Documentation
¶
Index ¶
- func ConvertFilterPortsToInstr(intPort int32, rangePorts string) intstr.IntOrString
- func LoadBpf() (*ebpf.CollectionSpec, error)
- func LoadBpfObjects(obj interface{}, opts *ebpf.CollectionOptions) error
- type BpfDirectionT
- type BpfDnsFlowId
- type BpfDnsRecordT
- type BpfFilterActionT
- type BpfFilterKeyT
- type BpfFilterValueT
- type BpfFlowId
- type BpfFlowIdT
- type BpfFlowMetrics
- type BpfFlowMetricsT
- type BpfFlowRecordT
- type BpfGlobalCountersKeyT
- type BpfMapSpecs
- type BpfMaps
- type BpfObjects
- type BpfPktDropsT
- type BpfProgramSpecs
- type BpfPrograms
- type BpfSpecs
- type FlowFetcher
- func (m *FlowFetcher) AttachTCX(iface ifaces.Interface) error
- func (m *FlowFetcher) Close() error
- func (m *FlowFetcher) DeleteMapsStaleEntries(timeOut time.Duration)
- func (m *FlowFetcher) LookupAndDeleteMap(met *metrics.Metrics) map[BpfFlowId][]BpfFlowMetrics
- func (m *FlowFetcher) ReadGlobalCounter(met *metrics.Metrics)
- func (m *FlowFetcher) ReadRingBuf() (ringbuf.Record, error)
- func (m *FlowFetcher) Register(iface ifaces.Interface) error
- type FlowFetcherConfig
- type FlowFilter
- type FlowFilterConfig
- type PacketFetcher
- func (p *PacketFetcher) AttachTCX(iface ifaces.Interface) error
- func (p *PacketFetcher) Close() error
- func (p *PacketFetcher) LookupAndDeleteMap(met *metrics.Metrics) map[int][]*byte
- func (p *PacketFetcher) ReadPerf() (perf.Record, error)
- func (p *PacketFetcher) Register(iface ifaces.Interface) error
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func ConvertFilterPortsToInstr ¶
func ConvertFilterPortsToInstr(intPort int32, rangePorts string) intstr.IntOrString
func LoadBpf ¶ added in v0.3.0
func LoadBpf() (*ebpf.CollectionSpec, error)
LoadBpf returns the embedded CollectionSpec for Bpf.
func LoadBpfObjects ¶ added in v0.3.0
func LoadBpfObjects(obj interface{}, opts *ebpf.CollectionOptions) error
LoadBpfObjects loads Bpf and converts it into a struct.
The following types are suitable as obj argument:
*BpfObjects *BpfPrograms *BpfMaps
See ebpf.CollectionSpec.LoadAndAssign documentation for details.
Types ¶
type BpfDirectionT ¶
type BpfDirectionT uint32
const ( BpfDirectionTINGRESS BpfDirectionT = 0 BpfDirectionTEGRESS BpfDirectionT = 1 BpfDirectionTMAX_DIRECTION BpfDirectionT = 2 )
type BpfDnsFlowId ¶ added in v0.3.2
type BpfDnsRecordT ¶ added in v0.3.2
type BpfFilterActionT ¶
type BpfFilterActionT uint32
const ( BpfFilterActionTACCEPT BpfFilterActionT = 0 BpfFilterActionTREJECT BpfFilterActionT = 1 BpfFilterActionTMAX_FILTER_ACTIONS BpfFilterActionT = 2 )
type BpfFilterKeyT ¶
type BpfFilterValueT ¶
type BpfFlowId ¶ added in v0.3.0
type BpfFlowId BpfFlowIdT
type BpfFlowIdT ¶ added in v0.3.0
type BpfFlowMetrics ¶ added in v0.3.0
type BpfFlowMetrics BpfFlowMetricsT
type BpfFlowMetricsT ¶ added in v0.3.0
type BpfFlowMetricsT struct {
Packets uint32
Bytes uint64
StartMonoTimeTs uint64
EndMonoTimeTs uint64
Flags uint16
Errno uint8
Dscp uint8
PktDrops BpfPktDropsT
DnsRecord BpfDnsRecordT
FlowRtt uint64
}
type BpfFlowRecordT ¶ added in v0.3.0
type BpfFlowRecordT struct {
Id BpfFlowId
Metrics BpfFlowMetrics
}
type BpfGlobalCountersKeyT ¶
type BpfGlobalCountersKeyT uint32
const ( BpfGlobalCountersKeyTHASHMAP_FLOWS_DROPPED_KEY BpfGlobalCountersKeyT = 0 BpfGlobalCountersKeyTFILTER_FLOWS_REJECT_KEY BpfGlobalCountersKeyT = 1 BpfGlobalCountersKeyTFILTER_FLOWS_ACCEPT_KEY BpfGlobalCountersKeyT = 2 BpfGlobalCountersKeyTFILTER_FLOWS_NOMATCH_KEY BpfGlobalCountersKeyT = 3 BpfGlobalCountersKeyTMAX_DROPPED_FLOWS_KEY BpfGlobalCountersKeyT = 4 )
type BpfMapSpecs ¶ added in v0.3.0
type BpfMapSpecs struct {
AggregatedFlows *ebpf.MapSpec `ebpf:"aggregated_flows"`
DirectFlows *ebpf.MapSpec `ebpf:"direct_flows"`
DnsFlows *ebpf.MapSpec `ebpf:"dns_flows"`
FilterMap *ebpf.MapSpec `ebpf:"filter_map"`
GlobalCounters *ebpf.MapSpec `ebpf:"global_counters"`
PacketRecord *ebpf.MapSpec `ebpf:"packet_record"`
}
BpfMapSpecs contains maps before they are loaded into the kernel.
It can be passed ebpf.CollectionSpec.Assign.
type BpfMaps ¶ added in v0.3.0
type BpfMaps struct {
AggregatedFlows *ebpf.Map `ebpf:"aggregated_flows"`
DirectFlows *ebpf.Map `ebpf:"direct_flows"`
DnsFlows *ebpf.Map `ebpf:"dns_flows"`
FilterMap *ebpf.Map `ebpf:"filter_map"`
GlobalCounters *ebpf.Map `ebpf:"global_counters"`
PacketRecord *ebpf.Map `ebpf:"packet_record"`
}
BpfMaps contains all maps after they have been loaded into the kernel.
It can be passed to LoadBpfObjects or ebpf.CollectionSpec.LoadAndAssign.
type BpfObjects ¶ added in v0.3.0
type BpfObjects struct {
BpfPrograms
BpfMaps
}
BpfObjects contains all objects after they have been loaded into the kernel.
It can be passed to LoadBpfObjects or ebpf.CollectionSpec.LoadAndAssign.
func (*BpfObjects) Close ¶ added in v0.3.0
func (o *BpfObjects) Close() error
type BpfPktDropsT ¶ added in v0.3.2
type BpfProgramSpecs ¶ added in v0.3.0
type BpfProgramSpecs struct {
KfreeSkb *ebpf.ProgramSpec `ebpf:"kfree_skb"`
TcEgressFlowParse *ebpf.ProgramSpec `ebpf:"tc_egress_flow_parse"`
TcEgressPcaParse *ebpf.ProgramSpec `ebpf:"tc_egress_pca_parse"`
TcIngressFlowParse *ebpf.ProgramSpec `ebpf:"tc_ingress_flow_parse"`
TcIngressPcaParse *ebpf.ProgramSpec `ebpf:"tc_ingress_pca_parse"`
TcpRcvFentry *ebpf.ProgramSpec `ebpf:"tcp_rcv_fentry"`
TcpRcvKprobe *ebpf.ProgramSpec `ebpf:"tcp_rcv_kprobe"`
TcxEgressFlowParse *ebpf.ProgramSpec `ebpf:"tcx_egress_flow_parse"`
TcxEgressPcaParse *ebpf.ProgramSpec `ebpf:"tcx_egress_pca_parse"`
TcxIngressFlowParse *ebpf.ProgramSpec `ebpf:"tcx_ingress_flow_parse"`
TcxIngressPcaParse *ebpf.ProgramSpec `ebpf:"tcx_ingress_pca_parse"`
}
BpfSpecs contains programs before they are loaded into the kernel.
It can be passed ebpf.CollectionSpec.Assign.
type BpfPrograms ¶ added in v0.3.0
type BpfPrograms struct {
KfreeSkb *ebpf.Program `ebpf:"kfree_skb"`
TcEgressFlowParse *ebpf.Program `ebpf:"tc_egress_flow_parse"`
TcEgressPcaParse *ebpf.Program `ebpf:"tc_egress_pca_parse"`
TcIngressFlowParse *ebpf.Program `ebpf:"tc_ingress_flow_parse"`
TcIngressPcaParse *ebpf.Program `ebpf:"tc_ingress_pca_parse"`
TcpRcvFentry *ebpf.Program `ebpf:"tcp_rcv_fentry"`
TcpRcvKprobe *ebpf.Program `ebpf:"tcp_rcv_kprobe"`
TcxEgressFlowParse *ebpf.Program `ebpf:"tcx_egress_flow_parse"`
TcxEgressPcaParse *ebpf.Program `ebpf:"tcx_egress_pca_parse"`
TcxIngressFlowParse *ebpf.Program `ebpf:"tcx_ingress_flow_parse"`
TcxIngressPcaParse *ebpf.Program `ebpf:"tcx_ingress_pca_parse"`
}
BpfPrograms contains all programs after they have been loaded into the kernel.
It can be passed to LoadBpfObjects or ebpf.CollectionSpec.LoadAndAssign.
func (*BpfPrograms) Close ¶ added in v0.3.0
func (p *BpfPrograms) Close() error
type BpfSpecs ¶ added in v0.3.0
type BpfSpecs struct {
BpfProgramSpecs
BpfMapSpecs
}
BpfSpecs contains maps and programs before they are loaded into the kernel.
It can be passed ebpf.CollectionSpec.Assign.
type FlowFetcher ¶ added in v0.2.1
type FlowFetcher struct {
// contains filtered or unexported fields
}
FlowFetcher reads and forwards the Flows from the Traffic Control hooks in the eBPF kernel space. It provides access both to flows that are aggregated in the kernel space (via PerfCPU hashmap) and to flows that are forwarded by the kernel via ringbuffer because could not be aggregated in the map
func NewFlowFetcher ¶ added in v0.2.1
func NewFlowFetcher(cfg *FlowFetcherConfig) (*FlowFetcher, error)
func (*FlowFetcher) Close ¶ added in v0.2.1
func (m *FlowFetcher) Close() error
Close the eBPF fetcher from the system. We don't need a "Close(iface)" method because the filters and qdiscs are automatically removed when the interface is down nolint:cyclop
func (*FlowFetcher) DeleteMapsStaleEntries ¶ added in v0.3.2
func (m *FlowFetcher) DeleteMapsStaleEntries(timeOut time.Duration)
DeleteMapsStaleEntries Look for any stale entries in the features maps and delete them
func (*FlowFetcher) LookupAndDeleteMap ¶ added in v0.2.1
func (m *FlowFetcher) LookupAndDeleteMap(met *metrics.Metrics) map[BpfFlowId][]BpfFlowMetrics
LookupAndDeleteMap reads all the entries from the eBPF map and removes them from it. TODO: detect whether BatchLookupAndDelete is supported (Kernel>=5.6) and use it selectively Supported Lookup/Delete operations by kernel: https://github.com/iovisor/bcc/blob/master/docs/kernel-versions.md
func (*FlowFetcher) ReadGlobalCounter ¶
func (m *FlowFetcher) ReadGlobalCounter(met *metrics.Metrics)
ReadGlobalCounter reads the global counter and updates drop flows counter metrics
func (*FlowFetcher) ReadRingBuf ¶ added in v0.2.1
func (m *FlowFetcher) ReadRingBuf() (ringbuf.Record, error)
type FlowFetcherConfig ¶ added in v0.3.2
type FlowFilter ¶
type FlowFilter struct {
// contains filtered or unexported fields
}
func NewFlowFilter ¶
func NewFlowFilter(objects *BpfObjects, cfg *FlowFilterConfig) *FlowFilter
func (*FlowFilter) ProgramFlowFilter ¶
func (f *FlowFilter) ProgramFlowFilter() error
type FlowFilterConfig ¶
type FlowFilterConfig struct {
FlowFilterDirection string
FlowFilterIPCIDR string
FlowFilterProtocol string
FlowFilterSourcePort intstr.IntOrString
FlowFilterDestinationPort intstr.IntOrString
FlowFilterPort intstr.IntOrString
FlowFilterIcmpType int
FlowFilterIcmpCode int
FlowFilterPeerIP string
FlowFilterAction string
}
type PacketFetcher ¶ added in v0.3.3
type PacketFetcher struct {
// contains filtered or unexported fields
}
It provides access to packets from the kernel space (via PerfCPU hashmap)
func NewPacketFetcher ¶ added in v0.3.3
func NewPacketFetcher( cacheMaxSize int, pcaFilters string, ingress, egress bool, ) (*PacketFetcher, error)
func (*PacketFetcher) Close ¶ added in v0.3.3
func (p *PacketFetcher) Close() error
Close the eBPF fetcher from the system. We don't need an "Close(iface)" method because the filters and qdiscs are automatically removed when the interface is down
func (*PacketFetcher) LookupAndDeleteMap ¶ added in v0.3.3
func (p *PacketFetcher) LookupAndDeleteMap(met *metrics.Metrics) map[int][]*byte
Source Files