From 391dd764e2f5921206e4f7f4b0a99ab80ffeaa87 Mon Sep 17 00:00:00 2001 From: Daniel-GrunbergerCA Date: Mon, 6 Nov 2023 14:56:09 +0200 Subject: [PATCH 1/9] add dns tracer Signed-off-by: Daniel-GrunbergerCA --- main.go | 9 +- .../dnsmanager/dns_manager.go | 86 +++++++++++++++++++ .../dnsmanager/dns_manager_interface.go | 11 +++ .../dnsmanager/dns_manager_mock.go | 22 +++++ .../dnsmanager/dns_manager_test.go | 6 ++ pkg/containerwatcher/v1/container_watcher.go | 22 ++++- .../v1/container_watcher_private.go | 14 ++- pkg/containerwatcher/v1/dns.go | 63 ++++++++++++++ pkg/containerwatcher/v1/open_test.go | 2 +- pkg/networkmanager/network_manager.go | 2 +- 10 files changed, 229 insertions(+), 8 deletions(-) create mode 100644 pkg/containerwatcher/dnsmanager/dns_manager.go create mode 100644 pkg/containerwatcher/dnsmanager/dns_manager_interface.go create mode 100644 pkg/containerwatcher/dnsmanager/dns_manager_mock.go create mode 100644 pkg/containerwatcher/dnsmanager/dns_manager_test.go create mode 100644 pkg/containerwatcher/v1/dns.go diff --git a/main.go b/main.go index b8f2c6b8..f66a39f4 100644 --- a/main.go +++ b/main.go @@ -8,6 +8,7 @@ import ( "node-agent/pkg/applicationprofilemanager" applicationprofilemanagerv1 "node-agent/pkg/applicationprofilemanager/v1" "node-agent/pkg/config" + "node-agent/pkg/containerwatcher/dnsmanager" "node-agent/pkg/containerwatcher/v1" "node-agent/pkg/filehandler/v1" "node-agent/pkg/networkmanager" @@ -105,14 +106,20 @@ func main() { } var networkManagerClient networkmanager.NetworkManagerClient + var dnsManagerClient dnsmanager.DNSManagerClient + if cfg.EnableNetworkTracing { networkManagerClient = networkmanager.CreateNetworkManager(ctx, cfg, k8sClient, storageClient, clusterData.ClusterName) + + dnsManagerClient = dnsmanager.CreateDNSManager(ctx, cfg, k8sClient, storageClient, clusterData.ClusterName) } else { networkManagerClient = networkmanager.CreateNetworkManagerMock() + + dnsManagerClient = dnsmanager.CreateDNSManagerMock() } // Create the container handler - mainHandler, err := containerwatcher.CreateIGContainerWatcher(cfg, applicationProfileManager, k8sClient, relevancyManager, networkManagerClient) + mainHandler, err := containerwatcher.CreateIGContainerWatcher(cfg, applicationProfileManager, k8sClient, relevancyManager, networkManagerClient, dnsManagerClient) if err != nil { logger.L().Ctx(ctx).Fatal("error creating the container watcher", helpers.Error(err)) } diff --git a/pkg/containerwatcher/dnsmanager/dns_manager.go b/pkg/containerwatcher/dnsmanager/dns_manager.go new file mode 100644 index 00000000..81f598e6 --- /dev/null +++ b/pkg/containerwatcher/dnsmanager/dns_manager.go @@ -0,0 +1,86 @@ +package dnsmanager + +import ( + "context" + "node-agent/pkg/config" + "node-agent/pkg/k8sclient" + "node-agent/pkg/storage" + "node-agent/pkg/utils" + "time" + + "github.com/goradd/maps" + containercollection "github.com/inspektor-gadget/inspektor-gadget/pkg/container-collection" + tracerdnstype "github.com/inspektor-gadget/inspektor-gadget/pkg/gadgets/trace/dns/types" + "github.com/kubescape/go-logger" + "github.com/kubescape/go-logger/helpers" + "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1" + "go.opentelemetry.io/otel" + "go.opentelemetry.io/otel/attribute" + "go.opentelemetry.io/otel/trace" +) + +type DNSManager struct { + cfg config.Config + ctx context.Context + k8sClient k8sclient.K8sClientInterface + storageClient storage.StorageClient + clusterName string + watchedContainerChannels maps.SafeMap[string, chan error] // key is ContainerID + adressToDomainMap maps.SafeMap[string, string] +} + +var _ DNSManagerClient = (*DNSManager)(nil) + +func CreateDNSManager(ctx context.Context, cfg config.Config, k8sClient k8sclient.K8sClientInterface, storageClient storage.StorageClient, clusterName string) *DNSManager { + return &DNSManager{ + cfg: cfg, + ctx: ctx, + k8sClient: k8sClient, + storageClient: storageClient, + clusterName: clusterName, + } +} +func (n *DNSManager) ContainerCallback(notif containercollection.PubSubEvent) { + k8sContainerID := utils.CreateK8sContainerID(notif.Container.K8s.Namespace, notif.Container.K8s.PodName, notif.Container.K8s.ContainerName) + ctx, span := otel.Tracer("").Start(n.ctx, "NetworkManager.ContainerCallback", trace.WithAttributes(attribute.String("containerID", notif.Container.Runtime.ContainerID), attribute.String("k8s workload", k8sContainerID))) + defer span.End() + + switch notif.Type { + case containercollection.EventTypeAddContainer: + if n.watchedContainerChannels.Has(notif.Container.Runtime.ContainerID) { + logger.L().Debug("container already exist in memory", helpers.String("container ID", notif.Container.Runtime.ContainerID), helpers.String("k8s workload", k8sContainerID)) + return + } + go n.handleContainerStarted(ctx, notif.Container, k8sContainerID) + + case containercollection.EventTypeRemoveContainer: + channel := n.watchedContainerChannels.Get(notif.Container.Runtime.ContainerID) + if channel != nil { + channel <- utils.ContainerHasTerminatedError + } + n.watchedContainerChannels.Delete(notif.Container.Runtime.ContainerID) + } +} + +func (n *DNSManager) handleContainerStarted(ctx context.Context, container *containercollection.Container, k8sContainerID string) { + ctx, span := otel.Tracer("").Start(ctx, "DNSManager.handleContainerStarted") + defer span.End() + + watchedContainer := &utils.WatchedContainerData{ + ContainerID: container.Runtime.ContainerID, + UpdateDataTicker: time.NewTicker(n.cfg.InitialDelay), + SyncChannel: make(chan error, 10), + K8sContainerID: k8sContainerID, + RelevantRealtimeFilesByPackageSourceInfo: map[string]*utils.PackageSourceInfoData{}, + RelevantRealtimeFilesBySPDXIdentifier: map[v1beta1.ElementID]bool{}, + } + n.watchedContainerChannels.Set(watchedContainer.ContainerID, watchedContainer.SyncChannel) +} + +func (n *DNSManager) SaveNetworkEvent(dnsEvent tracerdnstype.Event) { + for _, address := range dnsEvent.Addresses { + n.adressToDomainMap.Set(address, dnsEvent.DNSName) + } + + logger.L().Debug("DNS event", helpers.Interface("event", dnsEvent)) +} diff --git a/pkg/containerwatcher/dnsmanager/dns_manager_interface.go b/pkg/containerwatcher/dnsmanager/dns_manager_interface.go new file mode 100644 index 00000000..22f8e4a8 --- /dev/null +++ b/pkg/containerwatcher/dnsmanager/dns_manager_interface.go @@ -0,0 +1,11 @@ +package dnsmanager + +import ( + containercollection "github.com/inspektor-gadget/inspektor-gadget/pkg/container-collection" + tracerdnstype "github.com/inspektor-gadget/inspektor-gadget/pkg/gadgets/trace/dns/types" +) + +type DNSManagerClient interface { + ContainerCallback(notif containercollection.PubSubEvent) + SaveNetworkEvent(networkEvent tracerdnstype.Event) +} diff --git a/pkg/containerwatcher/dnsmanager/dns_manager_mock.go b/pkg/containerwatcher/dnsmanager/dns_manager_mock.go new file mode 100644 index 00000000..90efaefd --- /dev/null +++ b/pkg/containerwatcher/dnsmanager/dns_manager_mock.go @@ -0,0 +1,22 @@ +package dnsmanager + +import ( + containercollection "github.com/inspektor-gadget/inspektor-gadget/pkg/container-collection" + tracerdnstype "github.com/inspektor-gadget/inspektor-gadget/pkg/gadgets/trace/dns/types" +) + +type DNSManagerMock struct { +} + +var _ DNSManagerClient = (*DNSManagerMock)(nil) + +func CreateDNSManagerMock() *DNSManagerMock { + return &DNSManagerMock{} +} + +func (am *DNSManagerMock) ContainerCallback(notif containercollection.PubSubEvent) { + +} + +func (am *DNSManagerMock) SaveNetworkEvent(event tracerdnstype.Event) { +} diff --git a/pkg/containerwatcher/dnsmanager/dns_manager_test.go b/pkg/containerwatcher/dnsmanager/dns_manager_test.go new file mode 100644 index 00000000..790534f7 --- /dev/null +++ b/pkg/containerwatcher/dnsmanager/dns_manager_test.go @@ -0,0 +1,6 @@ +package dnsmanager + +import "testing" + +func TestSaveNetworkEvent(t *testing.T) { +} diff --git a/pkg/containerwatcher/v1/container_watcher.go b/pkg/containerwatcher/v1/container_watcher.go index 340c2eb0..c61b4d22 100644 --- a/pkg/containerwatcher/v1/container_watcher.go +++ b/pkg/containerwatcher/v1/container_watcher.go @@ -6,6 +6,7 @@ import ( "node-agent/pkg/applicationprofilemanager" "node-agent/pkg/config" "node-agent/pkg/containerwatcher" + "node-agent/pkg/containerwatcher/dnsmanager" "node-agent/pkg/networkmanager" "node-agent/pkg/relevancymanager" "node-agent/pkg/utils" @@ -14,6 +15,8 @@ import ( tracerseccomp "github.com/inspektor-gadget/inspektor-gadget/pkg/gadgets/advise/seccomp/tracer" tracercapabilities "github.com/inspektor-gadget/inspektor-gadget/pkg/gadgets/trace/capabilities/tracer" tracercapabilitiestype "github.com/inspektor-gadget/inspektor-gadget/pkg/gadgets/trace/capabilities/types" + tracerdns "github.com/inspektor-gadget/inspektor-gadget/pkg/gadgets/trace/dns/tracer" + tracerdnstype "github.com/inspektor-gadget/inspektor-gadget/pkg/gadgets/trace/dns/types" tracerexec "github.com/inspektor-gadget/inspektor-gadget/pkg/gadgets/trace/exec/tracer" tracerexectype "github.com/inspektor-gadget/inspektor-gadget/pkg/gadgets/trace/exec/types" tracernetwork "github.com/inspektor-gadget/inspektor-gadget/pkg/gadgets/trace/network/tracer" @@ -32,6 +35,7 @@ const ( capabilitiesTraceName = "trace_capabilities" execTraceName = "trace_exec" networkTraceName = "trace_network" + dnsTraceName = "trace_dns" openTraceName = "trace_open" capabilitiesWorkerPoolSize = 1 execWorkerPoolSize = 2 @@ -50,6 +54,7 @@ type IGContainerWatcher struct { k8sClient *k8sinterface.KubernetesApi relevancyManager relevancymanager.RelevancyManagerClient networkManager networkmanager.NetworkManagerClient + dnsManager dnsmanager.DNSManagerClient // IG Collections containerCollection *containercollection.ContainerCollection tracerCollection *tracercollection.TracerCollection @@ -59,6 +64,7 @@ type IGContainerWatcher struct { openTracer *traceropen.Tracer syscallTracer *tracerseccomp.Tracer networkTracer *tracernetwork.Tracer + dnsTracer *tracerdns.Tracer kubeIPInstance operators.OperatorInstance kubeNameInstance operators.OperatorInstance // Worker pools @@ -66,11 +72,12 @@ type IGContainerWatcher struct { execWorkerPool *ants.PoolWithFunc openWorkerPool *ants.PoolWithFunc networkWorkerPool *ants.PoolWithFunc + dnsWorkerPool *ants.PoolWithFunc } var _ containerwatcher.ContainerWatcher = (*IGContainerWatcher)(nil) -func CreateIGContainerWatcher(cfg config.Config, applicationProfileManager applicationprofilemanager.ApplicationProfileManagerClient, k8sClient *k8sinterface.KubernetesApi, relevancyManager relevancymanager.RelevancyManagerClient, networkManagerClient networkmanager.NetworkManagerClient) (*IGContainerWatcher, error) { +func CreateIGContainerWatcher(cfg config.Config, applicationProfileManager applicationprofilemanager.ApplicationProfileManagerClient, k8sClient *k8sinterface.KubernetesApi, relevancyManager relevancymanager.RelevancyManagerClient, networkManagerClient networkmanager.NetworkManagerClient, dnsManagerClient dnsmanager.DNSManagerClient) (*IGContainerWatcher, error) { // Use container collection to get notified for new containers containerCollection := &containercollection.ContainerCollection{} // Create a tracer collection instance @@ -130,6 +137,17 @@ func CreateIGContainerWatcher(cfg config.Config, applicationProfileManager appli networkManagerClient.SaveNetworkEvent(event.Runtime.ContainerID, event.K8s.PodName, event) }) + // Create a dns worker pool + dnsWorkerPool, err := ants.NewPoolWithFunc(networkWorkerPoolSize, func(i interface{}) { + event := i.(tracerdnstype.Event) + + if event.Qr != tracerdnstype.DNSPktTypeResponse { + return + } + + dnsManagerClient.SaveNetworkEvent(event) + }) + if err != nil { return nil, fmt.Errorf("creating open network pool: %w", err) } @@ -143,6 +161,7 @@ func CreateIGContainerWatcher(cfg config.Config, applicationProfileManager appli k8sClient: k8sClient, relevancyManager: relevancyManager, networkManager: networkManagerClient, + dnsManager: dnsManagerClient, // IG Collections containerCollection: containerCollection, tracerCollection: tracerCollection, @@ -151,6 +170,7 @@ func CreateIGContainerWatcher(cfg config.Config, applicationProfileManager appli execWorkerPool: execWorkerPool, openWorkerPool: openWorkerPool, networkWorkerPool: networkWorkerPool, + dnsWorkerPool: dnsWorkerPool, }, nil } diff --git a/pkg/containerwatcher/v1/container_watcher_private.go b/pkg/containerwatcher/v1/container_watcher_private.go index f9d4fc10..f44d5783 100644 --- a/pkg/containerwatcher/v1/container_watcher_private.go +++ b/pkg/containerwatcher/v1/container_watcher_private.go @@ -4,9 +4,7 @@ import ( "context" "errors" "fmt" - "node-agent/pkg/config" "node-agent/pkg/utils" - "os" "time" containercollection "github.com/inspektor-gadget/inspektor-gadget/pkg/container-collection" @@ -37,6 +35,7 @@ func (ch *IGContainerWatcher) startContainerCollection(ctx context.Context) erro ch.applicationProfileManager.ContainerCallback, ch.relevancyManager.ContainerCallback, ch.networkManager.ContainerCallback, + ch.dnsManager.ContainerCallback, } // Define the different options for the container collection instance @@ -50,10 +49,10 @@ func (ch *IGContainerWatcher) startContainerCollection(ctx context.Context) erro containercollection.WithCgroupEnrichment(), // Enrich events with Linux namespaces information, it is needed for per container filtering - containercollection.WithLinuxNamespaceEnrichment(), + // containercollection.WithLinuxNamespaceEnrichment(), // Enrich those containers with data from the Kubernetes API - containercollection.WithKubernetesEnrichment(os.Getenv(config.NodeNameEnvVar), ch.k8sClient.K8SConfig), + // containercollection.WithKubernetesEnrichment(os.Getenv(config.NodeNameEnvVar), ch.k8sClient.K8SConfig), // Get Notifications from the container collection containercollection.WithPubSub(containerEventFuncs...), @@ -106,6 +105,12 @@ func (ch *IGContainerWatcher) startTracers() error { logger.L().Error("error starting network tracing", helpers.Error(err)) return err } + + // Start dns tracer + if err := ch.startDNSTracing(); err != nil { + logger.L().Error("error starting dns tracing", helpers.Error(err)) + return err + } } return nil @@ -172,4 +177,5 @@ func (ch *IGContainerWatcher) unregisterContainer(container *containercollection ch.applicationProfileManager.ContainerCallback(event) ch.relevancyManager.ContainerCallback(event) ch.networkManager.ContainerCallback(event) + ch.dnsManager.ContainerCallback(event) } diff --git a/pkg/containerwatcher/v1/dns.go b/pkg/containerwatcher/v1/dns.go new file mode 100644 index 00000000..0a1c5476 --- /dev/null +++ b/pkg/containerwatcher/v1/dns.go @@ -0,0 +1,63 @@ +package containerwatcher + +import ( + "fmt" + + "github.com/inspektor-gadget/inspektor-gadget/pkg/container-collection/networktracer" + tracerdns "github.com/inspektor-gadget/inspektor-gadget/pkg/gadgets/trace/dns/tracer" + tracerdnstype "github.com/inspektor-gadget/inspektor-gadget/pkg/gadgets/trace/dns/types" + "github.com/inspektor-gadget/inspektor-gadget/pkg/types" + "github.com/kubescape/go-logger" + "github.com/kubescape/go-logger/helpers" +) + +func (ch *IGContainerWatcher) dnsEventCallback(event *tracerdnstype.Event) { + if event.Type != types.NORMAL { + logger.L().Ctx(ch.ctx).Warning("dns tracer got drop events - we may miss some realtime data", helpers.Interface("event", event), helpers.String("error", event.Message)) + return + } + + ch.containerCollection.EnrichByMntNs(&event.CommonData, event.MountNsID) + + _ = ch.dnsWorkerPool.Invoke(*event) +} + +func (ch *IGContainerWatcher) startDNSTracing() error { + if err := ch.tracerCollection.AddTracer(dnsTraceName, ch.containerSelector); err != nil { + return fmt.Errorf("adding tracer: %w", err) + } + + tracerDns, err := tracerdns.NewTracer() + if err != nil { + return fmt.Errorf("creating tracer: %w", err) + } + + tracerDns.SetEventHandler(ch.dnsEventCallback) + + ch.dnsTracer = tracerDns + + config := &networktracer.ConnectToContainerCollectionConfig[tracerdnstype.Event]{ + Tracer: ch.dnsTracer, + Resolver: ch.containerCollection, + Selector: ch.containerSelector, + Base: tracerdnstype.Base, + } + + _, err = networktracer.ConnectToContainerCollection(config) + if err != nil { + return fmt.Errorf("creating tracer: %w", err) + } + + return nil +} + +func (ch *IGContainerWatcher) stopDNSTracing() error { + // Stop dns tracer + if err := ch.tracerCollection.RemoveTracer(dnsTraceName); err != nil { + return fmt.Errorf("removing tracer: %w", err) + } + + ch.dnsTracer.Close() + + return nil +} diff --git a/pkg/containerwatcher/v1/open_test.go b/pkg/containerwatcher/v1/open_test.go index 0ab7197a..7975e103 100644 --- a/pkg/containerwatcher/v1/open_test.go +++ b/pkg/containerwatcher/v1/open_test.go @@ -19,7 +19,7 @@ func BenchmarkIGContainerWatcher_openEventCallback(b *testing.B) { assert.NoError(b, err) relevancyManager, err := relevancymanager.CreateRelevancyManager(ctx, cfg, "cluster", fileHandler, nil, nil) assert.NoError(b, err) - mainHandler, err := CreateIGContainerWatcher(cfg, nil, nil, relevancyManager, nil) + mainHandler, err := CreateIGContainerWatcher(cfg, nil, nil, relevancyManager, nil, nil) assert.NoError(b, err) event := &traceropentype.Event{ Event: types.Event{ diff --git a/pkg/networkmanager/network_manager.go b/pkg/networkmanager/network_manager.go index 28f11ef4..8c84dabe 100644 --- a/pkg/networkmanager/network_manager.go +++ b/pkg/networkmanager/network_manager.go @@ -49,7 +49,7 @@ type NetworkManager struct { k8sClient k8sclient.K8sClientInterface storageClient storage.StorageClient containerAndPodToWLIDMap maps.SafeMap[string, string] - containerAndPodToEventsMap maps.SafeMap[string, mapset.Set[NetworkEvent]] // TODO: change it to set + containerAndPodToEventsMap maps.SafeMap[string, mapset.Set[NetworkEvent]] clusterName string watchedContainerChannels maps.SafeMap[string, chan error] // key is ContainerID } From ab097d575d259cd3e0d26d774fe02b8164dcea7a Mon Sep 17 00:00:00 2001 From: Daniel-GrunbergerCA Date: Mon, 6 Nov 2023 15:17:58 +0200 Subject: [PATCH 2/9] print pod name Signed-off-by: Daniel-GrunbergerCA --- pkg/containerwatcher/dnsmanager/dns_manager.go | 4 ++-- pkg/containerwatcher/dnsmanager/dns_manager_interface.go | 2 +- pkg/containerwatcher/dnsmanager/dns_manager_mock.go | 2 +- pkg/containerwatcher/v1/container_watcher.go | 2 +- 4 files changed, 5 insertions(+), 5 deletions(-) diff --git a/pkg/containerwatcher/dnsmanager/dns_manager.go b/pkg/containerwatcher/dnsmanager/dns_manager.go index 81f598e6..d2a7346a 100644 --- a/pkg/containerwatcher/dnsmanager/dns_manager.go +++ b/pkg/containerwatcher/dnsmanager/dns_manager.go @@ -77,10 +77,10 @@ func (n *DNSManager) handleContainerStarted(ctx context.Context, container *cont n.watchedContainerChannels.Set(watchedContainer.ContainerID, watchedContainer.SyncChannel) } -func (n *DNSManager) SaveNetworkEvent(dnsEvent tracerdnstype.Event) { +func (n *DNSManager) SaveNetworkEvent(podName string, dnsEvent tracerdnstype.Event) { for _, address := range dnsEvent.Addresses { n.adressToDomainMap.Set(address, dnsEvent.DNSName) } - logger.L().Debug("DNS event", helpers.Interface("event", dnsEvent)) + logger.L().Debug("DNS event", helpers.Interface("event", dnsEvent), helpers.String("pod name", podName)) } diff --git a/pkg/containerwatcher/dnsmanager/dns_manager_interface.go b/pkg/containerwatcher/dnsmanager/dns_manager_interface.go index 22f8e4a8..c5a94d09 100644 --- a/pkg/containerwatcher/dnsmanager/dns_manager_interface.go +++ b/pkg/containerwatcher/dnsmanager/dns_manager_interface.go @@ -7,5 +7,5 @@ import ( type DNSManagerClient interface { ContainerCallback(notif containercollection.PubSubEvent) - SaveNetworkEvent(networkEvent tracerdnstype.Event) + SaveNetworkEvent(podName string, networkEvent tracerdnstype.Event) } diff --git a/pkg/containerwatcher/dnsmanager/dns_manager_mock.go b/pkg/containerwatcher/dnsmanager/dns_manager_mock.go index 90efaefd..3cf0de62 100644 --- a/pkg/containerwatcher/dnsmanager/dns_manager_mock.go +++ b/pkg/containerwatcher/dnsmanager/dns_manager_mock.go @@ -18,5 +18,5 @@ func (am *DNSManagerMock) ContainerCallback(notif containercollection.PubSubEven } -func (am *DNSManagerMock) SaveNetworkEvent(event tracerdnstype.Event) { +func (am *DNSManagerMock) SaveNetworkEvent(podName string, event tracerdnstype.Event) { } diff --git a/pkg/containerwatcher/v1/container_watcher.go b/pkg/containerwatcher/v1/container_watcher.go index c61b4d22..b99cd6e3 100644 --- a/pkg/containerwatcher/v1/container_watcher.go +++ b/pkg/containerwatcher/v1/container_watcher.go @@ -145,7 +145,7 @@ func CreateIGContainerWatcher(cfg config.Config, applicationProfileManager appli return } - dnsManagerClient.SaveNetworkEvent(event) + dnsManagerClient.SaveNetworkEvent(event.K8s.PodName, event) }) if err != nil { From fd8467d4a7a16615585b5e35f4e902e486e65e13 Mon Sep 17 00:00:00 2001 From: Daniel-GrunbergerCA Date: Mon, 6 Nov 2023 15:28:17 +0200 Subject: [PATCH 3/9] enrich Signed-off-by: Daniel-GrunbergerCA --- pkg/containerwatcher/v1/container_watcher_private.go | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/pkg/containerwatcher/v1/container_watcher_private.go b/pkg/containerwatcher/v1/container_watcher_private.go index f44d5783..4cf2d307 100644 --- a/pkg/containerwatcher/v1/container_watcher_private.go +++ b/pkg/containerwatcher/v1/container_watcher_private.go @@ -4,7 +4,9 @@ import ( "context" "errors" "fmt" + "node-agent/pkg/config" "node-agent/pkg/utils" + "os" "time" containercollection "github.com/inspektor-gadget/inspektor-gadget/pkg/container-collection" @@ -49,10 +51,10 @@ func (ch *IGContainerWatcher) startContainerCollection(ctx context.Context) erro containercollection.WithCgroupEnrichment(), // Enrich events with Linux namespaces information, it is needed for per container filtering - // containercollection.WithLinuxNamespaceEnrichment(), + containercollection.WithLinuxNamespaceEnrichment(), // Enrich those containers with data from the Kubernetes API - // containercollection.WithKubernetesEnrichment(os.Getenv(config.NodeNameEnvVar), ch.k8sClient.K8SConfig), + containercollection.WithKubernetesEnrichment(os.Getenv(config.NodeNameEnvVar), ch.k8sClient.K8SConfig), // Get Notifications from the container collection containercollection.WithPubSub(containerEventFuncs...), From 3d67bdc067fc61b451ea1d5103c9a65c093aedd2 Mon Sep 17 00:00:00 2001 From: Daniel-GrunbergerCA Date: Tue, 7 Nov 2023 12:47:10 +0200 Subject: [PATCH 4/9] support dns enrighment Signed-off-by: Daniel-GrunbergerCA --- main.go | 11 ++- .../dnsmanager/dns_manager.go | 15 ++- .../dnsmanager/dns_manager_interface.go | 4 + .../dnsmanager/dns_manager_mock.go | 9 +- .../dnsmanager/dns_manager_test.go | 65 +++++++++++- pkg/containerwatcher/v1/container_watcher.go | 3 +- .../v1/container_watcher_private.go | 15 ++- pkg/containerwatcher/v1/network.go | 46 +++++---- pkg/networkmanager/network_manager.go | 24 +++-- pkg/networkmanager/network_manager_test.go | 98 ++++++++++++++++--- 10 files changed, 234 insertions(+), 56 deletions(-) diff --git a/main.go b/main.go index f66a39f4..646ae4c0 100644 --- a/main.go +++ b/main.go @@ -19,6 +19,7 @@ import ( "os" "os/signal" "syscall" + "time" utilsmetadata "github.com/armosec/utils-k8s-go/armometadata" @@ -109,12 +110,16 @@ func main() { var dnsManagerClient dnsmanager.DNSManagerClient if cfg.EnableNetworkTracing { - networkManagerClient = networkmanager.CreateNetworkManager(ctx, cfg, k8sClient, storageClient, clusterData.ClusterName) + dnsCfg := cfg + dnsCfg.InitialDelay = cfg.InitialDelay - 30*time.Second + + dnsManager := dnsmanager.CreateDNSManager(ctx, dnsCfg, k8sClient, storageClient, clusterData.ClusterName) + dnsManagerClient = dnsManager + + networkManagerClient = networkmanager.CreateNetworkManager(ctx, cfg, k8sClient, storageClient, clusterData.ClusterName, dnsManager) - dnsManagerClient = dnsmanager.CreateDNSManager(ctx, cfg, k8sClient, storageClient, clusterData.ClusterName) } else { networkManagerClient = networkmanager.CreateNetworkManagerMock() - dnsManagerClient = dnsmanager.CreateDNSManagerMock() } diff --git a/pkg/containerwatcher/dnsmanager/dns_manager.go b/pkg/containerwatcher/dnsmanager/dns_manager.go index d2a7346a..b269c342 100644 --- a/pkg/containerwatcher/dnsmanager/dns_manager.go +++ b/pkg/containerwatcher/dnsmanager/dns_manager.go @@ -26,10 +26,11 @@ type DNSManager struct { storageClient storage.StorageClient clusterName string