Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func CiliumAvailable ¶
Types ¶
type Client ¶
type Client interface {
ListEntries(filter EntriesFilter) ([]*Entry, error)
Close() error
}
Client defines the interface for conntrack clients (Netfilter or Cilium)
func NewCiliumClient ¶
func NewCiliumClient(log logr.Logger, clockSource ClockSource) (Client, error)
type ClockSource ¶
type ClockSource string
const ( ClockSourceKtime ClockSource = "ktime" ClockSourceJiffies ClockSource = "jiffies" )
type Config ¶
type Config struct {
ReadInterval time.Duration
CleanupInterval time.Duration
FlushInterval time.Duration
NodeName string
}
Config holds configuration for the monitor
type EnrichedDNSLookup ¶
type EntriesFilter ¶
func FilterBySrcIP ¶
func FilterBySrcIP(ips map[netaddr.IP]struct{}) EntriesFilter
type Entry ¶
type Entry struct {
Src netaddr.IPPort
Dst netaddr.IPPort
TxBytes uint64
TxPackets uint64
RxBytes uint64
RxPackets uint64
Lifetime time.Time
Proto uint8
}
Entry represents a single conntrack entry
type MetricsResponse ¶
type MetricsResponse struct {
NodeName string `json:"node_name"`
Items []*NetworkFlow `json:"items"`
DNSLookups []EnrichedDNSLookup `json:"dns_lookups"`
Ip2Domain map[string]string `json:"ip2domain,omitempty"`
}
type Monitor ¶
type Monitor struct {
// contains filtered or unexported fields
}
Monitor collects network flows using conntrack and aggregates them
func NewMonitor ¶
func NewMonitor(cfg Config, log logr.Logger, podCache *PodCache, ct Client, dnsCollector dns.DNSCollector, dakrClient transport.DakrClient) (*Monitor, error)
NewMonitor creates a new Monitor instance
func (*Monitor) GetMetricsHandler ¶
func (m *Monitor) GetMetricsHandler(w http.ResponseWriter, r *http.Request)
GetMetricsHandler serves the collected metrics NOTE: This currently resets the counters after read (Delta mode), mimicking egressd's behavior
type NetfilterClient ¶
type NetfilterClient struct {
// contains filtered or unexported fields
}
NetfilterClient uses the kernel's conntrack table via Netlink
func (*NetfilterClient) Close ¶
func (c *NetfilterClient) Close() error
func (*NetfilterClient) ListEntries ¶
func (c *NetfilterClient) ListEntries(filter EntriesFilter) ([]*Entry, error)
type NetworkFlow ¶
type NetworkFlow struct {
SrcIP string `json:"src_ip"`
DstIP string `json:"dst_ip"`
SrcDomain string `json:"src_domain,omitempty"`
DstDomain string `json:"dst_domain,omitempty"`
// Pod Metadata
SrcPodName string `json:"src_pod_name,omitempty"`
SrcPodNamespace string `json:"src_pod_namespace,omitempty"`
DstPodName string `json:"dst_pod_name,omitempty"`
DstPodNamespace string `json:"dst_pod_namespace,omitempty"`
Protocol uint8 `json:"protocol"`
DstPort uint16 `json:"dst_port"`
TxBytes uint64 `json:"tx_bytes"`
RxBytes uint64 `json:"rx_bytes"`
TxPackets uint64 `json:"tx_packets"`
RxPackets uint64 `json:"rx_packets"`
Timestamp time.Time `json:"timestamp"`
// contains filtered or unexported fields
}
NetworkFlow represents a single aggregated network flow This matches the conceptual "RawNetworkMetric" from egressd
type PodCache ¶
type PodCache struct {
// contains filtered or unexported fields
}
PodCache watches for pods on the local node and maintains an IP lookup table
func NewPodCache ¶
func NewPodCache(informer cache.SharedIndexInformer) *PodCache
NewPodCache creates a new PodCache using the provided informer. If informer is nil, it returns a cache that relies only on manual updates (standalone mode).
func (*PodCache) GetLocalPodIPs ¶
GetLocalPodIPs returns a map of all local pod IPs
Source Files
Directories