workloadmeta

package
v0.0.0-...-73f4ec9 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 18, 2024 License: Apache-2.0 Imports: 20 Imported by: 0

Documentation

Overview

Package workloadmeta provides the workloadmeta component for the Datadog Agent

Index

Examples

Constants

View Source
const ECSTaskKnownStatusStopped = "STOPPED"

ECSTaskKnownStatusStopped is the known status of an ECS task that has stopped.

Variables

View Source
var IsNodeMetadata = func(metadata *KubernetesMetadata) bool {
	return metadata.GVR.Group == "" && metadata.GVR.Resource == "nodes"
}

IsNodeMetadata is a filter function that returns true if the metadata belongs to a node.

Functions

func EntityFilterFuncAcceptAll

func EntityFilterFuncAcceptAll(_ Entity) bool

EntityFilterFuncAcceptAll is an entity filter function that accepts any entity.

Types

type AgentType

type AgentType uint8

AgentType defines the workloadmeta agent type

const (
	NodeAgent AgentType = 1 << iota
	ClusterAgent
	ProcessAgent
	Remote
)

Define types of agent for catalog

type Capabilities

type Capabilities struct {
	Add  []string
	Drop []string
}

Capabilities is the capabilities a certain Container security context is capable of

type Collector

type Collector interface {
	// Start starts a collector. The collector should run until the context
	// is done. It also gets a reference to the store that started it so it
	// can use Notify, or get access to other entities in the store.
	Start(context.Context, Component) error

	// Pull triggers an entity collection. To be used by collectors that
	// don't have streaming functionality, and called periodically by the
	// store.
	Pull(context.Context) error

	// GetID returns the identifier for the respective component.
	GetID() string

	// GetTargetCatalog gets the expected catalog.
	GetTargetCatalog() AgentType
}

Collector is responsible for collecting metadata about workloads.

type CollectorEvent

type CollectorEvent struct {
	Type   EventType
	Source Source
	Entity Entity
}

CollectorEvent is an event generated by a metadata collector, to be handled by the metadata store.

type CollectorList

type CollectorList []Collector

CollectorList is an array of Collectors

type CollectorProvider

type CollectorProvider struct {
	fx.Out

	Collector Collector `group:"workloadmeta"`
}

CollectorProvider is the collector fx value group

type Component

type Component interface {
	// Subscribe subscribes the caller to events representing changes to the
	// store, limited to events matching the filter.  The name is used for
	// telemetry and debugging.
	//
	// The first message on the channel is special: it contains an EventTypeSet
	// event for each entity currently in the store.  If the Subscribe call
	// occurs at agent startup, then the first message approximates entities
	// that were running before the agent started.  This is an inherently racy
	// distinction, but may be useful for decisions such as whether to begin
	// logging at the head or tail of an entity's logs.
	//
	// Multiple EventTypeSet messages may be sent, either as the entity's state
	// evolves or as information about the entity is reported from multiple
	// sources (such as a container runtime and an orchestrator).
	//
	// See the documentation for EventBundle regarding appropriate handling
	// for messages on this channel.
	Subscribe(name string, priority SubscriberPriority, filter *Filter) chan EventBundle

	// Unsubscribe closes the EventBundle channel. Note that it will emit a zero-value event.
	// Thus, it is important to check that the channel is not closed.
	Unsubscribe(ch chan EventBundle)

	// GetContainer returns metadata about a container.  It fetches the entity
	// with kind KindContainer and the given ID.
	GetContainer(id string) (*Container, error)

	// ListContainers returns metadata about all known containers, equivalent
	// to all entities with kind KindContainer.
	ListContainers() []*Container

	// ListContainersWithFilter returns all the containers for which the passed
	// filter evaluates to true.
	ListContainersWithFilter(filter EntityFilterFunc[*Container]) []*Container

	// GetKubernetesPod returns metadata about a Kubernetes pod.  It fetches
	// the entity with kind KindKubernetesPod and the given ID.
	GetKubernetesPod(id string) (*KubernetesPod, error)

	// GetKubernetesPodForContainer retrieves the ownership information for the
	// given container and returns the owner pod. This information might lag because
	// the kubelet check sets the `Owner` field but a container can also be stored by CRI
	// checks, which do not have ownership info. Thus, the function might return an error
	// when the pod actually exists.
	GetKubernetesPodForContainer(containerID string) (*KubernetesPod, error)

	// GetKubernetesPodByName returns the first pod whose name and namespace matches those passed in
	// to this function.
	GetKubernetesPodByName(podName, podNamespace string) (*KubernetesPod, error)

	// GetKubernetesDeployment returns metadata about a Kubernetes deployment. It fetches
	// the entity with kind KindKubernetesDeployment and the given ID.
	GetKubernetesDeployment(id string) (*KubernetesDeployment, error)

	// GetKubernetesMetadata returns metadata about a Kubernetes resource. It fetches
	// the entity with kind KubernetesMetadata and the given ID.
	GetKubernetesMetadata(id KubeMetadataEntityID) (*KubernetesMetadata, error)

	// ListKubernetesMetadata returns all the kubernetes metadata objects for
	// which the passed filter evaluates to true.
	ListKubernetesMetadata(filterFunc EntityFilterFunc[*KubernetesMetadata]) []*KubernetesMetadata

	// ListECSTasks returns metadata about all ECS tasks, equivalent to all
	// entities with kind KindECSTask.
	ListECSTasks() []*ECSTask

	// GetECSTask returns metadata about an ECS task.  It fetches the entity with
	// kind KindECSTask and the given ID.
	GetECSTask(id string) (*ECSTask, error)

	// ListImages returns metadata about all known images, equivalent to all
	// entities with kind KindContainerImageMetadata.
	ListImages() []*ContainerImageMetadata

	// GetImage returns metadata about a container image. It fetches the entity
	// with kind KindContainerImageMetadata and the given ID.
	GetImage(id string) (*ContainerImageMetadata, error)

	// GetProcess returns metadata about a process.  It fetches the entity
	// with kind KindProcess and the given ID.
	GetProcess(pid int32) (*Process, error)

	// ListProcesses returns metadata about all known processes, equivalent
	// to all entities with kind KindProcess.
	ListProcesses() []*Process

	// ListProcessesWithFilter returns all the processes for which the passed
	// filter evaluates to true.
	ListProcessesWithFilter(filterFunc EntityFilterFunc[*Process]) []*Process

	// Notify notifies the store with a slice of events.  It should only be
	// used by workloadmeta collectors.
	Notify(events []CollectorEvent)

	// Dump lists the content of the store, for debugging purposes.
	Dump(verbose bool) WorkloadDumpResponse

	// ResetProcesses resets the state of the store so that newProcesses are the
	// only entites stored.
	ResetProcesses(newProcesses []Entity, source Source)

	// Reset resets the state of the store so that newEntities are the only
	// entities stored. This function sends events to the subscribers in the
	// following cases:
	// - EventTypeSet: one for each entity in newEntities that doesn't exist in
	// the store. Also, when the entity exists, but with different values.
	// - EventTypeUnset: one for each entity that exists in the store but is not
	// present in newEntities.
	Reset(newEntities []Entity, source Source)

	// Push allows external sources to push events to the metadata store.
	// Only EventTypeSet and EventTypeUnset event types are allowed.
	Push(source Source, events ...Event) error
}

Component is the component type.

type Container

type Container struct {
	EntityID
	EntityMeta
	// ECSContainer contains properties specific to container running in ECS
	*ECSContainer
	// EnvVars are limited to variables included in pkg/util/containers/env_vars_filter.go
	EnvVars       map[string]string
	Hostname      string
	Image         ContainerImage
	NetworkIPs    map[string]string
	PID           int
	Ports         []ContainerPort
	Runtime       ContainerRuntime
	RuntimeFlavor ContainerRuntimeFlavor
	State         ContainerState
	// CollectorTags represent tags coming from the collector itself
	// and that it would be impossible to compute later on
	CollectorTags   []string
	Owner           *EntityID
	SecurityContext *ContainerSecurityContext
	Resources       ContainerResources

	// AllocatedResources is the list of resources allocated to this pod. Requires the
	// PodResources API to query that data.
	AllocatedResources []ContainerAllocatedResource
	// CgroupPath is a path to the cgroup of the container.
	// It can be relative to the cgroup parent.
	// Linux only.
	CgroupPath   string
	RestartCount int
}

Container is an Entity representing a containerized workload.

func (Container) DeepCopy

func (c Container) DeepCopy() Entity

DeepCopy implements Entity#DeepCopy.

func (Container) GetID

func (c Container) GetID() EntityID

GetID implements Entity#GetID.

func (*Container) Merge

func (c *Container) Merge(e Entity) error

Merge implements Entity#Merge.

func (Container) String

func (c Container) String(verbose bool) string

String implements Entity#String.

type ContainerAllocatedResource

type ContainerAllocatedResource struct {
	// Name is the name of the resource as defined in the pod spec (e.g. "nvidia.com/gpu").
	Name string

	// ID is the unique ID of the resource, the format depends on the provider
	ID string
}

ContainerAllocatedResource is a resource allocated to a container, consisting of a name and an ID.

func (ContainerAllocatedResource) String

type ContainerHealth

type ContainerHealth string

ContainerHealth is the health of the container

const (
	ContainerHealthUnknown   ContainerHealth = "unknown"
	ContainerHealthHealthy   ContainerHealth = "healthy"
	ContainerHealthUnhealthy ContainerHealth = "unhealthy"
)

Defined ContainerHealth

type ContainerHealthStatus

type ContainerHealthStatus struct {
	Status   string
	Since    *time.Time
	ExitCode *int64
	Output   string
}

ContainerHealthStatus is the health status of a container

func (ContainerHealthStatus) String

func (c ContainerHealthStatus) String(verbose bool) string

String returns a string representation of ContainerHealthStatus.

type ContainerImage

type ContainerImage struct {
	ID         string
	RawName    string
	Name       string
	Registry   string
	ShortName  string
	Tag        string
	RepoDigest string
}

ContainerImage is the an image used by a container. For historical reason, The imageId from containerd runtime and kubernetes refer to different fields. For containerd, it is the digest of the image config. For kubernetes, it referres to repo digest of the image (at least before CRI-O v1.28) See https://github.com/kubernetes/kubernetes/issues/46255 To avoid confusion, an extra field of repo digest is added to the struct, if it is available, it will also be added to the container tags in tagger.

func NewContainerImage

func NewContainerImage(imageID string, imageName string) (ContainerImage, error)

NewContainerImage builds a ContainerImage from an image name and its id

func (ContainerImage) String

func (c ContainerImage) String(verbose bool) string

String returns a string representation of ContainerImage.

type ContainerImageLayer

type ContainerImageLayer struct {
	MediaType string
	Digest    string
	SizeBytes int64
	URLs      []string
	History   *v1.History
}

ContainerImageLayer represents a layer of a container image

func (ContainerImageLayer) String

func (layer ContainerImageLayer) String() string

String returns a string representation of ContainerImageLayer

type ContainerImageMetadata

type ContainerImageMetadata struct {
	EntityID
	EntityMeta
	RepoTags     []string
	RepoDigests  []string
	MediaType    string
	SizeBytes    int64
	OS           string
	OSVersion    string
	Architecture string
	Variant      string
	Layers       []ContainerImageLayer
	SBOM         *SBOM
}

ContainerImageMetadata is an Entity that represents container image metadata

func (ContainerImageMetadata) DeepCopy

func (i ContainerImageMetadata) DeepCopy() Entity

DeepCopy implements Entity#DeepCopy.

func (ContainerImageMetadata) GetID

func (i ContainerImageMetadata) GetID() EntityID

GetID implements Entity#GetID.

func (*ContainerImageMetadata) Merge

func (i *ContainerImageMetadata) Merge(e Entity) error

Merge implements Entity#Merge.

func (ContainerImageMetadata) String

func (i ContainerImageMetadata) String(verbose bool) string

String implements Entity#String.

type ContainerNetwork

type ContainerNetwork struct {
	NetworkMode   string
	IPv4Addresses []string
	IPv6Addresses []string
}

ContainerNetwork is the network attached to the container.

func (ContainerNetwork) String

func (c ContainerNetwork) String(_ bool) string

String returns a string representation of ContainerPort.

type ContainerPort

type ContainerPort struct {
	Name     string
	Port     int
	Protocol string
	HostPort uint16
}

ContainerPort is a port open in the container.

func (ContainerPort) String

func (c ContainerPort) String(verbose bool) string

String returns a string representation of ContainerPort.

type ContainerResources

type ContainerResources struct {
	GPURequest    *uint64 // Number of GPUs
	GPULimit      *uint64
	GPUVendorList []string // The type of GPU requested (eg. nvidia, amd, intel)
	CPURequest    *float64 // Percentage 0-100*numCPU (aligned with CPU Limit from metrics provider)
	CPULimit      *float64
	MemoryRequest *uint64 // Bytes
	MemoryLimit   *uint64
}

ContainerResources is resources requests or limitations for a container

func (ContainerResources) String

func (cr ContainerResources) String(bool) string

String returns a string representation of ContainerPort.

type ContainerRuntime

type ContainerRuntime string

ContainerRuntime is the container runtime used by a container.

