observer

package
v0.8.12 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Feb 21, 2023 License: Apache-2.0 Imports: 56 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source
var (

	/* SensorManager handles dynamic sensors loading / unloading. */
	SensorManager *sensors.Manager
)

Functions

func AllListeners

func AllListeners(msg notify.Message)

func DataAdd

func DataAdd(id dataapi.DataEventId, msgData []byte) error

func DataGet

func DataGet(id dataapi.DataEventId) ([]byte, error)

func DataPurge

func DataPurge()

func DockerRun

func DockerRun(t *testing.T, args ...string) (containerId string)

dockerRun starts a new docker container in the background. The container will be killed and removed on test cleanup. It returns the containerId on success, or an error if spawning the container failed.

func ExecWGCurl

func ExecWGCurl(readyWG *sync.WaitGroup, retries uint, args ...string) error

func GetDefaultSensorsWithFile

func GetDefaultSensorsWithFile(t *testing.T, ctx context.Context, file, lib string) ([]*sensors.Sensor, error)

func GetMyPid

func GetMyPid() uint32

func InitDataCache

func InitDataCache(size int) error

func LoopEvents

func LoopEvents(ctx context.Context, t *testing.T, doneWG, readyWG *sync.WaitGroup, obs *Observer)

func RegisterEventHandlerAtInit

func RegisterEventHandlerAtInit(ev uint8, handler func(r *bytes.Reader) ([]Event, error))

func RemovePrograms

func RemovePrograms(bpfDir, mapDir string)

func WaitForProcess

func WaitForProcess(process string) error

Used to wait for a process to start, we do a lookup on PROCFS because this may be called before obs is created.

func WriteConfigFile

func WriteConfigFile(fileName, config string) error

Types

type Channel

type Channel struct {
	// contains filtered or unexported fields
}

Channel is a Listener that gob encodes events and sends them to a network connection.

func NewChannel

func NewChannel(conn net.Conn) *Channel

NewChannel initializes Channel.

func (Channel) Close

func (o Channel) Close() error

Close implements Listener.Notify.

func (Channel) Notify

func (o Channel) Notify(msg interface{}) error

Notify implements Listener.Notify.

type Event

type Event notify.Message

func HandleData

func HandleData(r *bytes.Reader) ([]Event, error)

func HandlePerfData

func HandlePerfData(data []byte) (byte, []Event, error)

HandlePerfData returns the events from raw bytes NB: It is made public so that it can be used in testing.

type Listener

type Listener interface {
	// Notify gets called for each events from ObserverKprobe.
	Notify(msg notify.Message) error

	// Close the listener.
	io.Closer
}

Listener defines the interface to receive events from Observer. Listeners will merge and complete out-of-order events before they're passed to human-readable sinks such as the printer or GRPC encoder.

type Observer

type Observer struct {
	// contains filtered or unexported fields
}

Observer represents the link between the BPF perf ring and the listeners. It manages the perf ring and receive events from it. It ensures that the BPF event we are receiving from the kernel is complete. The listeners are notified of their corresponding events.

func GetDefaultObserver

func GetDefaultObserver(t *testing.T, ctx context.Context, lib string) (*Observer, error)

func GetDefaultObserverWithBase

func GetDefaultObserverWithBase(t *testing.T, ctx context.Context, b *sensors.Sensor, file, lib string) (*Observer, error)

func GetDefaultObserverWithFile

func GetDefaultObserverWithFile(t *testing.T, ctx context.Context, file, lib string) (*Observer, error)

func GetDefaultObserverWithFileNoTest

func GetDefaultObserverWithFileNoTest(t *testing.T, ctx context.Context, file, lib string, fail bool) (*Observer, error)

func GetDefaultObserverWithLib

func GetDefaultObserverWithLib(t *testing.T, ctx context.Context, config, lib string) (*Observer, error)

func GetDefaultObserverWithWatchers

func GetDefaultObserverWithWatchers(t *testing.T, ctx context.Context, base *sensors.Sensor, opts ...TestOption) (*Observer, error)

func NewObserver

func NewObserver(configFile string) *Observer

func (*Observer) AddListener

func (k *Observer) AddListener(listener Listener)

func (*Observer) InitSensorManager

func (k *Observer) InitSensorManager() error

InitSensorManager starts the sensor controller and stt manager.

func (*Observer) LogPinnedBpf

func (k *Observer) LogPinnedBpf(observerDir string)

Log Active pinned BPF resources

func (*Observer) PrintStats

func (k *Observer) PrintStats()

func (*Observer) ReadErrorEvents

func (k *Observer) ReadErrorEvents() uint64

func (*Observer) ReadLostEvents

func (k *Observer) ReadLostEvents() uint64

func (*Observer) ReadReceivedEvents

func (k *Observer) ReadReceivedEvents() uint64

func (*Observer) Remove

func (k *Observer) Remove()

func (*Observer) RemoveListener

func (k *Observer) RemoveListener(listener Listener)

func (*Observer) RemovePrograms

func (k *Observer) RemovePrograms()

func (*Observer) Start

func (k *Observer) Start(ctx context.Context) error

Start starts the observer

func (*Observer) UpdateRuntimeConf

func (k *Observer) UpdateRuntimeConf(mapDir string) error

UpdateRuntimeConf() Gathers information about Tetragon runtime environment and updates BPF map TetragonConfMap

The observer needs to do this to discover and properly operate on the right cgroup context. Use this function in your tests to allow Pod and Containers association to work.

The environment and cgroup configuration discovery may fail for several reasons, in such cases errors will be logged. On errors we also print a warning that advanced Cgroups tracking will be disabled which might affect process association with kubernetes pods and containers.

type TestOption

type TestOption func(*TestOptions)

func WithConfig

func WithConfig(config string) TestOption

func WithLib

func WithLib(lib string) TestOption

type TestOptions

type TestOptions struct {
	// contains filtered or unexported fields
}

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL