tracer

package

v1.8.0-crc0 Latest Latest Go to latest Published: Feb 4, 2025 License: Apache-2.0 Imports: 29 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/netobserv/netobserv-ebpf-agent

Links

Open Source Insights

Documentation ¶

Index ¶

func ConvertFilterPortsToInstr(intPort int32, rangePorts, ports string) intstr.IntOrString
type Filter
- func NewFilter(cfg []*FilterConfig) *Filter
- func (f *Filter) ProgramFilter(objects *ebpf.BpfObjects) error
type FilterConfig
type FlowFetcher
- func NewFlowFetcher(cfg *FlowFetcherConfig) (*FlowFetcher, error)
type FlowFetcherConfig
type PacketFetcher
- func NewPacketFetcher(cfg *FlowFetcherConfig) (*PacketFetcher, error)

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func ConvertFilterPortsToInstr ¶

func ConvertFilterPortsToInstr(intPort int32, rangePorts, ports string) intstr.IntOrString

Types ¶

type Filter ¶

type Filter struct {
	// contains filtered or unexported fields
}

func NewFilter ¶

func NewFilter(cfg []*FilterConfig) *Filter

func (*Filter) ProgramFilter ¶

func (f *Filter) ProgramFilter(objects *ebpf.BpfObjects) error

type FilterConfig ¶

type FilterConfig struct {
	FilterDirection       string
	FilterIPCIDR          string
	FilterProtocol        string
	FilterSourcePort      intstr.IntOrString
	FilterDestinationPort intstr.IntOrString
	FilterPort            intstr.IntOrString
	FilterIcmpType        int
	FilterIcmpCode        int
	FilterPeerIP          string
	FilterPeerCIDR        string
	FilterAction          string
	FilterTCPFlags        string
	FilterDrops           bool
	FilterSample          uint32
}

type FlowFetcher ¶

type FlowFetcher struct {
	// contains filtered or unexported fields
}

FlowFetcher reads and forwards the Flows from the Traffic Control hooks in the eBPF kernel space. It provides access both to flows that are aggregated in the kernel space (via PerfCPU hashmap) and to flows that are forwarded by the kernel via ringbuffer because could not be aggregated in the map

func NewFlowFetcher ¶

func NewFlowFetcher(cfg *FlowFetcherConfig) (*FlowFetcher, error)

nolint:golint,cyclop

func (*FlowFetcher) AttachTCX ¶

func (m *FlowFetcher) AttachTCX(iface ifaces.Interface) error

func (*FlowFetcher) Close ¶

func (m *FlowFetcher) Close() error

Close the eBPF fetcher from the system. We don't need a "Close(iface)" method because the filters and qdiscs are automatically removed when the interface is down nolint:cyclop

func (*FlowFetcher) DeleteMapsStaleEntries ¶

func (m *FlowFetcher) DeleteMapsStaleEntries(timeOut time.Duration)

DeleteMapsStaleEntries Look for any stale entries in the features maps and delete them

func (*FlowFetcher) DetachTCX ¶

func (m *FlowFetcher) DetachTCX(iface ifaces.Interface) error

func (*FlowFetcher) LookupAndDeleteMap ¶

func (m *FlowFetcher) LookupAndDeleteMap(met *metrics.Metrics) map[ebpf.BpfFlowId]model.BpfFlowContent

LookupAndDeleteMap reads all the entries from the eBPF map and removes them from it. TODO: detect whether BatchLookupAndDelete is supported (Kernel>=5.6) and use it selectively Supported Lookup/Delete operations by kernel: https://github.com/iovisor/bcc/blob/master/docs/kernel-versions.md

func (*FlowFetcher) ReadGlobalCounter ¶

func (m *FlowFetcher) ReadGlobalCounter(met *metrics.Metrics)

ReadGlobalCounter reads the global counter and updates drop flows counter metrics

func (*FlowFetcher) ReadRingBuf ¶

func (m *FlowFetcher) ReadRingBuf() (ringbuf.Record, error)

func (*FlowFetcher) Register ¶

func (m *FlowFetcher) Register(iface ifaces.Interface) error

Register and links the eBPF fetcher into the system. The program should invoke Unregister before exiting.

func (*FlowFetcher) UnRegister ¶

func (m *FlowFetcher) UnRegister(iface ifaces.Interface) error

type FlowFetcherConfig ¶

type FlowFetcherConfig struct {
	EnableIngress                  bool
	EnableEgress                   bool
	Debug                          bool
	Sampling                       int
	CacheMaxSize                   int
	EnablePktDrops                 bool
	EnableDNSTracker               bool
	DNSTrackerPort                 uint16
	EnableRTT                      bool
	EnableNetworkEventsMonitoring  bool
	NetworkEventsMonitoringGroupID int
	EnableFlowFilter               bool
	EnablePCA                      bool
	EnablePktTranslation           bool
	UseEbpfManager                 bool
	BpfManBpfFSPath                string
	FilterConfig                   []*FilterConfig
}

type PacketFetcher ¶

type PacketFetcher struct {
	// contains filtered or unexported fields
}

It provides access to packets from the kernel space (via PerfCPU hashmap)

func NewPacketFetcher ¶

func NewPacketFetcher(cfg *FlowFetcherConfig) (*PacketFetcher, error)

func (*PacketFetcher) AttachTCX ¶

func (p *PacketFetcher) AttachTCX(iface ifaces.Interface) error

func (*PacketFetcher) Close ¶

func (p *PacketFetcher) Close() error

Close the eBPF fetcher from the system. We don't need an "Close(iface)" method because the filters and qdiscs are automatically removed when the interface is down

func (*PacketFetcher) DetachTCX ¶

func (p *PacketFetcher) DetachTCX(iface ifaces.Interface) error

func (*PacketFetcher) LookupAndDeleteMap ¶

func (p *PacketFetcher) LookupAndDeleteMap(met *metrics.Metrics) map[int][]*byte

func (*PacketFetcher) ReadPerf ¶

func (p *PacketFetcher) ReadPerf() (perf.Record, error)

func (*PacketFetcher) Register ¶

func (p *PacketFetcher) Register(iface ifaces.Interface) error

func (*PacketFetcher) UnRegister ¶

func (p *PacketFetcher) UnRegister(iface ifaces.Interface) error

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL