feat: TFO-Agent inventory for K8S Cluster provider

Author: zeroc0d3

CHANGELOG.md

@@ -24,7 +24,7 @@ All notable changes to TelemetryFlow Agent will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.1/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
-## [1.1.7] - 2026-03-05
+## [1.1.7] - 2026-03-08
 
 ### Added
 
@@ -33,6 +33,16 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
   - **Fingerprint components**: `NODE_NAME` (Kubernetes Downward API, highest priority) + OS `HostID` (`/etc/machine-id` on Linux, hardware UUID on macOS) + hostname — joined and hashed with a fixed TelemetryFlow namespace UUID
   - Same agent UUID is produced on every restart as long as the underlying host/node identity is unchanged
   - Logs `Derived stable agent ID from host fingerprint` with component labels for observability
+- **Kubernetes Provider Detection (`internal/collector/system/host.go`)**: Host collector now detects the Kubernetes distribution/provider and exposes it in `SystemInfo`
+  - New `detectK8sProvider()` function covers all 15 provider types matching `K8sProviderEnum` on the platform backend
+  - **Managed cloud**: `eks` (AWS), `gke` (GCP), `aks` (Azure), `ack` (Alibaba Cloud), `cce` (Huawei Cloud) — detected from cloud-injected environment variables
+  - **OpenShift variants** (priority order): `microshift` → `openshift` → `okd` — detected via env vars and host filesystem paths
+  - **Lightweight/local distributions**: `k3s`, `rancher` (RKE/RKE2), `minikube`, `kind` — detected via `CATTLE_*` env vars and `/var/lib/rancher/*` host paths
+  - **Platform distributions**: `kubesphere` — detected via `KUBESPHERE_NAMESPACE` env var
+  - **Generic fallback**: `self-managed` when `KUBERNETES_SERVICE_HOST` is set but no specific distribution is identified
+  - Host filesystem paths checked both directly and under `TELEMETRYFLOW_HOST_ROOT` prefix — detection works correctly inside DaemonSet containers
+  - Returns `(false, "")` when not running in a Kubernetes environment at all
+  - New `IsKubernetes bool` and `K8sProvider string` fields added to `collector.SystemInfo` struct
 
 ### Changed
 
@@ -390,18 +400,18 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## Version History
 
-| Version | Date       | OTEL SDK | Description                                                                                               |
-| ------- | ---------- | -------- | --------------------------------------------------------------------------------------------------------- |
-| 1.1.7   | 2026-03-05 | v1.40.0  | Stable agent identity via UUIDv5 host fingerprint; fix SyncKubernetesState; K8s gopsutil host paths       |
-| 1.1.6   | 2026-02-21 | v1.40.0  | Go 1.25.7, OTEL SDK v1.40.0, build-tag lint fixes, errcheck/staticcheck cleanup                           |
-| 1.1.5   | 2026-02-19 | v1.39.0  | Docker container collector, cAdvisor scraper, CPU fix macOS, tags/labels propagation                      |
-| 1.1.4   | 2026-02-11 | v1.39.0  | eBPF collector (28 metrics), Cilium Hubble integration, 6 BPF programs, kernel-level observability        |
-| 1.1.3   | 2026-02-04 | v1.39.0  | Network retransmit metrics, container name/image detection, page faults, IOPS, system calls               |
-| 1.1.2   | 2026-01-03 | v1.39.0  | OSS observability (SigNoz, Coroot, HyperDX, OpenObserve, Netdata), APM (Dynatrace, Instana, ManageEngine) |
-| 1.1.1   | 2024-12-29 | v1.39.0  | Enterprise integrations (GCP, Azure, Alibaba, Proxmox, VMware, Nutanix, Cisco, SNMP, MQTT, eBPF)          |
-| 1.1.0   | 2024-12-27 | v1.39.0  | OTEL SDK standardization, aligned with TFO-Go-SDK & TFO-Collector                                         |
-| 1.0.1   | 2024-12-17 | -        | Docker workflow, SBOM, multi-platform support                                                             |
-| 1.0.0   | 2024-12-17 | -        | Initial release                                                                                           |
+| Version | Date       | OTEL SDK | Description                                                                                                       |
+| ------- | ---------- | -------- | ----------------------------------------------------------------------------------------------------------------- |
+| 1.1.7   | 2026-03-08 | v1.40.0  | Stable agent identity via UUIDv5 host fingerprint; K8s provider detection (15 providers); fix SyncKubernetesState |
+| 1.1.6   | 2026-02-21 | v1.40.0  | Go 1.25.7, OTEL SDK v1.40.0, build-tag lint fixes, errcheck/staticcheck cleanup                                   |
+| 1.1.5   | 2026-02-19 | v1.39.0  | Docker container collector, cAdvisor scraper, CPU fix macOS, tags/labels propagation                              |
+| 1.1.4   | 2026-02-11 | v1.39.0  | eBPF collector (28 metrics), Cilium Hubble integration, 6 BPF programs, kernel-level observability                |
+| 1.1.3   | 2026-02-04 | v1.39.0  | Network retransmit metrics, container name/image detection, page faults, IOPS, system calls                       |
+| 1.1.2   | 2026-01-03 | v1.39.0  | OSS observability (SigNoz, Coroot, HyperDX, OpenObserve, Netdata), APM (Dynatrace, Instana, ManageEngine)         |
+| 1.1.1   | 2024-12-29 | v1.39.0  | Enterprise integrations (GCP, Azure, Alibaba, Proxmox, VMware, Nutanix, Cisco, SNMP, MQTT, eBPF)                  |
+| 1.1.0   | 2024-12-27 | v1.39.0  | OTEL SDK standardization, aligned with TFO-Go-SDK & TFO-Collector                                                 |
+| 1.0.1   | 2024-12-17 | -        | Docker workflow, SBOM, multi-platform support                                                                     |
+| 1.0.0   | 2024-12-17 | -        | Initial release                                                                                                   |
 
 ## Upgrade Guide
 

deploy/kubernetes/daemonset.yaml

@@ -148,6 +148,12 @@ spec:
             - name: TELEMETRYFLOW_PROMETHEUS_PORT
               value: "8888"
 
+            # Host filesystem root — used by cloud/cluster provider auto-detection heuristics
+            # (checks /var/lib/rancher/rke2, /var/lib/rancher/k3s, /sys/class/dmi/id/*, etc.)
+            # Must match the mountPath of the 'root' hostPath volume below.
+            - name: TELEMETRYFLOW_HOST_ROOT
+              value: /host/root
+
             # Cluster and environment tags for OTEL resource attributes
             - name: CLUSTER_NAME
               value: ""     # override with your cluster name, or auto-detected from hostname

internal/collector/collector.go

@@ -239,6 +239,8 @@ type SystemInfo struct {
 	ContainerImage     string `json:"containerImage,omitempty"`
 	IsVirtualized      bool   `json:"isVirtualized,omitempty"`
 	VirtualizationType string `json:"virtualizationType,omitempty"` // kvm, vmware, xen, etc.
+	IsKubernetes       bool   `json:"isKubernetes,omitempty"`
+	K8sProvider        string `json:"k8sProvider,omitempty"` // eks, gke, aks, ack, cce, k3s, kind, minikube, rancher, openshift, okd, microshift, kubesphere, self-managed
 	CloudProvider      string `json:"cloudProvider,omitempty"`      // aws, gcp, azure, etc.
 	CloudInstanceID    string `json:"cloudInstanceId,omitempty"`
 	CloudInstanceType  string `json:"cloudInstanceType,omitempty"`

internal/collector/system/host.go

@@ -852,6 +852,9 @@ func (c *HostCollector) GetSystemInfo() (*collector.SystemInfo, error) {
 
 	info.IsVirtualized, info.VirtualizationType = detectVirtualization()
 
+	// Kubernetes provider detection
+	info.IsKubernetes, info.K8sProvider = detectK8sProvider()
+
 	// Cloud metadata
 	info.CloudProvider, info.CloudInstanceID, info.CloudInstanceType,
 		info.CloudRegion, info.CloudZone = detectCloudMetadata()
@@ -887,6 +890,109 @@ func parseUint64(s string) uint64 {
 	return v
 }
 
+// detectK8sProvider detects whether the agent is running in a Kubernetes
+// environment and returns the specific distribution/provider. The returned
+// provider matches K8sProviderEnum values on the platform backend:
+// eks, gke, aks, ack, cce, k3s, kind, minikube, rancher, openshift, okd,
+// microshift, kubesphere, self-managed. Returns (false, "") when no
+// Kubernetes environment is detected.
+//
+// Detection priority:
+//  1. Managed cloud providers (env vars injected by the cloud control plane)
+//  2. OpenShift variants (MicroShift → OpenShift → OKD)
+//  3. Lightweight/local distributions (k3s → Rancher → minikube → KIND)
+//  4. Platform distributions (KubeSphere)
+//  5. Generic in-cluster fallback via KUBERNETES_SERVICE_HOST
+func detectK8sProvider() (isK8s bool, provider string) {
+	// hostRoot is the host filesystem mount point used when running as a
+	// DaemonSet (e.g. /hostfs). Falls back to empty string so that paths
+	// are checked directly when running outside a container.
+	hostRoot := os.Getenv("TELEMETRYFLOW_HOST_ROOT")
+
+	hostStat := func(path string) bool {
+		if _, err := os.Stat(path); err == nil {
+			return true
+		}
+		if hostRoot != "" {
+			if _, err := os.Stat(hostRoot + path); err == nil {
+				return true
+			}
+		}
+		return false
+	}
+
+	// === Managed Cloud Providers ===
+
+	// EKS (Amazon Elastic Kubernetes Service)
+	if os.Getenv("AWS_REGION") != "" || os.Getenv("EKS_CLUSTER_NAME") != "" {
+		return true, "eks"
+	}
+	// GKE (Google Kubernetes Engine)
+	if os.Getenv("GOOGLE_CLOUD_PROJECT") != "" || os.Getenv("GKE_CLUSTER_NAME") != "" {
+		return true, "gke"
+	}
+	// AKS (Azure Kubernetes Service)
+	if os.Getenv("AKS_CLUSTER_NAME") != "" || os.Getenv("AZURE_SUBSCRIPTION_ID") != "" {
+		return true, "aks"
+	}
+	// ACK (Alibaba Cloud Container Service for Kubernetes)
+	if os.Getenv("ALIBABA_CLOUD_ACCESS_KEY_ID") != "" || os.Getenv("ACK_CLUSTER_ID") != "" {
+		return true, "ack"
+	}
+	// CCE (Huawei Cloud Container Engine)
+	if os.Getenv("HUAWEICLOUD_SDK_TYPE") != "" || os.Getenv("CCE_CLUSTER_ID") != "" {
+		return true, "cce"
+	}
+
+	// === OpenShift Variants (MicroShift first — it's a subset of OpenShift) ===
+
+	if hostStat("/var/lib/microshift") {
+		return true, "microshift"
+	}
+	if os.Getenv("OPENSHIFT_BUILD_NAMESPACE") != "" || os.Getenv("OPENSHIFT_DEPLOYMENT_NAME") != "" ||
+		hostStat("/etc/openshift") {
+		return true, "openshift"
+	}
+	// OKD (community OpenShift)
+	if os.Getenv("OKD_CLUSTER") != "" || hostStat("/etc/okd") {
+		return true, "okd"
+	}
+
+	// === Lightweight / Local Distributions ===
+
+	// k3s (must be checked before generic Rancher — k3s lives under /var/lib/rancher/k3s)
+	if hostStat("/var/lib/rancher/k3s") {
+		return true, "k3s"
+	}
+	// Rancher (RKE / RKE2) — CATTLE_* vars are injected by Rancher into pods
+	if os.Getenv("CATTLE_CLUSTER_AGENT_PORT") != "" || os.Getenv("CATTLE_SERVER") != "" ||
+		hostStat("/var/lib/rancher/rke2") || hostStat("/var/lib/rancher") {
+		return true, "rancher"
+	}
+	// minikube
+	if os.Getenv("MINIKUBE_ACTIVE_DOCKERD") != "" || os.Getenv("MINIKUBE_HOME") != "" {
+		return true, "minikube"
+	}
+	// KIND (Kubernetes IN Docker)
+	if os.Getenv("KIND_CLUSTER_NAME") != "" {
+		return true, "kind"
+	}
+
+	// === Platform Distributions ===
+
+	if os.Getenv("KUBESPHERE_NAMESPACE") != "" {
+		return true, "kubesphere"
+	}
+
+	// === Generic in-cluster fallback ===
+	// KUBERNETES_SERVICE_HOST is injected by the kubelet into every pod.
+	if os.Getenv("KUBERNETES_SERVICE_HOST") != "" {
+		return true, "self-managed"
+	}
+
+	return false, ""
+}
+
 // detectContainer checks if running inside a container
 func detectContainer() bool {
 	// Check for Docker
@@ -1019,8 +1125,27 @@ func detectVirtualization() (bool, string) {
 
 // detectCloudMetadata attempts to detect cloud provider and instance metadata
 func detectCloudMetadata() (provider, instanceID, instanceType, region, zone string) {
+	// hostRoot is the mount point for the host filesystem inside the container.
+	// DaemonSet mounts host / → /host/root and sets TELEMETRYFLOW_HOST_ROOT=/host/root.
+	// k8s-collector Deployment mounts host / → /hostfs and sets TELEMETRYFLOW_HOST_ROOT=/hostfs.
+	// Falls back to empty string (direct paths) when running outside a container.
+	hostRoot := os.Getenv("TELEMETRYFLOW_HOST_ROOT")
+
+	// hostStat checks the path directly and, if that fails, prefixed by hostRoot.
+	hostStat := func(path string) bool {
+		if _, err := os.Stat(path); err == nil {
+			return true
+		}
+		if hostRoot != "" {
+			if _, err := os.Stat(hostRoot + path); err == nil {
+				return true
+			}
+		}
+		return false
+	}
+
 	// AWS detection
-	if _, err := os.Stat("/sys/hypervisor/uuid"); err == nil {
+	if hostStat("/sys/hypervisor/uuid") {
 		if data, err := os.ReadFile("/sys/hypervisor/uuid"); err == nil {
 			if strings.HasPrefix(strings.ToLower(string(data)), "ec2") {
 				provider = "aws"
@@ -1033,22 +1158,51 @@ func detectCloudMetadata() (provider, instanceID, instanceType, region, zone str
 	}
 
 	// GCP detection
-	if data, err := os.ReadFile("/sys/class/dmi/id/product_name"); err == nil {
-		if strings.Contains(strings.ToLower(string(data)), "google") {
-			provider = "gcp"
+	for _, p := range []string{"/sys/class/dmi/id/product_name", hostRoot + "/sys/class/dmi/id/product_name"} {
+		if data, err := os.ReadFile(p); err == nil {
+			if strings.Contains(strings.ToLower(string(data)), "google") {
+				provider = "gcp"
+			}
+			break
 		}
 	}
 	if os.Getenv("GOOGLE_CLOUD_PROJECT") != "" {
 		provider = "gcp"
 	}
 
 	// Azure detection
-	if data, err := os.ReadFile("/sys/class/dmi/id/sys_vendor"); err == nil {
-		if strings.Contains(strings.ToLower(string(data)), "microsoft") {
-			provider = "azure"
+	for _, p := range []string{"/sys/class/dmi/id/sys_vendor", hostRoot + "/sys/class/dmi/id/sys_vendor"} {
+		if data, err := os.ReadFile(p); err == nil {
+			if strings.Contains(strings.ToLower(string(data)), "microsoft") {
+				provider = "azure"
+			}
+			break
 		}
 	}
 
+	// Rancher / RKE / RKE2 detection
+	// CATTLE_* vars are injected by Rancher into pods in the cattle-system namespace.
+	// For other namespaces we rely on host filesystem heuristics via hostRoot.
+	if os.Getenv("CATTLE_CLUSTER_AGENT_PORT") != "" || os.Getenv("CATTLE_SERVER") != "" {
+		provider = "rancher"
+		return provider, instanceID, instanceType, region, zone
+	}
+	// k3s lives under /var/lib/rancher/k3s (check before generic rancher path)
+	if hostStat("/var/lib/rancher/k3s") {
+		provider = "k3s"
+		return provider, instanceID, instanceType, region, zone
+	}
+	// RKE2
+	if hostStat("/var/lib/rancher/rke2") {
+		provider = "rancher"
+		return provider, instanceID, instanceType, region, zone
+	}
+	// RKE1 — /var/lib/rancher exists but neither k3s nor rke2 sub-dirs
+	if hostStat("/var/lib/rancher") {
+		provider = "rancher"
+		return provider, instanceID, instanceType, region, zone
+	}
+
 	return provider, instanceID, instanceType, region, zone
 }