Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

pkg/operators/ebpf: Avoid adding netns field to snapshot process #2838

Merged
merged 2 commits into from
May 16, 2024
Merged

pkg/operators/ebpf: Avoid adding netns field to snapshot process #2838

merged 2 commits into from
May 16, 2024

Conversation

blanquicet
Copy link
Member

Avoid adding netns field to snapshot process

Add netns field only if the snapshotter will run an iterator attached to a network hook.

Testing done

Before this PR

The netns field is present and zero:

$ IG_EXPERIMENTAL=true go run --exec "sudo -E" ./cmd/ig/... run snapshot_process -o jsonpretty
INFO[0000] Experimental features enabled
{
  "comm": "registry",
  "gid": 0,
  "k8s": {
    "container": "",
    "hostnetwork": false,
    "namespace": "",
    "node": "",
    "pod": ""
  },
  "mntns_id": 4026533095,
  "netns": 0,
  "pid": 2499,
  "ppid": 2479,
  "runtime": {
    "containerId": "4493ff561972b767e8ea2e1ab3147799559de9d518392fb8791ad73583f8bb1f",
    "containerImageDigest": "",
    "containerImageName": "registry:2",
    "containerName": "local-registry",
    "runtimeName": "docker"
  },
  "tid": 2499,
  "uid": 0
}

After this PR

The netns field is not present anymore:

$ IG_EXPERIMENTAL=true go run --exec "sudo -E" ./cmd/ig/... run snapshot_process -o jsonpretty
INFO[0000] Experimental features enabled
{
  "comm": "registry",
  "gid": 0,
  "k8s": {
    "container": "",
    "hostnetwork": false,
    "namespace": "",
    "node": "",
    "pod": ""
  },
  "mntns_id": 4026533095,
  "pid": 2499,
  "ppid": 2479,
  "runtime": {
    "containerId": "4493ff561972b767e8ea2e1ab3147799559de9d518392fb8791ad73583f8bb1f",
    "containerImageDigest": "",
    "containerImageName": "registry:2",
    "containerName": "local-registry",
    "runtimeName": "docker"
  },
  "tid": 2499,
  "uid": 0
}

@blanquicet blanquicet requested a review from flyth as a code owner May 13, 2024 06:02
alban
alban reviewed May 13, 2024
View reviewed changes
pkg/operators/ebpf/ebpf.go Outdated Show resolved Hide resolved
@alban
Copy link
Member

alban commented May 14, 2024

I wonder if ig should really add the netns field automatically... Why not doing it in the ebpf code, so leaving the choice to the gadget author whether the netns field makes sense? For snapshot-socket listing tcp/udp sockets, it makes sense since those sockets belong to the netns. But gadget authors could decide to use a bpf iterator on sockets, and dereference struct sock to find other kind of objects that are not netns related, and output them? I don't have examples in mind, I am just wondering if making things too automatic can prevent new use cases. Wdyt?

@alban alban mentioned this pull request May 14, 2024
Merged
@blanquicet
pkg/operators/ebpf/snapshotter: Add helper to make code clearer
b910c8b 
Signed-off-by: Jose Blanquicet <josebl@microsoft.com>
@blanquicet
Copy link
Member Author

blanquicet commented May 14, 2024
edited

Wdyt?

Actually, that's what I also suggested initially but somehow, I lost the path 😅. Thanks for the review. Applied.

@blanquicet
snapshot_socket: Add netns from eBPF code
7a7b122 
Adding netns from eBPF code prevent us from "magically" adding netns
field to the gadget output. In addition, we were wrongly adding it also
to snapshotters that have nothing to do with networking.

Signed-off-by: Jose Blanquicet <josebl@microsoft.com>
@blanquicet blanquicet mentioned this pull request May 14, 2024
Open
39 tasks
alban
alban approved these changes May 16, 2024
View reviewed changes
Copy link
Member

@alban alban left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

@blanquicet blanquicet merged commit 3a2df92 into main May 16, 2024
60 checks passed
@blanquicet blanquicet deleted the jose/todo-netns branch May 16, 2024 09:44
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@alban alban alban approved these changes

@flyth flyth Awaiting requested review from flyth flyth is a code owner

@mauriciovasquezbernal mauriciovasquezbernal Awaiting requested review from mauriciovasquezbernal mauriciovasquezbernal is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@blanquicet @alban