Documentation ¶
Index ¶
- Constants
- Variables
- func FindNamespace(pid int32) (uint32, error)
- func FindNamespacedPids(pid int32) ([]uint32, error)
- func ForwardRingbuf(cfg *TracerConfig, ringbuffer *ebpf.Map, filter ServiceFilter, ...) func(context.Context, chan<- []request.Span)
- func HTTPRequestTraceToSpan(trace *HTTPRequestTrace) request.Span
- func KernelVersion() (major, minor int)
- func ReadHTTPInfoIntoSpan(record *ringbuf.Record) (request.Span, bool, error)
- func ReadHTTPRequestTraceAsSpan(record *ringbuf.Record) (request.Span, bool, error)
- func ReadSQLRequestTraceAsSpan(record *ringbuf.Record) (request.Span, bool, error)
- func SQLRequestTraceToSpan(trace *SQLRequestTrace) request.Span
- func SharedRingbuf(cfg *TracerConfig, filter ServiceFilter, ringbuffer *ebpf.Map, ...) func(context.Context, chan<- []request.Span)
- func SupportsContextPropagation(log *slog.Logger) bool
- func SupportsEBPFLoops() bool
- type BPFConnInfo
- type BPFHTTPInfo
- type Filter
- type FunctionPrograms
- type HTTPInfo
- type HTTPRequestTrace
- type IdentityPidsFilter
- type KernelLockdown
- type PIDInfo
- type PIDType
- type PIDsFilter
- type Probe
- type SQLRequestTrace
- type ServiceFilter
- type TracerConfig
Constants ¶
const EventTypeKHTTP = 6 // HTTP Events generated by kprobes
const EventTypeSQL = 5 // EVENT_SQL_CLIENT
Variables ¶
var ActiveNamespaces = make(map[uint32]uint32)
var IntegrityModeOverride = false
Functions ¶
func FindNamespace ¶ added in v0.4.0
func FindNamespacedPids ¶ added in v0.4.0
func ForwardRingbuf ¶
func HTTPRequestTraceToSpan ¶ added in v0.0.5
func HTTPRequestTraceToSpan(trace *HTTPRequestTrace) request.Span
func KernelVersion ¶ added in v1.2.0
func KernelVersion() (major, minor int)
Copied from https://github.com/golang/go/blob/go1.21.3/src/internal/syscall/unix/kernel_version_linux.go
func ReadHTTPInfoIntoSpan ¶ added in v1.3.0
func ReadHTTPRequestTraceAsSpan ¶ added in v0.0.5
func ReadSQLRequestTraceAsSpan ¶ added in v1.0.0
func SQLRequestTraceToSpan ¶ added in v1.0.0
func SQLRequestTraceToSpan(trace *SQLRequestTrace) request.Span
func SharedRingbuf ¶ added in v1.3.0
func SharedRingbuf( cfg *TracerConfig, filter ServiceFilter, ringbuffer *ebpf.Map, metrics imetrics.Reporter, closers ...io.Closer, ) func(context.Context, chan<- []request.Span)
ForwardRingbuf returns a function reads HTTPRequestTraces from an input ring buffer, accumulates them into an internal buffer, and forwards them to an output events channel, previously converted to request.Span instances.
func SupportsContextPropagation ¶ added in v1.2.0
func SupportsEBPFLoops ¶ added in v1.2.0
func SupportsEBPFLoops() bool
Types ¶
type BPFConnInfo ¶ added in v1.3.0
type BPFConnInfo bpfConnectionInfoT
type BPFHTTPInfo ¶ added in v1.3.0
type BPFHTTPInfo bpfHttpInfoT
type FunctionPrograms ¶
type HTTPRequestTrace ¶
type HTTPRequestTrace bpfHttpRequestTrace
HTTPRequestTrace contains information from an HTTP request as directly received from the eBPF layer. This contains low-level C structures for accurate binary read from ring buffer.
type IdentityPidsFilter ¶ added in v0.3.2
type IdentityPidsFilter struct{}
IdentityPidsFilter is a PIDsFilter that does not filter anything. It is feasible for system-wide instrumenation
func (*IdentityPidsFilter) AllowPID ¶ added in v0.3.2
func (pf *IdentityPidsFilter) AllowPID(_ uint32, _ svc.ID, _ PIDType)
func (*IdentityPidsFilter) BlockPID ¶ added in v0.3.2
func (pf *IdentityPidsFilter) BlockPID(_ uint32)
func (*IdentityPidsFilter) CurrentPIDs ¶ added in v0.3.2
type KernelLockdown ¶ added in v1.1.0
type KernelLockdown uint8
const ( KernelLockdownNone KernelLockdown = iota + 1 KernelLockdownIntegrity KernelLockdownConfidentiality KernelLockdownOther )
func KernelLockdownMode ¶ added in v1.1.0
func KernelLockdownMode() KernelLockdown
type PIDsFilter ¶ added in v0.3.2
type PIDsFilter struct {
// contains filtered or unexported fields
}
PIDsFilter keeps a thread-safe copy of the PIDs whose traces are allowed to be forwarded. Its Filter method filters the request.Span instances whose PIDs are not in the allowed list.
func NewPIDsFilter ¶ added in v0.3.2
func NewPIDsFilter(log *slog.Logger) *PIDsFilter
func (*PIDsFilter) AllowPID ¶ added in v0.3.2
func (pf *PIDsFilter) AllowPID(pid uint32, svc svc.ID, pidType PIDType)
func (*PIDsFilter) BlockPID ¶ added in v0.3.2
func (pf *PIDsFilter) BlockPID(pid uint32)
func (*PIDsFilter) CurrentPIDs ¶ added in v0.3.2
type Probe ¶
type Probe struct { Offsets goexec.FuncOffsets Programs FunctionPrograms }
Probe holds the information of the instrumentation points of a given function: its start and end offsets and eBPF programs
type SQLRequestTrace ¶ added in v1.0.0
type SQLRequestTrace bpfSqlRequestTrace
type ServiceFilter ¶ added in v1.3.0
type ServiceFilter interface { AllowPID(uint32, svc.ID, PIDType) BlockPID(uint32) Filter(inputSpans []request.Span) []request.Span CurrentPIDs(PIDType) map[uint32]map[uint32]svc.ID }
func CommonPIDsFilter ¶ added in v1.1.0
func CommonPIDsFilter(systemWide bool) ServiceFilter
type TracerConfig ¶
type TracerConfig struct { BpfDebug bool `yaml:"bfp_debug" env:"BEYLA_BPF_DEBUG"` // WakeupLen specifies how many messages need to be accumulated in the eBPF ringbuffer // before sending a wakeup request. // High values of WakeupLen could add a noticeable metric delay in services with low // requests/second. // TODO: see if there is a way to force eBPF to wakeup userspace on timeout WakeupLen int `yaml:"wakeup_len" env:"BEYLA_BPF_WAKEUP_LEN"` // BatchLength allows specifying how many traces will be batched at the initial // stage before being forwarded to the next stage BatchLength int `yaml:"batch_length" env:"BEYLA_BPF_BATCH_LENGTH"` // BatchTimeout specifies the timeout to forward the data batch if it didn't // reach the BatchLength size BatchTimeout time.Duration `yaml:"batch_timeout" env:"BEYLA_BPF_BATCH_TIMEOUT"` // BpfBaseDir specifies the base directory where the BPF pinned maps will be mounted. // By default, it will be /var/run/beyla BpfBaseDir string `yaml:"bpf_fs_base_dir" env:"BEYLA_BPF_FS_BASE_DIR"` // If enabled, the kprobes based HTTP request tracking will start tracking the request // headers to process any 'Traceparent' fields. TrackRequestHeaders bool `yaml:"track_request_headers" env:"BEYLA_BPF_TRACK_REQUEST_HEADERS"` }
TracerConfig configuration for eBPF programs