From 50a5e711be75b156af98f1b7831781cb58057bf5 Mon Sep 17 00:00:00 2001
From: kbauer <kbauer@newrelic.com>
Date: Mon, 10 Feb 2025 10:31:58 -0800
Subject: [PATCH 1/4] feat: add k8s node and cluster config

---
 .github/workflows/ci-config-drift.yaml        |  21 +-
 .github/workflows/ci-nightly.yaml             |   1 +
 .github/workflows/ci.yaml                     |   1 +
 Makefile                                      |   2 +-
 cmd/goreleaser/internal/configure.go          |  35 +-
 configs/README.md                             |  24 -
 configs/nr-otel-collector-gateway.yaml        |  46 --
 distributions/README.md                       |  23 +-
 distributions/nrdot-collector-host/README.md  |   2 +
 .../.goreleaser-nightly.yaml                  |  23 +-
 .../nrdot-collector-k8s/.goreleaser.yaml      |  23 +-
 distributions/nrdot-collector-k8s/Dockerfile  |   5 +
 distributions/nrdot-collector-k8s/Makefile    |  16 +
 distributions/nrdot-collector-k8s/README.md   |  19 +
 .../nrdot-collector-k8s/config-cluster.yaml   | 524 ++++++++++++++++++
 .../nrdot-collector-k8s/config-node.yaml      | 522 +++++++++++++++++
 .../nrdot-collector-k8s/sync-configs.sh       |  51 ++
 .../mocked_backend/templates/daemonset.yaml   |   9 +
 .../templates/k8s-api-access.yaml             |  88 +++
 test/charts/mocked_backend/values.yaml        |   2 +
 .../nr_backend/templates/daemonset.yaml       |   5 +-
 .../nr_backend/templates/k8s-api-access.yaml  |  88 +++
 test/charts/nr_backend/values.yaml            |   4 +-
 test/e2e/Makefile                             |   2 +-
 test/e2e/hostmetrics/hostmetrics_test.go      |  35 +-
 .../hostmetrics_slow/hostmetrics_slow_test.go |  24 +-
 test/e2e/util/chart/mocked_backend.go         |   8 +-
 test/e2e/util/helm/helm.go                    |   6 +-
 test/e2e/util/k8s/k8s.go                      |  40 +-
 29 files changed, 1448 insertions(+), 201 deletions(-)
 delete mode 100644 configs/README.md
 delete mode 100644 configs/nr-otel-collector-gateway.yaml
 create mode 100644 distributions/nrdot-collector-k8s/Makefile
 create mode 100644 distributions/nrdot-collector-k8s/README.md
 create mode 100644 distributions/nrdot-collector-k8s/config-cluster.yaml
 create mode 100644 distributions/nrdot-collector-k8s/config-node.yaml
 create mode 100755 distributions/nrdot-collector-k8s/sync-configs.sh
 create mode 100644 test/charts/mocked_backend/templates/k8s-api-access.yaml
 create mode 100644 test/charts/nr_backend/templates/k8s-api-access.yaml

diff --git a/.github/workflows/ci-config-drift.yaml b/.github/workflows/ci-config-drift.yaml
index bb9d6ff1..89eafd97 100644
--- a/.github/workflows/ci-config-drift.yaml
+++ b/.github/workflows/ci-config-drift.yaml
@@ -16,23 +16,6 @@ jobs:
       - name: Set up Helm
         uses: azure/setup-helm@v4.2.0
 
-      - name: Setup local kind cluster
-        uses: helm/kind-action@v1
-        with:
-          version: v0.21.0
-          cluster_name: "config-drift"
-          wait: 60s
-
-      - name: Install nr-k8s-otel-collector chart
+      - name: Sync k8s distro configs from helm chart
         run: |
-          helm repo add newrelic https://newrelic.github.io/helm-charts
-          
-          helm install test newrelic/nr-k8s-otel-collector -n default \
-            --set cluster=config-drift --set licenseKey=PLACEHOLDER \
-            --create-namespace --dependency-update
-          
-          kubectl get configmaps -n default test-nr-k8s-otel-collector-daemonset-config \
-            -o "jsonpath={.data['daemonset-config\.yaml']}" | yq .
-          
-          kubectl get configmaps -n default test-nr-k8s-otel-collector-deployment-config \
-            -o "jsonpath={.data['deployment-config\.yaml']}" | yq .
+          make -f ./distributions/nrdot-collector-k8s/Makefile sync-configs
diff --git a/.github/workflows/ci-nightly.yaml b/.github/workflows/ci-nightly.yaml
index 3c76dffe..624f7250 100644
--- a/.github/workflows/ci-nightly.yaml
+++ b/.github/workflows/ci-nightly.yaml
@@ -48,6 +48,7 @@ jobs:
         distribution:
           - nr-otel-collector
           - nrdot-collector-host
+          - nrdot-collector-k8s
     steps:
       - name: Checkout
         uses: actions/checkout@v4
diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
index 0a20c8d5..f413cee8 100644
--- a/.github/workflows/ci.yaml
+++ b/.github/workflows/ci.yaml
@@ -18,6 +18,7 @@ jobs:
         distribution:
           - nr-otel-collector
           - nrdot-collector-host
+          - nrdot-collector-k8s
     uses: ./.github/workflows/ci-base.yaml
     with:
       distribution: ${{ matrix.distribution }}
diff --git a/Makefile b/Makefile
index 939afb04..4b45a661 100644
--- a/Makefile
+++ b/Makefile
@@ -16,7 +16,7 @@ TOOLS_BIN_NAMES := $(addprefix $(TOOLS_BIN_DIR)/, $(notdir $(shell echo $(TOOLS_
 GO_LICENCE_DETECTOR        := $(TOOLS_BIN_DIR)/go-licence-detector
 GO_LICENCE_DETECTOR_CONFIG   := $(SRC_ROOT)/internal/assets/license/rules.json
 
-DISTRIBUTIONS ?= "nr-otel-collector,nrdot-collector-host"
+DISTRIBUTIONS ?= "nr-otel-collector,nrdot-collector-host,nrdot-collector-k8s"
 
 ci: check build licenses-check
 check: ensure-goreleaser-up-to-date
diff --git a/cmd/goreleaser/internal/configure.go b/cmd/goreleaser/internal/configure.go
index 2f05a2e7..a52b50aa 100644
--- a/cmd/goreleaser/internal/configure.go
+++ b/cmd/goreleaser/internal/configure.go
@@ -42,9 +42,20 @@ const (
 var (
 	ImagePrefixes        = []string{DockerHub}
 	NightlyImagePrefixes = []string{EnvRegistry}
-
-	Architectures      = []string{"amd64", "arm64"}
-	DefaultConfigDists = map[string]bool{LegacyDistro: true, HostDistro: true}
+	Architectures        = []string{"amd64", "arm64"}
+	SkipBinaries         = map[string]bool{
+		K8sDistro: true,
+	}
+	NfpmDefaultConfig = map[string]string{
+		LegacyDistro: "config.yaml",
+		HostDistro:   "config.yaml",
+		// k8s missing due to not packaged via nfpm
+	}
+	DockerIncludedConfigs = map[string][]string{
+		LegacyDistro: {"config.yaml"},
+		HostDistro:   {"config.yaml"},
+		K8sDistro:    {"config-node.yaml", "config-cluster.yaml"},
+	}
 	K8sDockerSkipArchs = map[string]bool{"arm": true, "386": true}
 	K8sGoos            = []string{"linux"}
 	K8sArchs           = []string{"amd64", "arm64"}
@@ -85,10 +96,9 @@ func Generate(dist string, nightly bool) config.Project {
 }
 
 func Blobs(dist string, nightly bool) []config.Blob {
-	if dist == K8sDistro {
+	if skip, ok := SkipBinaries[dist]; ok && skip {
 		return nil
 	}
-
 	version := "{{ .Version }}"
 
 	if nightly {
@@ -154,6 +164,9 @@ func ArmVersions(dist string) []string {
 }
 
 func Archives(dist string) []config.Archive {
+	if skip, ok := SkipBinaries[dist]; ok && skip {
+		return nil
+	}
 	return []config.Archive{
 		Archive(dist),
 	}
@@ -175,7 +188,7 @@ func Archive(dist string) config.Archive {
 }
 
 func Packages(dist string) []config.NFPM {
-	if dist == K8sDistro {
+	if skip, ok := SkipBinaries[dist]; ok && skip {
 		return nil
 	}
 	return []config.NFPM{
@@ -197,9 +210,9 @@ func Package(dist string) config.NFPM {
 			Type:        "config|noreplace",
 		},
 	}
-	if _, ok := DefaultConfigDists[dist]; ok {
+	if defaultConfig, ok := NfpmDefaultConfig[dist]; ok {
 		nfpmContents = append(nfpmContents, config.NFPMContent{
-			Source:      "config.yaml",
+			Source:      defaultConfig,
 			Destination: path.Join("/etc", dist, "config.yaml"),
 			Type:        "config",
 		})
@@ -294,8 +307,10 @@ func DockerImage(dist string, nightly bool, arch string, armVersion string) conf
 		return fmt.Sprintf("--label=org.opencontainers.image.%s={{%s}}", name, template)
 	}
 	files := make([]string, 0)
-	if _, ok := DefaultConfigDists[dist]; ok {
-		files = append(files, "config.yaml")
+	if configFiles, ok := DockerIncludedConfigs[dist]; ok {
+		for _, configFile := range configFiles {
+			files = append(files, configFile)
+		}
 	}
 	return config.Docker{
 		ImageTemplates: imageTemplates,
diff --git a/configs/README.md b/configs/README.md
deleted file mode 100644
index c0f8e010..00000000
--- a/configs/README.md
+++ /dev/null
@@ -1,24 +0,0 @@
-# WIP: Configurations for the New Relic Otel collectors
-
-## New Relic Otel collector (nr-otel-collector)
-
-- [nr-otel-collector-agent-linux.yaml](./nr-otel-collector-agent-linux.yaml): Feature parity with the New Relic Infrastructure Agent.
-
-### Usage
-
-#### Package manager
-
-If the collector was installed using a Linux package manager (APT, RPM, etc) some environment variables are predefined in the Systemd service [environment file](../distributions/nr-otel-collector/nr-otel-collector.conf):
-
-```
-OTEL_EXPORTER_OTLP_ENDPOINT=https://otlp.nr-data.net:443
-NEW_RELIC_MEMORY_LIMIT_MIB=100
-```
-
-The `NEW_RELIC_LICENSE_KEY` environment variable must be set manually, it can be appended to the Systemd service environment file (`/etc/nr-otel-collector/nr-otel-collector.conf`) or directly to the collector's configuration (`/etc/nr-otel-collector/config.yaml`).
-
-#### Command line
-
-```
-OTEL_EXPORTER_OTLP_ENDPOINT=https://otlp.nr-data.net:4317 NEW_RELIC_MEMORY_LIMIT_MIB=100 NEW_RELIC_LICENSE_KEY=your_license_key nr-otel-collector --config nr-otel-collector-agent-linux.yaml
-```
diff --git a/configs/nr-otel-collector-gateway.yaml b/configs/nr-otel-collector-gateway.yaml
deleted file mode 100644
index 17e55b80..00000000
--- a/configs/nr-otel-collector-gateway.yaml
+++ /dev/null
@@ -1,46 +0,0 @@
-# The following environment variables require manual modification:
-# - NEW_RELIC_LICENSE_KEY: New Relic license key.
-
-# If the collector is not installed through a package manager, the following
-# environment variables need to be set:
-# - NEW_RELIC_MEMORY_LIMIT_MIB: Maximum amount of memory to be used. (default: 100)
-# - OTEL_EXPORTER_OTLP_ENDPOINT: New Relic Otlp endpoint to export metrics to (see: https://docs.newrelic.com/docs/more-integrations/open-source-telemetry-integrations/opentelemetry/get-started/opentelemetry-set-up-your-app/#review-settings)
-
-extensions:
-  health_check:
-
-receivers:
-  otlp:
-    protocols:
-      grpc:
-      http:
-
-processors:
-  batch:
-  memory_limiter:
-    check_interval: 1s
-    limit_mib: ${NEW_RELIC_MEMORY_LIMIT_MIB}
-
-exporters:
-  debug:
-    verbosity: detailed
-  otlp:
-    endpoint: ${OTEL_EXPORTER_OTLP_ENDPOINT}
-    headers:
-      api-key: ${NEW_RELIC_LICENSE_KEY}
-
-service:
-
-  pipelines:
-
-    traces:
-      receivers: [otlp]
-      processors: [memory_limiter, batch]
-      exporters: [debug, otlp]
-
-    metrics:
-      receivers: [otlp]
-      processors: [memory_limiter, batch]
-      exporters: [debug, otlp]
-
-  extensions: [health_check]
diff --git a/distributions/README.md b/distributions/README.md
index f906a7b2..60ff21d3 100644
--- a/distributions/README.md
+++ b/distributions/README.md
@@ -2,17 +2,26 @@
 
 ## Installation
 
-### General
+### Docker
 
-#### Environment variables
-- `NEW_RELIC_LICENSE_KEY`: New Relic ingest key.
-- `NEW_RELIC_MEMORY_LIMIT_MIB`: Maximum amount of memory to be used. 
-- `OTEL_EXPORTER_OTLP_ENDPOINT`: New Relic OTLP endpoint to export metrics to, see [official docs](https://docs.newrelic.com/docs/opentelemetry/best-practices/opentelemetry-otlp/)
+Each distribution is available as a Docker image under the [newrelic](https://hub.docker.com/u/newrelic?page=1&search=nrdot-collector) organization on Docker Hub.
+
+### OS-specific packages
+For certain distributions, signed OS-specific packages are also available under [Releases](https://github.com/newrelic/opentelemetry-collector-releases/releases) on GitHub.
+
+## Configuration
 
 ### Components
 
 The full list of components is available in the respective `manifest.yaml`
 
-### Configuration
+### Customize Default Configuration
+
+The default configuration exposes some options via environment variables:
+
+| Environment Variable | Description | Default |
+|---|---|---|
+| `NEW_RELIC_LICENSE_KEY` | New Relic ingest key | N/A - Required |
+| `NEW_RELIC_MEMORY_LIMIT_MIB` | Maximum amount of memory to be used | 100 |
+| `OTEL_EXPORTER_OTLP_ENDPOINT` | New Relic OTLP endpoint to export metrics to, see [official docs](https://docs.newrelic.com/docs/opentelemetry/best-practices/opentelemetry-otlp/) | `https://otlp.nr-data.net:4317` |
 
-The default configuration is `config.yaml` which is embedded in the `Dockerfile` and any OS-specific packaging (if available).
diff --git a/distributions/nrdot-collector-host/README.md b/distributions/nrdot-collector-host/README.md
index c8b9191e..6b4b7625 100644
--- a/distributions/nrdot-collector-host/README.md
+++ b/distributions/nrdot-collector-host/README.md
@@ -5,3 +5,5 @@ Note: See [general README](../README.md) for information that applies to all dis
 A distribution of the NRDOT collector focused on
 - monitoring the host the collector is deployed on via `hostmetricsreceiver` and `filelogreceiver`
 - support piping other telemetry through it via the `otlpreceiver`
+
+Distribution is available as docker image and as OS-specific package.
\ No newline at end of file
diff --git a/distributions/nrdot-collector-k8s/.goreleaser-nightly.yaml b/distributions/nrdot-collector-k8s/.goreleaser-nightly.yaml
index ab1e4c64..0a68cf90 100644
--- a/distributions/nrdot-collector-k8s/.goreleaser-nightly.yaml
+++ b/distributions/nrdot-collector-k8s/.goreleaser-nightly.yaml
@@ -1,5 +1,7 @@
 version: 2
 project_name: nrdot-collector-releases-nightly
+release:
+  disable: "true"
 builds:
   - id: nrdot-collector-k8s
     goos:
@@ -16,15 +18,6 @@ builds:
       - -trimpath
     env:
       - CGO_ENABLED=0
-archives:
-  - id: nrdot-collector-k8s
-    builds:
-      - nrdot-collector-k8s
-    name_template: '{{ .Binary }}_{{ .Version }}_{{ .Os }}_{{ .Arch }}{{ if .Arm }}v{{ .Arm }}{{ end }}{{ if .Mips }}_{{ .Mips }}{{ end }}'
-    format_overrides:
-      - goos: windows
-        formats:
-          - zip
 snapshot:
   version_template: '{{ incpatch .Version }}-SNAPSHOT-{{.ShortCommit}}'
 checksum:
@@ -38,6 +31,9 @@ dockers:
     image_templates:
       - '{{ .Env.REGISTRY }}/nrdot-collector-k8s:{{ .Version }}-nightly-amd64'
       - '{{ .Env.REGISTRY }}/nrdot-collector-k8s:nightly-amd64'
+    extra_files:
+      - config-node.yaml
+      - config-cluster.yaml
     build_flag_templates:
       - --pull
       - --platform=linux/amd64
@@ -54,6 +50,9 @@ dockers:
     image_templates:
       - '{{ .Env.REGISTRY }}/nrdot-collector-k8s:{{ .Version }}-nightly-arm64'
       - '{{ .Env.REGISTRY }}/nrdot-collector-k8s:nightly-arm64'
+    extra_files:
+      - config-node.yaml
+      - config-cluster.yaml
     build_flag_templates:
       - --pull
       - --platform=linux/arm64
@@ -82,9 +81,3 @@ signs:
       - ${artifact}
     signature: ${artifact}.sig
     artifacts: all
-    certificate: ${artifact}.pem
-docker_signs:
-  - args:
-      - sign
-      - ${artifact}
-    artifacts: all
diff --git a/distributions/nrdot-collector-k8s/.goreleaser.yaml b/distributions/nrdot-collector-k8s/.goreleaser.yaml
index f04af0ff..22aefe1e 100644
--- a/distributions/nrdot-collector-k8s/.goreleaser.yaml
+++ b/distributions/nrdot-collector-k8s/.goreleaser.yaml
@@ -1,5 +1,7 @@
 version: 2
 project_name: nrdot-collector-releases
+release:
+  disable: "true"
 builds:
   - id: nrdot-collector-k8s
     goos:
@@ -16,15 +18,6 @@ builds:
       - -trimpath
     env:
       - CGO_ENABLED=0
-archives:
-  - id: nrdot-collector-k8s
-    builds:
-      - nrdot-collector-k8s
-    name_template: '{{ .Binary }}_{{ .Version }}_{{ .Os }}_{{ .Arch }}{{ if .Arm }}v{{ .Arm }}{{ end }}{{ if .Mips }}_{{ .Mips }}{{ end }}'
-    format_overrides:
-      - goos: windows
-        formats:
-          - zip
 snapshot:
   version_template: '{{ incpatch .Version }}-SNAPSHOT-{{.ShortCommit}}'
 checksum:
@@ -38,6 +31,9 @@ dockers:
     image_templates:
       - newrelic/nrdot-collector-k8s:{{ .Version }}-amd64
       - newrelic/nrdot-collector-k8s:latest-amd64
+    extra_files:
+      - config-node.yaml
+      - config-cluster.yaml
     build_flag_templates:
       - --pull
       - --platform=linux/amd64
@@ -54,6 +50,9 @@ dockers:
     image_templates:
       - newrelic/nrdot-collector-k8s:{{ .Version }}-arm64
       - newrelic/nrdot-collector-k8s:latest-arm64
+    extra_files:
+      - config-node.yaml
+      - config-cluster.yaml
     build_flag_templates:
       - --pull
       - --platform=linux/arm64
@@ -86,9 +85,3 @@ signs:
       - ${artifact}
     signature: ${artifact}.sig
     artifacts: all
-    certificate: ${artifact}.pem
-docker_signs:
-  - args:
-      - sign
-      - ${artifact}
-    artifacts: all
diff --git a/distributions/nrdot-collector-k8s/Dockerfile b/distributions/nrdot-collector-k8s/Dockerfile
index 3ba03798..6b1f40e7 100644
--- a/distributions/nrdot-collector-k8s/Dockerfile
+++ b/distributions/nrdot-collector-k8s/Dockerfile
@@ -8,6 +8,11 @@ USER ${USER_UID}
 
 COPY --from=certs /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/ca-certificates.crt
 COPY --chmod=755 nrdot-collector-k8s /nrdot-collector-k8s
+COPY config-node.yaml /etc/nrdot-collector-k8s/config-node.yaml
+COPY config-cluster.yaml /etc/nrdot-collector-k8s/config-cluster.yaml
+
 ENTRYPOINT ["/nrdot-collector-k8s"]
+CMD ["--config", "/etc/nrdot-collector-k8s/config-node.yaml"]
+
 # `4137` and `4318`: OTLP
 EXPOSE 4317 4318
\ No newline at end of file
diff --git a/distributions/nrdot-collector-k8s/Makefile b/distributions/nrdot-collector-k8s/Makefile
new file mode 100644
index 00000000..1fa15a5a
--- /dev/null
+++ b/distributions/nrdot-collector-k8s/Makefile
@@ -0,0 +1,16 @@
+THIS_MAKEFILE_DIR := $(realpath $(dir $(realpath $(lastword $(MAKEFILE_LIST)))))
+
+.PHONY: sync-configs
+sync-configs:
+	@${THIS_MAKEFILE_DIR}/sync-configs.sh
+
+.PHONY: check-k8s-configs
+check-k8s-configs: sync-configs
+	@git diff --name-only | grep -E 'distributions\/nrdot-collector-k8s\/config-\w*.yaml' \
+    		&& { \
+    			echo "Collector configs in helm chart have changed. Adjust sync script to take changes into account.";\
+    			echo "Diff of $(NOTICE_OUTPUT):";\
+    			git --no-pager diff HEAD -- 'distributions/nrdot-collector-k8s/config-*.yaml';\
+    			exit 1;\
+    		} \
+    		|| exit 0
diff --git a/distributions/nrdot-collector-k8s/README.md b/distributions/nrdot-collector-k8s/README.md
new file mode 100644
index 00000000..ade12ac0
--- /dev/null
+++ b/distributions/nrdot-collector-k8s/README.md
@@ -0,0 +1,19 @@
+# nrdot-collector-k8s
+
+Note: See [general README](../README.md) for information that applies to all distributions.
+
+A distribution of the NRDOT collector focused on gathering metrics in a kubernetes environment with two different configs:
+- [config-node.yaml](./config-node.yaml) (default): Collects node-level metrics via `hostmetricsreceiver`, `filelogreceiver`, `kubeletstatsreceiver` and `prometheusreceiver` (`cAdvisor`, `kubelet`)
+- [config-cluster.yaml](./config-cluster.yaml): Collects cluster-level metrics via `k8seventsreceiver`,  `prometheusreceiver` (`kube-state-metrics`, `apiserver`, `controller-manager`, `scheduler`). Can be enabled by overriding the default docker `CMD`, i.e. `--config /etc/nrdot-collector-k8s/config-cluster.yaml`
+
+Distribution is available as docker image and runs in `node` mode by default.
+
+## Additional Configuration
+
+See [general README](../README.md) for information that applies to all distributions.
+
+### nrdot-collector-k8s
+| Environment Variable | Description | Default |
+|---|---|---|
+| `K8S_CLUSTER_NAME` | Kubernetes Cluster Name used to populate attributes like `k8s.cluster.name` | `cluster-name-placeholder` |
+| `MY_POD_IP` | Pod IP to configure `otlpreceiver` | `cluster-name-placeholder` |
\ No newline at end of file
diff --git a/distributions/nrdot-collector-k8s/config-cluster.yaml b/distributions/nrdot-collector-k8s/config-cluster.yaml
new file mode 100644
index 00000000..4ac0d127
--- /dev/null
+++ b/distributions/nrdot-collector-k8s/config-cluster.yaml
@@ -0,0 +1,524 @@
+receivers:
+  otlp:
+    protocols:
+      http:
+        endpoint: ${env:MY_POD_IP}:4318
+  k8s_events:
+  prometheus/ksm:
+    config:
+      scrape_configs:
+        - job_name: kube-state-metrics
+          scrape_interval: 1m
+          kubernetes_sd_configs:
+            - role: pod
+          relabel_configs:
+            - action: keep
+              regex: kube-state-metrics
+              source_labels:
+                - __meta_kubernetes_pod_label_app_kubernetes_io_name
+            - action: replace
+              target_label: job_label
+              replacement: kube-state-metrics
+  prometheus:
+    config:
+      scrape_configs:
+        - job_name: apiserver
+          scrape_interval: 1m
+          kubernetes_sd_configs:
+            - role: endpoints
+              namespaces:
+                names:
+                  - default
+          scheme: https
+          tls_config:
+            ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
+            insecure_skip_verify: false
+          bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
+          relabel_configs:
+            - action: keep
+              regex: default;kubernetes;https
+              source_labels:
+                - __meta_kubernetes_namespace
+                - __meta_kubernetes_service_name
+                - __meta_kubernetes_endpoint_port_name
+            - action: replace
+              source_labels:
+                - __meta_kubernetes_namespace
+              target_label: namespace
+            - action: replace
+              source_labels:
+                - __meta_kubernetes_service_name
+              target_label: service
+            - action: replace
+              target_label: job_label
+              replacement: apiserver
+        - job_name: controller-manager
+          scrape_interval: 1m
+          metrics_path: /metrics
+          kubernetes_sd_configs:
+            - role: endpoints
+          scheme: https
+          tls_config:
+            ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
+            insecure_skip_verify: false
+          bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
+          relabel_configs:
+            - action: keep
+              regex: default;kubernetes;https
+              source_labels:
+                - __meta_kubernetes_namespace
+                - __meta_kubernetes_service_name
+                - __meta_kubernetes_endpoint_port_name
+            - action: replace
+              source_labels:
+                - __meta_kubernetes_namespace
+              target_label: namespace
+            - action: replace
+              source_labels:
+                - __meta_kubernetes_pod_name
+              target_label: pod
+            - action: replace
+              source_labels:
+                - __meta_kubernetes_service_name
+              target_label: service
+            - action: replace
+              target_label: job_label
+              replacement: controller-manager
+        - job_name: scheduler
+          scrape_interval: 1m
+          kubernetes_sd_configs:
+            - role: endpoints
+          scheme: https
+          tls_config:
+            ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
+            insecure_skip_verify: true
+          bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
+          relabel_configs:
+            - action: keep
+              regex: default;kubernetes;https
+              source_labels:
+                - __meta_kubernetes_namespace
+                - __meta_kubernetes_service_name
+                - __meta_kubernetes_endpoint_port_name
+            - action: replace
+              source_labels:
+                - __meta_kubernetes_namespace
+              target_label: namespace
+            - action: replace
+              source_labels:
+                - __meta_kubernetes_service_name
+              target_label: service
+            - action: replace
+              target_label: job_label
+              replacement: scheduler
+processors:
+  groupbyattrs:
+    keys:
+      - pod
+      - container
+      - daemonset
+      - replicaset
+      - statefulset
+      - deployment
+      - cronjob
+      - configmap
+      - job
+      - job_name
+      - horizontalpodautoscaler
+      - persistentvolume
+      - persistentvolumeclaim
+      - endpoint
+      - mutatingwebhookconfiguration
+      - validatingwebhookconfiguration
+      - lease
+      - storageclass
+      - secret
+      - service
+      - resourcequota
+      - node
+      - namespace
+  transform/ksm:
+    metric_statements:
+      - context: resource
+        statements:
+          - delete_key(attributes, "k8s.pod.name")
+          - delete_key(attributes, "k8s.pod.uid")
+          - delete_key(attributes, "k8s.container.name")
+          - delete_key(attributes, "k8s.namespace.name")
+          - delete_key(attributes, "k8s.node.name")
+          - delete_key(attributes, "k8s.replicaset.name")
+          - set(attributes["k8s.pod.name"], attributes["pod"])
+          - set(attributes["k8s.daemonset.name"], attributes["daemonset"])
+          - set(attributes["k8s.replicaset.name"], attributes["replicaset"])
+          - set(attributes["k8s.statefulset.name"], attributes["statefulset"])
+          - set(attributes["k8s.deployment.name"], attributes["deployment"])
+          - set(attributes["k8s.node.name"], attributes["node"])
+          - set(attributes["k8s.namespace.name"], attributes["namespace"])
+          - set(attributes["k8s.container.name"], attributes["container"])
+          - set(attributes["k8s.uid.uid"], attributes["uid"])
+  metricstransform/k8s_cluster_info:
+    transforms:
+      - include: kubernetes_build_info
+        action: update
+        new_name: k8s.cluster.info
+  metricstransform/kube_pod_status_phase:
+    transforms:
+      - include: 'kube_pod_container_status_waiting'
+        match_type: strict
+        action: update
+        new_name: 'kube_pod_container_status_phase'
+        operations:
+          - action: add_label
+            new_label: container_phase
+            new_value: waiting
+      - include: 'kube_pod_container_status_running'
+        match_type: strict
+        action: update
+        new_name: 'kube_pod_container_status_phase'
+        operations:
+          - action: add_label
+            new_label: container_phase
+            new_value: running
+      - include: 'kube_pod_container_status_terminated'
+        match_type: strict
+        action: update
+        new_name: 'kube_pod_container_status_phase'
+        operations:
+          - action: add_label
+            new_label: container_phase
+            new_value: terminated
+  metricstransform/ldm:
+    transforms:
+      - include: .*
+        match_type: regexp
+        action: update
+        operations:
+          - action: add_label
+            new_label: low.data.mode
+            new_value: 'false'
+  metricstransform/k8s_cluster_info_ldm:
+    transforms:
+      - include: k8s.cluster.info
+        action: update
+        operations:
+          - action: update_label
+            label: low.data.mode
+            value_actions:
+              - value: 'false'
+                new_value: 'true'
+  metricstransform/ksm:
+    transforms:
+      - include: kube_cronjob_(created|spec_suspend|status_(active|last_schedule_time))
+        action: update
+        match_type: regexp
+        operations:
+          - action: update_label
+            label: low.data.mode
+            value_actions:
+              - value: 'false'
+                new_value: 'true'
+      - include: kube_daemonset_(created|status_(current_number_scheduled|desired_number_scheduled|updated_number_scheduled)|status_number_(available|misscheduled|ready|unavailable))
+        action: update
+        match_type: regexp
+        operations:
+          - action: update_label
+            label: low.data.mode
+            value_actions:
+              - value: 'false'
+                new_value: 'true'
+      - include: kube_deployment_(created|metadata_generation|spec_(replicas|strategy_rollingupdate_max_surge)|status_(condition|observed_generation|replicas)|status_replicas_(available|ready|unavailable|updated))
+        action: update
+        match_type: regexp
+        operations:
+          - action: update_label
+            label: low.data.mode
+            value_actions:
+              - value: 'false'
+                new_value: 'true'
+      - include: kube_horizontalpodautoscaler_(spec_(max_replicas|min_replicas)|status_(condition|current_replicas|desired_replicas))
+        action: update
+        match_type: regexp
+        operations:
+          - action: update_label
+            label: low.data.mode
+            value_actions:
+              - value: 'false'
+                new_value: 'true'
+      - include: kube_job_(complete|created|failed|spec_(active_deadline_seconds|completions|parallelism)|status_(active|completion_time|failed|start_time|succeeded))
+        action: update
+        match_type: regexp
+        operations:
+          - action: update_label
+            label: low.data.mode
+            value_actions:
+              - value: 'false'
+                new_value: 'true'
+      - include: kube_node_status_(allocatable|condition)
+        action: update
+        match_type: regexp
+        operations:
+          - action: update_label
+            label: low.data.mode
+            value_actions:
+              - value: 'false'
+                new_value: 'true'
+      - include: kube_persistentvolume_(capacity_bytes|created|info|status_phase)
+        action: update
+        match_type: regexp
+        operations:
+          - action: update_label
+            label: low.data.mode
+            value_actions:
+              - value: 'false'
+                new_value: 'true'
+      - include: kube_persistentvolumeclaim_(created|info|resource_requests_storage_bytes|status_phase)
+        action: update
+        match_type: regexp
+        operations:
+          - action: update_label
+            label: low.data.mode
+            value_actions:
+              - value: 'false'
+                new_value: 'true'
+      - include: kube_pod_container_(resource_(limits|requests)|status_(phase|ready|restarts_total|waiting_reason))
+        action: update
+        match_type: regexp
+        operations:
+          - action: update_label
+            label: low.data.mode
+            value_actions:
+              - value: 'false'
+                new_value: 'true'
+      - include: kube_pod_(created|info|status_(phase|ready|ready_time|scheduled|scheduled_time))
+        action: update
+        match_type: regexp
+        operations:
+          - action: update_label
+            label: low.data.mode
+            value_actions:
+              - value: 'false'
+                new_value: 'true'
+      - include: kube_service_(annotations|created|info|labels|spec_type|status_load_balancer_ingress)
+        action: update
+        match_type: regexp
+        operations:
+          - action: update_label
+            label: low.data.mode
+            value_actions:
+              - value: 'false'
+                new_value: 'true'
+      - include: kube_statefulset_(created|persistentvolumeclaim_retention_policy|replicas|status_(current_revision|replicas)|status_replicas_(available|current|ready|updated))
+        action: update
+        match_type: regexp
+        operations:
+          - action: update_label
+            label: low.data.mode
+            value_actions:
+              - value: 'false'
+                new_value: 'true'
+  metricstransform/apiserver:
+    transforms:
+      - include: apiserver_storage_objects
+        action: update
+        match_type: regexp
+        operations:
+          - action: update_label
+            label: low.data.mode
+            value_actions:
+              - value: 'false'
+                new_value: 'true'
+      - include: go_(goroutines|threads)
+        action: update
+        match_type: regexp
+        operations:
+          - action: update_label
+            label: low.data.mode
+            value_actions:
+              - value: 'false'
+                new_value: 'true'
+      - include: process_resident_memory_bytes
+        action: update
+        match_type: regexp
+        operations:
+          - action: update_label
+            label: low.data.mode
+            value_actions:
+              - value: 'false'
+                new_value: 'true'
+  filter/exclude_metrics_low_data_mode:
+    metrics:
+      metric:
+        - 'HasAttrOnDatapoint("low.data.mode", "false")'
+  filter/exclude_zero_value_kube_node_status_condition:
+    metrics:
+      datapoint:
+        - metric.name == "kube_node_status_condition" and value_double == 0.0
+  filter/exclude_zero_value_kube_persistentvolumeclaim_status_phase:
+    metrics:
+      datapoint:
+        - metric.name == "kube_persistentvolumeclaim_status_phase" and value_double == 0.0
+  filter/exclude_zero_value_kube_pod_status_phase:
+    metrics:
+      datapoint:
+        - metric.name == "kube_pod_status_phase" and value_double == 0.0
+  filter/exclude_zero_value_kube_pod_container_status:
+    metrics:
+      datapoint:
+        - metric.name == "kube_pod_container_status" and value_double == 0.0
+  resourcedetection/env:
+    detectors: ["env", "system"]
+    override: false
+    system:
+      hostname_sources: ["os"]
+      resource_attributes:
+        host.id:
+          enabled: true
+  resourcedetection/cloudproviders:
+    detectors: [gcp, eks, azure, aks, ec2, ecs]
+    timeout: 2s
+    override: false
+    ec2:
+      resource_attributes:
+        host.name:
+          enabled: false
+  resource/metrics:
+    attributes:
+      - key: host.id
+        from_attribute: host.name
+        action: upsert
+      - key: k8s.cluster.name
+        action: upsert
+        value: ${env:K8S_CLUSTER_NAME:-cluster-name-placeholder}
+      - key: newrelicOnly
+        action: upsert
+        value: 'true'
+      - key: service.name
+        action: delete
+      - key: service_name
+        action: delete
+  resource/events:
+    attributes:
+      - key: "event.name"
+        action: upsert
+        value: "InfrastructureEvent"
+      - key: "event.domain"
+        action: upsert
+        value: "newrelic-otel-event"
+      - key: "category"
+        action: upsert
+        value: "kubernetes"
+      - key: k8s.cluster.name
+        action: upsert
+        value: ${env:K8S_CLUSTER_NAME:-cluster-name-placeholder}
+      - key: newrelicOnly
+        action: upsert
+        value: 'true'
+  transform/events:
+    log_statements:
+      - context: log
+        statements:
+          - set(attributes["event.source.host"], resource.attributes["k8s.node.name"])
+  transform/low_data_mode_inator:
+    metric_statements:
+      - context: metric
+        statements:
+          - set(description, "")
+          - set(unit, "")
+  resource/low_data_mode_inator:
+    attributes:
+      - key: http.scheme
+        action: delete
+      - key: net.host.name
+        action: delete
+      - key: net.host.port
+        action: delete
+  cumulativetodelta:
+  k8sattributes:
+    auth_type: "serviceAccount"
+    passthrough: false
+    filter:
+      node_from_env_var: KUBE_NODE_NAME
+    extract:
+      metadata:
+        - k8s.pod.name
+        - k8s.pod.uid
+        - k8s.deployment.name
+        - k8s.namespace.name
+        - k8s.node.name
+        - k8s.pod.start_time
+    pod_association:
+      - sources:
+          - from: resource_attribute
+            name: k8s.pod.uid
+  attributes/self:
+    actions:
+      - key: k8s.pod.name
+        action: upsert
+        from_attribute: pod
+      - key: k8s.deployment.name
+        action: upsert
+        from_attribute: deployment
+      - key: k8s.node.name
+        action: upsert
+        from_attribute: node
+      - key: k8s.namespace.name
+        action: upsert
+        from_attribute: namespace
+  memory_limiter:
+    check_interval: 1s
+    limit_percentage: 80
+    spike_limit_percentage: 25
+  batch:
+    send_batch_max_size: 1000
+    timeout: 30s
+    send_batch_size: 800
+exporters:
+  otlphttp/newrelic:
+    endpoint: ${env:OTEL_EXPORTER_OTLP_ENDPOINT:-https://otlp.nr-data.net}
+    headers:
+      api-key: ${env:NEW_RELIC_LICENSE_KEY}
+service:
+  pipelines:
+    metrics/ksm:
+      receivers:
+        - prometheus/ksm
+      processors:
+        - metricstransform/kube_pod_status_phase
+        - filter/exclude_zero_value_kube_node_status_condition
+        - filter/exclude_zero_value_kube_persistentvolumeclaim_status_phase
+        - filter/exclude_zero_value_kube_pod_status_phase
+        - filter/exclude_zero_value_kube_pod_container_status
+        - resource/metrics
+        - resourcedetection/env
+        - resourcedetection/cloudproviders
+        - batch
+        - groupbyattrs
+        - transform/ksm
+      exporters:
+        - otlphttp/newrelic
+    metrics:
+      receivers:
+        - prometheus
+      processors:
+        - metricstransform/k8s_cluster_info
+        - resource/metrics
+        - k8sattributes
+        - attributes/self
+        - memory_limiter
+        - cumulativetodelta
+        - batch
+      exporters:
+        - otlphttp/newrelic
+    logs/events:
+      receivers:
+        - k8s_events
+      processors:
+        - transform/events
+        - resource/events
+        - batch
+      exporters:
+        - otlphttp/newrelic
+  extensions:
+    - health_check
+extensions:
+  health_check: {}
diff --git a/distributions/nrdot-collector-k8s/config-node.yaml b/distributions/nrdot-collector-k8s/config-node.yaml
new file mode 100644
index 00000000..9524a992
--- /dev/null
+++ b/distributions/nrdot-collector-k8s/config-node.yaml
@@ -0,0 +1,522 @@
+receivers:
+  hostmetrics:
+    collection_interval: 1m
+    scrapers:
+      cpu:
+        metrics:
+          system.cpu.time:
+            enabled: false
+          system.cpu.utilization:
+            enabled: true
+      load:
+      memory:
+        metrics:
+          system.memory.utilization:
+            enabled: true
+      paging:
+        metrics:
+          system.paging.utilization:
+            enabled: false
+          system.paging.faults:
+            enabled: false
+      filesystem:
+        metrics:
+          system.filesystem.utilization:
+            enabled: true
+      disk:
+        metrics:
+          system.disk.merged:
+            enabled: false
+          system.disk.pending_operations:
+            enabled: false
+          system.disk.weighted_io_time:
+            enabled: false
+      network:
+        metrics:
+          system.network.connections:
+            enabled: false
+  kubeletstats:
+    collection_interval: 1m
+    endpoint: "${KUBE_NODE_NAME}:10250"
+    auth_type: "serviceAccount"
+    insecure_skip_verify: true
+    metrics:
+      k8s.container.cpu_limit_utilization:
+        enabled: true
+  prometheus:
+    config:
+      scrape_configs:
+        - job_name: cadvisor
+          scrape_interval: 1m
+          bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
+          kubernetes_sd_configs:
+            - role: node
+          relabel_configs:
+            - replacement: kubernetes.default.svc.cluster.local:443
+              target_label: __address__
+            - regex: (.+)
+              replacement: /api/v1/nodes/$${1}/proxy/metrics/cadvisor
+              source_labels:
+                - __meta_kubernetes_node_name
+              target_label: __metrics_path__
+            - action: replace
+              target_label: job_label
+              replacement: cadvisor
+          scheme: https
+          tls_config:
+            ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
+            insecure_skip_verify: false
+            server_name: kubernetes
+        - job_name: kubelet
+          scrape_interval: 1m
+          bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
+          kubernetes_sd_configs:
+            - role: node
+          relabel_configs:
+            - replacement: kubernetes.default.svc.cluster.local:443
+              target_label: __address__
+            - regex: (.+)
+              replacement: /api/v1/nodes/$${1}/proxy/metrics
+              source_labels:
+                - __meta_kubernetes_node_name
+              target_label: __metrics_path__
+            - action: replace
+              target_label: job_label
+              replacement: kubelet
+          scheme: https
+          tls_config:
+            ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
+            insecure_skip_verify: false
+            server_name: kubernetes
+  filelog:
+    include:
+      - /var/log/pods/*/*/*.log
+    exclude:
+      - /var/log/pods/*/otel-collector-daemonset/*.log
+      - /var/log/pods/*/otel-collector-deployment/*.log
+      - /var/log/pods/*/containers/*-exec.log
+      - /var/log/pods/*/konnectivity-agent/*.log
+      - /var/log/container/otel-collector-daemonset/*.log
+      - /var/log/container/otel-collector-deployment/*.log
+      - /var/log/containers/*-exec.log
+    start_at: beginning
+    include_file_path: true
+    include_file_name: true
+    operators:
+      - type: router
+        id: get-format
+        routes:
+          - output: parser-docker
+            expr: 'body matches "^\\{"'
+          - output: parser-crio
+            expr: 'body matches "^[^ Z]+ "'
+          - output: parser-containerd
+            expr: 'body matches "^[^ Z]+Z"'
+      - type: regex_parser
+        id: parser-crio
+        regex: '^(?P<time>[^ Z]+) (?P<stream>stdout|stderr) (?P<logtag>[^ ]*) ?(?P<log>.*)$'
+        output: extract_metadata_from_filepath
+        timestamp:
+          parse_from: attributes.time
+          layout_type: gotime
+          layout: '2006-01-02T15:04:05.999999999Z07:00'
+      - type: regex_parser
+        id: parser-containerd
+        regex: '^(?P<time>[^ ^Z]+Z) (?P<stream>stdout|stderr) (?P<logtag>[^ ]*) ?(?P<log>.*)$'
+        output: extract_metadata_from_filepath
+        timestamp:
+          parse_from: attributes.time
+          layout: '%Y-%m-%dT%H:%M:%S.%LZ'
+      - type: json_parser
+        id: parser-docker
+        output: extract_metadata_from_filepath
+        timestamp:
+          parse_from: attributes.time
+          layout: '%Y-%m-%dT%H:%M:%S.%LZ'
+      - type: move
+        from: attributes.log
+        to: body
+      - type: regex_parser
+        id: extract_metadata_from_filepath
+        regex: '^.*\/(?P<namespace>[^_]+)_(?P<pod_name>[^_]+)_(?P<uid>[a-f0-9\-]{36})\/(?P<container_name>[^\._]+)\/(?P<restart_count>\d+)\.log$'
+        parse_from: attributes["log.file.path"]
+        cache:
+          size: 128
+      - type: move
+        from: attributes.stream
+        to: attributes["log.iostream"]
+      - type: move
+        from: attributes.container_name
+        to: resource["k8s.container.name"]
+      - type: move
+        from: attributes.namespace
+        to: resource["k8s.namespace.name"]
+      - type: move
+        from: attributes.pod_name
+        to: resource["k8s.pod.name"]
+      - type: move
+        from: attributes.restart_count
+        to: resource["k8s.container.restart_count"]
+      - type: move
+        from: attributes.uid
+        to: resource["k8s.pod.uid"]
+processors:
+  metricstransform/ldm:
+    transforms:
+      - include: .*
+        match_type: regexp
+        action: update
+        operations:
+          - action: add_label
+            new_label: low.data.mode
+            new_value: 'false'
+  metricstransform/kubeletstats:
+    transforms:
+      - include: container\.(cpu\.utilization|filesystem\.(capacity|usage)|memory\.usage)
+        action: update
+        match_type: regexp
+        operations:
+          - action: update_label
+            label: low.data.mode
+            value_actions:
+              - value: 'false'
+                new_value: 'true'
+      - include: k8s\.node\.(cpu\.(time|utilization)|filesystem\.(capacity|usage)|memory\.(available|working_set))
+        action: update
+        match_type: regexp
+        operations:
+          - action: update_label
+            label: low.data.mode
+            value_actions:
+              - value: 'false'
+                new_value: 'true'
+      - include: k8s\.pod\.(filesystem\.(available|capacity|usage)|memory\.(working_set))
+        action: update
+        match_type: regexp
+        operations:
+          - action: update_label
+            label: low.data.mode
+            value_actions:
+              - value: 'false'
+                new_value: 'true'
+  metricstransform/cadvisor:
+    transforms:
+      - include: container_cpu_(cfs_(periods_total|throttled_periods_total)|usage_seconds_total)
+        action: update
+        match_type: regexp
+        operations:
+          - action: update_label
+            label: low.data.mode
+            value_actions:
+              - value: 'false'
+                new_value: 'true'
+      - include: container_memory_working_set_bytes
+        action: update
+        match_type: regexp
+        operations:
+          - action: update_label
+            label: low.data.mode
+            value_actions:
+              - value: 'false'
+                new_value: 'true'
+      - include: container_network_(working_set_bytes|receive_(bytes_total|errors_total)|transmit_(bytes_total|errors_total))
+        action: update
+        match_type: regexp
+        operations:
+          - action: update_label
+            label: low.data.mode
+            value_actions:
+              - value: 'false'
+                new_value: 'true'
+      - include: container_spec_memory_limit_bytes
+        action: update
+        match_type: regexp
+        operations:
+          - action: update_label
+            label: low.data.mode
+            value_actions:
+              - value: 'false'
+                new_value: 'true'
+  metricstransform/kubelet:
+    transforms:
+      - include: go_(goroutines|threads)
+        action: update
+        match_type: regexp
+        operations:
+          - action: update_label
+            label: low.data.mode
+            value_actions:
+              - value: 'false'
+                new_value: 'true'
+      - include: process_resident_memory_bytes
+        action: update
+        match_type: regexp
+        operations:
+          - action: update_label
+            label: low.data.mode
+            value_actions:
+              - value: 'false'
+                new_value: 'true'
+  metricstransform/hostmetrics:
+    transforms:
+      - include: process\.(cpu\.utilization|disk\.io|memory\.(usage|virtual))
+        action: update
+        match_type: regexp
+        operations:
+          - action: update_label
+            label: low.data.mode
+            value_actions:
+              - value: 'false'
+                new_value: 'true'
+      - include: system\.cpu\.(utilization|load_average\.(15m|1m|5m))
+        action: update
+        match_type: regexp
+        operations:
+          - action: update_label
+            label: low.data.mode
+            value_actions:
+              - value: 'false'
+                new_value: 'true'
+      - include: system\.disk\.(io_time|operation_time|operations)
+        action: update
+        match_type: regexp
+        operations:
+          - action: update_label
+            label: low.data.mode
+            value_actions:
+              - value: 'false'
+                new_value: 'true'
+      - include: system\.(filesystem|memory)\.(usage|utilization)
+        action: update
+        match_type: regexp
+        operations:
+          - action: update_label
+            label: low.data.mode
+            value_actions:
+              - value: 'false'
+                new_value: 'true'
+      - include: system\.network\.(errors|io|packets)
+        action: update
+        match_type: regexp
+        operations:
+          - action: update_label
+            label: low.data.mode
+            value_actions:
+              - value: 'false'
+                new_value: 'true'
+  filter/exclude_metrics_low_data_mode:
+    metrics:
+      metric:
+        - 'HasAttrOnDatapoint("low.data.mode", "false")'
+  transform/truncate:
+    log_statements:
+      - context: log
+        statements:
+          - truncate_all(attributes, 4095)
+          - truncate_all(resource.attributes, 4095)
+  metricstransform/hostmetrics_cpu:
+    transforms:
+      - include: system.cpu.utilization
+        action: update
+        operations:
+          - action: aggregate_labels
+            label_set: [state]
+            aggregation_type: mean
+      - include: system.paging.operations
