ebpf

package module
v0.0.0-...-edb81cd Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jul 9, 2024 License: Apache-2.0 Imports: 28 Imported by: 1

README

KPNG EBPF Backend Implementation

OS pre-requisites

  • Linux Kernel > 5.15 (hasn't be tested on earlier versions)
  • llvm and clang :
    • Fedora sudo dnf -y install llvm clang
    • Ubuntu sudo apt-get -y install llvm clang gcc-multilib
  • libbpf -> v0.8.0 is Automatically downloaded with make bytecode target
  • cilium/ebpf requirements
  • Bpf2go
    • go install github.com/cilium/ebpf/cmd/bpf2go@master

Intro

NOTE: This KPNG ebpf based backend is currently a POC and is limited in functionality exclusively to proxying internal ClusterIP based TCP + UDP services. Functionality will be expanded moving forward to include support for the remainder of the defined service features.

Manually download libbpf headers and compile bytecode

This will automatically use cilium/ebpf to compile the go program into bytecode using clang, and build go bindings

cd /backends/ebpf && make bytecode

Start a local kpng ebpf backend kind cluster

Starting a local KIND cluster with the ebpf backend will automatically install bpf2go if needed, and recompile the BPF program.

./hack/test_e2e.sh -i ipv4 -b ebpf -d

Testing Local Changes quickly

  1. docker build -t kpng:test -f Dockerfile . NOTE: If any changes was made to the c source code go generate must be manually run prior to image building.

  2. kind load docker-image kpng:test --name=kpng-e2e-ipv4-ebpf

  3. kubectl delete pods -n kube-system -l app=kpng

See ebpf program logs

kubectl logs -f <KPNG_POD_NAME> -n kube-system -c kpng-ebpf-tools cat /tracing/trace_pipe

Licensing

The user space components of this example are licensed under the Apache License, Version 2.0 as is the rest of the code defined in KPNG.

The bpf code template (defined in cgroup_connect3.c) was adapted from the bpf templates defined in the Cilium Project and continues to use the same licenses defined there, i.e the 2-Clause BSD License and General Public License, Version 2.0 (only)

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func GetClusterIPByFamily 

func GetClusterIPByFamily(ipFamily v1.IPFamily, service *localv1.Service) string

GetClusterIPByFamily returns a service clusterip by family

func NewEBPFController 

func NewEBPFController(objs bpfObjects, bpfProgLink cebpflink.Link, ipFamily v1.IPFamily) ebpfController

func RequestsOnlyLocalTraffic 

func RequestsOnlyLocalTraffic(service *localv1.Service) bool

RequestsOnlyLocalTraffic checks if service requests OnlyLocal traffic.

Types

type BaseServiceInfo 

type BaseServiceInfo struct {
	// contains filtered or unexported fields
}

BaseServiceInfo contains base information that defines a service. This could be used directly by proxier while processing services, or can be used for constructing a more specific ServiceInfo struct defined by the proxier if needed.

func (*BaseServiceInfo) ClusterIP 

func (info *BaseServiceInfo) ClusterIP() net.IP

ClusterIP is part of ServicePort interface.

func (*BaseServiceInfo) ExternalIPStrings 

func (info *BaseServiceInfo) ExternalIPStrings() []string

ExternalIPStrings is part of ServicePort interface.

func (*BaseServiceInfo) HealthCheckNodePort 

func (info *BaseServiceInfo) HealthCheckNodePort() int

HealthCheckNodePort is part of ServicePort interface.

func (*BaseServiceInfo) HintsAnnotation 

func (info *BaseServiceInfo) HintsAnnotation() string

HintsAnnotation is part of ServicePort interface.

func (*BaseServiceInfo) InternalTrafficPolicy 

func (info *BaseServiceInfo) InternalTrafficPolicy() *v1.ServiceInternalTrafficPolicyType

InternalTrafficPolicy is part of ServicePort interface

func (*BaseServiceInfo) LoadBalancerIPStrings 

func (info *BaseServiceInfo) LoadBalancerIPStrings() []string

LoadBalancerIPStrings is part of ServicePort interface.

func (*BaseServiceInfo) LoadBalancerSourceRanges 

func (info *BaseServiceInfo) LoadBalancerSourceRanges() []string

LoadBalancerSourceRanges is part of ServicePort interface

func (*BaseServiceInfo) NodeLocalExternal 

func (info *BaseServiceInfo) NodeLocalExternal() bool

NodeLocalExternal is part of ServicePort interface.

func (*BaseServiceInfo) NodeLocalInternal 

func (info *BaseServiceInfo) NodeLocalInternal() bool

NodeLocalInternal is part of ServicePort interface

func (*BaseServiceInfo) NodePort 

func (info *BaseServiceInfo) NodePort() int

NodePort is part of the ServicePort interface.

func (*BaseServiceInfo) Port 

func (info *BaseServiceInfo) Port() int

Port is part of ServicePort interface.

func (*BaseServiceInfo) PortName 

func (info *BaseServiceInfo) PortName() string

PortName is part of ServicePort interface.

func (*BaseServiceInfo) Protocol 

func (info *BaseServiceInfo) Protocol() localv1.Protocol

Protocol is part of ServicePort interface.

func (*BaseServiceInfo) SessionAffinity 

func (info *BaseServiceInfo) SessionAffinity() SessionAffinity

SessionAffinity is part of the ServicePort interface.

func (*BaseServiceInfo) String 

func (info *BaseServiceInfo) String() string

String is part of ServicePort interface.

func (*BaseServiceInfo) TargetPort 

func (info *BaseServiceInfo) TargetPort() int

Port is part of ServicePort interface.

func (*BaseServiceInfo) TargetPortName 

func (info *BaseServiceInfo) TargetPortName() string

type ServicePort 

type ServicePort interface {
	// String returns service string.  An example format can be: `IP:Port/Protocol`.
	String() string
	// GetClusterIP returns service cluster IP in net.IP format.
	ClusterIP() net.IP
	// GetPort returns service port if present. If return 0 means not present.
	Port() int

	// ExternalIPStrings returns service ExternalIPs as a string array.
	ExternalIPStrings() []string
	// LoadBalancerIPStrings returns service LoadBalancerIPs as a string array.
	LoadBalancerIPStrings() []string
	// GetProtocol returns service protocol.
	Protocol() localv1.Protocol
	// LoadBalancerSourceRanges returns service LoadBalancerSourceRanges if present empty array if not
	LoadBalancerSourceRanges() []string
	// GetHealthCheckNodePort returns service health check node port if present.  If return 0, it means not present.
	HealthCheckNodePort() int
	// GetNodePort returns a service Node port if present. If return 0, it means not present.
	NodePort() int
	// NodeLocalExternal returns if a service has only node local endpoints for external traffic.
	NodeLocalExternal() bool
	// NodeLocalInternal returns if a service has only node local endpoints for internal traffic.
	NodeLocalInternal() bool
	// InternalTrafficPolicy returns service InternalTrafficPolicy
	InternalTrafficPolicy() *v1.ServiceInternalTrafficPolicyType
	// HintsAnnotation returns the value of the v1.AnnotationTopologyAwareHints annotation.
	HintsAnnotation() string
}

ServicePort is an interface which abstracts information about a service.

type ServicePortName 

type ServicePortName struct {
	types.NamespacedName
	Port     string
	Protocol localv1.Protocol
}

ServicePortName carries a namespace + name + portname. This is the unique identifier for a load-balanced service.

func (ServicePortName) String 

func (spn ServicePortName) String() string

type SessionAffinity 

type SessionAffinity struct {
	ClientIP *localv1.Service_ClientIP
}

SessionAffinity contains data about assinged session affinity

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.