const (
	ContainerRuntimeDocker     ContainerRuntime = "docker"
	ContainerRuntimeContainerd ContainerRuntime = "containerd"
	ContainerRuntimePodman     ContainerRuntime = "podman"
	ContainerRuntimeCRIO       ContainerRuntime = "cri-o"
	ContainerRuntimeGarden     ContainerRuntime = "garden"
	// ECS Fargate can be considered as a runtime in the sense that we don't
	// know the actual runtime but we need to identify it's Fargate
	ContainerRuntimeECSFargate ContainerRuntime = "ecsfargate"
)

Defined ContainerRuntimes

type ContainerRuntimeFlavor

type ContainerRuntimeFlavor string

ContainerRuntimeFlavor is the container runtime with respect to the OCI spect

const (
	ContainerRuntimeFlavorDefault ContainerRuntimeFlavor = ""
	ContainerRuntimeFlavorKata    ContainerRuntimeFlavor = "kata"
)

Defined ContainerRuntimeFlavors

type ContainerSecurityContext

type ContainerSecurityContext struct {
	*Capabilities
	Privileged     bool
	SeccompProfile *SeccompProfile
}

ContainerSecurityContext is the Security Context of a Container

type ContainerState

type ContainerState struct {
	Running    bool
	Status     ContainerStatus
	Health     ContainerHealth
	CreatedAt  time.Time
	StartedAt  time.Time
	FinishedAt time.Time
	ExitCode   *int64
}

ContainerState is the state of a container.

func (ContainerState) String

func (c ContainerState) String(verbose bool) string

String returns a string representation of ContainerState.

type ContainerStatus

type ContainerStatus string

ContainerStatus is the status of the container

const (
	ContainerStatusUnknown    ContainerStatus = "unknown"
	ContainerStatusCreated    ContainerStatus = "created"
	ContainerStatusRunning    ContainerStatus = "running"
	ContainerStatusRestarting ContainerStatus = "restarting"
	ContainerStatusPaused     ContainerStatus = "paused"
	ContainerStatusStopped    ContainerStatus = "stopped"
)

Defined ContainerStatus

type ContainerVolume

type ContainerVolume struct {
	Name        string
	Source      string
	Destination string
}

ContainerVolume is a volume mounted in the container.

func (ContainerVolume) String

func (c ContainerVolume) String(_ bool) string

String returns a string representation of ContainerVolume.

type ECSContainer

type ECSContainer struct {
	DisplayName   string
	Networks      []ContainerNetwork
	Volumes       []ContainerVolume
	Health        *ContainerHealthStatus
	DesiredStatus string
	KnownStatus   string
	Type          string
	LogDriver     string
	LogOptions    map[string]string
	ContainerARN  string
	Snapshotter   string
}

ECSContainer is a reference to a container running in ECS

func (ECSContainer) String

func (e ECSContainer) String(verbose bool) string

String returns a string representation of ECSContainer.

type ECSLaunchType

type ECSLaunchType string

ECSLaunchType is the launch type of an ECS task.

const (
	ECSLaunchTypeEC2     ECSLaunchType = "ec2"
	ECSLaunchTypeFargate ECSLaunchType = "fargate"
)

Defined ECSLaunchTypes

type ECSTask

type ECSTask struct {
	EntityID
	EntityMeta
	Tags                    MapTags
	ContainerInstanceTags   MapTags
	ClusterName             string
	AWSAccountID            int
	Region                  string
	AvailabilityZone        string
	Family                  string
	Version                 string
	DesiredStatus           string
	KnownStatus             string
	PullStartedAt           *time.Time
	PullStoppedAt           *time.Time
	ExecutionStoppedAt      *time.Time
	VPCID                   string
	ServiceName             string
	EphemeralStorageMetrics map[string]int64
	Limits                  map[string]float64
	LaunchType              ECSLaunchType
	Containers              []OrchestratorContainer
}

ECSTask is an Entity representing an ECS Task.

func (ECSTask) DeepCopy

func (t ECSTask) DeepCopy() Entity

DeepCopy implements Entity#DeepCopy.

func (ECSTask) GetID

func (t ECSTask) GetID() EntityID

GetID implements Entity#GetID.

func (*ECSTask) Merge

func (t *ECSTask) Merge(e Entity) error

Merge implements Entity#Merge.

func (ECSTask) String

func (t ECSTask) String(verbose bool) string

String implements Entity#String.

type Entity

type Entity interface {
	// GetID gets the EntityID for this entity.
	GetID() EntityID

	// Merge merges this entity with another of the same kind.  This is used
	// to generate a composite entity representing data from several sources.
	Merge(Entity) error

	// DeepCopy copies an entity such that modifications of the copy will not
	// affect the original.
	DeepCopy() Entity

	// String provides a summary of the entity.  The string may span several lines,
	// especially if verbose.
	String(verbose bool) string
}

Entity represents a single unit of work being done that is of interest to the agent.

This interface is implemented by several concrete types, and is typically cast to that concrete type to get detailed information. The concrete type corresponds to the entity's type (GetID().Kind), and it is safe to make an unchecked cast.

Example
// Unless explicitly stated otherwise all files in this repository are licensed
// under the Apache License Version 2.0.
// This product includes software developed at Datadog (https://www.datadoghq.com/).
// Copyright 2022-present Datadog, Inc.

package main

import "fmt"

func getAnEntity() Entity {
	return &Container{
		EntityID: EntityID{
			Kind: KindContainer,
			ID:   "abc123",
		},
		Image: ContainerImage{
			Name: "cassandra",
		},
	}
}

func main() {
	entity := getAnEntity()

	if container, ok := entity.(*Container); ok {
		fmt.Printf("Got container with image %s\n", container.Image.Name)
	} else {
		fmt.Printf("Not a Container")
	}

}
Output:

Got container with image cassandra

type EntityFilterFunc

type EntityFilterFunc[T Entity] func(T) bool

EntityFilterFunc provides a filter on the entity object level

Given an entity instance, it returns true if the object should be included in the output, and false if it should be filtered out.

var GetRunningContainers EntityFilterFunc[*Container] = func(container *Container) bool { return container.State.Running }

GetRunningContainers is a function that evaluates to true for running containers.

type EntityID

type EntityID struct {
	// Kind identifies the kind of entity.  This typically corresponds to the concrete
	// type of the Entity, but this is not always the case; see Entity for details.
	Kind Kind

	// ID is the ID for this entity, in a format specific to the entity Kind.
	ID string
}

EntityID represents the ID of an Entity. Note that entities from different sources may have the same EntityID.

func (EntityID) String

func (i EntityID) String(_ bool) string

String implements Entity#String.

type EntityMeta

type EntityMeta struct {
	Name        string
	Namespace   string
	Annotations map[string]string
	Labels      map[string]string
}

EntityMeta represents generic metadata about an Entity.

func (EntityMeta) String

func (e EntityMeta) String(verbose bool) string

String returns a string representation of EntityMeta.

type Event

type Event struct {
	// Type gives the type of this event.
	//
	// When Type is EventTypeSet, this represents an added or updated entity.
	// Multiple set events may be sent for a single entity.
	//
	// When Type is EventTypeUnset, this represents a removed entity.
	Type EventType

	// Entity is the entity involved in this event.  For an EventTypeSet event,
	// this may contain information "merged" from multiple sources.  For an
	// unset event it contains only an EntityID.
	//
	// For Type == EventTypeSet, this field can be cast unconditionally to the
	// concrete type corresponding to its kind (Entity.GetID().Kind).  For Type
	// == EventTypeUnset, only the Entity ID is available and such a cast will
	// fail.
	Entity Entity
}

Event represents a change to an entity.

type EventBundle

type EventBundle struct {
	// Events gives the events in this bundle.
	Events []Event

	// Ch should be closed once the subscriber has handled the event.
	Ch chan struct{}
}

EventBundle is a collection of events sent to Store subscribers.

Subscribers are expected to respond to EventBundles quickly. The Store will not move on to notify the next subscriber until the included channel Ch is closed. Subscribers which need to update their state before other subscribers are notified should close this channel once those updates are complete. Other subscribers should close the channel immediately. See the example for Store#Subscribe for details.

func (EventBundle) Acknowledge

func (e EventBundle) Acknowledge()

Acknowledge acknowledges that the subscriber has handled the event.

type EventType

type EventType int

EventType is the type of an event (set or unset).

const (
	// EventTypeAll matches any event type. Should not be returned by
	// collectors, as it is only meant to be used in filters.
	EventTypeAll EventType = iota

	// EventTypeSet indicates that an entity has been added or updated.
	EventTypeSet

	// EventTypeUnset indicates that an entity has been removed.  If multiple
	// sources provide data for an entity, this message is only sent when the
	// last source stops providing that data.
	EventTypeUnset
)

type Filter

type Filter struct {
	// contains filtered or unexported fields
}

Filter allows a subscriber to filter events by entity kind, event source, and event type.

A nil filter matches all events.

func (*Filter) EventType

func (f *Filter) EventType() EventType

EventType returns the event type this filter is filtering by. If the filter is nil, it returns EventTypeAll.

func (*Filter) Kinds

func (f *Filter) Kinds() []Kind

Kinds returns the kinds this filter is filtering by.

func (*Filter) MatchEntity

func (f *Filter) MatchEntity(entity *Entity) bool

MatchEntity returns true if the filter matches the passed entity. If the filter is nil, or has no kinds, it always matches.

func (*Filter) MatchEventType

func (f *Filter) MatchEventType(eventType EventType) bool

MatchEventType returns true if the filter matches the passed EventType. If the filter is nil, or has EventTypeAll, it always matches.

func (*Filter) MatchKind

func (f *Filter) MatchKind(kind Kind) bool

MatchKind returns false if the filter can never match entities of the specified kind.

func (*Filter) MatchSource

func (f *Filter) MatchSource(source Source) bool

MatchSource returns true if the filter matches the passed source. If the filter is nil, or has SourceAll, it always matches.

func (*Filter) Source

func (f *Filter) Source() Source

Source returns the source this filter is filtering by. If the filter is nil, returns SourceAll.

type FilterBuilder

type FilterBuilder struct {
	// contains filtered or unexported fields
}

FilterBuilder is used to build a filter object for subscribers.

func NewFilterBuilder

func NewFilterBuilder() *FilterBuilder

NewFilterBuilder creates and returns a new filter builder for a given event type for subscribing to workloadmeta events.

Only events for entities with one of the added kinds and matching the associated entity filter function will be delivered.

If no kind is added, events for entities of any kind will be delivered.

Similarly, only events for entities collected from the given source will be delivered, and the entities in the events will contain data only from that source. For example, if source is SourceRuntime, then only events from the runtime will be delivered, and they will not contain any additional metadata from orchestrators or cluster orchestrators. Use SourceAll to collect data from all sources. SourceAll is the default.

Only events of the given type will be delivered. Use EventTypeAll to collect data from all the event types. EventTypeAll is the default.

func (*FilterBuilder) AddKind

func (fb *FilterBuilder) AddKind(kind Kind) *FilterBuilder

AddKind adds a specific kind to the built filter. The built filter will match any entity of the added kind.

func (*FilterBuilder) AddKindWithEntityFilter

func (fb *FilterBuilder) AddKindWithEntityFilter(kind Kind, entityFilterFunc GenericEntityFilterFunc) *FilterBuilder

AddKindWithEntityFilter adds an entity kind with an associated entity filter function. The built filter will match all entities of the added kind for which the entity filter function returns true.

func (*FilterBuilder) Build

func (fb *FilterBuilder) Build() *Filter

Build builds the filter and returns it.

func (*FilterBuilder) SetEventType

func (fb *FilterBuilder) SetEventType(eventType EventType) *FilterBuilder

SetEventType sets the event type for the filter

func (*FilterBuilder) SetSource

func (fb *FilterBuilder) SetSource(source Source) *FilterBuilder

SetSource sets the source for the filter.

type GenericEntityFilterFunc

type GenericEntityFilterFunc EntityFilterFunc[Entity]

GenericEntityFilterFunc is a filter function applicable to any object of a struct implementing the Entity interface

type HostTags

type HostTags struct {
	EntityID

	HostTags []string
}

HostTags is an Entity that represents host tags

func (HostTags) DeepCopy

func (p HostTags) DeepCopy() Entity

DeepCopy implements Entity#DeepCopy.

func (HostTags) GetID

func (p HostTags) GetID() EntityID

GetID implements Entity#GetID.

func (*HostTags) Merge

func (p *HostTags) Merge(e Entity) error

Merge implements Entity#Merge.

func (HostTags) String

func (p HostTags) String(verbose bool) string

String implements Entity#String.

type InitHelper

type InitHelper func(context.Context, Component, config.Component) error

InitHelper this should be provided as a helper to allow passing the component into the inithook for additional start-time configutation.

type Kind

type Kind string

Kind is the kind of an entity.

const (
	KindContainer              Kind = "container"
	KindKubernetesPod          Kind = "kubernetes_pod"
	KindKubernetesMetadata     Kind = "kubernetes_metadata"
	KindKubernetesDeployment   Kind = "kubernetes_deployment"
	KindECSTask                Kind = "ecs_task"
	KindContainerImageMetadata Kind = "container_image_metadata"
	KindProcess                Kind = "process"
)

Defined Kinds

type KubeMetadataEntityID

type KubeMetadataEntityID string

KubeMetadataEntityID is a unique ID for Kube Metadata Entity

type KubernetesDeployment

type KubernetesDeployment struct {
	EntityID
	EntityMeta
	Env     string
	Service string
	Version string

	// InjectableLanguages indicate containers languages that can be injected by the admission controller
	// These languages are determined by parsing the deployment annotations
	InjectableLanguages langUtil.ContainersLanguages

	// DetectedLanguages languages indicate containers languages detected and reported by the language
	// detection server.
	DetectedLanguages langUtil.ContainersLanguages
}

KubernetesDeployment is an Entity representing a Kubernetes Deployment.

func (KubernetesDeployment) DeepCopy

func (d KubernetesDeployment) DeepCopy() Entity

DeepCopy implements Entity#DeepCopy.

func (*KubernetesDeployment) GetID

func (d *KubernetesDeployment) GetID() EntityID

GetID implements Entity#GetID.

func (*KubernetesDeployment) Merge

func (d *KubernetesDeployment) Merge(e Entity) error

Merge implements Entity#Merge.

func (KubernetesDeployment) String

func (d KubernetesDeployment) String(verbose bool) string

String implements Entity#String

type KubernetesMetadata

type KubernetesMetadata struct {
	EntityID
	EntityMeta
	GVR *schema.GroupVersionResource
}

KubernetesMetadata is an Entity representing kubernetes resource metadata

func (KubernetesMetadata) DeepCopy

func (m KubernetesMetadata) DeepCopy() Entity

DeepCopy implements Entity#DeepCopy.

func (*KubernetesMetadata) GetID

func (m *KubernetesMetadata) GetID() EntityID

GetID implements Entity#GetID.

func (*KubernetesMetadata) Merge

func (m *KubernetesMetadata) Merge(e Entity) error

Merge implements Entity#Merge.

func (*KubernetesMetadata) String

func (m *KubernetesMetadata) String(verbose bool) string

String implements Entity#String

type KubernetesPod

type KubernetesPod struct {
	EntityID
	EntityMeta
	Owners                     []KubernetesPodOwner
	PersistentVolumeClaimNames []string
	InitContainers             []OrchestratorContainer
	Containers                 []OrchestratorContainer
	Ready                      bool
	Phase                      string
	IP                         string
	PriorityClass              string
	QOSClass                   string
	GPUVendorList              []string
	RuntimeClass               string
	KubeServices               []string
	NamespaceLabels            map[string]string
	NamespaceAnnotations       map[string]string
	FinishedAt                 time.Time
	SecurityContext            *PodSecurityContext
}

KubernetesPod is an Entity representing a Kubernetes Pod.

func (KubernetesPod) DeepCopy

func (p KubernetesPod) DeepCopy() Entity

DeepCopy implements Entity#DeepCopy.

func (KubernetesPod) GetAllContainers

func (p KubernetesPod) GetAllContainers() []OrchestratorContainer

GetAllContainers returns init containers and containers.

func (KubernetesPod) GetID

func (p KubernetesPod) GetID() EntityID

GetID implements Entity#GetID.

func (*KubernetesPod) Merge

func (p *KubernetesPod) Merge(e Entity) error

Merge implements Entity#Merge.

func (KubernetesPod) String

func (p KubernetesPod) String(verbose bool) string

String implements Entity#String.

type KubernetesPodOwner

type KubernetesPodOwner struct {
	Kind string
	Name string
	ID   string
}

KubernetesPodOwner is extracted from a pod's owner references.

func (KubernetesPodOwner) String

func (o KubernetesPodOwner) String(verbose bool) string

String returns a string representation of KubernetesPodOwner.

type MapTags

type MapTags map[string]string

MapTags is a map of tags

type OrchestratorContainer

type OrchestratorContainer struct {
	ID    string
	Name  string
	Image ContainerImage
}

OrchestratorContainer is a reference to a Container with orchestrator-specific data attached to it.

func (OrchestratorContainer) String

func (o OrchestratorContainer) String(_ bool) string

String returns a string representation of OrchestratorContainer.

type Params

type Params struct {
	AgentType  AgentType
	InitHelper InitHelper
}

Params provides the kind of agent we're instantiating workloadmeta for

func NewParams

func NewParams() Params

NewParams creates a Params struct with the default NodeAgent configuration

type PodSecurityContext

type PodSecurityContext struct {
	RunAsUser  int32
	RunAsGroup int32
	FsGroup    int32
}

PodSecurityContext is the Security Context of a Kubernetes pod

type Process

type Process struct {
	EntityID // EntityID.ID is the PID

	NsPid        int32
	ContainerID  string
	CreationTime time.Time
	Language     *languagemodels.Language
}

Process is an Entity that represents a process

func (Process) DeepCopy

func (p Process) DeepCopy() Entity

DeepCopy implements Entity#DeepCopy.

func (Process) GetID

func (p Process) GetID() EntityID

GetID implements Entity#GetID.

func (*Process) Merge

func (p *Process) Merge(e Entity) error

Merge implements Entity#Merge.

func (Process) String

func (p Process) String(_ bool) string

String implements Entity#String.

type SBOM

type SBOM struct {
	CycloneDXBOM       *cyclonedx.BOM
	GenerationTime     time.Time
	GenerationDuration time.Duration
	Status             SBOMStatus
	Error              string // needs to be stored as a string otherwise the merge() will favor the nil value
}

SBOM represents the Software Bill Of Materials (SBOM) of a container

type SBOMStatus

type SBOMStatus string

SBOMStatus is the status of a SBOM

const (
	// Pending is the status when the image was not scanned
	Pending SBOMStatus = "Pending"
	// Success is the status when the image was scanned
	Success SBOMStatus = "Success"
	// Failed is the status when the scan failed
	Failed SBOMStatus = "Failed"
)

type SeccompProfile

type SeccompProfile struct {
	Type             SeccompProfileType
	LocalhostProfile string
}

SeccompProfile contains fields for unmarshalling a Pod.Spec.Containers.SecurityContext.SeccompProfile

type SeccompProfileType

type SeccompProfileType string

SeccompProfileType is the type of seccomp profile used

const (
	SeccompProfileTypeUnconfined     SeccompProfileType = "Unconfined"
	SeccompProfileTypeRuntimeDefault SeccompProfileType = "RuntimeDefault"
	SeccompProfileTypeLocalhost      SeccompProfileType = "Localhost"
)

Seccomp profile types

type Source

type Source string

Source is the source name of an entity.

const (
	// SourceAll matches any source. Should not be returned by collectors,
	// as its only meant to be used in filters.
	SourceAll Source = ""

	// SourceRuntime represents entities detected by the container runtime
	// running on the node, collecting lower level information about
	// containers. `docker`, `containerd`, 'crio', `podman` and `ecs_fargate`
	// use this source.
	SourceRuntime Source = "runtime"

	// SourceTrivy represents entities detected by Trivy during the SBOM scan.
	// `crio` uses this source.
	SourceTrivy Source = "trivy"

	// SourceNodeOrchestrator represents entities detected by the node
	// agent from an orchestrator. `kubelet` and `ecs` use this.
	SourceNodeOrchestrator Source = "node_orchestrator"

	// SourceClusterOrchestrator represents entities detected by calling
	// the central component of an orchestrator, or the Datadog Cluster
	// Agent.  `kube_metadata` and `cloudfoundry` use this.
	SourceClusterOrchestrator Source = "cluster_orchestrator"

	// SourceRemoteWorkloadmeta represents entities detected by the remote
	// workloadmeta.
	SourceRemoteWorkloadmeta Source = "remote_workloadmeta"

	// SourceRemoteProcessCollector reprents processes entities detected
	// by the RemoteProcessCollector.
	SourceRemoteProcessCollector Source = "remote_process_collector"

	// SourceLanguageDetectionServer represents container languages
	// detected by node agents
	SourceLanguageDetectionServer Source = "language_detection_server"

	// SourceHost represents entities detected by the host such as host tags.
	SourceHost Source = "host"

	// SourceLocalProcessCollector reprents processes entities detected
	// by the LocalProcessCollector.
	SourceLocalProcessCollector Source = "local_process_collector"
)

Defined Sources

type SubscriberPriority

type SubscriberPriority int

SubscriberPriority is a priority for subscribers to the store. Subscribers are notified in order by their priority, with each notification blocking the next, so this allows control of which compoents are informed of changes in the store first.

const (
	// TaggerPriority is the priority for the Tagger.  The Tagger must always
	// come first.
	TaggerPriority SubscriberPriority = iota

	// ConfigProviderPriority is the priority for the AD Config Provider.
	// This should come before other subscribers so that config provided by
	// entities is available to those other subscribers.
	ConfigProviderPriority SubscriberPriority = iota

	// NormalPriority should be used by subscribers on which other components
	// do not depend.
	NormalPriority SubscriberPriority = iota
)

type WorkloadDumpResponse

type WorkloadDumpResponse struct {
	Entities map[string]WorkloadEntity `json:"entities"`
}

WorkloadDumpResponse is used to dump the store content.

func (WorkloadDumpResponse) Write

func (wdr WorkloadDumpResponse) Write(writer io.Writer)

Write writes the stores content in a given writer. Useful for agent's CLI and Flare.

type WorkloadEntity

type WorkloadEntity struct {
	Infos map[string]string `json:"infos"`
}

WorkloadEntity contains entity data.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL