Documentation ¶
Overview ¶
Package workloadmeta provides the workloadmeta component for the Datadog Agent
Index ¶
- Constants
- Variables
- func EntityFilterFuncAcceptAll(_ Entity) bool
- type AgentType
- type Capabilities
- type Collector
- type CollectorEvent
- type CollectorList
- type CollectorProvider
- type Component
- type Container
- type ContainerAllocatedResource
- type ContainerHealth
- type ContainerHealthStatus
- type ContainerImage
- type ContainerImageLayer
- type ContainerImageMetadata
- type ContainerNetwork
- type ContainerPort
- type ContainerResources
- type ContainerRuntime
- type ContainerRuntimeFlavor
- type ContainerSecurityContext
- type ContainerState
- type ContainerStatus
- type ContainerVolume
- type ECSContainer
- type ECSLaunchType
- type ECSTask
- type Entity
- type EntityFilterFunc
- type EntityID
- type EntityMeta
- type Event
- type EventBundle
- type EventType
- type Filter
- func (f *Filter) EventType() EventType
- func (f *Filter) Kinds() []Kind
- func (f *Filter) MatchEntity(entity *Entity) bool
- func (f *Filter) MatchEventType(eventType EventType) bool
- func (f *Filter) MatchKind(kind Kind) bool
- func (f *Filter) MatchSource(source Source) bool
- func (f *Filter) Source() Source
- type FilterBuilder
- func (fb *FilterBuilder) AddKind(kind Kind) *FilterBuilder
- func (fb *FilterBuilder) AddKindWithEntityFilter(kind Kind, entityFilterFunc GenericEntityFilterFunc) *FilterBuilder
- func (fb *FilterBuilder) Build() *Filter
- func (fb *FilterBuilder) SetEventType(eventType EventType) *FilterBuilder
- func (fb *FilterBuilder) SetSource(source Source) *FilterBuilder
- type GPU
- type GPUComputeCapability
- type GenericEntityFilterFunc
- type HostTags
- type InitHelper
- type Kind
- type KubeMetadataEntityID
- type KubernetesDeployment
- type KubernetesMetadata
- type KubernetesPod
- type KubernetesPodOwner
- type MapTags
- type OrchestratorContainer
- type Params
- type PodSecurityContext
- type Process
- type SBOM
- type SBOMStatus
- type SeccompProfile
- type SeccompProfileType
- type Source
- type SubscriberPriority
- type WorkloadDumpResponse
- type WorkloadEntity
Examples ¶
Constants ¶
const ECSTaskKnownStatusStopped = "STOPPED"
ECSTaskKnownStatusStopped is the known status of an ECS task that has stopped.
Variables ¶
var IsNodeMetadata = func(metadata *KubernetesMetadata) bool {
return metadata.GVR.Group == "" && metadata.GVR.Resource == "nodes"
}
IsNodeMetadata is a filter function that returns true if the metadata belongs to a node.
Functions ¶
func EntityFilterFuncAcceptAll ¶
EntityFilterFuncAcceptAll is an entity filter function that accepts any entity.
Types ¶
type Capabilities ¶
Capabilities is the capabilities a certain Container security context is capable of
type Collector ¶
type Collector interface { // Start starts a collector. The collector should run until the context // is done. It also gets a reference to the store that started it so it // can use Notify, or get access to other entities in the store. Start(context.Context, Component) error // Pull triggers an entity collection. To be used by collectors that // don't have streaming functionality, and called periodically by the // store. Pull(context.Context) error // GetID returns the identifier for the respective component. GetID() string // GetTargetCatalog gets the expected catalog. GetTargetCatalog() AgentType }
Collector is responsible for collecting metadata about workloads.
type CollectorEvent ¶
CollectorEvent is an event generated by a metadata collector, to be handled by the metadata store.
