feat: Add CNI-telemtry sidecar in CNS pod

Author: behzad-mir

.pipelines/pipeline.yaml

@@ -153,6 +153,14 @@ stages:
                 arch: amd64
                 name: npm
                 os: windows
+              cni_telemetry_sidecar_linux_amd64:
+                arch: amd64
+                name: cni-telemetry-sidecar
+                os: linux
+              cni_telemetry_sidecar_windows_amd64:
+                arch: amd64
+                name: cni-telemetry-sidecar
+                os: windows
           steps:
             - template: containers/container-template.yaml
               parameters:
@@ -190,6 +198,10 @@ stages:
                 arch: arm64
                 name: npm
                 os: linux
+              cni_telemetry_sidecar_linux_arm64:
+                arch: arm64
+                name: cni-telemetry-sidecar
+                os: linux
           steps:
             - template: containers/container-template.yaml
               parameters:
@@ -228,6 +240,9 @@ stages:
               azure_ip_masq_merger:
                 name: azure-ip-masq-merger
                 platforms: linux/amd64 linux/arm64
+              cni_telemetry_sidecar:
+                name: cni-telemetry-sidecar
+                platforms: linux/amd64 linux/arm64 windows/amd64
           steps:
             - template: containers/manifest-template.yaml
               parameters:

Makefile

@@ -81,6 +81,10 @@ ACN_PACKAGE_PATH = github.com/Azure/azure-container-networking
 CNI_AI_PATH=$(ACN_PACKAGE_PATH)/telemetry.aiMetadata
 CNS_AI_PATH=$(ACN_PACKAGE_PATH)/cns/logger.aiMetadata
 NPM_AI_PATH=$(ACN_PACKAGE_PATH)/npm.aiMetadata
+CNI_TELEMETRY_SIDECAR_DIR = $(REPO_ROOT)/cns/cni-telemetry-sidecar
+CNI_TELEMETRY_SIDECAR_BUILD_DIR = $(BUILD_DIR)/cni-telemetry-sidecar
+CNI_TELEMETRY_SIDECAR_AI_ID = $(CNI_AI_ID)  # Reuse CNI AI ID
+CNI_TELEMETRY_SIDECAR_VERSION = $(CNS_VERSION)  # Version follows CNS
 
 # Tool paths
 CONTROLLER_GEN  := $(TOOLS_BIN_DIR)/controller-gen
@@ -107,6 +111,7 @@ NPM_ARCHIVE_NAME = azure-npm-$(GOOS)-$(GOARCH)-$(NPM_VERSION).$(ARCHIVE_EXT)
 AZURE_IPAM_ARCHIVE_NAME = azure-ipam-$(GOOS)-$(GOARCH)-$(AZURE_IPAM_VERSION).$(ARCHIVE_EXT)
 AZURE_IP_MASQ_MERGER_ARCHIVE_NAME = azure-ip-masq-merger-$(GOOS)-$(GOARCH)-$(AZURE_IP_MASQ_MERGER_VERSION).$(ARCHIVE_EXT)
 IPV6_HP_BPF_ARCHIVE_NAME = ipv6-hp-bpf-$(GOOS)-$(GOARCH)-$(IPV6_HP_BPF_VERSION).$(ARCHIVE_EXT)
+CNI_TELEMETRY_SIDECAR_ARCHIVE_NAME = azure-cni-telemetry-sidecar-$(GOOS)-$(GOARCH)-$(CNI_TELEMETRY_SIDECAR_VERSION).$(ARCHIVE_EXT)
 
 # Image info file names.
 CNI_IMAGE_INFO_FILE			= azure-cni-$(CNI_VERSION).txt
@@ -123,7 +128,7 @@ all-binaries-platforms: ## Make all platform binaries
 
 # OS specific binaries/images
 ifeq ($(GOOS),linux)
-all-binaries: acncli azure-cni-plugin azure-cns azure-npm azure-ipam azure-ip-masq-merger ipv6-hp-bpf
+all-binaries: acncli azure-cni-plugin azure-cns azure-npm azure-ipam azure-ip-masq-merger ipv6-hp-bpf cni-telemetry-sidecar
 all-images: npm-image cns-image cni-manager-image azure-ip-masq-merger-image ipv6-hp-bpf-image
 else
 all-binaries: azure-cni-plugin azure-cns azure-npm
@@ -139,7 +144,7 @@ azure-npm: azure-npm-binary npm-archive
 azure-ipam: azure-ipam-binary azure-ipam-archive
 ipv6-hp-bpf: ipv6-hp-bpf-binary ipv6-hp-bpf-archive
 azure-ip-masq-merger: azure-ip-masq-merger-binary azure-ip-masq-merger-archive
-
+cni-telemetry-sidecar: cni-telemetry-sidecar-binary cni-telemetry-sidecar-archive
 
 ##@ Versioning
 
@@ -213,6 +218,10 @@ azure-vnet-ipamv6-binary:
 azure-vnet-telemetry-binary:
 	cd $(CNI_TELEMETRY_DIR) && CGO_ENABLED=0 go build -v -o $(CNI_BUILD_DIR)/azure-vnet-telemetry$(EXE_EXT) -ldflags "-X main.version=$(CNI_VERSION) -X $(CNI_AI_PATH)=$(CNI_AI_ID)" -gcflags="-dwarflocationlists=true"
 
+# Build the Azure CNI Telemetry Sidecar binary.
+cni-telemetry-sidecar-binary:
+	cd $(CNI_TELEMETRY_SIDECAR_DIR) && CGO_ENABLED=0 go build -v -o $(CNI_TELEMETRY_SIDECAR_BUILD_DIR)/azure-cni-telemetry-sidecar$(EXE_EXT) -ldflags "-X main.version=$(CNI_TELEMETRY_SIDECAR_VERSION) -X $(CNI_AI_PATH)=$(CNI_TELEMETRY_SIDECAR_AI_ID)" -gcflags="-dwarflocationlists=true"
+
 # Build the Azure CLI network binary.
 acncli-binary:
 	cd $(ACNCLI_DIR) && CGO_ENABLED=0 go build -v -o $(ACNCLI_BUILD_DIR)/acn$(EXE_EXT) -ldflags "-X main.version=$(ACN_VERSION)" -gcflags="-dwarflocationlists=true"
@@ -275,6 +284,7 @@ CNI_IMAGE					= azure-cni
 CNS_IMAGE					= azure-cns
 NPM_IMAGE					= azure-npm
 AZURE_IP_MASQ_MERGER_IMAGE	= azure-ip-masq-merger
+CNI_TELEMETRY_SIDECAR_IMAGE = azure-cni-telemetry-sidecar
 
 ## Image platform tags.
 ACNCLI_PLATFORM_TAG				?= $(subst /,-,$(PLATFORM))-$(ACN_VERSION)
@@ -287,7 +297,7 @@ CNS_PLATFORM_TAG				?= $(subst /,-,$(PLATFORM))-$(CNS_VERSION)
 CNS_WINDOWS_PLATFORM_TAG		?= $(subst /,-,$(PLATFORM))-$(CNS_VERSION)-$(OS_SKU_WIN)
 NPM_PLATFORM_TAG				?= $(subst /,-,$(PLATFORM))-$(NPM_VERSION)
 AZURE_IP_MASQ_MERGER_PLATFORM_TAG	?= $(subst /,-,$(PLATFORM))-$(AZURE_IP_MASQ_MERGER_VERSION)
-
+CNI_TELEMETRY_SIDECAR_PLATFORM_TAG ?= $(subst /,-,$(PLATFORM))-$(CNI_TELEMETRY_SIDECAR_VERSION)
 
 qemu-user-static: ## Set up the host to run qemu multiplatform container builds.
 	sudo $(CONTAINER_RUNTIME) run --rm --privileged multiarch/qemu-user-static --reset -p yes
@@ -542,6 +552,35 @@ npm-image-pull: ## pull cns container image.
 		IMAGE=$(NPM_IMAGE) \
 		TAG=$(NPM_PLATFORM_TAG)
 
+# cni-telemetry-sidecar
+
+cni-telemetry-sidecar-image-name: # util target to print the CNI telemetry sidecar image name
+	@echo $(CNI_TELEMETRY_SIDECAR_IMAGE)
+
+cni-telemetry-sidecar-image-name-and-tag: # util target to print the CNI telemetry sidecar image name and tag.
+    @echo $(IMAGE_REGISTRY)/$(CNI_TELEMETRY_SIDECAR_IMAGE):$(CNI_TELEMETRY_SIDECAR_PLATFORM_TAG)
+
+cni-telemetry-sidecar-image: ## build cni-telemetry-sidecar container image.
+	$(MAKE) container \
+        DOCKERFILE=cns/cni-telemetry-sidecar/Dockerfile \
+        IMAGE=$(CNI_TELEMETRY_SIDECAR_IMAGE) \
+        EXTRA_BUILD_ARGS='--build-arg CNI_AI_PATH=$(CNI_AI_PATH) --build-arg CNI_AI_ID=$(CNI_TELEMETRY_SIDECAR_AI_ID)' \
+        PLATFORM=$(PLATFORM) \
+        TAG=$(CNI_TELEMETRY_SIDECAR_PLATFORM_TAG) \
+        TARGET=$(OS) \
+        OS=$(OS) \
+        ARCH=$(ARCH)
+
+cni-telemetry-sidecar-image-push: ## push cni-telemetry-sidecar container image.
+	$(MAKE) container-push \
+        IMAGE=$(CNI_TELEMETRY_SIDECAR_IMAGE) \
+        TAG=$(CNI_TELEMETRY_SIDECAR_PLATFORM_TAG)
+
+cni-telemetry-sidecar-image-pull: ## pull cni-telemetry-sidecar container image.
+	$(MAKE) container-pull \
+        IMAGE=$(CNI_TELEMETRY_SIDECAR_IMAGE) \
+        TAG=$(CNI_TELEMETRY_SIDECAR_PLATFORM_TAG)
+
 ## Reusable targets for building multiplat container image manifests.
 
 IMAGE_ARCHIVE_DIR ?= $(shell pwd)
@@ -681,6 +720,21 @@ npm-skopeo-archive: ## export tar archive of multiplat container manifest.
 		IMAGE=$(NPM_IMAGE) \
 		TAG=$(NPM_VERSION)
 
+cni-telemetry-sidecar-manifest-build: ## build cni-telemetry-sidecar multiplat container manifest.
+	$(MAKE) manifest-build \
+        PLATFORMS="$(PLATFORMS)" \
+        IMAGE=$(CNI_TELEMETRY_SIDECAR_IMAGE) \
+        TAG=$(CNI_TELEMETRY_SIDECAR_VERSION)
+
+cni-telemetry-sidecar-manifest-push: ## push cni-telemetry-sidecar multiplat container manifest
+	$(MAKE) manifest-push \
+        IMAGE=$(CNI_TELEMETRY_SIDECAR_IMAGE) \
+        TAG=$(CNI_TELEMETRY_SIDECAR_VERSION)
+
+cni-telemetry-sidecar-skopeo-archive: ## export tar archive of cni-telemetry-sidecar multiplat container manifest.
+	$(MAKE) manifest-skopeo-archive \
+        IMAGE=$(CNI_TELEMETRY_SIDECAR_IMAGE) \
+        TAG=$(CNI_TELEMETRY_SIDECAR_VERSION)
 
 ########################### Archives ################################
 
@@ -783,6 +837,14 @@ ifeq ($(GOOS),linux)
 	cd $(IPV6_HP_BPF_BUILD_DIR) && $(ARCHIVE_CMD) $(IPV6_HP_BPF_ARCHIVE_NAME) ipv6-hp-bpf$(EXE_EXT)
 endif
 
+# Create a CNI Telemetry Sidecar archive for the target platform.
+.PHONY: cni-telemetry-sidecar-archive
+cni-telemetry-sidecar-archive: cni-telemetry-sidecar-binary
+ifeq ($(GOOS),linux)
+	$(MKDIR) $(CNI_TELEMETRY_SIDECAR_BUILD_DIR)
+	cd $(CNI_TELEMETRY_SIDECAR_BUILD_DIR) && $(ARCHIVE_CMD) $(CNI_TELEMETRY_SIDECAR_ARCHIVE_NAME) azure-cni-telemetry-sidecar$(EXE_EXT)
+endif
+
 ##@ Utils
 
 clean: ## Clean build artifacts.

cns/cni-telemetry-sidecar/Dockerfile

@@ -0,0 +1,44 @@
+# Minimal Dockerfile using scratch (most reliable)
+FROM mcr.microsoft.com/dotnet/sdk:7.0-alpine AS builder
+
+# Install Go manually
+RUN apk add --no-cache go git ca-certificates make
+
+ENV GOLANG_VERSION=1.21.0
+ENV GOPATH=/go
+ENV PATH=$GOPATH/bin:/usr/local/go/bin:$PATH
+
+ARG VERSION=unknown
+ARG CNI_AI_PATH=""
+ARG CNI_AI_ID=""
+
+WORKDIR /workspace
+
+# Copy and build
+COPY go.mod go.sum ./
+RUN go mod download
+
+COPY . .
+
+RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build \
+    -a -installsuffix cgo \
+    -ldflags "-s -w -extldflags '-static' \
+              -X main.version=${VERSION} \
+              -X ${CNI_AI_PATH}=${CNI_AI_ID}" \
+    -o azure-cni-telemetry-sidecar \
+    ./cns/cni-telemetry-sidecar/
+
+# Use scratch for minimal image
+FROM scratch AS linux
+
+# Copy CA certificates
+COPY --from=builder /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/
+
+# Copy binary
+COPY --from=builder /workspace/azure-cni-telemetry-sidecar /azure-cni-telemetry-sidecar
+
+# Labels
+LABEL org.opencontainers.image.title="Azure CNI Telemetry Sidecar"
+
+ENTRYPOINT ["/azure-cni-telemetry-sidecar"]
+CMD ["--config", "/etc/cns/cns-config.json"]

cns/cni-telemetry-sidecar/configmanager.go

@@ -0,0 +1,107 @@
+package main
+
+import (
+	"encoding/json"
+	"fmt"
+	"os"
+	"time"
+
+	"github.com/Azure/azure-container-networking/cns/configuration"
+	"github.com/Azure/azure-container-networking/cns/logger"
+)
+
+// ConfigManager handles Azure CNS configuration loading and validation
+type ConfigManager struct {
+	configPath string
+}
+
+// NewConfigManager creates a new configuration manager for Azure CNS
+func NewConfigManager(configPath string) *ConfigManager {
+	return &ConfigManager{
+		configPath: configPath,
+	}
+}
+
+// LoadConfig loads and validates the Azure CNS configuration
+func (cm *ConfigManager) LoadConfig() (*configuration.CNSConfig, error) {
+	logger.Printf("Loading Azure CNS configuration from: %s", cm.configPath)
+
+	// Wait for configuration file to become available (Kubernetes ConfigMap mount)
+	if err := cm.waitForConfigFile(); err != nil {
+		return nil, fmt.Errorf("Azure CNS configuration file not available: %w", err)
+	}
+
+	// Read the configuration file from mounted volume
+	data, err := os.ReadFile(cm.configPath)
+	if err != nil {
+		return nil, fmt.Errorf("failed to read Azure CNS configuration file: %w", err)
+	}
+
+	// Parse JSON configuration into CNS config structure
+	var config configuration.CNSConfig
+	if err := json.Unmarshal(data, &config); err != nil {
+		return nil, fmt.Errorf("failed to parse Azure CNS configuration: %w", err)
+	}
+
+	// Validate configuration for Azure telemetry requirements
+	if err := cm.validateConfig(&config); err != nil {
+		return nil, fmt.Errorf("Azure CNS configuration validation failed: %w", err)
+	}
+
+	logger.Printf("Azure CNS configuration loaded and validated successfully")
+	return &config, nil
+}
+
+// waitForConfigFile waits for the configuration file to become available
+// This is important in Kubernetes environments where ConfigMaps are mounted asynchronously
+func (cm *ConfigManager) waitForConfigFile() error {
+	const maxRetries = 30
+	const retryInterval = 2 * time.Second
+
+	for i := 0; i < maxRetries; i++ {
+		if _, err := os.Stat(cm.configPath); err == nil {
+			return nil
+		}
+
+		if i == 0 {
+			logger.Printf("Waiting for Azure CNS configuration file to become available...")
+		}
+
+		time.Sleep(retryInterval)
+	}
+
+	return fmt.Errorf("Azure CNS configuration file not available after %d attempts (%v total wait time)",
+		maxRetries, time.Duration(maxRetries)*retryInterval)
+}
+
+// validateConfig performs Azure-specific validation of the CNS configuration
+func (cm *ConfigManager) validateConfig(config *configuration.CNSConfig) error {
+	// Validate that telemetry settings are properly configured
+	if config.TelemetrySettings.AppInsightsInstrumentationKey == "" && !config.TelemetrySettings.DisableAll {
+		logger.Printf("Warning: No Application Insights instrumentation key configured and telemetry not disabled")
+	}
+
+	// Validate batch size settings for Azure Application Insights
+	if config.TelemetrySettings.TelemetryBatchSizeBytes <= 0 {
+		logger.Printf("Warning: Invalid telemetry batch size, using default")
+	}
+
+	// Validate batch interval for optimal Azure ingestion
+	if config.TelemetrySettings.TelemetryBatchIntervalInSecs <= 0 {
+		logger.Printf("Warning: Invalid telemetry batch interval, using default")
+	}
+
+	// Log configuration summary for Azure monitoring and debugging
+	logger.Printf("Azure CNS Configuration Summary:")
+	logger.Printf("  - Telemetry DisableAll: %t", config.TelemetrySettings.DisableAll)
+	logger.Printf("  - Application Insights Key Present: %t",
+		config.TelemetrySettings.AppInsightsInstrumentationKey != "")
+	logger.Printf("  - Batch Size: %d bytes", config.TelemetrySettings.TelemetryBatchSizeBytes)
+	logger.Printf("  - Batch Interval: %d seconds", config.TelemetrySettings.TelemetryBatchIntervalInSecs)
+	logger.Printf("  - Disable Trace: %t", config.TelemetrySettings.DisableTrace)
+	logger.Printf("  - Disable Metric: %t", config.TelemetrySettings.DisableMetric)
+	logger.Printf("  - Disable Event: %t", config.TelemetrySettings.DisableEvent)
+	logger.Printf("  - Debug Mode: %t", config.TelemetrySettings.DebugMode)
+
+	return nil
+}

cns/cni-telemetry-sidecar/main.go

@@ -0,0 +1,51 @@
+package main
+
+import (
+	"context"
+	"flag"
+	"os"
+	"os/signal"
+	"syscall"
+
+	"github.com/Azure/azure-container-networking/cns/logger"
+)
+
+var (
+	version    = "unknown"
+	configPath = flag.String("config", "/etc/cns/cns-config.json", "Path to CNS configuration file")
+)
+
+func main() {
+	flag.Parse()
+
+	// Initialize logging for the CNI telemetry sidecar
+	logger.InitLogger("azure-cns-cni-telemetry-sidecar", 1, 1, "/var/log/azure-cns-telemetry")
+	defer logger.Close()
+
+	logger.Printf("Starting Azure CNI Telemetry Sidecar v%s", version)
+
+	// Create telemetry sidecar service
+	sidecar := NewTelemetrySidecar(*configPath)
+
+	// Setup graceful shutdown context
+	ctx, cancel := context.WithCancel(context.Background())
+	defer cancel()
+
+	// Handle OS signals for graceful shutdown
+	sigCh := make(chan os.Signal, 1)
+	signal.Notify(sigCh, os.Interrupt, syscall.SIGTERM)
+
+	go func() {
+		sig := <-sigCh
+		logger.Printf("Received shutdown signal %v, initiating graceful shutdown", sig)
+		cancel()
+	}()
+
+	// Run the telemetry sidecar
+	if err := sidecar.Run(ctx); err != nil {
+		logger.Errorf("Azure CNI Telemetry Sidecar failed: %v", err)
+		os.Exit(1)
+	}
+
+	logger.Printf("Azure CNI Telemetry Sidecar stopped gracefully")
+}