/_helpers.tpl +++ /dev/null @@ -1,328 +0,0 @@ -{{/* -Expand the name of the chart. -*/}} -{{- define "openlit-operator.name" -}} -{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} -{{- end }} - -{{/* -Create a default fully qualified app name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -If release name contains chart name it will be used as a full name. -*/}} -{{- define "openlit-operator.fullname" -}} -{{- if .Values.fullnameOverride }} -{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} -{{- else }} -{{- $name := default .Chart.Name .Values.nameOverride }} -{{- if contains $name .Release.Name }} -{{- .Release.Name | trunc 63 | trimSuffix "-" }} -{{- else }} -{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} -{{- end }} -{{- end }} -{{- end }} - -{{/* -Create chart name and version as used by the chart label. -*/}} -{{- define "openlit-operator.chart" -}} -{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} -{{- end }} - -{{/* -Common labels -*/}} -{{- define "openlit-operator.labels" -}} -helm.sh/chart: {{ include "openlit-operator.chart" . }} -{{ include "openlit-operator.selectorLabels" . }} -{{- if .Chart.AppVersion }} -app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} -{{- end }} -app.kubernetes.io/managed-by: {{ .Release.Service }} -{{- with .Values.global.commonLabels }} -{{ toYaml . }} -{{- end }} -{{- end }} - -{{/* -Selector labels -*/}} -{{- define "openlit-operator.selectorLabels" -}} -app.kubernetes.io/name: {{ include "openlit-operator.name" . }} -app.kubernetes.io/instance: {{ .Release.Name }} -{{- end }} - -{{/* -Create the name of the service account to use -*/}} -{{- define "openlit-operator.serviceAccountName" -}} -{{- if .Values.serviceAccount.create }} -{{- default (include "openlit-operator.fullname" .) .Values.serviceAccount.name }} -{{- else }} -{{- default "default" .Values.serviceAccount.name }} -{{- end }} -{{- end }} - -{{/* -Create the name of the cluster role to use -*/}} -{{- define "openlit-operator.clusterRoleName" -}} -{{- default (include "openlit-operator.fullname" .) .Values.rbac.clusterRoleName }} -{{- end }} - -{{/* -Create the name of the cluster role binding to use -*/}} -{{- define "openlit-operator.clusterRoleBindingName" -}} -{{- default (include "openlit-operator.fullname" .) .Values.rbac.clusterRoleBindingName }} -{{- end }} - -{{/* -Create the name of the webhook service to use -*/}} -{{- define "openlit-operator.webhookServiceName" -}} -{{- if .Values.webhook.service.name }} -{{- .Values.webhook.service.name }} -{{- else }} -{{- printf "%s-webhook-service" (include "openlit-operator.fullname" .) }} -{{- end }} -{{- end }} - -{{/* -Create the name of the webhook configuration to use -*/}} -{{- define "openlit-operator.webhookConfigName" -}} -{{- if .Values.webhook.configName }} -{{- .Values.webhook.configName }} -{{- else }} -{{- printf "%s-mutating-webhook-configuration" (include "openlit-operator.fullname" .) }} -{{- end }} -{{- end }} - -{{/* -Create the name of the TLS secret to use -*/}} -{{- define "openlit-operator.tlsSecretName" -}} -{{- if .Values.tls.secretName }} -{{- .Values.tls.secretName }} -{{- else }} -{{- printf "%s-webhook-server-certs" (include "openlit-operator.fullname" .) }} -{{- end }} -{{- end }} - -{{/* -Create the namespace to use -*/}} -{{- define "openlit-operator.namespace" -}} -{{- if .Values.global.namespace }} -{{- .Values.global.namespace }} -{{- else }} -{{- .Release.Namespace }} -{{- end }} -{{- end }} - -{{/* -Create the image name for the operator -*/}} -{{- define "openlit-operator.image" -}} -{{- if .Values.image.tag }} -{{- printf "%s:%s" .Values.image.repository .Values.image.tag }} -{{- else }} -{{- printf "%s:%s" .Values.image.repository .Chart.AppVersion }} -{{- end }} -{{- end }} - -{{/* -Create the default init image environment variable value (uses default provider) -*/}} -{{- define "openlit-operator.defaultInitImage" -}} -{{- if .Values.operator.defaultInitImage }} -{{- .Values.operator.defaultInitImage }} -{{- else }} -{{/* Use the default provider image (openlit) */}} -{{- include "openlit-operator.providerImage" (dict "provider" .Values.instrumentation.defaultProvider "Values" .Values "Chart" .Chart) }} -{{- end }} -{{- end }} - -{{/* -Get provider-specific init image with version fallback logic -*/}} -{{- define "openlit-operator.providerImage" -}} -{{- $provider := .provider -}} -{{- $providerConfig := index $.Values.providerImages $provider -}} -{{- if $providerConfig }} -{{- $tag := $providerConfig.tag -}} -{{- if not $tag }} -{{/* Use operator image tag as fallback */}} -{{- if $.Values.image.tag }} -{{- $tag = $.Values.image.tag }} -{{- else }} -{{- $tag = $.Chart.AppVersion }} -{{- end }} -{{- end }} -{{- printf "%s:%s" $providerConfig.repository $tag }} -{{- else }} -{{/* Fallback to default provider image */}} -{{- $defaultProvider := $.Values.instrumentation.defaultProvider -}} -{{- $defaultConfig := index $.Values.providerImages $defaultProvider -}} -{{- if $defaultConfig }} -{{- $defaultTag := $defaultConfig.tag -}} -{{- if not $defaultTag }} -{{- if $.Values.image.tag }} -{{- $defaultTag = $.Values.image.tag }} -{{- else }} -{{- $defaultTag = $.Chart.AppVersion }} -{{- end }} -{{- end }} -{{- printf "%s:%s" $defaultConfig.repository $defaultTag }} -{{- else }} -{{- fail (printf "No configuration found for default provider: %s" $defaultProvider) }} -{{- end }} -{{- end }} -{{- end }} - -{{/* -Common annotations -*/}} -{{- define "openlit-operator.annotations" -}} -{{- with .Values.global.commonAnnotations }} -{{ toYaml . }} -{{- end }} -{{- end }} - -{{/* -Pod labels including common labels and pod-specific labels -*/}} -{{- define "openlit-operator.podLabels" -}} -{{ include "openlit-operator.selectorLabels" . }} -{{- with .Values.deployment.podLabels }} -{{ toYaml . }} -{{- end }} -{{- with .Values.global.commonLabels }} -{{ toYaml . }} -{{- end }} -{{- end }} - -{{/* -Pod annotations including common annotations and pod-specific annotations -*/}} -{{- define "openlit-operator.podAnnotations" -}} -{{- with .Values.deployment.podAnnotations }} -{{ toYaml . }} -{{- end }} -{{- with .Values.global.commonAnnotations }} -{{ toYaml . }} -{{- end }} -{{- end }} - -{{/* -Create environment variables for the operator -*/}} -{{- define "openlit-operator.env" -}} -- name: OPENLIT_DEFAULT_INIT_IMAGE - value: {{ include "openlit-operator.defaultInitImage" . | quote }} -- name: LOG_LEVEL - value: {{ .Values.observability.logLevel | quote }} -- name: WEBHOOK_FAILURE_POLICY - value: {{ .Values.webhook.failurePolicy | quote }} -- name: WEBHOOK_REINVOCATION_POLICY - value: {{ .Values.webhook.reinvocationPolicy | quote }} -- name: WEBHOOK_PORT - value: {{ .Values.webhook.server.port | quote }} -- name: WEBHOOK_PATH - value: {{ .Values.webhook.server.path | quote }} -- name: WEBHOOK_CERT_DIR - value: {{ .Values.webhook.server.certDir | quote }} -- name: WEBHOOK_SERVICE_NAME - value: {{ include "openlit-operator.webhookServiceName" . | quote }} -- name: WEBHOOK_SECRET_NAME - value: {{ include "openlit-operator.tlsSecretName" . | quote }} -- name: WEBHOOK_CONFIG_NAME - value: {{ include "openlit-operator.webhookConfigName" . | quote }} -- name: CERT_VALIDITY_DAYS - value: {{ .Values.tls.validityDays | quote }} -- name: CERT_REFRESH_DAYS - value: {{ .Values.tls.refreshDays | quote }} -- name: HEALTH_PORT - value: {{ .Values.healthcheck.port | quote }} -- name: SELF_MONITORING_ENABLED - value: {{ .Values.observability.selfMonitoringEnabled | quote }} -{{- if .Values.observability.otel.endpoint }} -- name: OTEL_EXPORTER_OTLP_ENDPOINT - value: {{ .Values.observability.otel.endpoint | quote }} -{{- end }} -{{- if .Values.observability.otel.headers }} -- name: OTEL_EXPORTER_OTLP_HEADERS - value: {{ .Values.observability.otel.headers | quote }} -{{- end }} -{{- if .Values.observability.otel.logsEndpoint }} -- name: OTEL_EXPORTER_OTLP_LOGS_ENDPOINT - value: {{ .Values.observability.otel.logsEndpoint | quote }} -{{- end }} -{{- if .Values.observability.otel.metricsEndpoint }} -- name: OTEL_EXPORTER_OTLP_METRICS_ENDPOINT - value: {{ .Values.observability.otel.metricsEndpoint | quote }} -{{- end }} -{{- if .Values.multiOperator.watchNamespace }} -- name: WATCH_NAMESPACE - value: {{ .Values.multiOperator.watchNamespace | quote }} -{{- end }} -{{- with .Values.env.extra }} -{{ toYaml . }} -{{- end }} -{{- end }} - -{{/* -Create volume mounts for the operator -*/}} -{{- define "openlit-operator.volumeMounts" -}} -- mountPath: {{ .Values.webhook.server.certDir }} - name: cert-dir - readOnly: false -- mountPath: /tmp - name: tmp -{{- with .Values.volumeMounts.extra }} -{{ toYaml . }} -{{- end }} -{{- end }} - -{{/* -Create volumes for the operator -*/}} -{{- define "openlit-operator.volumes" -}} -- name: cert-dir - emptyDir: {} -- name: tmp - emptyDir: {} -{{- with .Values.volumes.extra }} -{{ toYaml . }} -{{- end }} -{{- end }} - -{{/* -Validate required values -*/}} -{{- define "openlit-operator.validateValues" -}} -{{- if not .Values.image.repository }} -{{- fail "image.repository is required" }} -{{- end }} -{{- if not .Values.providerImages.openlit.repository }} -{{- fail "providerImages.openlit.repository is required" }} -{{- end }} -{{- if not .Values.providerImages.openinference.repository }} -{{- fail "providerImages.openinference.repository is required" }} -{{- end }} -{{- if not .Values.providerImages.openllmetry.repository }} -{{- fail "providerImages.openllmetry.repository is required" }} -{{- end }} -{{- if not (has .Values.webhook.failurePolicy (list "Ignore" "Fail")) }} -{{- fail "webhook.failurePolicy must be either 'Ignore' or 'Fail'" }} -{{- end }} -{{- if not (has .Values.webhook.reinvocationPolicy (list "Never" "IfNeeded")) }} -{{- fail "webhook.reinvocationPolicy must be either 'Never' or 'IfNeeded'" }} -{{- end }} -{{- if not (has .Values.observability.logLevel (list "debug" "info" "warn" "error")) }} -{{- fail "observability.logLevel must be one of: debug, info, warn, error" }} -{{- end }} -{{- end }} diff --git a/charts/openlit-operator/templates/clusterrole.yaml b/charts/openlit-operator/templates/clusterrole.yaml deleted file mode 100644 index acec4b5..0000000 --- a/charts/openlit-operator/templates/clusterrole.yaml +++ /dev/null @@ -1,44 +0,0 @@ -{{- if .Values.rbac.create }} -{{- include "openlit-operator.validateValues" . }} -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: {{ include "openlit-operator.clusterRoleName" . }} - labels: - {{- include "openlit-operator.labels" . | nindent 4 }} - component: rbac - annotations: - {{- include "openlit-operator.annotations" . | nindent 4 }} -rules: -# AutoInstrumentation Custom Resource permissions -- apiGroups: ["openlit.io"] - resources: ["autoinstrumentations"] - verbs: ["get", "list", "watch", "create", "update", "patch", "delete"] -- apiGroups: ["openlit.io"] - resources: ["autoinstrumentations/status"] - verbs: ["get", "update", "patch"] -- apiGroups: ["openlit.io"] - resources: ["autoinstrumentations/finalizers"] - verbs: ["update"] - -# Core Kubernetes resources -- apiGroups: [""] - resources: ["pods"] - verbs: ["get", "list", "watch"] -- apiGroups: [""] - resources: ["namespaces"] - verbs: ["get", "list", "watch"] -- apiGroups: [""] - resources: ["secrets"] - verbs: ["get", "list", "watch", "create", "update", "patch"] - -# Admission controller webhook permissions -- apiGroups: ["admissionregistration.k8s.io"] - resources: ["mutatingwebhookconfigurations"] - verbs: ["get", "list", "watch", "create", "update", "patch"] - -# Events for logging and debugging -- apiGroups: [""] - resources: ["events"] - verbs: ["create", "patch"] -{{- end }} diff --git a/charts/openlit-operator/templates/clusterrolebinding.yaml b/charts/openlit-operator/templates/clusterrolebinding.yaml deleted file mode 100644 index 2c99b9b..0000000 --- a/charts/openlit-operator/templates/clusterrolebinding.yaml +++ /dev/null @@ -1,20 +0,0 @@ -{{- if .Values.rbac.create }} -{{- include "openlit-operator.validateValues" . }} -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: {{ include "openlit-operator.clusterRoleBindingName" . }} - labels: - {{- include "openlit-operator.labels" . | nindent 4 }} - component: rbac - annotations: - {{- include "openlit-operator.annotations" . | nindent 4 }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: {{ include "openlit-operator.clusterRoleName" . }} -subjects: -- kind: ServiceAccount - name: {{ include "openlit-operator.serviceAccountName" . }} - namespace: {{ include "openlit-operator.namespace" . }} -{{- end }} diff --git a/charts/openlit-operator/templates/crd.yaml b/charts/openlit-operator/templates/crd.yaml deleted file mode 100644 index d25ca75..0000000 --- a/charts/openlit-operator/templates/crd.yaml +++ /dev/null @@ -1,320 +0,0 @@ -{{- if .Values.crd.install }} -{{- include "openlit-operator.validateValues" . }} -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: autoinstrumentations.openlit.io - labels: - {{- include "openlit-operator.labels" . | nindent 4 }} - annotations: - {{- include "openlit-operator.annotations" . | nindent 4 }} - controller-gen.kubebuilder.io/version: generated-by-openlit-operator - {{- with .Values.crd.annotations }} - {{ toYaml . | nindent 4 }} - {{- end }} -spec: - group: openlit.io - names: - kind: AutoInstrumentation - plural: autoinstrumentations - shortNames: - - ai - singular: autoinstrumentation - scope: Namespaced - versions: - - additionalPrinterColumns: - - description: Python instrumentation enabled - jsonPath: .spec.python.instrumentation.enabled - name: Python-Enabled - type: boolean - - description: Instrumentation provider - jsonPath: .spec.python.instrumentation.provider - name: Provider - type: string - - description: OTLP endpoint - jsonPath: .spec.otlp.endpoint - name: OTLP-Endpoint - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1alpha1 - schema: - openAPIV3Schema: - description: AutoInstrumentation defines the configuration for automatic instrumentation - of applications - properties: - spec: - properties: - ignore: - description: Ignore defines which pods should be skipped for instrumentation - properties: - matchExpressions: - description: MatchExpressions is a list of label selector requirements - items: - properties: - key: - description: Key is the label key that the selector applies to - type: string - operator: - description: Operator represents a key's relationship to a set of values - type: string - values: - description: Values is an array of string values - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: MatchLabels is a map of {key,value} pairs - type: object - type: object - otlp: - description: OTLP defines OpenTelemetry Protocol configuration - properties: - endpoint: - description: Endpoint specifies the OTLP endpoint URL - pattern: ^https?://[a-zA-Z0-9.-]+(:[0-9]+)?(/.*)?$ - type: string - headers: - description: Headers specifies additional headers (key=value format, comma-separated) - pattern: ^[a-zA-Z0-9_\-]+=.*(,[a-zA-Z0-9_\-]+=.*)*$ - type: string - timeout: - default: 30 - description: Timeout specifies the timeout in seconds - maximum: 300 - minimum: 1 - type: integer - required: - - endpoint - type: object - python: - description: Python defines Python-specific instrumentation configuration - properties: - instrumentation: - description: Instrumentation defines instrumentation configuration - properties: - customInitImage: - description: CustomInitImage specifies a custom init container image - pattern: ^[a-z0-9.-]+(/[a-z0-9._-]+)*:[a-zA-Z0-9._-]+$ - type: string - customPackages: - description: CustomPackages specifies additional packages to install (comma-separated) - pattern: ^[a-zA-Z0-9_\-\.,=<>!\s]*$ - type: string - enabled: - default: true - description: Enabled controls whether instrumentation is enabled - type: boolean - env: - description: Env defines environment variables to be injected into instrumented containers - items: - properties: - name: - description: Name is the environment variable name - pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$ - type: string - value: - description: Value is the environment variable value - type: string - valueFrom: - description: ValueFrom specifies a source for the environment variable's value - properties: - configMapKeyRef: - description: ConfigMapKeyRef selects a key of a ConfigMap - properties: - key: - description: Key of the ConfigMap to select from - type: string - name: - description: Name of the ConfigMap in the pod's namespace to select from - type: string - optional: - description: Optional specifies whether the ConfigMap or its key must be defined - type: boolean - required: - - name - - key - type: object - fieldRef: - description: FieldRef selects a field of the pod - properties: - apiVersion: - description: Version of the schema the FieldPath is written in terms of - type: string - fieldPath: - description: Path of the field to select in the specified API version - type: string - required: - - fieldPath - type: object - secretKeyRef: - description: SecretKeyRef selects a key of a Secret - properties: - key: - description: Key of the secret to select from - type: string - name: - description: Name of the secret in the pod's namespace to select from - type: string - optional: - description: Optional specifies whether the Secret or its key must be defined - type: boolean - required: - - name - - key - type: object - type: object - required: - - name - type: object - type: array - imagePullPolicy: - default: IfNotPresent - description: ImagePullPolicy defines the image pull policy for init containers - enum: - - Always - - IfNotPresent - - Never - type: string - provider: - default: {{ .Values.instrumentation.defaultProvider }} - description: Provider specifies the instrumentation provider - enum: - - openlit - - openinference - - openllmetry - - custom - type: string - version: - default: {{ .Values.instrumentation.defaultVersion }} - description: Version specifies the instrumentation version - pattern: ^(latest|[0-9]+\.[0-9]+\.[0-9]+.*)$ - type: string - type: object - type: object - resource: - description: Resource defines resource attributes for telemetry - properties: - environment: - description: Environment specifies the deployment environment - pattern: ^[a-zA-Z0-9_\-]+$ - type: string - type: object - selector: - description: Selector defines which pods should be instrumented - properties: - matchExpressions: - description: MatchExpressions is a list of label selector requirements - items: - properties: - key: - description: Key is the label key that the selector applies to - type: string - operator: - description: Operator represents a key's relationship to a set of values - type: string - values: - description: Values is an array of string values - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: MatchLabels is a map of {key,value} pairs - type: object - type: object - required: - - selector - - otlp - type: object - status: - description: AutoInstrumentationStatus defines the observed state of AutoInstrumentation - properties: - conditions: - description: Conditions represent the latest available observations of the resource's state - items: - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned - format: date-time - type: string - message: - description: Message is a human readable message indicating details about the transition - type: string - observedGeneration: - description: ObservedGeneration represents the .metadata.generation that the condition was set based upon - format: int64 - type: integer - reason: - description: Reason contains a programmatic identifier indicating the reason for the condition's last transition - type: string - status: - description: Status of the condition, one of True, False, Unknown - type: string - type: - description: Type of condition - type: string - required: - - type - - status - - lastTransitionTime - - reason - - message - type: object - type: array - instrumentedPods: - description: InstrumentedPods tracks which pods have been instrumented - items: - properties: - instrumentedAt: - description: InstrumentedAt is when the pod was instrumented - format: date-time - type: string - name: - description: Name is the pod name - type: string - namespace: - description: Namespace is the pod namespace - type: string - provider: - description: Provider is the instrumentation provider used - type: string - required: - - name - - namespace - - instrumentedAt - - provider - type: object - type: array - lastProcessed: - description: LastProcessed tracks the last time this config was processed - format: date-time - type: string - validationErrors: - description: ValidationErrors tracks validation errors - items: - type: string - type: array - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} -{{- end }} diff --git a/charts/openlit-operator/templates/deployment.yaml b/charts/openlit-operator/templates/deployment.yaml deleted file mode 100644 index f943bd5..0000000 --- a/charts/openlit-operator/templates/deployment.yaml +++ /dev/null @@ -1,109 +0,0 @@ -{{- include "openlit-operator.validateValues" . }} -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ include "openlit-operator.fullname" . }} - namespace: {{ include "openlit-operator.namespace" . }} - labels: - {{- include "openlit-operator.labels" . | nindent 4 }} - component: controller - annotations: - {{- include "openlit-operator.annotations" . | nindent 4 }} -spec: - replicas: {{ .Values.deployment.replicas }} - {{- with .Values.deployment.strategy }} - strategy: - {{- toYaml . | nindent 4 }} - {{- end }} - selector: - matchLabels: - {{- include "openlit-operator.selectorLabels" . | nindent 6 }} - template: - metadata: - labels: - {{- include "openlit-operator.podLabels" . | nindent 8 }} - annotations: - {{- include "openlit-operator.podAnnotations" . | nindent 8 }} - # Force restart when configuration changes - checksum/values: {{ .Values | toYaml | sha256sum }} - spec: - {{- with .Values.image.pullSecrets }} - imagePullSecrets: - {{- toYaml . | nindent 8 }} - {{- end }} - serviceAccountName: {{ include "openlit-operator.serviceAccountName" . }} - {{- with .Values.deployment.podSecurityContext }} - securityContext: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.deployment.priorityClassName }} - priorityClassName: {{ . }} - {{- end }} - containers: - - name: operator - image: {{ include "openlit-operator.image" . }} - imagePullPolicy: {{ .Values.image.pullPolicy }} - - # Environment variables for operator configuration - env: - - name: POD_NAMESPACE - value: "{{ include "openlit-operator.namespace" . }}" - {{- include "openlit-operator.env" . | nindent 8 }} - - # Container ports - ports: - - containerPort: {{ .Values.webhook.server.port }} - name: webhook-server - protocol: TCP - - containerPort: {{ .Values.healthcheck.port }} - name: health - protocol: TCP - - # Health checks - {{- with .Values.healthcheck.livenessProbe }} - livenessProbe: - {{- toYaml . | nindent 10 }} - {{- end }} - - {{- with .Values.healthcheck.readinessProbe }} - readinessProbe: - {{- toYaml . | nindent 10 }} - {{- end }} - - # Resource limits and requests - {{- with .Values.resources }} - resources: - {{- toYaml . | nindent 10 }} - {{- end }} - - # Volume mounts - volumeMounts: - {{- include "openlit-operator.volumeMounts" . | nindent 8 }} - - # Security context for the container - {{- with .Values.deployment.securityContext }} - securityContext: - {{- toYaml . | nindent 10 }} - {{- end }} - - # Volumes - volumes: - {{- include "openlit-operator.volumes" . | nindent 6 }} - - # Node selector - {{- with .Values.deployment.nodeSelector }} - nodeSelector: - {{- toYaml . | nindent 8 }} - {{- end }} - - # Tolerations - {{- with .Values.deployment.tolerations }} - tolerations: - {{- toYaml . | nindent 8 }} - {{- end }} - - # Affinity - {{- with .Values.deployment.affinity }} - affinity: - {{- toYaml . | nindent 8 }} - {{- end }} diff --git a/charts/openlit-operator/templates/service.yaml b/charts/openlit-operator/templates/service.yaml deleted file mode 100644 index 025daac..0000000 --- a/charts/openlit-operator/templates/service.yaml +++ /dev/null @@ -1,23 +0,0 @@ -{{- include "openlit-operator.validateValues" . }} -apiVersion: v1 -kind: Service -metadata: - name: {{ include "openlit-operator.webhookServiceName" . }} - namespace: {{ include "openlit-operator.namespace" . }} - labels: - {{- include "openlit-operator.labels" . | nindent 4 }} - component: webhook - annotations: - {{- include "openlit-operator.annotations" . | nindent 4 }} - {{- with .Values.webhook.service.annotations }} - {{ toYaml . | nindent 4 }} - {{- end }} -spec: - type: {{ .Values.webhook.service.type }} - ports: - - name: webhook - port: {{ .Values.webhook.service.port }} - protocol: TCP - targetPort: {{ .Values.webhook.service.targetPort }} - selector: - {{- include "openlit-operator.selectorLabels" . | nindent 4 }} diff --git a/charts/openlit-operator/templates/serviceaccount.yaml b/charts/openlit-operator/templates/serviceaccount.yaml deleted file mode 100644 index c34ebfd..0000000 --- a/charts/openlit-operator/templates/serviceaccount.yaml +++ /dev/null @@ -1,20 +0,0 @@ -{{- if .Values.serviceAccount.create }} -{{- include "openlit-operator.validateValues" . }} -apiVersion: v1 -kind: ServiceAccount -metadata: - name: {{ include "openlit-operator.serviceAccountName" . }} - namespace: {{ include "openlit-operator.namespace" . }} - labels: - {{- include "openlit-operator.labels" . | nindent 4 }} - component: serviceaccount - annotations: - {{- include "openlit-operator.annotations" . | nindent 4 }} - {{- with .Values.serviceAccount.annotations }} - {{ toYaml . | nindent 4 }} - {{- end }} -{{- with .Values.image.pullSecrets }} -imagePullSecrets: - {{- toYaml . | nindent 2 }} -{{- end }} -{{- end }} diff --git a/charts/openlit-operator/values.yaml b/charts/openlit-operator/values.yaml deleted file mode 100644 index 6a06b1d..0000000 --- a/charts/openlit-operator/values.yaml +++ /dev/null @@ -1,249 +0,0 @@ -# OpenLIT Operator Helm Chart Values -# This file contains all configurable options for the OpenLIT Kubernetes operator - -# Global configuration -global: - # Namespace for the operator (if not specified, will use Release.Namespace) - namespace: "" - # Common labels to add to all resources - commonLabels: {} - # Common annotations to add to all resources - commonAnnotations: {} - -# Operator image configuration -image: - # Container image repository - repository: ghcr.io/openlit/openlit-operator - # Image tag (if not specified, uses Chart.AppVersion) - tag: "" - # Image pull policy - pullPolicy: IfNotPresent - # Image pull secrets - pullSecrets: [] - -# Provider-specific init images (operator selects based on AutoInstrumentation CR) -providerImages: - # OpenLIT provider image - openlit: - repository: ghcr.io/openlit/openlit-ai-instrumentation - tag: "" # Uses operator image tag by default - # OpenLLMetry provider image - openllmetry: - repository: ghcr.io/openlit/openllmetry-ai-instrumentation - tag: "" # Uses operator image tag by default - # OpenInference provider image - openinference: - repository: ghcr.io/openlit/openinference-ai-instrumentation - tag: "" # Uses operator image tag by default - -# Deployment configuration -deployment: - # Number of operator replicas - replicas: 1 - # Deployment strategy - strategy: - type: RollingUpdate - rollingUpdate: - maxUnavailable: 1 - maxSurge: 1 - # Pod annotations - podAnnotations: {} - # Pod labels - podLabels: {} - # Security context for the pod - podSecurityContext: - runAsNonRoot: false # Required for certificate management - runAsUser: 0 - fsGroup: 0 - # Security context for the container - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: false # Allow writing certificates - runAsNonRoot: false - capabilities: - drop: - - ALL - # Node selector - nodeSelector: {} - # Tolerations - tolerations: - - key: node-role.kubernetes.io/control-plane - operator: Exists - effect: NoSchedule - - key: node-role.kubernetes.io/master - operator: Exists - effect: NoSchedule - # Affinity - affinity: {} - # Priority class name - priorityClassName: "" - -# Resource limits and requests -resources: - requests: - cpu: 100m - memory: 128Mi - limits: - cpu: 500m - memory: 512Mi - -# Service account configuration -serviceAccount: - # Create service account - create: true - # Service account name (if not specified, uses fullname template) - name: "" - # Service account annotations - annotations: {} - -# RBAC configuration -rbac: - # Create RBAC resources - create: true - # Cluster role name (if not specified, uses fullname template) - clusterRoleName: "" - # Cluster role binding name (if not specified, uses fullname template) - clusterRoleBindingName: "" - -# Webhook configuration -webhook: - # Webhook service configuration - service: - # Service name (if not specified, uses fullname template with -webhook suffix) - name: "" - # Service type - type: ClusterIP - # Service port - port: 443 - # Target port - targetPort: 9443 - # Service annotations - annotations: {} - - # Webhook server configuration - server: - # Webhook port - port: 9443 - # Webhook path - path: "/mutate" - # Certificate directory - certDir: "/tmp/k8s-webhook-server/serving-certs" - - # Webhook behavior - failurePolicy: Ignore # Options: Ignore, Fail - reinvocationPolicy: Never # Options: Never, IfNeeded - - # MutatingWebhookConfiguration name (if not specified, uses fullname template) - configName: "" - -# TLS certificate configuration -tls: - # Certificate validity in days - validityDays: 365 - # Certificate refresh threshold in days - refreshDays: 30 - # Secret name for storing certificates (if not specified, uses fullname template with -certs suffix) - secretName: "" - -# Health and readiness probe configuration -healthcheck: - # Health check port - port: 8081 - # Liveness probe - livenessProbe: - httpGet: - path: /healthz - port: health - initialDelaySeconds: 15 - periodSeconds: 20 - timeoutSeconds: 5 - failureThreshold: 3 - # Readiness probe - readinessProbe: - httpGet: - path: /readyz - port: health - initialDelaySeconds: 5 - periodSeconds: 10 - timeoutSeconds: 5 - failureThreshold: 3 - -# Observability configuration -observability: - # Log level (debug, info, warn, error) - logLevel: info - # Enable self-monitoring with OpenTelemetry - selfMonitoringEnabled: false - # OpenTelemetry configuration for operator self-monitoring - otel: - # OTLP endpoint for operator logs/metrics - endpoint: "" - # OTLP headers - headers: "" - # OTLP logs endpoint (if empty, uses endpoint) - logsEndpoint: "" - # OTLP metrics endpoint (if empty, uses endpoint) - metricsEndpoint: "" - -# Multi-operator support -multiOperator: - # Watch specific namespace (if empty, watches all namespaces) - watchNamespace: "" - -# Custom Resource Definition configuration -crd: - # Install CRD (should be true for new installations) - install: true - # CRD annotations - annotations: {} - -# Environment variables for the operator -env: - # Additional environment variables - extra: [] - # Example: - # - name: CUSTOM_VAR - # value: "custom-value" - # - name: SECRET_VAR - # valueFrom: - # secretKeyRef: - # name: my-secret - # key: my-key - -# Volume configuration -volumes: - # Additional volumes - extra: [] - # Example: - # - name: custom-volume - # configMap: - # name: custom-config - -# Volume mounts configuration -volumeMounts: - # Additional volume mounts - extra: [] - # Example: - # - name: custom-volume - # mountPath: /custom/path - -# Operator-specific configuration -operator: - # Default init image override (if set, overrides provider-based image selection) - defaultInitImage: "" - -# CRD schema configuration (for validation) -schema: - # Enable schema validation - validation: true - -# Instrumentation provider defaults -instrumentation: - # Default provider (openlit, openinference, openllmetry, custom) - defaultProvider: openlit - # Default version - defaultVersion: latest - # Default image pull policy for init containers - defaultImagePullPolicy: IfNotPresent - - diff --git a/charts/openlit/Chart.lock b/charts/openlit/Chart.lock index d80b367..4452e25 100644 --- a/charts/openlit/Chart.lock +++ b/charts/openlit/Chart.lock @@ -1,6 +1,6 @@ dependencies: -- name: openlit-operator - repository: https://openlit.github.io/helm/ - version: 0.2.1 -digest: sha256:55d95e7eba90c76f827a7d92c61096a14787d7294a2f7eff3c8cc5a4b83d9336 -generated: "2025-11-13T12:16:01.806058+05:30" +- name: openlit-controller + repository: file://../openlit-controller + version: 0.1.0 +digest: sha256:c38e4d551a6786cf6f90da491c3ff6bb7e5511389972fbadd52021dc5ef83398 +generated: "2026-04-11T16:35:42.016301+05:30" diff --git a/charts/openlit/Chart.yaml b/charts/openlit/Chart.yaml index 1e0ddb3..85d1978 100644 --- a/charts/openlit/Chart.yaml +++ b/charts/openlit/Chart.yaml @@ -21,9 +21,9 @@ maintainers: email: contact@openlit.io url: https://openlit.io dependencies: - - name: openlit-operator - version: "0.2.1" - repository: "https://openlit.github.io/helm/" - condition: openlit-operator.enabled + - name: openlit-controller + version: "0.1.0" + repository: "file://../openlit-controller" + condition: openlit-controller.enabled tags: - - operator + - controller diff --git a/charts/openlit/charts/openlit-controller-0.1.0.tgz b/charts/openlit/charts/openlit-controller-0.1.0.tgz new file mode 100644 index 0000000000000000000000000000000000000000..1aa4b9d1b225d42608ee82ff0176ad48ffdd566f GIT binary patch literal 3299 zcmV<93>@Dc zVQyr3R8em|NM&qo0PI_FQ{%XjpTGSny29?=%-+OtAi$ifw(eMly``1`3Yfjx+uEWO zyOZdUC66Qr@|dZ5AL4z&_eow!vK`woNd{(Mw-)^YcHC-px7t5-w`7qbXH<71!L<~O zq3rEXh}8a!B<#hPX+aPKJA;A!9|S@3e?JH|U-Y;8J3E8T?Ln~nBIs`io4YR{_(J0^ zZJE+Uz6c&XR#Uk@Nh2x!1*M{bhcMmrNSc5tw-BpAX(>r{okUhaZE6&{Vu zAjJbRC7MX(kExzy!%U$xUW#1%kw|)3uRr+DH#@tVgW$i^_nSfRZ`1Dw-WATSg^X3` zb?f7s`xLoGh6!qE?g{m}z*ypS0f*_x>jLFU%Pc{ziP6{VLLxZTLQ+2Vx}YVA+|~Sb z@e)G0CX}PJgJMD`3oQYO^nX{B1K`ByUD)sfN#X%ylC|2x5ih=#J@C0bWoyCzDPb9^FSr1#!2hkmV9><>t)Tym z|Bul&9sudyMhQT%h?GAEubx{wdKIq{QyX#Q4fL%#9uvj)5j*jGp})dH@nr zp$wSMLKsgXY2<96Wff)tHsEB6QqmZemBn%bO~!CN5egy35y_Y~@>@|&+ywI#)c3#; zhtTPG0BOe9sbDmkg>X1J7W!18Lase0;AzI#IYtt-3gNfkE&3OuTMna)v4tOVb#nui z2DC800slKe4l$-o%rJJAQ`yjoDMnW2TyH1)>*DskWOmMlX6XTsQ$e}*Hh@S3l4;S6 zQPL^KFp?s%Y*HePcSvMN6xwypFO3I+vl(0)VO$JAjBt3PQF6jc|1)bZ;Sqw6xzL8T z;RA*wCQNYjJ*RGHC+hv#QK3@7FD7a-6hy}GQsRe=F#)GQT@IX@}|H(nzcJLKBDb4I?M zKsh#Vt$|FS0?4OS3U03%86xwb`dbK{REju@j8nMI`z%x1ydN=gO-B@^)i24Irrjui zs8DCA@&NK54&x9yxyL&;d#8tRg)`fiWO`zlnGl1I;hO46T^D#MYzRr1F%3!S&p0bw z_}m~vgnLmWGOinLtZEOt(|x!vD< zN6okwf}s;lS=h^stbi~ku0cf;j5B7;D!BR0Vx5AQlt(O!&F={@Go)U5dd|uW-31(t zFw!9$i*v^YtqdYHWI~2;a6^?=4cdbnj52)(sljivFeqdgY2kcFqB3uUoBRolCb^I@ zYdX4T9-QZWi&-+JC!-PNCQ*1<76$yf9w{l0EMduE z?j4oBwO24!UMk|fh8sQg8vQj}OZ=xXN$vXGJ3hHMIQR99e%Kf*^Z(6e{=c)mwe=kT zJw|JZ{w74h5Env+GU)O>?@+@vWz0qc2{EwG*bHK-A`|98j@b$la%B*~#E@pSFl5T0 z7*0{nEJXO8_qJRk-k%+XaC-|5*$_I5-s#WR>kjzv>62$y>-jpns(WQo&KY>ec%wmS zOf6{keH%iw#}XdErVqztO2gw$pC)Jh91C{55J16VhLxiG({roR`UP`KI}6Z zT|wu7o8Y%&_!_q~Yaug8Sr~CK1o6Bd&C)F-0_7ti6D!4Qm{LV`c%S(EsXg+!J!V^q z|CbYFDN5z*^dY5y75Klsxx3TA|J}jh8UG)p-QM=T^A2uO11SdaOf+3&QZ^~{z3+OT zK6$sdT@#p6-VUp#TL-#xLYo--ZY$x~@brIiWu^vX?YD&qgD91D$RM za$d+|3({85eH*d^DMv6_@eDp>gqb`hHVEso&$Xm3a_YI{bW{r3Ot=ey?tH$EGE9|x zzOkkbzhB>4a~UI7<4`#h|I8)cu5Te{?Z?j)E|rw)5p=#)-EUQ=!OIQ0{@k@+)@IZd zB`ja#iFt|I1Rj~f7>2V-g~f*d>rJrjFrVF~R#k($>%4RWA37ocNG?BtO_reDLaQ`|J7Y=c~!d#XcYsLWvaCp+%f5As05qh9VNy0XGgwg>#MG| zR7p#KDp06j8{`72A*K=|&1SxLq9-V?slwObDyRzuRQn?TyQ&pZ;bmF0O`NFE~ z6sXb7H*MSyb@87%dj9jbrTJf8`j>*?L$-rg*Z+cg{ttO#=|E58{U@@UI#p;$4O zbY^8Z`w=+hu>tpiVPiKF++GMt>HkQPr7DEqI-TDw-}(Ly{MJcDtU9luW4A8s1xZk) zByx8}Ezew=>>xi+GnYc;Os6P^mf;w+A!bzB|JOuE6HC(&hNP)#6DTfs`Kp5|bhk>!SD=6p*wqEk#~tk9>C&)c0c)5HvE5#biM>RuJt6`Dz+Buwj?|^lH*|4 zs>Mox{rQf_dHMTq6Ox3a4?7IFD*o$l1$&F_de;ki^K{y{ZU`TX!z_l)r9E@~SsTrjvZiIES$c{0-E?j;8`8@m~f0)59!Z@n^l7-+QNrmp>o;+CJNhAz#k45hhjzsl8cXu_MYP)w6xUHQwmD zs;Q(?%5aQv4GF9af@KN5Gw7k(eb#tkL-53qJEP4#wLv41#3!817Dk+NRx{PTLdlVJ zV;pAVC8MaB>N(P08|fN@4b#yI{v*|E5>@cY4*`8+f}D_J_J%U0Nh(W>8q%*kqBhhS%+ZE60O2X7=l zHgn%3a8><(dv~i@{}1}l_5Vj{>mJ~0trIp1*`J*!E=dj^F=K4OiG~?SGrd|!t?mGg h3jf8kH%~qF&+WNAx4(G%R{#J2|Nr3^;7b5X002wAV`2aR literal 0 HcmV?d00001 diff --git a/charts/openlit/values.yaml b/charts/openlit/values.yaml index 5b5dd5c..e1cdec6 100644 --- a/charts/openlit/values.yaml +++ b/charts/openlit/values.yaml @@ -174,16 +174,19 @@ ingress: hosts: - chart-example.local -# OpenLIT Operator - Auto-instrumentation for Kubernetes workloads -# Enable this to automatically instrument your applications with OpenTelemetry -openlit-operator: - # Set to true to deploy the OpenLIT operator alongside OpenLIT +# OpenLIT Controller - Zero-code LLM and Agent observability using eBPF +# Enable this to deploy the Controller DaemonSet alongside OpenLIT. +# The Controller auto-discovers services making LLM API calls and lets you +# enable observability from the Instrumentation Hub — no code changes needed. +openlit-controller: + # Set to true to deploy the OpenLIT Controller alongside OpenLIT enabled: false - # Operator configuration can be customized here - # For full configuration options, see: charts/openlit-operator/values.yaml - # Example: - # replicaCount: 1 - # image: - # repository: ghcr.io/openlit/operator - # tag: latest + # Controller configuration — URLs are auto-derived from the parent chart. + # Override only if pointing to an external OpenLIT instance. + # config: + # openlitUrl: "" + # otlpEndpoint: "" + # pollInterval: "60s" + # environment: "production" + # clusterId: "default" From bfd207bf77ffcefa08fdf3d09a6cac8f042dc29d Mon Sep 17 00:00:00 2001 From: amanagarwal042 Date: Sat, 11 Apr 2026 20:39:21 +0530 Subject: [PATCH 2/2] chore: replace operator with controller in helm tests, bump to 1.18.0 - Replace openlit-operator detection with openlit-controller in CI - Add controller-specific e2e: verify DaemonSet, RBAC, ConfigMap creation - Skip pod readiness check for controller (requires eBPF/privileged) - Bump openlit chart version from 1.17.2 to 1.18.0 Made-with: Cursor --- .github/workflows/helm-test.yml | 36 ++++++++++++++++++++++++++++++--- charts/openlit/Chart.yaml | 4 ++-- 2 files changed, 35 insertions(+), 5 deletions(-) diff --git a/.github/workflows/helm-test.yml b/.github/workflows/helm-test.yml index a80f438..c1c7e9c 100644 --- a/.github/workflows/helm-test.yml +++ b/.github/workflows/helm-test.yml @@ -43,9 +43,9 @@ jobs: CHANGED_CHARTS+=("openlit") fi - # Check if openlit-operator chart changed - if echo "$CHANGED_FILES" | grep -E "^charts/openlit-operator/" > /dev/null; then - CHANGED_CHARTS+=("openlit-operator") + # Check if openlit-controller chart changed + if echo "$CHANGED_FILES" | grep -E "^charts/openlit-controller/" > /dev/null; then + CHANGED_CHARTS+=("openlit-controller") fi # Create matrix @@ -153,7 +153,14 @@ jobs: - name: Install Helm Chart run: helm install ${{ matrix.chart }}-test ./charts/${{ matrix.chart }} --namespace ${{ matrix.chart }}-test --create-namespace + - name: Verify resources created + run: | + NAMESPACE=${{ matrix.chart }}-test + echo "=== Installed resources in namespace $NAMESPACE ===" + kubectl get all -n $NAMESPACE + - name: Wait for Pods to be ready + if: matrix.chart != 'openlit-controller' run: sleep 60 - name: Check Pod status @@ -174,6 +181,7 @@ jobs: done - name: Check if pods are running + if: matrix.chart != 'openlit-controller' run: | NAMESPACE=${{ matrix.chart }}-test echo "Checking pod status in namespace: $NAMESPACE" @@ -193,3 +201,25 @@ jobs: else echo "✅ All pods are in Running/Succeeded state in namespace $NAMESPACE" fi + + - name: Verify controller resources (controller chart only) + if: matrix.chart == 'openlit-controller' + run: | + NAMESPACE=${{ matrix.chart }}-test + echo "=== Verifying controller DaemonSet ===" + kubectl get daemonset -n $NAMESPACE + DS_COUNT=$(kubectl get daemonset -n $NAMESPACE -o jsonpath='{.items}' | jq length) + if [ "$DS_COUNT" -eq 0 ]; then + echo "❌ No DaemonSet found" + exit 1 + fi + echo "✅ DaemonSet created" + + echo "=== Verifying RBAC resources ===" + kubectl get serviceaccount -n $NAMESPACE + kubectl get clusterrole | grep openlit-controller || true + kubectl get clusterrolebinding | grep openlit-controller || true + + echo "=== Verifying ConfigMap ===" + kubectl get configmap -n $NAMESPACE | grep openlit-controller + echo "✅ All controller resources verified" diff --git a/charts/openlit/Chart.yaml b/charts/openlit/Chart.yaml index 85d1978..3659b55 100644 --- a/charts/openlit/Chart.yaml +++ b/charts/openlit/Chart.yaml @@ -2,8 +2,8 @@ apiVersion: v2 name: openlit description: A Helm chart for OpenLIT type: application -version: 1.17.2 -appVersion: 1.17.2 +version: 1.18.0 +appVersion: 1.18.0 icon: https://avatars.githubusercontent.com/u/149867240?s=200&v=4 home: https://openlit.io sources: