cmd/k8s-operator: send operator logs to tailscale (#17110)

This commit modifies the k8s operator to wrap its logger using the logtail logger provided via the tsnet server. This causes any logs written by the operator to make their way to Tailscale in the same fashion as wireguard logs to be used by support. This functionality can also be opted-out of entirely using the "TS_NO_LOGS_NO_SUPPORT" environment variable. Updates https://github.com/tailscale/corp/issues/32037 Signed-off-by: David Bond <davidsbond93@gmail.com>
2025-10-28 23:05:09 +00:00 · 2025-09-22 13:55:16 +01:00
parent 986b4d1b0b
commit cc1761e8d2
4 changed files with 48 additions and 14 deletions
--- a/cmd/k8s-operator/logger.go
+++ b/cmd/k8s-operator/logger.go
@@ -0,0 +1,26 @@
+// Copyright (c) Tailscale Inc & AUTHORS
+// SPDX-License-Identifier: BSD-3-Clause
+
+//go:build !plan9
+
+package main
+
+import (
+	"io"
+
+	"go.uber.org/zap"
+	"go.uber.org/zap/zapcore"
+	kzap "sigs.k8s.io/controller-runtime/pkg/log/zap"
+)
+
+// wrapZapCore returns a zapcore.Core implementation that splits the core chain using zapcore.NewTee. This causes
+// logs to be simultaneously written to both the original core and the provided io.Writer implementation.
+func wrapZapCore(core zapcore.Core, writer io.Writer) zapcore.Core {
+	encoder := &kzap.KubeAwareEncoder{
+		Encoder: zapcore.NewJSONEncoder(zap.NewProductionEncoderConfig()),
+	}
+
+	// We use a tee logger here so that logs are written to stdout/stderr normally while at the same time being
+	// sent upstream.
+	return zapcore.NewTee(core, zapcore.NewCore(encoder, zapcore.AddSync(writer), zap.DebugLevel))
+}