tillig commented 3 years ago

Requirement - what kind of business use case are you trying to solve?

We want to use TLS with Jaeger communications but the certificates are managed by Istio. The way Istio recommends adding the managed set of certificates is to add a manually-injected Envoy sidecar (which handles cert rotation, mounting, etc.) and then share a volume between the desired component (e.g., Jaeger collector, etc.) and the proxy. This would get the certificates in but would allow the internal Jaeger setup to handle the TLS communications using its native support.

Problem - what in Jaeger blocks you from solving the requirement?

The Jaeger Operator does a lot of management of complex setup but doesn't allow for injection of custom sidecars into any component, at least not that I can find. I can auto-inject the Istio sidecar using the pod annotations, but that will also enable proxying of the communications, which I don't necessarily want.

Proposal - what do you suggest to solve the problem or improve the existing situation?

As part of the JaegerCommonSpec it'd be nice to have the ability to add extra sidecar containers and init containers. This is common practice in Helm charts during deployment and seems like it'd be a good way to enable flexibility. I don't think you'd want that for the Jaeger agent sidecar since it's already something getting injected somewhere; I don't know if JaegerCommonSpec is used by that off the top of my head.

Any open questions to address

1097 talks about supplying files via shared volume mount to the Jaeger agent sidecar. Unclear if this impacts the resolution for this issue, but it does mention the agent using `JaegerCommonSpec` so maybe I'm guessing wrong at the spot that'd need to be added.

tillig commented 3 years ago

It appears the latest JaegerAgentSpec does have a JaegerCommonSpec in it so maybe that's not an open question anymore.

michael-miara commented 4 months ago

has this been implemented or are there any examples of attaching an additional custom container/sidecar to the jaeger all-in-one deployment? i am attempting to transition over to using the jaeger operator from plain manifest files, which we can define the oauth2-proxy container, but i have not found anything in the jaeger-operator/jaeger custom resource that allows for this

jaegertracing / jaeger-operator

Ability to inject custom sidecars to Jaeger components #1541

Requirement - what kind of business use case are you trying to solve?

Problem - what in Jaeger blocks you from solving the requirement?

Proposal - what do you suggest to solve the problem or improve the existing situation?

Any open questions to address

1097 talks about supplying files via shared volume mount to the Jaeger agent sidecar. Unclear if this impacts the resolution for this issue, but it does mention the agent using `JaegerCommonSpec` so maybe I'm guessing wrong at the spot that'd need to be added.

jaegertracing / jaeger-operator

Ability to inject custom sidecars to Jaeger components #1541

Requirement - what kind of business use case are you trying to solve?

Problem - what in Jaeger blocks you from solving the requirement?

Proposal - what do you suggest to solve the problem or improve the existing situation?

Any open questions to address

1097 talks about supplying files via shared volume mount to the Jaeger agent sidecar. Unclear if this impacts the resolution for this issue, but it does mention the agent using JaegerCommonSpec so maybe I'm guessing wrong at the spot that'd need to be added.

1097 talks about supplying files via shared volume mount to the Jaeger agent sidecar. Unclear if this impacts the resolution for this issue, but it does mention the agent using `JaegerCommonSpec` so maybe I'm guessing wrong at the spot that'd need to be added.