This is my first time asking for a store request, so bear with me if it is a bit lacking. I’m currently in the process of snapping the
grafana-agent. This will later be used as a foundation for a machine charm, similar to the current k8s charm.
To allow for
ebpf and similar integrations to work, it needs some bespoke permissions. While I could have opted for a classic snap, I really think it makes sense for the snap to not get more permissions than it actually needs.
The permissions I’m requesting are:
All of these are needed to be able to fetch all of the telemetry we need to make this useful, as made clear by prior art through the existing strictly confined
node_exporter snap. In addition, some paths not available in the
system-observe plug is needed, which resulted in a bespoke plug
telemetry: interface: system-files read: - /var/log - /proc/mdstat - /proc/schedstat - /proc/sys/kernel/random
Likely this wasn’t the case back when the existing
node_exporter charm was created, but as of now,
node_exporter won’t be able to generate all metrics without it.
In addition to these permissions, I would like for the permissions to be auto-connected, as the software doesn’t make sense without them being present.
Link to the snap: https://snapcraft.io/grafana-agent
Thanks in advance, Simme