type CollectorProvider ¶
CollectorProvider is the collector fx value group
type Component ¶
type Component interface { // Subscribe subscribes the caller to events representing changes to the // store, limited to events matching the filter. The name is used for // telemetry and debugging. // // The first message on the channel is special: it contains an EventTypeSet // event for each entity currently in the store. If the Subscribe call // occurs at agent startup, then the first message approximates entities // that were running before the agent started. This is an inherently racy // distinction, but may be useful for decisions such as whether to begin // logging at the head or tail of an entity's logs. // // Multiple EventTypeSet messages may be sent, either as the entity's state // evolves or as information about the entity is reported from multiple // sources (such as a container runtime and an orchestrator). // // See the documentation for EventBundle regarding appropriate handling // for messages on this channel. Subscribe(name string, priority SubscriberPriority, filter *Filter) chan EventBundle // Unsubscribe closes the EventBundle channel. Note that it will emit a zero-value event. // Thus, it is important to check that the channel is not closed. Unsubscribe(ch chan EventBundle) // GetContainer returns metadata about a container. It fetches the entity // with kind KindContainer and the given ID. GetContainer(id string) (*Container, error) // ListContainers returns metadata about all known containers, equivalent // to all entities with kind KindContainer. ListContainers() []*Container // ListContainersWithFilter returns all the containers for which the passed // filter evaluates to true. ListContainersWithFilter(filter EntityFilterFunc[*Container]) []*Container // GetKubernetesPod returns metadata about a Kubernetes pod. It fetches // the entity with kind KindKubernetesPod and the given ID. GetKubernetesPod(id string) (*KubernetesPod, error) // GetKubernetesPodForContainer retrieves the ownership information for the // given container and returns the owner pod. This information might lag because // the kubelet check sets the `Owner` field but a container can also be stored by CRI // checks, which do not have ownership info. Thus, the function might return an error // when the pod actually exists. GetKubernetesPodForContainer(containerID string) (*KubernetesPod, error) // GetKubernetesPodByName returns the first pod whose name and namespace matches those passed in // to this function. GetKubernetesPodByName(podName, podNamespace string) (*KubernetesPod, error) // GetKubernetesDeployment returns metadata about a Kubernetes deployment. It fetches // the entity with kind KindKubernetesDeployment and the given ID. GetKubernetesDeployment(id string) (*KubernetesDeployment, error) // GetKubernetesMetadata returns metadata about a Kubernetes resource. It fetches // the entity with kind KubernetesMetadata and the given ID. GetKubernetesMetadata(id KubeMetadataEntityID) (*KubernetesMetadata, error) // ListKubernetesMetadata returns all the kubernetes metadata objects for // which the passed filter evaluates to true. ListKubernetesMetadata(filterFunc EntityFilterFunc[*KubernetesMetadata]) []*KubernetesMetadata // ListECSTasks returns metadata about all ECS tasks, equivalent to all // entities with kind KindECSTask. ListECSTasks() []*ECSTask // GetECSTask returns metadata about an ECS task. It fetches the entity with // kind KindECSTask and the given ID. GetECSTask(id string) (*ECSTask, error) // ListImages returns metadata about all known images, equivalent to all // entities with kind KindContainerImageMetadata. ListImages() []*ContainerImageMetadata // GetImage returns metadata about a container image. It fetches the entity // with kind KindContainerImageMetadata and the given ID. GetImage(id string) (*ContainerImageMetadata, error) // GetProcess returns metadata about a process. It fetches the entity // with kind KindProcess and the given ID. GetProcess(pid int32) (*Process, error) // ListProcesses returns metadata about all known processes, equivalent // to all entities with kind KindProcess. ListProcesses() []*Process // GetGPU returns metadata about a GPU device. It fetches the entity // with kind KindGPU and the given ID. GetGPU(id string) (*GPU, error) // ListGPUs returns metadata about all known GPU devices, equivalent // to all entities with kind KindGPU. ListGPUs() []*GPU // ListProcessesWithFilter returns all the processes for which the passed // filter evaluates to true. ListProcessesWithFilter(filterFunc EntityFilterFunc[*Process]) []*Process // Notify notifies the store with a slice of events. It should only be // used by workloadmeta collectors. Notify(events []CollectorEvent) // Dump lists the content of the store, for debugging purposes. Dump(verbose bool) WorkloadDumpResponse // ResetProcesses resets the state of the store so that newProcesses are the // only entites stored. ResetProcesses(newProcesses []Entity, source Source) // Reset resets the state of the store so that newEntities are the only // entities stored. This function sends events to the subscribers in the // following cases: // - EventTypeSet: one for each entity in newEntities that doesn't exist in // the store. Also, when the entity exists, but with different values. // - EventTypeUnset: one for each entity that exists in the store but is not // present in newEntities. Reset(newEntities []Entity, source Source) // Push allows external sources to push events to the metadata store. // Only EventTypeSet and EventTypeUnset event types are allowed. Push(source Source, events ...Event) error }
Component is the component type.
type Container ¶
type Container struct { EntityID EntityMeta // ECSContainer contains properties specific to container running in ECS *ECSContainer // EnvVars are limited to variables included in pkg/util/containers/env_vars_filter.go EnvVars map[string]string Hostname string Image ContainerImage NetworkIPs map[string]string PID int Ports []ContainerPort Runtime ContainerRuntime RuntimeFlavor ContainerRuntimeFlavor State ContainerState // CollectorTags represent tags coming from the collector itself // and that it would be impossible to compute later on CollectorTags []string Owner *EntityID SecurityContext *ContainerSecurityContext Resources ContainerResources // AllocatedResources is the list of resources allocated to this pod. Requires the // PodResources API to query that data. AllocatedResources []ContainerAllocatedResource // CgroupPath is a path to the cgroup of the container. // It can be relative to the cgroup parent. // Linux only. CgroupPath string RestartCount int }
Container is an Entity representing a containerized workload.
type ContainerAllocatedResource ¶
type ContainerAllocatedResource struct { // Name is the name of the resource as defined in the pod spec (e.g. "nvidia.com/gpu"). Name string // ID is the unique ID of the resource, the format depends on the provider ID string }
ContainerAllocatedResource is a resource allocated to a container, consisting of a name and an ID.
func (ContainerAllocatedResource) String ¶
func (c ContainerAllocatedResource) String() string
type ContainerHealth ¶
type ContainerHealth string
ContainerHealth is the health of the container
const ( ContainerHealthUnknown ContainerHealth = "unknown" ContainerHealthHealthy ContainerHealth = "healthy" ContainerHealthUnhealthy ContainerHealth = "unhealthy" )
Defined ContainerHealth
type ContainerHealthStatus ¶
ContainerHealthStatus is the health status of a container
func (ContainerHealthStatus) String ¶
func (c ContainerHealthStatus) String(verbose bool) string
String returns a string representation of ContainerHealthStatus.
type ContainerImage ¶
type ContainerImage struct { ID string RawName string Name string Registry string ShortName string Tag string RepoDigest string }
ContainerImage is the an image used by a container. For historical reason, The imageId from containerd runtime and kubernetes refer to different fields. For containerd, it is the digest of the image config. For kubernetes, it referres to repo digest of the image (at least before CRI-O v1.28) See https://github.com/kubernetes/kubernetes/issues/46255 To avoid confusion, an extra field of repo digest is added to the struct, if it is available, it will also be added to the container tags in tagger.
func NewContainerImage ¶
func NewContainerImage(imageID string, imageName string) (ContainerImage, error)
NewContainerImage builds a ContainerImage from an image name and its id
func (ContainerImage) String ¶
func (c ContainerImage) String(verbose bool) string
String returns a string representation of ContainerImage.
type ContainerImageLayer ¶
type ContainerImageLayer struct { MediaType string Digest string SizeBytes int64 URLs []string History *v1.History }
ContainerImageLayer represents a layer of a container image
func (ContainerImageLayer) String ¶
func (layer ContainerImageLayer) String() string
String returns a string representation of ContainerImageLayer
type ContainerImageMetadata ¶
type ContainerImageMetadata struct { EntityID EntityMeta RepoTags []string RepoDigests []string MediaType string SizeBytes int64 OS string OSVersion string Architecture string Variant string Layers []ContainerImageLayer SBOM *SBOM }
ContainerImageMetadata is an Entity that represents container image metadata
func (ContainerImageMetadata) DeepCopy ¶
func (i ContainerImageMetadata) DeepCopy() Entity
DeepCopy implements Entity#DeepCopy.
func (ContainerImageMetadata) GetID ¶
func (i ContainerImageMetadata) GetID() EntityID
GetID implements Entity#GetID.
func (*ContainerImageMetadata) Merge ¶
func (i *ContainerImageMetadata) Merge(e Entity) error
Merge implements Entity#Merge.
func (ContainerImageMetadata) String ¶
func (i ContainerImageMetadata) String(verbose bool) string
String implements Entity#String.
type ContainerNetwork ¶
ContainerNetwork is the network attached to the container.
func (ContainerNetwork) String ¶
func (c ContainerNetwork) String(_ bool) string
String returns a string representation of ContainerPort.
