Open ppatierno opened 11 months ago
Triaged on community call on 5.10.2023: Would be useful, but should have a proposal to clarify how the API would look like.
@ppatierno We now have the ability to mount Secrets into any container. So can we move forward with this? Is this just a question of documentation now? Should we re-triage it?
When using the OpenTelemetry support for tracing, the default exporter is the OTLP one. It is automatically configured by the operator when the tracing type is set to
opentelemetry
. The exporter is configured via someOTEL_
prefixed env vars which are used by the OpenTelemetry SDK auto-configure extension in order to configure the exporter accordingly. If the tracing backend (i.e the Jaeger backend) is configured with TLS enabled on the OTLP endpoint, the way to configure the trusted certificate for the OpenTelemetry OTLP exporter is by using theOTEL_EXPORTER_OTLP_CERTIFICATE
. An example configuration would be something like this:The above example works out of box when using OpenShift distributed tracing suite which deploys a Jaeger backend with TLS enabled by using the
service-ca.crt
mounted automatically on all pods.As defined by the documentation, this env var contains:
The problem we have right now is about providing a way to mount "random" Secret on the pod where the application (i.e. Kafka Connect) is running. The Secret would host the certificate that should be set in the env var.