stats

package

v1.18.0-pre.0 Latest Latest Go to latest Published: Mar 3, 2025 License: Apache-2.0 Imports: 25 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/cilium/cilium

Documentation ¶

Index ¶

Constants
Variables
type Config
- func (def Config) Flags(flags *pflag.FlagSet)
type Metrics
type NatMapStats
type SNATTuple4
type SNATTuple6
type SNATTupleAccessor
type Stats
- func (s *Stats) Observable4() stream.Observable[TupleCountIterator]
- func (s *Stats) Observable6() stream.Observable[TupleCountIterator]
type TupleCountIterator

Constants ¶

View Source

const (
	TableName = "nat-stats"
)

Variables ¶

View Source

var Cell = cell.Module(
	"nat-stats",
	"Aggregates stats for NAT maps",
	metrics.Metric(newMetrics),
	cell.ProvidePrivate(newTables),
	cell.Provide(
		func(m Metrics) natMetrics {
			return m
		},
		newStats,
		statedb.RWTable[NatMapStats].ToTable,
	),
	cell.Config(Config{

		NATMapStatInterval: 30 * time.Second,

		NatMapStatKStoredEntries: 32,
	}),
	cell.Invoke(func(_ *Stats) {}),
)

Cell exports a module providing functionality for computing NAT map stats. This uses provided pkg/maps/nat.(Cell) maps to efficiently walk the nat map and compute the top-k most used connection tuples. In this context, a "connection tuple" refers to the 4-tuple:

{port, egressIP, remoteEndpointIP, remoteEndpointPort}

Which defines a distinct set of translated connections for which the source IP is the egress IP, who all share the same endpoint address. Egress source ports are allocated by the datapath and, in some cases, can be prone to exhaustion or allocation failures if the connection tuple already has many connections to the same endpoint.

The nat-stats module exposes this data as both prometheus metrics and via a exported statedb.Table[NatMapStats] for other modules to consume.

View Source

var (
	Index = statedb.Index[NatMapStats, string]{
		Name: "byTuple",
		FromObject: func(s NatMapStats) index.KeySet {
			return index.NewKeySet(s.Key())
		},
		FromKey:    index.String,
		FromString: index.FromString,
		Unique:     true,
	}
)

Functions ¶

This section is empty.

Types ¶

type Config ¶

type Config struct {
	NATMapStatInterval       time.Duration `mapstructure:"nat-map-stats-interval"`
	NatMapStatKStoredEntries int           `mapstructure:"nat-map-stats-entries"`
}

func (Config) Flags ¶

func (def Config) Flags(flags *pflag.FlagSet)

type Metrics ¶

type Metrics struct {
	LocalPorts metric.Vec[metric.Gauge]
}

type NatMapStats ¶

type NatMapStats struct {
	Type       string
	EgressIP   string
	EndpointIP string
	RemotePort uint16
	Proto      string
	Count      int
}

NatMapStats is a nat-map table entry key/value. This contains a count of connection 3-tuple utilization.

func (NatMapStats) Key ¶

func (s NatMapStats) Key() index.Key

func (NatMapStats) TableHeader ¶

func (NatMapStats) TableHeader() []string

func (NatMapStats) TableRow ¶

func (s NatMapStats) TableRow() []string

type SNATTuple4 ¶ added in v1.17.0

type SNATTuple4 tuple.TupleKey4

func (SNATTuple4) GetEgressAddr ¶ added in v1.17.0

func (t SNATTuple4) GetEgressAddr() (netip.Addr, uint16)

func (SNATTuple4) GetEndpointAddr ¶ added in v1.17.0

func (t SNATTuple4) GetEndpointAddr() (netip.Addr, uint16)

func (SNATTuple4) GetProto ¶ added in v1.17.0

func (t SNATTuple4) GetProto() u8proto.U8proto

type SNATTuple6 ¶ added in v1.17.0

type SNATTuple6 tuple.TupleKey6

func (SNATTuple6) GetEgressAddr ¶ added in v1.17.0

func (t SNATTuple6) GetEgressAddr() (netip.Addr, uint16)

func (SNATTuple6) GetEndpointAddr ¶ added in v1.17.0

func (t SNATTuple6) GetEndpointAddr() (netip.Addr, uint16)

func (SNATTuple6) GetProto ¶ added in v1.17.0

func (t SNATTuple6) GetProto() u8proto.U8proto

type SNATTupleAccessor ¶ added in v1.17.0

type SNATTupleAccessor interface {
	GetEgressAddr() (netip.Addr, uint16)
	GetEndpointAddr() (netip.Addr, uint16)
	GetProto() u8proto.U8proto
}

snatTupleAccessor is an interface for safely accessing elements of the SNAT tuple. Instead of passing the tuple directly, we use the snatTupleAccessor interface which provide opaque access to SNAT specific data such as egress-ip and endpoint-ip.

This provides dual benefits of abstracting away concerns regarding snat tuple direction, as well as ensuring data integrity by only providing a opaque accessor to external observers.

type Stats ¶

type Stats struct {
	// contains filtered or unexported fields
}

Stats provides a implementation of performing nat map stats counting.

func (*Stats) Observable4 ¶ added in v1.17.0

func (s *Stats) Observable4() stream.Observable[TupleCountIterator]

Observable4 returns the state iteration observable for ipv4 nat.

func (*Stats) Observable6 ¶ added in v1.17.0

func (s *Stats) Observable6() stream.Observable[TupleCountIterator]

Observable6 returns the state iteration observable for ipv6 nat.

type TupleCountIterator ¶ added in v1.17.0

type TupleCountIterator iter.Seq2[SNATTupleAccessor, uint16]

TupleCountIterator is a k/v iterator type that allows for opaquely accessing a set of snat tuple source port counts. This is used by the exported Observable{4,6} streams to allow for external consumers to iterate over the current set of nat map stats following a countNat operation.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL