Documentation ¶
Index ¶
Constants ¶
View Source
const ( DefaultExternalFlowCollectorTransport = "tcp" DefaultExternalFlowCollectorPort = "4739" DefaultActiveFlowRecordTimeout = "60s" DefaultInactiveFlowRecordTimeout = "90s" DefaultAggregatorTransportProtocol = "TLS" DefaultRecordFormat = "IPFIX" DefaultClickHouseDatabase = "default" DefaultClickHouseCommitInterval = "8s" MinClickHouseCommitInterval = 1 * time.Second DefaultClickHouseDatabaseUrl = "tcp://clickhouse-clickhouse.flow-visibility.svc:9000" DefaultS3Region = "us-west-2" DefaultS3RecordFormat = "CSV" DefaultS3MaxRecordsPerFile = 1000000 DefaultS3UploadInterval = "60s" MinS3CommitInterval = 1 * time.Second )
Variables ¶
This section is empty.
Functions ¶
func SetConfigDefaults ¶ added in v1.8.0
func SetConfigDefaults(flowAggregatorConf *FlowAggregatorConfig)
Types ¶
type APIServerConfig ¶
type APIServerConfig struct { // APIPort is the port for the antrea-agent APIServer to serve on. // Defaults to 10348. APIPort int `yaml:"apiPort,omitempty"` // Cipher suites to use. TLSCipherSuites string `yaml:"tlsCipherSuites,omitempty"` // TLS min version. TLSMinVersion string `yaml:"tlsMinVersion,omitempty"` }
type AggregatorTransportProtocol ¶ added in v1.8.0
type AggregatorTransportProtocol string
const ( AggregatorTransportProtocolTCP AggregatorTransportProtocol = "TCP" AggregatorTransportProtocolTLS AggregatorTransportProtocol = "TLS" AggregatorTransportProtocolUDP AggregatorTransportProtocol = "UDP" )
type ClickHouseConfig ¶ added in v1.6.0
type ClickHouseConfig struct { // Enable is the switch to enable exporting flow records to ClickHouse. Enable bool `yaml:"enable,omitempty"` // Database is the name of database where Antrea "flows" table is created. Database string `yaml:"database,omitempty"` // DatabaseURL is the url to the database. TCP protocol is required. // Defaults to "tcp://clickhouse-clickhouse.flow-visibility.svc:9000" DatabaseURL string `yaml:"databaseURL,omitempty"` // Debug enables debug logs from ClickHouse sql driver. Defaults to false. Debug bool `yaml:"debug,omitempty"` // Compress enables lz4 compression when committing flow records. Defaults to true. Compress *bool `yaml:"compress,omitempty"` // CommitInterval is the periodical interval between batch commit of flow records to DB. // Defaults to "8s". Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". // Min value allowed is "1s". CommitInterval string `yaml:"commitInterval,omitempty"` }
type FlowAggregatorConfig ¶
type FlowAggregatorConfig struct { // Provide the active flow record timeout as a duration string. This determines // how often the flow aggregator exports the active flow records to the flow // collector. Thus, for flows with a continuous stream of packets, a flow record // will be exported to the collector once the elapsed time since the last export // event in the flow aggregator is equal to the value of this timeout. // Defaults to "60s". Valid time units are "ns", "us" (or "µs"), "ms", "s", // "m", "h". ActiveFlowRecordTimeout string `yaml:"activeFlowRecordTimeout,omitempty"` // Provide the inactive flow record timeout as a duration string. This determines // how often the flow aggregator exports the inactive flow records to the flow // collector. A flow record is considered to be inactive if no matching record // has been received by the flow aggregator in the specified interval. // Defaults to "90s". Valid time units are "ns", "us" (or "µs"), "ms", "s", // "m", "h". InactiveFlowRecordTimeout string `yaml:"inactiveFlowRecordTimeout,omitempty"` // Transport protocol over which the aggregator collects IPFIX records from all Agents. // Defaults to "tls" AggregatorTransportProtocol AggregatorTransportProtocol `yaml:"aggregatorTransportProtocol,omitempty"` // Provide an extra DNS name or IP address of flow aggregator for generating TLS certificate. FlowAggregatorAddress string `yaml:"flowAggregatorAddress,omitempty"` // recordContents enables configuring some fields in the flow records. Fields can be // excluded to reduce record size. RecordContents RecordContentsConfig `yaml:"recordContents,omitempty"` // apiServer contains APIServer related configuration options. APIServer APIServerConfig `yaml:"apiServer,omitempty"` // flowCollector contains external IPFIX or JSON collector related configuration options. FlowCollector FlowCollectorConfig `yaml:"flowCollector,omitempty"` // clickHouse contains ClickHouse related configuration options. ClickHouse ClickHouseConfig `yaml:"clickHouse,omitempty"` // s3Uploader contains configuration options for uploading flow records to AWS S3. S3Uploader S3UploaderConfig `yaml:"s3Uploader,omitempty"` }
type FlowCollectorConfig ¶ added in v1.6.0
type FlowCollectorConfig struct { // Enable is the switch to enable exporting flow records to external flow collector. Enable bool `yaml:"enable,omitempty"` // Provide the flow collector address as string with format <IP>:<port>[:<proto>], where proto is tcp or udp. // If no L4 transport proto is given, we consider tcp as default. // Defaults to "". Address string `yaml:"address,omitempty"` // Provide the 32-bit Observation Domain ID which will uniquely identify this instance of the flow // aggregator to an external flow collector. If omitted, an Observation Domain ID will be generated // from the persistent cluster UUID generated by Antrea. Failing that (e.g. because the cluster UUID // is not available), a value will be randomly generated, which may vary across restarts of the flow // aggregator. ObservationDomainID *uint32 `yaml:"observationDomainID,omitempty"` // Provide format for records sent to the configured flow collector. Supported formats are IPFIX and JSON. // Defaults to "IPFIX" RecordFormat string `yaml:"recordFormat,omitempty"` }
type RecordContentsConfig ¶
type RecordContentsConfig struct {
PodLabels bool `yaml:"podLabels,omitempty"`
}
type S3UploaderConfig ¶ added in v1.9.0
type S3UploaderConfig struct { // Enable is the switch to enable exporting flow records to AWS S3. // At the moment, the flow aggregator will look for the "standard" environment variables to // authenticate to AWS. These can be static credentials (AWS_ACCESS_KEY_ID, // AWS_SECRET_ACCESS_KEY, AWS_SESSION_TOKEN) or a Web Identity Token // (AWS_WEB_IDENTITY_TOKEN_FILE). Enable bool `yaml:"enable,omitempty"` // BucketName is the name of the S3 bucket to which flow records will be uploaded. If this // field is empty, initialization will fail. BucketName string `yaml:"bucketName"` // BucketPrefix is the prefix ("folder") under which flow records will be uploaded. If this // is omitted, flow records will be uploaded to the root of the bucket. BucketPrefix string `yaml:"bucketPrefix,omitempty"` // Region is used as a "hint" to get the region in which the provided bucket is located. // An error will occur if the bucket does not exist in the AWS partition the region hint // belongs to. If region is omitted, the value of the AWS_REGION environment variable will // be used, and if it is missing, we will default to "us-west-2". Region string `yaml:"region,omitempty"` // RecordFormat defines the format of the flow records uploaded to S3. Only "CSV" is // supported at the moment. RecordFormat string `yaml:"recordFormat,omitempty"` // Compress enables gzip compression when uploading files to S3. Defaults to true. Compress *bool `yaml:"compress,omitempty"` // MaxRecordsPerFile is the maximum number of records per file uploaded. It is not recommended // to change this value. Defaults to 1,000,000. MaxRecordsPerFile int32 `yaml:"maxRecordsPerFile,omitempty"` // UploadInterval is the duration between each file upload to S3. UploadInterval string `yaml:"uploadInterval,omitempty"` }
Click to show internal directories.
Click to hide internal directories.