+        action: update
+        operations:
+          - action: aggregate_labels
+            label_set: [direction]
+            aggregation_type: sum
+  filter/exclude_cpu_utilization:
+    metrics:
+      datapoint:
+        - 'metric.name == "system.cpu.utilization" and attributes["state"] == "interrupt"'
+        - 'metric.name == "system.cpu.utilization" and attributes["state"] == "nice"'
+        - 'metric.name == "system.cpu.utilization" and attributes["state"] == "softirq"'
+  filter/exclude_memory_utilization:
+    metrics:
+      datapoint:
+        - 'metric.name == "system.memory.utilization" and attributes["state"] == "slab_unreclaimable"'
+        - 'metric.name == "system.memory.utilization" and attributes["state"] == "inactive"'
+        - 'metric.name == "system.memory.utilization" and attributes["state"] == "cached"'
+        - 'metric.name == "system.memory.utilization" and attributes["state"] == "buffered"'
+        - 'metric.name == "system.memory.utilization" and attributes["state"] == "slab_reclaimable"'
+  filter/exclude_memory_usage:
+    metrics:
+      datapoint:
+        - 'metric.name == "system.memory.usage" and attributes["state"] == "slab_unreclaimable"'
+        - 'metric.name == "system.memory.usage" and attributes["state"] == "inactive"'
+  filter/exclude_filesystem_utilization:
+    metrics:
+      datapoint:
+        - 'metric.name == "system.filesystem.utilization" and attributes["type"] == "squashfs"'
+  filter/exclude_filesystem_usage:
+    metrics:
+      datapoint:
+        - 'metric.name == "system.filesystem.usage" and attributes["type"] == "squashfs"'
+        - 'metric.name == "system.filesystem.usage" and attributes["state"] == "reserved"'
+  filter/exclude_filesystem_inodes_usage:
+    metrics:
+      datapoint:
+        - 'metric.name == "system.filesystem.inodes.usage" and attributes["type"] == "squashfs"'
+        - 'metric.name == "system.filesystem.inodes.usage" and attributes["state"] == "reserved"'
+  filter/exclude_system_disk:
+    metrics:
+      datapoint:
+        - 'metric.name == "system.disk.operations" and IsMatch(attributes["device"], "^loop.*") == true'
+        - 'metric.name == "system.disk.merged" and IsMatch(attributes["device"], "^loop.*") == true'
+        - 'metric.name == "system.disk.io" and IsMatch(attributes["device"], "^loop.*") == true'
+        - 'metric.name == "system.disk.io_time" and IsMatch(attributes["device"], "^loop.*") == true'
+        - 'metric.name == "system.disk.operation_time" and IsMatch(attributes["device"], "^loop.*") == true'
+  filter/exclude_system_paging:
+    metrics:
+      datapoint:
+        - 'metric.name == "system.paging.usage" and attributes["state"] == "cached"'
+        - 'metric.name == "system.paging.operations" and attributes["type"] == "cached"'
+  filter/exclude_network:
+    metrics:
+      datapoint:
+        - 'IsMatch(metric.name, "^system.network.*") == true and attributes["device"] == "lo"'
+  attributes/exclude_system_paging:
+    include:
+      match_type: strict
+      metric_names:
+        - system.paging.operations
+    actions:
+      - key: type
+        action: delete
+  resourcedetection/env:
+    detectors: ["env", "system"]
+    override: false
+    system:
+      hostname_sources: ["os"]
+      resource_attributes:
+        host.id:
+          enabled: true
+  resourcedetection/cloudproviders:
+    detectors: [gcp, eks, azure, aks, ec2, ecs]
+    timeout: 2s
+    override: false
+    ec2:
+      resource_attributes:
+        host.name:
+          enabled: false
+  resource:
+    attributes:
+      - key: host.id
+        from_attribute: host.name
+        action: upsert
+      - key: k8s.cluster.name
+        action: upsert
+        value: ${env:K8S_CLUSTER_NAME:-cluster-name-placeholder}
+      - key: newrelicOnly
+        action: upsert
+        value: 'true'
+      - key: service.name
+        action: delete
+      - key: service_name
+        action: delete
+  transform/low_data_mode_inator:
+    metric_statements:
+      - context: metric
+        statements:
+          - set(description, "")
+          - set(unit, "")
+  resource/low_data_mode_inator:
+    attributes:
+      - key: http.scheme
+        action: delete
+      - key: net.host.name
+        action: delete
+      - key: net.host.port
+        action: delete
+  k8sattributes:
+    auth_type: "serviceAccount"
+    passthrough: false
+    filter:
+      node_from_env_var: KUBE_NODE_NAME
+    extract:
+      metadata:
+        - k8s.pod.name
+        - k8s.pod.uid
+        - k8s.deployment.name
+        - k8s.namespace.name
+        - k8s.node.name
+        - k8s.pod.start_time
+    pod_association:
+      - sources:
+          - from: resource_attribute
+            name: k8s.pod.uid
+  attributes/self:
+    actions:
+      - key: k8s.pod.name
+        action: update
+        from_attribute: pod
+      - key: k8s.deployment.name
+        action: update
+        from_attribute: deployment
+      - key: k8s.node.name
+        action: update
+        from_attribute: node
+      - key: k8s.namespace.name
+        action: upsert
+        from_attribute: namespace
+  memory_limiter:
+    check_interval: 1s
+    limit_percentage: 80
+    spike_limit_percentage: 25
+  cumulativetodelta:
+  batch:
+    send_batch_max_size: 1000
+    timeout: 30s
+    send_batch_size: 800
+exporters:
+  otlphttp/newrelic:
+    endpoint: ${env:OTEL_EXPORTER_OTLP_ENDPOINT:-https://otlp.nr-data.net}
+    headers:
+      api-key: ${env:NEW_RELIC_LICENSE_KEY}
+service:
+  pipelines:
+    metrics:
+      receivers:
+        - hostmetrics
+        - kubeletstats
+        - prometheus
+      processors:
+        - metricstransform/hostmetrics_cpu
+        - transform/truncate
+        - filter/exclude_cpu_utilization
+        - filter/exclude_memory_utilization
+        - filter/exclude_memory_usage
+        - filter/exclude_filesystem_utilization
+        - filter/exclude_filesystem_usage
+        - filter/exclude_filesystem_inodes_usage
+        - filter/exclude_system_disk
+        - filter/exclude_system_paging
+        - filter/exclude_network
+        - attributes/exclude_system_paging
+        - resourcedetection/env
+        - resourcedetection/cloudproviders
+        - resource
+        - k8sattributes
+        - attributes/self
+        - memory_limiter
+        - cumulativetodelta
+        - batch
+      exporters:
+        - otlphttp/newrelic
+    logs:
+      receivers:
+        - filelog
+      processors:
+        - transform/truncate
+        - resource
+        - k8sattributes
+        - batch
+      exporters:
+        - otlphttp/newrelic
+  extensions:
+    - health_check
+extensions:
+  health_check: {}
diff --git a/distributions/nrdot-collector-k8s/sync-configs.sh b/distributions/nrdot-collector-k8s/sync-configs.sh
new file mode 100755
index 00000000..413c9042
--- /dev/null
+++ b/distributions/nrdot-collector-k8s/sync-configs.sh
@@ -0,0 +1,51 @@
+#!/bin/bash
+set -e
+yq --version | grep -E -q '4\.[0-9]+\.[0-9]+' || { echo $? && echo "yq version 4.x.x is expected, but was '$(yq --version)'"; exit 1; }
+
+helm repo add newrelic https://helm-charts.newrelic.com
+helm repo update
+rendered_helm_chart=$(helm template "test-render-$(date +%s)" newrelic/nr-k8s-otel-collector \
+  --set 'cluster=${env:K8S_CLUSTER_NAME:-cluster-name-placeholder}' \
+  --set 'lowDataMode=false' \
+  --set licenseKey=license-key-placeholder \
+  )
+
+
+script_name=$(basename "$0")
+script_dir=$(realpath "$(dirname "${BASH_SOURCE[0]}")")
+k8s_distro_dir="${script_dir}"
+node_config="${k8s_distro_dir}/config-node.yaml"
+cluster_config="${k8s_distro_dir}/config-cluster.yaml"
+
+function extract_config_with_overwritable_defaults() {
+  local helm_deploy_type="${1}"
+  local output_file="${2}"
+  echo "$rendered_helm_chart" |
+    {
+      yq "(select(.kind == \"ConfigMap\" and (.metadata.name | contains(\"${helm_deploy_type}-config\"))) | .data[\"${helm_deploy_type}-config.yaml\"])"
+    } | {
+      # strip away all comments
+      yq '... comments=""'
+    } | {
+      # remove linux-only configuration
+      yq 'del(.receivers.hostmetrics.root_path)'
+    } | {
+      # expose ingest endpoint via env var to align with other distros
+      sed 's/"https:\/\/2.zoppoz.workers.dev:443\/https\/otlp.nr-data.net"/${env:OTEL_EXPORTER_OTLP_ENDPOINT:-https:\/\/2.zoppoz.workers.dev:443\/https\/otlp.nr-data.net}/g'
+    } | {
+      # normalize env var names
+      sed 's/env:NR_LICENSE_KEY/env:NEW_RELIC_LICENSE_KEY/g'
+    } | {
+      # add healthcheck
+      yq '. + {"extensions": {"health_check":{}}}' |
+      yq '.service += {"extensions": ["health_check"]}'
+    } > "${output_file}"
+    echo "Config '${helm_deploy_type}' written to ${output_file}"
+}
+
+extract_config_with_overwritable_defaults 'daemonset' "${node_config}"
+extract_config_with_overwritable_defaults 'deployment' "${cluster_config}"
+
+
+
+
diff --git a/test/charts/mocked_backend/templates/daemonset.yaml b/test/charts/mocked_backend/templates/daemonset.yaml
index 847e1372..914d21a5 100644
--- a/test/charts/mocked_backend/templates/daemonset.yaml
+++ b/test/charts/mocked_backend/templates/daemonset.yaml
@@ -14,6 +14,7 @@ spec:
       labels:
         app: *app
     spec:
+      serviceAccountName: read-k8s-api-account
       initContainers:
         # Wait for the backend to be up before starting the collector
         - name: wait-for-validation
@@ -33,3 +34,11 @@ spec:
               value: "http://validation-backend:4318"
             - name: NEW_RELIC_MEMORY_LIMIT_MIB
               value: "100"
+            # mock values
+                # k8s distro expects this to be present
+            - name: KUBE_NODE_NAME
+              valueFrom:
+                fieldRef:
+                  fieldPath: spec.nodeName
+            - name: NEW_RELIC_LICENSE_KEY
+              value: "NR_LICENSE_KEY_PLACEHOLDER"
diff --git a/test/charts/mocked_backend/templates/k8s-api-access.yaml b/test/charts/mocked_backend/templates/k8s-api-access.yaml
new file mode 100644
index 00000000..c8aafb15
--- /dev/null
+++ b/test/charts/mocked_backend/templates/k8s-api-access.yaml
@@ -0,0 +1,88 @@
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: read-k8s-api-account
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: read-k8s-api-role
+# required rules copied from:
+# - k8seventsreceiever: https://github.com/open-telemetry/opentelemetry-collector-contrib/blob/main/receiver/k8seventsreceiver/README.md#rbac
+rules:
+  - apiGroups:
+      - ""
+    resources:
+      - events
+      - namespaces
+      - namespaces/status
+      - nodes
+      - nodes/spec
+      - pods
+      - pods/status
+      - replicationcontrollers
+      - replicationcontrollers/status
+      - resourcequotas
+      - services
+    verbs:
+      - get
+      - list
+      - watch
+  - apiGroups:
+      - apps
+    resources:
+      - daemonsets
+      - deployments
+      - replicasets
+      - statefulsets
+    verbs:
+      - get
+      - list
+      - watch
+  - apiGroups:
+      - extensions
+    resources:
+      - daemonsets
+      - deployments
+      - replicasets
+    verbs:
+      - get
+      - list
+      - watch
+  - apiGroups:
+      - batch
+    resources:
+      - jobs
+      - cronjobs
+    verbs:
+      - get
+      - list
+      - watch
+  - apiGroups:
+      - autoscaling
+    resources:
+      - horizontalpodautoscalers
+    verbs:
+      - get
+      - list
+      - watch
+  # kubeletstatsreceiver: https://github.com/open-telemetry/opentelemetry-collector-contrib/tree/main/receiver/kubeletstatsreceiver#role-based-access-control
+  - apiGroups: [ "" ]
+    resources: [ "nodes/stats" ]
+    verbs: [ "get" ]
+  - apiGroups: [ "" ]
+    resources: [ "nodes/proxy" ]
+    verbs: [ "get" ]
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: read-k8s-api-binding
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: read-k8s-api-role
+subjects:
+  - kind: ServiceAccount
+    name: read-k8s-api-account
+    namespace: {{ .Values.namespace }}
\ No newline at end of file
diff --git a/test/charts/mocked_backend/values.yaml b/test/charts/mocked_backend/values.yaml
index bf16e3a4..7c20585c 100644
--- a/test/charts/mocked_backend/values.yaml
+++ b/test/charts/mocked_backend/values.yaml
@@ -3,3 +3,5 @@ image:
   tag: latest
   # Avoid accidentally pulling remote images in CI
   pullPolicy: Never
+
+namespace: default-mocked-backend
diff --git a/test/charts/nr_backend/templates/daemonset.yaml b/test/charts/nr_backend/templates/daemonset.yaml
index af2af7cb..2c66bb4e 100644
--- a/test/charts/nr_backend/templates/daemonset.yaml
+++ b/test/charts/nr_backend/templates/daemonset.yaml
@@ -14,6 +14,7 @@ spec:
       labels:
         app: *app
     spec:
+      serviceAccountName: read-k8s-api-account
       initContainers:
         # Wait for the backend to be up before starting the collector
         - name: wait-for-validation
@@ -29,7 +30,7 @@ spec:
             - name: health
               containerPort: 13133
           env:
-            - name: NODE_NAME
+            - name: KUBE_NODE_NAME
               valueFrom:
                 fieldRef:
                   fieldPath: spec.nodeName
@@ -46,7 +47,7 @@ spec:
                   name: daemonset-secrets
                   key: nrIngestKey
             - name: OTEL_RESOURCE_ATTRIBUTES
-              value: "host.name={{ .Values.collector.hostname }}-$(NODE_NAME)"
+              value: "host.name={{ .Values.collector.hostname }}-$(KUBE_NODE_NAME)"
 ---
 apiVersion: v1
 kind: Secret
diff --git a/test/charts/nr_backend/templates/k8s-api-access.yaml b/test/charts/nr_backend/templates/k8s-api-access.yaml
new file mode 100644
index 00000000..c8aafb15
--- /dev/null
+++ b/test/charts/nr_backend/templates/k8s-api-access.yaml
@@ -0,0 +1,88 @@
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: read-k8s-api-account
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: read-k8s-api-role
+# required rules copied from:
+# - k8seventsreceiever: https://github.com/open-telemetry/opentelemetry-collector-contrib/blob/main/receiver/k8seventsreceiver/README.md#rbac
+rules:
+  - apiGroups:
+      - ""
+    resources:
+      - events
+      - namespaces
+      - namespaces/status
+      - nodes
+      - nodes/spec
+      - pods
+      - pods/status
+      - replicationcontrollers
+      - replicationcontrollers/status
+      - resourcequotas
+      - services
+    verbs:
+      - get
+      - list
+      - watch
+  - apiGroups:
+      - apps
+    resources:
+      - daemonsets
+      - deployments
+      - replicasets
+      - statefulsets
+    verbs:
+      - get
+      - list
+      - watch
+  - apiGroups:
+      - extensions
+    resources:
+      - daemonsets
+      - deployments
+      - replicasets
+    verbs:
+      - get
+      - list
+      - watch
+  - apiGroups:
+      - batch
+    resources:
+      - jobs
+      - cronjobs
+    verbs:
+      - get
+      - list
+      - watch
+  - apiGroups:
+      - autoscaling
+    resources:
+      - horizontalpodautoscalers
+    verbs:
+      - get
+      - list
+      - watch
+  # kubeletstatsreceiver: https://github.com/open-telemetry/opentelemetry-collector-contrib/tree/main/receiver/kubeletstatsreceiver#role-based-access-control
+  - apiGroups: [ "" ]
+    resources: [ "nodes/stats" ]
+    verbs: [ "get" ]
+  - apiGroups: [ "" ]
+    resources: [ "nodes/proxy" ]
+    verbs: [ "get" ]
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: read-k8s-api-binding
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: read-k8s-api-role
+subjects:
+  - kind: ServiceAccount
+    name: read-k8s-api-account
+    namespace: {{ .Values.namespace }}
\ No newline at end of file
diff --git a/test/charts/nr_backend/values.yaml b/test/charts/nr_backend/values.yaml
index fc8c31bc..1a118da5 100644
--- a/test/charts/nr_backend/values.yaml
+++ b/test/charts/nr_backend/values.yaml
@@ -9,4 +9,6 @@ secrets:
   nrIngestKey: PLACEHOLDER
 
 collector:
-  hostname: nr-otel-collector-default-hostname
\ No newline at end of file
+  hostname: nr-otel-collector-default-hostname
+
+namespace: default-nr-backend
\ No newline at end of file
diff --git a/test/e2e/Makefile b/test/e2e/Makefile
index 0314e9e9..63c941ba 100644
--- a/test/e2e/Makefile
+++ b/test/e2e/Makefile
@@ -64,7 +64,7 @@ ci_test:
 ################
 #### LOCAL #####
 ################
-MOST_RECENT_IMAGE_TAG := $(shell docker images -a --filter 'reference=newrelic/${DISTRO}' '--format={{.CreatedAt}} {{.Tag}}' | sort -r | head -n1 | awk '{print $$NF}')
+MOST_RECENT_IMAGE_TAG := $(shell docker images -a --filter 'reference=newrelic/${DISTRO}' '--format={{.CreatedAt}} {{.Tag}}' | sort -r | grep 'arm64' | head -n1 | awk '{print $$NF}')
 
 .PHONY: local_create-cluster-if-not-exists
 local_create-cluster-if-not-exists:
diff --git a/test/e2e/hostmetrics/hostmetrics_test.go b/test/e2e/hostmetrics/hostmetrics_test.go
index 0f66299f..dbfcd6be 100644
--- a/test/e2e/hostmetrics/hostmetrics_test.go
+++ b/test/e2e/hostmetrics/hostmetrics_test.go
@@ -6,8 +6,6 @@ import (
 	"fmt"
 	httphelper "github.com/gruntwork-io/terratest/modules/http-helper"
 	"github.com/gruntwork-io/terratest/modules/k8s"
-	corev1 "k8s.io/api/core/v1"
-	"log"
 	"strings"
 	"test/e2e/util/chart"
 	helmutil "test/e2e/util/helm"
@@ -33,33 +31,18 @@ type ValidationPayload struct {
 	Transactions     uint32 `json:"transactions"`
 }
 
-type testEnv struct {
-	teardown     func(tb testing.TB)
-	collectorPod corev1.Pod
-}
-
-func setupTest(tb testing.TB) testEnv {
-	collectorPod := k8sutil.WaitForCollectorReady(tb, kubectlOptions)
-
-	return testEnv{collectorPod: collectorPod, teardown: func(tb testing.TB) {
-		log.Println("teardown test")
-	}}
-}
-
 func TestStartupBehavior(t *testing.T) {
 	testutil.TagAsFastTest(t)
 	kubectlOptions = k8sutil.NewKubectlOptions(TestNamespace)
-	testChart = chart.MockedBackend
+	testChart = chart.NewMockedBackendChart(kubectlOptions.Namespace)
 	testId = testutil.NewTestId()
-	cleanup := helmutil.ApplyChart(t, kubectlOptions, testChart.AsChart(), "hostmetrics-startup", testId)
-	defer cleanup()
+	helmutil.ApplyChart(t, kubectlOptions, testChart.AsChart(), "hostmetrics-startup", testId)
 
 	t.Run("healthcheck succeeds", func(t *testing.T) {
-		te := setupTest(t)
-		defer te.teardown(t)
+		collectorPod := k8sutil.WaitForCollectorReady(t, kubectlOptions)
 
-		tunnel := k8s.NewTunnel(kubectlOptions, k8s.ResourceTypePod, te.collectorPod.Name, 13133, 13133)
-		defer tunnel.Close()
+		tunnel := k8s.NewTunnel(kubectlOptions, k8s.ResourceTypePod, collectorPod.Name, 13133, 13133)
+		t.Cleanup(tunnel.Close)
 		tunnel.ForwardPort(t)
 
 		url := fmt.Sprintf("http://%s/", tunnel.Endpoint())
@@ -71,15 +54,13 @@ func TestStartupBehavior(t *testing.T) {
 	})
 
 	t.Run("validation-backend logs indicate processed metrics", func(t *testing.T) {
-		te := setupTest(t)
-		defer te.teardown(t)
-
+		k8sutil.WaitForCollectorReady(t, kubectlOptions)
 		tunnel := k8s.NewTunnel(kubectlOptions, k8s.ResourceTypeService, "validation-backend", 8080, 8080)
-		defer tunnel.Close()
+		t.Cleanup(tunnel.Close)
 		tunnel.ForwardPort(t)
 		url := fmt.Sprintf("http://%s/validate", tunnel.Endpoint())
 
-		httphelper.HttpGetWithRetryWithCustomValidation(t, url, nil, 3, 3*time.Second, func(statusCode int, body string) bool {
+		httphelper.HttpGetWithRetryWithCustomValidation(t, url, nil, 10, 5*time.Second, func(statusCode int, body string) bool {
 
 			if statusCode != 200 {
 				return false
diff --git a/test/e2e/hostmetrics_slow/hostmetrics_slow_test.go b/test/e2e/hostmetrics_slow/hostmetrics_slow_test.go
index cf89d314..7bb0a54d 100644
--- a/test/e2e/hostmetrics_slow/hostmetrics_slow_test.go
+++ b/test/e2e/hostmetrics_slow/hostmetrics_slow_test.go
@@ -3,8 +3,6 @@ package hostmetrics
 import (
 	"fmt"
 	"github.com/gruntwork-io/terratest/modules/k8s"
-	corev1 "k8s.io/api/core/v1"
-	"log"
 	"test/e2e/util/assert"
 	"test/e2e/util/chart"
 	helmutil "test/e2e/util/helm"
@@ -25,20 +23,6 @@ var (
 	testChart      chart.NrBackendChart
 )
 
-type testEnv struct {
-	teardown     func(tb testing.TB)
-	collectorPod corev1.Pod
-}
-
-func setupTest(tb testing.TB) testEnv {
-	collectorPod := k8sutil.WaitForCollectorReady(tb, kubectlOptions)
-
-	return testEnv{collectorPod: collectorPod, teardown: func(tb testing.TB) {
-		log.Println("teardown test")
-	}}
-
-}
-
 func TestStartupBehavior(t *testing.T) {
 	testutil.TagAsSlowTest(t)
 	kubectlOptions = k8sutil.NewKubectlOptions(TestNamespace)
@@ -46,12 +30,8 @@ func TestStartupBehavior(t *testing.T) {
 	testChart = chart.NewNrBackendChart(testId)
 
 	t.Logf("hostname used for test: %s", testChart.NrQueryHostNamePattern)
-	cleanup := helmutil.ApplyChart(t, kubectlOptions, testChart.AsChart(), "hostmetrics-startup", testId)
-	t.Cleanup(cleanup)
-	te := setupTest(t)
-	t.Cleanup(func() {
-		te.teardown(t)
-	})
+	helmutil.ApplyChart(t, kubectlOptions, testChart.AsChart(), "hostmetrics-startup", testId)
+	k8sutil.WaitForCollectorReady(t, kubectlOptions)
 	// wait for at least one default metric harvest cycle (60s) and some buffer to allow NR ingest to process data
 	time.Sleep(70 * time.Second)
 	// space out requests to not run into 25 concurrent request limit
diff --git a/test/e2e/util/chart/mocked_backend.go b/test/e2e/util/chart/mocked_backend.go
index 2df9c621..f05bf83b 100644
--- a/test/e2e/util/chart/mocked_backend.go
+++ b/test/e2e/util/chart/mocked_backend.go
@@ -6,9 +6,14 @@ import (
 )
 
 type MockedBackendChart struct {
+	namespace string
 }
 
-var MockedBackend = MockedBackendChart{}
+func NewMockedBackendChart(namespace string) MockedBackendChart {
+	return MockedBackendChart{
+		namespace: namespace,
+	}
+}
 
 func (m *MockedBackendChart) AsChart() Chart {
 	var chart Chart = m
@@ -25,5 +30,6 @@ func (m *MockedBackendChart) RequiredChartValues() map[string]string {
 	return map[string]string{
 		"image.repository": fmt.Sprintf("newrelic/%s", envutil.GetDistro()),
 		"image.tag":        envutil.GetImageTag(),
+		"namespace":        m.namespace,
 	}
 }
diff --git a/test/e2e/util/helm/helm.go b/test/e2e/util/helm/helm.go
index 81b8f600..dc3fa53b 100644
--- a/test/e2e/util/helm/helm.go
+++ b/test/e2e/util/helm/helm.go
@@ -27,12 +27,12 @@ func NewHelmOptions(kubectlOptions *k8s.KubectlOptions, chartValues map[string]s
 	}
 }
 
-func ApplyChart(t *testing.T, kubectlOptions *k8s.KubectlOptions, chart chart.Chart, releaseNameSuffix string, testId string) func() {
+func ApplyChart(t *testing.T, kubectlOptions *k8s.KubectlOptions, chart chart.Chart, releaseNameSuffix string, testId string) {
 	releaseName := fmt.Sprintf("%s-%s", releaseNameSuffix, testId)
 	helmOptions := NewHelmOptions(kubectlOptions, chart.RequiredChartValues())
 	helm.Install(t, helmOptions, chart.Meta().ChartPath(), releaseName)
-	return func() {
+	t.Cleanup(func() {
 		t.Log("Cleanup 'ApplyChart': delete helm chart")
 		helm.Delete(t, helmOptions, releaseName, true)
-	}
+	})
 }
diff --git a/test/e2e/util/k8s/k8s.go b/test/e2e/util/k8s/k8s.go
index 6a61ad41..c3cac509 100644
--- a/test/e2e/util/k8s/k8s.go
+++ b/test/e2e/util/k8s/k8s.go
@@ -5,11 +5,22 @@ import (
 	"github.com/gruntwork-io/terratest/modules/k8s"
 	corev1 "k8s.io/api/core/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"strings"
 	envutil "test/e2e/util/env"
 	"testing"
 	"time"
 )
 
+const (
+	collectorContainerName = "nrdot-collector"
+)
+
+var (
+	collectorFilter = metav1.ListOptions{
+		LabelSelector: "app=nrdot-collector",
+	}
+)
+
 func NewKubectlOptions(namespacePrefix string) *k8s.KubectlOptions {
 	namespace := newTestNamespace(namespacePrefix, envutil.GetDistro())
 	contextName := envutil.GetK8sContextName()
@@ -21,14 +32,29 @@ func newTestNamespace(namespacePrefix string, distro string) string {
 }
 
 func WaitForCollectorReady(tb testing.TB, kubectlOptions *k8s.KubectlOptions) corev1.Pod {
-	filters := metav1.ListOptions{
-		LabelSelector: "app=nrdot-collector",
-	}
-	k8s.WaitUntilNumPodsCreated(tb, kubectlOptions, filters, 1, 30, 10*time.Second)
-
-	pods := k8s.ListPods(tb, kubectlOptions, filters)
+	logCollectorLogsOnFail(tb, kubectlOptions)
+	// ensure to fail before running into overall test timeout to allow cleanups to run
+	k8s.WaitUntilNumPodsCreated(tb, kubectlOptions, collectorFilter, 1, 6, 10*time.Second)
+	pods := k8s.ListPods(tb, kubectlOptions, collectorFilter)
 	for _, pod := range pods {
-		k8s.WaitUntilPodAvailable(tb, kubectlOptions, pod.Name, 30, 10*time.Second)
+		// ensure to fail before running into overall test timeout to allow cleanups to run
+		k8s.WaitUntilPodAvailable(tb, kubectlOptions, pod.Name, 6, 10*time.Second)
 	}
 	return pods[0]
 }
+
+func logCollectorLogsOnFail(tb testing.TB, kubectlOptions *k8s.KubectlOptions) {
+	tb.Cleanup(func() {
+		if tb.Failed() {
+			pods := k8s.ListPods(tb, kubectlOptions, collectorFilter)
+			var logs []string
+			for _, pod := range pods {
+				logs = append(logs, fmt.Sprintf("==========START Collector logs for pod %s:==========", pod.Name))
+				logs = append(logs, k8s.GetPodLogs(tb, kubectlOptions, &pod, collectorContainerName))
+				logs = append(logs, fmt.Sprintf("==========END Collector logs for pod %s:==========", pod.Name))
+			}
+			toLog := strings.Join(logs, "\n")
+			tb.Log(toLog)
+		}
+	})
+}

From 68fb79ac8836bb00c6fc1f6956854ed634ef0623 Mon Sep 17 00:00:00 2001
From: kbauer <kbauer@newrelic.com>
Date: Thu, 13 Feb 2025 15:34:26 -0800
Subject: [PATCH 2/4] refactor: rename node/cluster to daemonset/deployment

---
 cmd/goreleaser/internal/configure.go                      | 2 +-
 .../nrdot-collector-k8s/.goreleaser-nightly.yaml          | 8 ++++----
 distributions/nrdot-collector-k8s/.goreleaser.yaml        | 8 ++++----
 distributions/nrdot-collector-k8s/Dockerfile              | 6 +++---
 distributions/nrdot-collector-k8s/README.md               | 6 +++---
 .../{config-node.yaml => config-daemonset.yaml}           | 0
 .../{config-cluster.yaml => config-deployment.yaml}       | 0
 distributions/nrdot-collector-k8s/sync-configs.sh         | 8 +++-----
 8 files changed, 18 insertions(+), 20 deletions(-)
 rename distributions/nrdot-collector-k8s/{config-node.yaml => config-daemonset.yaml} (100%)
 rename distributions/nrdot-collector-k8s/{config-cluster.yaml => config-deployment.yaml} (100%)

diff --git a/cmd/goreleaser/internal/configure.go b/cmd/goreleaser/internal/configure.go
index a52b50aa..966a9701 100644
--- a/cmd/goreleaser/internal/configure.go
+++ b/cmd/goreleaser/internal/configure.go
@@ -54,7 +54,7 @@ var (
 	DockerIncludedConfigs = map[string][]string{
 		LegacyDistro: {"config.yaml"},
 		HostDistro:   {"config.yaml"},
-		K8sDistro:    {"config-node.yaml", "config-cluster.yaml"},
+		K8sDistro:    {"config-daemonset.yaml", "config-deployment.yaml"},
 	}
 	K8sDockerSkipArchs = map[string]bool{"arm": true, "386": true}
 	K8sGoos            = []string{"linux"}
diff --git a/distributions/nrdot-collector-k8s/.goreleaser-nightly.yaml b/distributions/nrdot-collector-k8s/.goreleaser-nightly.yaml
index 0a68cf90..3d2e7c96 100644
--- a/distributions/nrdot-collector-k8s/.goreleaser-nightly.yaml
+++ b/distributions/nrdot-collector-k8s/.goreleaser-nightly.yaml
@@ -32,8 +32,8 @@ dockers:
       - '{{ .Env.REGISTRY }}/nrdot-collector-k8s:{{ .Version }}-nightly-amd64'
       - '{{ .Env.REGISTRY }}/nrdot-collector-k8s:nightly-amd64'
     extra_files:
-      - config-node.yaml
-      - config-cluster.yaml
+      - config-daemonset.yaml
+      - config-deployment.yaml
     build_flag_templates:
       - --pull
       - --platform=linux/amd64
@@ -51,8 +51,8 @@ dockers:
       - '{{ .Env.REGISTRY }}/nrdot-collector-k8s:{{ .Version }}-nightly-arm64'
       - '{{ .Env.REGISTRY }}/nrdot-collector-k8s:nightly-arm64'
     extra_files:
-      - config-node.yaml
-      - config-cluster.yaml
+      - config-daemonset.yaml
+      - config-deployment.yaml
     build_flag_templates:
       - --pull
       - --platform=linux/arm64
diff --git a/distributions/nrdot-collector-k8s/.goreleaser.yaml b/distributions/nrdot-collector-k8s/.goreleaser.yaml
index 22aefe1e..e1470bd6 100644
--- a/distributions/nrdot-collector-k8s/.goreleaser.yaml
+++ b/distributions/nrdot-collector-k8s/.goreleaser.yaml
@@ -32,8 +32,8 @@ dockers:
       - newrelic/nrdot-collector-k8s:{{ .Version }}-amd64
       - newrelic/nrdot-collector-k8s:latest-amd64
     extra_files:
-      - config-node.yaml
-      - config-cluster.yaml
+      - config-daemonset.yaml
+      - config-deployment.yaml
     build_flag_templates:
       - --pull
       - --platform=linux/amd64
@@ -51,8 +51,8 @@ dockers:
       - newrelic/nrdot-collector-k8s:{{ .Version }}-arm64
       - newrelic/nrdot-collector-k8s:latest-arm64
     extra_files:
-      - config-node.yaml
-      - config-cluster.yaml
+      - config-daemonset.yaml
+      - config-deployment.yaml
     build_flag_templates:
       - --pull
       - --platform=linux/arm64
diff --git a/distributions/nrdot-collector-k8s/Dockerfile b/distributions/nrdot-collector-k8s/Dockerfile
index 6b1f40e7..8dfba01f 100644
--- a/distributions/nrdot-collector-k8s/Dockerfile
+++ b/distributions/nrdot-collector-k8s/Dockerfile
@@ -8,11 +8,11 @@ USER ${USER_UID}
 
 COPY --from=certs /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/ca-certificates.crt
 COPY --chmod=755 nrdot-collector-k8s /nrdot-collector-k8s
-COPY config-node.yaml /etc/nrdot-collector-k8s/config-node.yaml
-COPY config-cluster.yaml /etc/nrdot-collector-k8s/config-cluster.yaml
+COPY config-daemonset.yaml /etc/nrdot-collector-k8s/config-daemonset.yaml
+COPY config-deployment.yaml /etc/nrdot-collector-k8s/config-deployment.yaml
 
 ENTRYPOINT ["/nrdot-collector-k8s"]
-CMD ["--config", "/etc/nrdot-collector-k8s/config-node.yaml"]
+CMD ["--config", "/etc/nrdot-collector-k8s/config-daemonset.yaml"]
 
 # `4137` and `4318`: OTLP
 EXPOSE 4317 4318
\ No newline at end of file
diff --git a/distributions/nrdot-collector-k8s/README.md b/distributions/nrdot-collector-k8s/README.md
index ade12ac0..06a71510 100644
--- a/distributions/nrdot-collector-k8s/README.md
+++ b/distributions/nrdot-collector-k8s/README.md
@@ -3,10 +3,10 @@
 Note: See [general README](../README.md) for information that applies to all distributions.
 
 A distribution of the NRDOT collector focused on gathering metrics in a kubernetes environment with two different configs:
-- [config-node.yaml](./config-node.yaml) (default): Collects node-level metrics via `hostmetricsreceiver`, `filelogreceiver`, `kubeletstatsreceiver` and `prometheusreceiver` (`cAdvisor`, `kubelet`)
-- [config-cluster.yaml](./config-cluster.yaml): Collects cluster-level metrics via `k8seventsreceiver`,  `prometheusreceiver` (`kube-state-metrics`, `apiserver`, `controller-manager`, `scheduler`). Can be enabled by overriding the default docker `CMD`, i.e. `--config /etc/nrdot-collector-k8s/config-cluster.yaml`
+- [config-daemonset.yaml](./config-daemonset.yaml) (default): Typically deployed as a `DaemonSet`. Collects node-level metrics via `hostmetricsreceiver`, `filelogreceiver`, `kubeletstatsreceiver` and `prometheusreceiver` (`cAdvisor`, `kubelet`).
+- [config-deployment.yaml](./config-deployment.yaml): Typically deployed as a `Deployment`. Collects cluster-level metrics via `k8seventsreceiver`,  `prometheusreceiver` (`kube-state-metrics`, `apiserver`, `controller-manager`, `scheduler`). Can be enabled by overriding the default docker `CMD`, i.e. `--config /etc/nrdot-collector-k8s/config-deployment.yaml`.
 
-Distribution is available as docker image and runs in `node` mode by default.
+Distribution is available as docker image and runs in `daemonset` mode by default.
 
 ## Additional Configuration
 
diff --git a/distributions/nrdot-collector-k8s/config-node.yaml b/distributions/nrdot-collector-k8s/config-daemonset.yaml
similarity index 100%
rename from distributions/nrdot-collector-k8s/config-node.yaml
rename to distributions/nrdot-collector-k8s/config-daemonset.yaml
diff --git a/distributions/nrdot-collector-k8s/config-cluster.yaml b/distributions/nrdot-collector-k8s/config-deployment.yaml
similarity index 100%
rename from distributions/nrdot-collector-k8s/config-cluster.yaml
rename to distributions/nrdot-collector-k8s/config-deployment.yaml
diff --git a/distributions/nrdot-collector-k8s/sync-configs.sh b/distributions/nrdot-collector-k8s/sync-configs.sh
index 413c9042..eb06911e 100755
--- a/distributions/nrdot-collector-k8s/sync-configs.sh
+++ b/distributions/nrdot-collector-k8s/sync-configs.sh
@@ -14,12 +14,10 @@ rendered_helm_chart=$(helm template "test-render-$(date +%s)" newrelic/nr-k8s-ot
 script_name=$(basename "$0")
 script_dir=$(realpath "$(dirname "${BASH_SOURCE[0]}")")
 k8s_distro_dir="${script_dir}"
-node_config="${k8s_distro_dir}/config-node.yaml"
-cluster_config="${k8s_distro_dir}/config-cluster.yaml"
 
 function extract_config_with_overwritable_defaults() {
   local helm_deploy_type="${1}"
-  local output_file="${2}"
+  local output_file="${k8s_distro_dir}/config-${helm_deploy_type}.yaml"
   echo "$rendered_helm_chart" |
     {
       yq "(select(.kind == \"ConfigMap\" and (.metadata.name | contains(\"${helm_deploy_type}-config\"))) | .data[\"${helm_deploy_type}-config.yaml\"])"
@@ -43,8 +41,8 @@ function extract_config_with_overwritable_defaults() {
     echo "Config '${helm_deploy_type}' written to ${output_file}"
 }
 
-extract_config_with_overwritable_defaults 'daemonset' "${node_config}"
-extract_config_with_overwritable_defaults 'deployment' "${cluster_config}"
+extract_config_with_overwritable_defaults 'daemonset'
+extract_config_with_overwritable_defaults 'deployment'
 
 
 

From 05c9fc57bf46e6805fa11723cb027bc46624fc3a Mon Sep 17 00:00:00 2001
From: kbauer <kbauer@newrelic.com>
Date: Thu, 13 Feb 2025 16:01:25 -0800
Subject: [PATCH 3/4] fix: namespace test cluster by distro

---
 .github/workflows/ci.yaml | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
index f413cee8..103f3273 100644
--- a/.github/workflows/ci.yaml
+++ b/.github/workflows/ci.yaml
@@ -22,7 +22,8 @@ jobs:
     uses: ./.github/workflows/ci-base.yaml
     with:
       distribution: ${{ matrix.distribution }}
-      test_cluster_name: 'ci-e2etest'
+      # namespace by distro to avoid issues with cleanup (distro 1 still running tests while distro 2 cleans up cluster)
+      test_cluster_name: 'ci-e2etest-${{ matrix.distribution }}'
     secrets:
       docker_hub_username: ${{ secrets.OTELCOMM_DOCKER_HUB_USERNAME }}
       docker_hub_password: ${{ secrets.OTELCOMM_DOCKER_HUB_PASSWORD }}

From e3dc0b6409149f7b6f4a736cf2e67d28a8d499ea Mon Sep 17 00:00:00 2001
From: kbauer <kbauer@newrelic.com>
Date: Tue, 18 Feb 2025 08:51:12 -0800
Subject: [PATCH 4/4] docs: document difference between helm and distro

---
 distributions/nrdot-collector-k8s/README.md       | 10 ++++++++--
 distributions/nrdot-collector-k8s/sync-configs.sh |  2 +-
 2 files changed, 9 insertions(+), 3 deletions(-)

diff --git a/distributions/nrdot-collector-k8s/README.md b/distributions/nrdot-collector-k8s/README.md
index 06a71510..7842effe 100644
--- a/distributions/nrdot-collector-k8s/README.md
+++ b/distributions/nrdot-collector-k8s/README.md
@@ -12,8 +12,14 @@ Distribution is available as docker image and runs in `daemonset` mode by defaul
 
 See [general README](../README.md) for information that applies to all distributions.
 
-### nrdot-collector-k8s
 | Environment Variable | Description | Default |
 |---|---|---|
 | `K8S_CLUSTER_NAME` | Kubernetes Cluster Name used to populate attributes like `k8s.cluster.name` | `cluster-name-placeholder` |
-| `MY_POD_IP` | Pod IP to configure `otlpreceiver` | `cluster-name-placeholder` |
\ No newline at end of file
+| `MY_POD_IP` | Pod IP to configure `otlpreceiver` | `cluster-name-placeholder` |
+
+## Distro vs Helm Chart
+The initial choice of components and configuration of this distribution was driven by the [nr-k8s-otel-collector](https://github.com/newrelic/helm-charts/tree/master/charts/nr-k8s-otel-collector) helm chart. However, the helm templating syntax is more expressive than the collector configuration and should be used if possible. The configurations embedded in the distro are intended as a stable default with minimal setup for users who cannot use the helm chart but still want to monitor their k8s cluster with the NRDOT collector.
+
+Key differences are formally documented in [the script that ensures the configurations stay in-sync](./sync-configs.sh) and can be summarized as:
+- `lowDataMode: false` is hardcoded and cannot be toggled (easily - it is always possible to overwrite the config with native collector options)
+- `hostmetricsreceiver` in the daemonset config does not assume that the [host file system is mounted](https://github.com/open-telemetry/opentelemetry-collector-contrib/blob/main/receiver/hostmetricsreceiver/README.md#collecting-host-metrics-from-inside-a-container-linux-only), thus providing metrics about its container and not the host node.
\ No newline at end of file
diff --git a/distributions/nrdot-collector-k8s/sync-configs.sh b/distributions/nrdot-collector-k8s/sync-configs.sh
index eb06911e..caf9173b 100755
--- a/distributions/nrdot-collector-k8s/sync-configs.sh
+++ b/distributions/nrdot-collector-k8s/sync-configs.sh
@@ -25,7 +25,7 @@ function extract_config_with_overwritable_defaults() {
       # strip away all comments
       yq '... comments=""'
     } | {
-      # remove linux-only configuration
+      # remove configuration requiring mounted host filesystem
       yq 'del(.receivers.hostmetrics.root_path)'
     } | {
       # expose ingest endpoint via env var to align with other distros