type ContainerPort ¶
ContainerPort is a port open in the container.
func (ContainerPort) String ¶
func (c ContainerPort) String(verbose bool) string
String returns a string representation of ContainerPort.
type ContainerResources ¶
type ContainerResources struct { GPURequest *uint64 // Number of GPUs GPULimit *uint64 GPUVendorList []string // The type of GPU requested (eg. nvidia, amd, intel) CPURequest *float64 // Percentage 0-100*numCPU (aligned with CPU Limit from metrics provider) CPULimit *float64 MemoryRequest *uint64 // Bytes MemoryLimit *uint64 }
ContainerResources is resources requests or limitations for a container
func (ContainerResources) String ¶
func (cr ContainerResources) String(bool) string
String returns a string representation of ContainerPort.
type ContainerRuntime ¶
type ContainerRuntime string
ContainerRuntime is the container runtime used by a container.
const ( ContainerRuntimeDocker ContainerRuntime = "docker" ContainerRuntimeContainerd ContainerRuntime = "containerd" ContainerRuntimePodman ContainerRuntime = "podman" ContainerRuntimeCRIO ContainerRuntime = "cri-o" ContainerRuntimeGarden ContainerRuntime = "garden" // ECS Fargate can be considered as a runtime in the sense that we don't // know the actual runtime but we need to identify it's Fargate ContainerRuntimeECSFargate ContainerRuntime = "ecsfargate" )
Defined ContainerRuntimes
type ContainerRuntimeFlavor ¶
type ContainerRuntimeFlavor string
ContainerRuntimeFlavor is the container runtime with respect to the OCI spect
const ( ContainerRuntimeFlavorDefault ContainerRuntimeFlavor = "" ContainerRuntimeFlavorKata ContainerRuntimeFlavor = "kata" )
Defined ContainerRuntimeFlavors
type ContainerSecurityContext ¶
type ContainerSecurityContext struct { *Capabilities Privileged bool SeccompProfile *SeccompProfile }
ContainerSecurityContext is the Security Context of a Container
type ContainerState ¶
type ContainerState struct { Running bool Status ContainerStatus Health ContainerHealth CreatedAt time.Time StartedAt time.Time FinishedAt time.Time ExitCode *int64 }
ContainerState is the state of a container.
func (ContainerState) String ¶
func (c ContainerState) String(verbose bool) string
String returns a string representation of ContainerState.
type ContainerStatus ¶
type ContainerStatus string
ContainerStatus is the status of the container
const ( ContainerStatusUnknown ContainerStatus = "unknown" ContainerStatusCreated ContainerStatus = "created" ContainerStatusRunning ContainerStatus = "running" ContainerStatusRestarting ContainerStatus = "restarting" ContainerStatusPaused ContainerStatus = "paused" ContainerStatusStopped ContainerStatus = "stopped" )
Defined ContainerStatus
type ContainerVolume ¶
ContainerVolume is a volume mounted in the container.
func (ContainerVolume) String ¶
func (c ContainerVolume) String(_ bool) string
String returns a string representation of ContainerVolume.
type ECSContainer ¶
type ECSContainer struct { DisplayName string Networks []ContainerNetwork Volumes []ContainerVolume Health *ContainerHealthStatus DesiredStatus string KnownStatus string Type string LogDriver string LogOptions map[string]string ContainerARN string Snapshotter string }
ECSContainer is a reference to a container running in ECS
func (ECSContainer) String ¶
func (e ECSContainer) String(verbose bool) string
String returns a string representation of ECSContainer.
type ECSLaunchType ¶
type ECSLaunchType string
ECSLaunchType is the launch type of an ECS task.
const ( ECSLaunchTypeEC2 ECSLaunchType = "ec2" ECSLaunchTypeFargate ECSLaunchType = "fargate" )
Defined ECSLaunchTypes
type ECSTask ¶
type ECSTask struct { EntityID EntityMeta Tags MapTags ContainerInstanceTags MapTags ClusterName string AWSAccountID int Region string AvailabilityZone string Family string Version string DesiredStatus string KnownStatus string PullStartedAt *time.Time PullStoppedAt *time.Time ExecutionStoppedAt *time.Time VPCID string ServiceName string EphemeralStorageMetrics map[string]int64 Limits map[string]float64 LaunchType ECSLaunchType Containers []OrchestratorContainer }
ECSTask is an Entity representing an ECS Task.
type Entity ¶
type Entity interface { // GetID gets the EntityID for this entity. GetID() EntityID // Merge merges this entity with another of the same kind. This is used // to generate a composite entity representing data from several sources. Merge(Entity) error // DeepCopy copies an entity such that modifications of the copy will not // affect the original. DeepCopy() Entity // String provides a summary of the entity. The string may span several lines, // especially if verbose. String(verbose bool) string }
Entity represents a single unit of work being done that is of interest to the agent.
This interface is implemented by several concrete types, and is typically cast to that concrete type to get detailed information. The concrete type corresponds to the entity's type (GetID().Kind), and it is safe to make an unchecked cast.
Example ¶
// Unless explicitly stated otherwise all files in this repository are licensed // under the Apache License Version 2.0. // This product includes software developed at Datadog (https://www.datadoghq.com/). // Copyright 2022-present Datadog, Inc. package main import "fmt" func getAnEntity() Entity { return &Container{ EntityID: EntityID{ Kind: KindContainer, ID: "abc123", }, Image: ContainerImage{ Name: "cassandra", }, } } func main() { entity := getAnEntity() if container, ok := entity.(*Container); ok { fmt.Printf("Got container with image %s\n", container.Image.Name) } else { fmt.Printf("Not a Container") } }
Output: Got container with image cassandra
type EntityFilterFunc ¶
EntityFilterFunc provides a filter on the entity object level
Given an entity instance, it returns true if the object should be included in the output, and false if it should be filtered out.
var GetRunningContainers EntityFilterFunc[*Container] = func(container *Container) bool { return container.State.Running }
GetRunningContainers is a function that evaluates to true for running containers.
type EntityID ¶
type EntityID struct { // Kind identifies the kind of entity. This typically corresponds to the concrete // type of the Entity, but this is not always the case; see Entity for details. Kind Kind // ID is the ID for this entity, in a format specific to the entity Kind. ID string }
EntityID represents the ID of an Entity. Note that entities from different sources may have the same EntityID.
type EntityMeta ¶
type EntityMeta struct { Name string Namespace string Annotations map[string]string Labels map[string]string }
EntityMeta represents generic metadata about an Entity.
func (EntityMeta) String ¶
func (e EntityMeta) String(verbose bool) string
String returns a string representation of EntityMeta.
type Event ¶
type Event struct { // Type gives the type of this event. // // When Type is EventTypeSet, this represents an added or updated entity. // Multiple set events may be sent for a single entity. // // When Type is EventTypeUnset, this represents a removed entity. Type EventType // Entity is the entity involved in this event. For an EventTypeSet event, // this may contain information "merged" from multiple sources. For an // unset event it contains only an EntityID. // // For Type == EventTypeSet, this field can be cast unconditionally to the // concrete type corresponding to its kind (Entity.GetID().Kind). For Type // == EventTypeUnset, only the Entity ID is available and such a cast will // fail. Entity Entity }
Event represents a change to an entity.
type EventBundle ¶
type EventBundle struct { // Events gives the events in this bundle. Events []Event // Ch should be closed once the subscriber has handled the event. Ch chan struct{} }
EventBundle is a collection of events sent to Store subscribers.
Subscribers are expected to respond to EventBundles quickly. The Store will not move on to notify the next subscriber until the included channel Ch is closed. Subscribers which need to update their state before other subscribers are notified should close this channel once those updates are complete. Other subscribers should close the channel immediately. See the example for Store#Subscribe for details.
func (EventBundle) Acknowledge ¶
func (e EventBundle) Acknowledge()
Acknowledge acknowledges that the subscriber has handled the event.
type EventType ¶
type EventType int
EventType is the type of an event (set or unset).
const ( // EventTypeAll matches any event type. Should not be returned by // collectors, as it is only meant to be used in filters. EventTypeAll EventType = iota // EventTypeSet indicates that an entity has been added or updated. EventTypeSet // EventTypeUnset indicates that an entity has been removed. If multiple // sources provide data for an entity, this message is only sent when the // last source stops providing that data. EventTypeUnset )
type Filter ¶
type Filter struct {
// contains filtered or unexported fields
}
Filter allows a subscriber to filter events by entity kind, event source, and event type.
A nil filter matches all events.
func (*Filter) EventType ¶
EventType returns the event type this filter is filtering by. If the filter is nil, it returns EventTypeAll.
func (*Filter) MatchEntity ¶
MatchEntity returns true if the filter matches the passed entity. If the filter is nil, or has no kinds, it always matches.
func (*Filter) MatchEventType ¶
MatchEventType returns true if the filter matches the passed EventType. If the filter is nil, or has EventTypeAll, it always matches.
func (*Filter) MatchKind ¶
MatchKind returns false if the filter can never match entities of the specified kind.
func (*Filter) MatchSource ¶
MatchSource returns true if the filter matches the passed source. If the filter is nil, or has SourceAll, it always matches.
type FilterBuilder ¶
type FilterBuilder struct {
// contains filtered or unexported fields
}
FilterBuilder is used to build a filter object for subscribers.
func NewFilterBuilder ¶
func NewFilterBuilder() *FilterBuilder
NewFilterBuilder creates and returns a new filter builder for a given event type for subscribing to workloadmeta events.
Only events for entities with one of the added kinds and matching the associated entity filter function will be delivered.
If no kind is added, events for entities of any kind will be delivered.
Similarly, only events for entities collected from the given source will be delivered, and the entities in the events will contain data only from that source. For example, if source is SourceRuntime, then only events from the runtime will be delivered, and they will not contain any additional metadata from orchestrators or cluster orchestrators. Use SourceAll to collect data from all sources. SourceAll is the default.
Only events of the given type will be delivered. Use EventTypeAll to collect data from all the event types. EventTypeAll is the default.
func (*FilterBuilder) AddKind ¶
func (fb *FilterBuilder) AddKind(kind Kind) *FilterBuilder
AddKind adds a specific kind to the built filter. The built filter will match any entity of the added kind.
func (*FilterBuilder) AddKindWithEntityFilter ¶
func (fb *FilterBuilder) AddKindWithEntityFilter(kind Kind, entityFilterFunc GenericEntityFilterFunc) *FilterBuilder
AddKindWithEntityFilter adds an entity kind with an associated entity filter function. The built filter will match all entities of the added kind for which the entity filter function returns true.
func (*FilterBuilder) Build ¶
func (fb *FilterBuilder) Build() *Filter
Build builds the filter and returns it.
func (*FilterBuilder) SetEventType ¶
func (fb *FilterBuilder) SetEventType(eventType EventType) *FilterBuilder
SetEventType sets the event type for the filter
func (*FilterBuilder) SetSource ¶
func (fb *FilterBuilder) SetSource(source Source) *FilterBuilder
SetSource sets the source for the filter.
type GPU ¶
type GPU struct { EntityID EntityMeta // Vendor is the name of the manufacturer of the device (e.g., NVIDIA) Vendor string // Device is the comercial name of the device (e.g., Tesla V100) as returned // by the device driver (NVML for NVIDIA GPUs). Note that some models might // have some additional information like the memory size (e.g., Tesla // A100-SXM2-80GB), the exact format of this field is vendor and device // specific. Device string ActivePIDs []int // Index is the index of the GPU in the host system. This is useful as sometimes // GPUs will be identified by their index instead of their UUID. Note that the index // is not guaranteed to be stable across reboots, nor is necessarily the same inside // of containers. Index int // Architecture contains the architecture of the GPU (e.g., Pascal, Volta, etc.). Optional, can be empty. Architecture string // ComputeCapability contains the compute capability version of the GPU. Optional, can be 0/0 ComputeCapability GPUComputeCapability // SMCount is the number of streaming multiprocessors in the GPU. Optional, can be empty. SMCount int }
GPU represents a GPU resource.
type GPUComputeCapability ¶
type GPUComputeCapability struct { // Major represents the major version of the compute capability. Major int // Minor represents the minor version of the compute capability. Minor int }
GPUComputeCapability represents the compute capability version of a GPU.
func (GPUComputeCapability) String ¶
func (gcc GPUComputeCapability) String() string
type GenericEntityFilterFunc ¶
type GenericEntityFilterFunc EntityFilterFunc[Entity]
GenericEntityFilterFunc is a filter function applicable to any object of a struct implementing the Entity interface
type InitHelper ¶
InitHelper this should be provided as a helper to allow passing the component into the inithook for additional start-time configutation.
type Kind ¶
type Kind string
Kind is the kind of an entity.
const ( KindContainer Kind = "container" KindKubernetesPod Kind = "kubernetes_pod" KindKubernetesMetadata Kind = "kubernetes_metadata" KindKubernetesDeployment Kind = "kubernetes_deployment" KindECSTask Kind = "ecs_task" KindContainerImageMetadata Kind = "container_image_metadata" KindProcess Kind = "process" KindGPU Kind = "gpu" )
Defined Kinds
type KubeMetadataEntityID ¶
type KubeMetadataEntityID string
KubeMetadataEntityID is a unique ID for Kube Metadata Entity
type KubernetesDeployment ¶
type KubernetesDeployment struct { EntityID EntityMeta Env string Service string Version string // InjectableLanguages indicate containers languages that can be injected by the admission controller // These languages are determined by parsing the deployment annotations InjectableLanguages langUtil.ContainersLanguages // DetectedLanguages languages indicate containers languages detected and reported by the language // detection server. DetectedLanguages langUtil.ContainersLanguages }
KubernetesDeployment is an Entity representing a Kubernetes Deployment.
func (KubernetesDeployment) DeepCopy ¶
func (d KubernetesDeployment) DeepCopy() Entity
DeepCopy implements Entity#DeepCopy.
func (*KubernetesDeployment) GetID ¶
func (d *KubernetesDeployment) GetID() EntityID
GetID implements Entity#GetID.
func (*KubernetesDeployment) Merge ¶
func (d *KubernetesDeployment) Merge(e Entity) error
Merge implements Entity#Merge.
func (KubernetesDeployment) String ¶
func (d KubernetesDeployment) String(verbose bool) string
String implements Entity#String
type KubernetesMetadata ¶
type KubernetesMetadata struct { EntityID EntityMeta GVR *schema.GroupVersionResource }
KubernetesMetadata is an Entity representing kubernetes resource metadata
func (KubernetesMetadata) DeepCopy ¶
func (m KubernetesMetadata) DeepCopy() Entity
DeepCopy implements Entity#DeepCopy.
func (*KubernetesMetadata) GetID ¶
func (m *KubernetesMetadata) GetID() EntityID
GetID implements Entity#GetID.
func (*KubernetesMetadata) Merge ¶
func (m *KubernetesMetadata) Merge(e Entity) error
Merge implements Entity#Merge.
func (*KubernetesMetadata) String ¶
func (m *KubernetesMetadata) String(verbose bool) string
String implements Entity#String
type KubernetesPod ¶
type KubernetesPod struct { EntityID EntityMeta Owners []KubernetesPodOwner PersistentVolumeClaimNames []string InitContainers []OrchestratorContainer Containers []OrchestratorContainer Ready bool Phase string IP string PriorityClass string QOSClass string GPUVendorList []string RuntimeClass string KubeServices []string NamespaceLabels map[string]string NamespaceAnnotations map[string]string FinishedAt time.Time SecurityContext *PodSecurityContext }
KubernetesPod is an Entity representing a Kubernetes Pod.
func (KubernetesPod) DeepCopy ¶
func (p KubernetesPod) DeepCopy() Entity
DeepCopy implements Entity#DeepCopy.
func (KubernetesPod) GetAllContainers ¶
func (p KubernetesPod) GetAllContainers() []OrchestratorContainer
GetAllContainers returns init containers and containers.
func (*KubernetesPod) Merge ¶
func (p *KubernetesPod) Merge(e Entity) error
Merge implements Entity#Merge.
func (KubernetesPod) String ¶
func (p KubernetesPod) String(verbose bool) string
String implements Entity#String.
type KubernetesPodOwner ¶
KubernetesPodOwner is extracted from a pod's owner references.
func (KubernetesPodOwner) String ¶
func (o KubernetesPodOwner) String(verbose bool) string
String returns a string representation of KubernetesPodOwner.
type OrchestratorContainer ¶
type OrchestratorContainer struct { ID string Name string Image ContainerImage }
OrchestratorContainer is a reference to a Container with orchestrator-specific data attached to it.
func (OrchestratorContainer) String ¶
func (o OrchestratorContainer) String(_ bool) string
String returns a string representation of OrchestratorContainer.
type Params ¶
type Params struct { AgentType AgentType InitHelper InitHelper }
Params provides the kind of agent we're instantiating workloadmeta for
type PodSecurityContext ¶
PodSecurityContext is the Security Context of a Kubernetes pod
type Process ¶
type Process struct { EntityID // EntityID.ID is the PID NsPid int32 ContainerID string CreationTime time.Time Language *languagemodels.Language }
Process is an Entity that represents a process
type SBOM ¶
type SBOM struct { CycloneDXBOM *cyclonedx.BOM GenerationTime time.Time GenerationDuration time.Duration Status SBOMStatus Error string // needs to be stored as a string otherwise the merge() will favor the nil value }
SBOM represents the Software Bill Of Materials (SBOM) of a container
type SBOMStatus ¶
type SBOMStatus string
SBOMStatus is the status of a SBOM
const ( // Pending is the status when the image was not scanned Pending SBOMStatus = "Pending" // Success is the status when the image was scanned Success SBOMStatus = "Success" // Failed is the status when the scan failed Failed SBOMStatus = "Failed" )
type SeccompProfile ¶
type SeccompProfile struct { Type SeccompProfileType LocalhostProfile string }
SeccompProfile contains fields for unmarshalling a Pod.Spec.Containers.SecurityContext.SeccompProfile
type SeccompProfileType ¶
type SeccompProfileType string
SeccompProfileType is the type of seccomp profile used
const ( SeccompProfileTypeUnconfined SeccompProfileType = "Unconfined" SeccompProfileTypeRuntimeDefault SeccompProfileType = "RuntimeDefault" SeccompProfileTypeLocalhost SeccompProfileType = "Localhost" )
Seccomp profile types
type Source ¶
type Source string
Source is the source name of an entity.
const ( // SourceAll matches any source. Should not be returned by collectors, // as its only meant to be used in filters. SourceAll Source = "" // SourceRuntime represents entities detected by the container runtime // running on the node, collecting lower level information about // containers. `docker`, `containerd`, 'crio', `podman` and `ecs_fargate` // use this source. SourceRuntime Source = "runtime" // SourceTrivy represents entities detected by Trivy during the SBOM scan. // `crio` uses this source. SourceTrivy Source = "trivy" // SourceNodeOrchestrator represents entities detected by the node // agent from an orchestrator. `kubelet` and `ecs` use this. SourceNodeOrchestrator Source = "node_orchestrator" // SourceClusterOrchestrator represents entities detected by calling // the central component of an orchestrator, or the Datadog Cluster // Agent. `kube_metadata` and `cloudfoundry` use this. SourceClusterOrchestrator Source = "cluster_orchestrator" // SourceRemoteWorkloadmeta represents entities detected by the remote // workloadmeta. SourceRemoteWorkloadmeta Source = "remote_workloadmeta" // SourceRemoteProcessCollector reprents processes entities detected // by the RemoteProcessCollector. SourceRemoteProcessCollector Source = "remote_process_collector" // SourceLanguageDetectionServer represents container languages // detected by node agents SourceLanguageDetectionServer Source = "language_detection_server" // SourceHost represents entities detected by the host such as host tags. SourceHost Source = "host" // SourceLocalProcessCollector reprents processes entities detected // by the LocalProcessCollector. SourceLocalProcessCollector Source = "local_process_collector" )
Defined Sources
type SubscriberPriority ¶
type SubscriberPriority int
SubscriberPriority is a priority for subscribers to the store. Subscribers are notified in order by their priority, with each notification blocking the next, so this allows control of which compoents are informed of changes in the store first.
const ( // TaggerPriority is the priority for the Tagger. The Tagger must always // come first. TaggerPriority SubscriberPriority = iota // ConfigProviderPriority is the priority for the AD Config Provider. // This should come before other subscribers so that config provided by // entities is available to those other subscribers. ConfigProviderPriority SubscriberPriority = iota // NormalPriority should be used by subscribers on which other components // do not depend. NormalPriority SubscriberPriority = iota )
type WorkloadDumpResponse ¶
type WorkloadDumpResponse struct {
Entities map[string]WorkloadEntity `json:"entities"`
}
WorkloadDumpResponse is used to dump the store content.
func (WorkloadDumpResponse) Write ¶
func (wdr WorkloadDumpResponse) Write(writer io.Writer)
Write writes the stores content in a given writer. Useful for agent's CLI and Flare.
type WorkloadEntity ¶
WorkloadEntity contains entity data.