[nr-k8s-otel-collector] replace privileged mode w/ gke autopilot mode…

… and update nrdot (#1506)

<!--
Thank you for contributing to New Relic's Helm charts. Before you submit
this PR we'd like to
make sure you are aware of our technical requirements:

*
https://github.com/newrelic-experimental/helm-charts/blob/master/CONTRIBUTING.md#technical-requirements

For a quick overview across what we will look at reviewing your PR,
please read
our review guidelines:

*
https://github.com/newrelic-experimental/helm-charts/blob/master/REVIEW_GUIDELINES.md

Following our best practices right from the start will accelerate the
review process and
help get your PR merged quicker.

When updates to your PR are requested, please add new commits and do not
squash the
history. This will make it easier to identify new changes. The PR will
be squashed
anyways when it is merged. Thanks.

For fast feedback, please @-mention maintainers that are listed in the
Chart.yaml file.

Please make sure you test your changes before you push them. Once
pushed, a Github Action
will run across your changes and do some initial checks and linting.
These checks run
very quickly. Please check the results. We would like these checks to
pass before we
even continue reviewing your changes.
-->
#### Is this a new chart

#### What this PR does / why we need it:

#### Which issue this PR fixes
*(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)`
format, will close that issue when PR gets merged)*
  - fixes #

#### Special notes for your reviewer:

#### Checklist
[Place an '[x]' (no spaces) in all applicable fields. Please remove
unrelated fields.]
- [x] Chart Version bumped
- [x] Variables are documented in the README.md
- [x] Title of the PR starts with chart name (e.g. `[mychartname]`)

charts/nr-k8s-otel-collector/Chart.yaml

@@ -17,7 +17,7 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.7.7
+version: 0.8.0
 
 dependencies:
   - name: common-library
@@ -32,7 +32,7 @@ dependencies:
 # incremented each time you make changes to the application. Versions are not expected to
 # follow Semantic Versioning. They should reflect the version the application is using.
 # It is recommended to use it with quotes.
-appVersion: "0.7.1"
+appVersion: "0.8.0"
 
 maintainers:
   - name: csongnr

charts/nr-k8s-otel-collector/README.md

@@ -106,6 +106,7 @@ daemonset:
 | deployment.resources | object | `{}` | Sets resources for the deployment. |
 | deployment.tolerations | list | `[]` | Sets deployment pod tolerations. Overrides `tolerations` and `global.tolerations` |
 | dnsConfig | object | `{}` | Sets pod's dnsConfig. Can be configured also with `global.dnsConfig` |
+| gkeAutopilot | bool | `false` | If deploying to a GKE autopilot cluster, set to true |
 | image.pullPolicy | string | `"IfNotPresent"` | The pull policy is defaulted to IfNotPresent, which skips pulling an image if it already exists. If pullPolicy is defined without a specific value, it is also set to Always. |
 | image.repository | string | `"newrelic/nr-otel-collector"` | OTel collector image to be deployed. You can use your own collector as long it accomplish the following requirements mentioned below. |
 | image.tag | string | `"0.7.1"` | Overrides the image tag whose default is the chart appVersion. |
@@ -119,7 +120,6 @@ daemonset:
 | podLabels | object | `{}` | Additional labels for chart pods |
 | podSecurityContext | object | `{}` | Sets all security contexts (at pod level). Can be configured also with `global.securityContext.pod` |
 | priorityClassName | string | `""` | Sets pod's priorityClassName. Can be configured also with `global.priorityClassName` |
-| privileged | bool | `true` | Run the integration with full access to the host filesystem and network. Running in this mode allows reporting fine-grained cpu, memory, process and network metrics for your nodes. |
 | rbac.create | bool | `true` | Specifies whether RBAC resources should be created |
 | receivers.filelog.enabled | bool | `true` | Specifies whether the `filelog` receiver is enabled |
 | receivers.hostmetrics.enabled | bool | `true` | Specifies whether the `hostmetrics` receiver is enabled |

charts/nr-k8s-otel-collector/templates/daemonset-configmap.yaml

@@ -13,7 +13,7 @@ data:
     receivers:
       hostmetrics:
         # TODO (chris): this is a linux specific configuration
-        {{- if include "newrelic.common.privileged" . }}
+        {{- if not .Values.gkeAutopilot }}
         root_path: /hostfs
         {{- end }}
         collection_interval: {{ .Values.receivers.hostmetrics.scrapeInterval }}
@@ -66,7 +66,7 @@ data:
 
       kubeletstats:
         collection_interval: {{ .Values.receivers.kubeletstats.scrapeInterval }}
-        {{- if include "newrelic.common.privileged" . }}
+        {{- if not .Values.gkeAutopilot }}
         endpoint: "${KUBE_NODE_NAME}:10250"
         auth_type: "serviceAccount"
         insecure_skip_verify: true
@@ -564,13 +564,13 @@ data:
         {{- if or .Values.receivers.hostmetrics.enabled (or .Values.receivers.kubeletstats.enabled .Values.receivers.prometheus.enabled) }}
         metrics:
           receivers:
-            {{- if and .Values.receivers.hostmetrics.enabled (include "newrelic.common.privileged" .) }}
+            {{- if .Values.receivers.hostmetrics.enabled }}
             - hostmetrics
             {{- end }}
             {{- if .Values.receivers.kubeletstats.enabled }}
             - kubeletstats
             {{- end }}
-            {{- if and .Values.receivers.prometheus.enabled (include "newrelic.common.privileged" .) }}
+            {{- if .Values.receivers.prometheus.enabled }}
             - prometheus
             {{- end }}
           processors:

charts/nr-k8s-otel-collector/templates/daemonset.yaml

@@ -79,27 +79,25 @@ spec:
             {{- . | toYaml | nindent 12 }}
             {{- end }}
           volumeMounts:
-            # TODO (chris): this is a linux specific configuration
-            {{- if include "newrelic.common.privileged" . }}
+            {{- if not .Values.gkeAutopilot }}
             - name: host-fs
               mountPath: /hostfs
               readOnly: true
+            {{- end }}
             - name: varlogpods
               mountPath: /var/log/pods
               readOnly: true
-            {{- end }}
             - name: daemonset-config
               mountPath: /config
       volumes:
-        # TODO (chris): this is a linux specific configuration
-        {{- if include "newrelic.common.privileged" . }}
+        {{- if not .Values.gkeAutopilot }}
         - name: host-fs
           hostPath:
             path: /
+        {{- end }}
         - name: varlogpods
           hostPath:
             path: /var/log/pods
-        {{- end }}
         - name: daemonset-config
           configMap:
             name: {{ include "nrKubernetesOtel.daemonset.configMap.fullname" . }}

charts/nr-k8s-otel-collector/values.yaml

@@ -17,7 +17,7 @@ image:
   # -- The pull policy is defaulted to IfNotPresent, which skips pulling an image if it already exists. If pullPolicy is defined without a specific value, it is also set to Always.
   pullPolicy: IfNotPresent
   # --  Overrides the image tag whose default is the chart appVersion.
-  tag: "0.7.1"
+  tag: "0.8.3"
 
 # -- Name of the Kubernetes cluster monitored. Mandatory. Can be configured also with `global.cluster`
 cluster: ""
@@ -39,10 +39,9 @@ priorityClassName: ""
 # -- Sets pod's dnsConfig. Can be configured also with `global.dnsConfig`
 dnsConfig: {}
 
-# -- Run the integration with full access to the host filesystem and network.
-# Running in this mode allows reporting fine-grained cpu, memory, process and network metrics for your nodes.
-# @default -- `true`
-privileged: true
+# -- If deploying to a GKE autopilot cluster, set to true
+# @default -- `false`
+gkeAutopilot: false
 
 daemonset:
   # -- Sets daemonset pod node selector. Overrides `nodeSelector` and `global.nodeSelector`