watchedContainerChannels maps.SafeMap[string, chan error] // key is ContainerID - adressToDomainMap maps.SafeMap[string, string] + addressToDomainMap maps.SafeMap[string, string] } var _ DNSManagerClient = (*DNSManager)(nil) +var _ DNSResolver = (*DNSManager)(nil) func CreateDNSManager(ctx context.Context, cfg config.Config, k8sClient k8sclient.K8sClientInterface, storageClient storage.StorageClient, clusterName string) *DNSManager { return &DNSManager{ @@ -68,7 +69,7 @@ func (n *DNSManager) handleContainerStarted(ctx context.Context, container *cont watchedContainer := &utils.WatchedContainerData{ ContainerID: container.Runtime.ContainerID, - UpdateDataTicker: time.NewTicker(n.cfg.InitialDelay), + UpdateDataTicker: time.NewTicker(n.cfg.InitialDelay - 30*time.Second), SyncChannel: make(chan error, 10), K8sContainerID: k8sContainerID, RelevantRealtimeFilesByPackageSourceInfo: map[string]*utils.PackageSourceInfoData{}, @@ -79,8 +80,16 @@ func (n *DNSManager) handleContainerStarted(ctx context.Context, container *cont func (n *DNSManager) SaveNetworkEvent(podName string, dnsEvent tracerdnstype.Event) { for _, address := range dnsEvent.Addresses { - n.adressToDomainMap.Set(address, dnsEvent.DNSName) + n.addressToDomainMap.Set(address, dnsEvent.DNSName) } logger.L().Debug("DNS event", helpers.Interface("event", dnsEvent), helpers.String("pod name", podName)) } + +func (n *DNSManager) ResolveIPAddress(ipAddr string) (string, bool) { + domain := n.addressToDomainMap.Get(ipAddr) + if domain == "" { + return "", false + } + return domain, true +} diff --git a/pkg/containerwatcher/dnsmanager/dns_manager_interface.go b/pkg/containerwatcher/dnsmanager/dns_manager_interface.go index c5a94d09..a439da46 100644 --- a/pkg/containerwatcher/dnsmanager/dns_manager_interface.go +++ b/pkg/containerwatcher/dnsmanager/dns_manager_interface.go @@ -9,3 +9,7 @@ type DNSManagerClient interface { ContainerCallback(notif containercollection.PubSubEvent) SaveNetworkEvent(podName string, networkEvent tracerdnstype.Event) } + +type DNSResolver interface { + ResolveIPAddress(ipAddr string) (string, bool) +} diff --git a/pkg/containerwatcher/dnsmanager/dns_manager_mock.go b/pkg/containerwatcher/dnsmanager/dns_manager_mock.go index 3cf0de62..cf7597b6 100644 --- a/pkg/containerwatcher/dnsmanager/dns_manager_mock.go +++ b/pkg/containerwatcher/dnsmanager/dns_manager_mock.go @@ -9,14 +9,19 @@ type DNSManagerMock struct { } var _ DNSManagerClient = (*DNSManagerMock)(nil) +var _ DNSResolver = (*DNSManagerMock)(nil) func CreateDNSManagerMock() *DNSManagerMock { return &DNSManagerMock{} } -func (am *DNSManagerMock) ContainerCallback(notif containercollection.PubSubEvent) { +func (n *DNSManagerMock) ContainerCallback(notif containercollection.PubSubEvent) { } -func (am *DNSManagerMock) SaveNetworkEvent(podName string, event tracerdnstype.Event) { +func (n *DNSManagerMock) SaveNetworkEvent(podName string, event tracerdnstype.Event) { +} + +func (n *DNSManagerMock) ResolveIPAddress(ipAddr string) (string, bool) { + return "", false } diff --git a/pkg/containerwatcher/dnsmanager/dns_manager_test.go b/pkg/containerwatcher/dnsmanager/dns_manager_test.go index 790534f7..941704dc 100644 --- a/pkg/containerwatcher/dnsmanager/dns_manager_test.go +++ b/pkg/containerwatcher/dnsmanager/dns_manager_test.go @@ -1,6 +1,67 @@ package dnsmanager -import "testing" +import ( + "context" + "node-agent/pkg/config" + "node-agent/pkg/k8sclient" + "node-agent/pkg/storage" + "testing" + "time" -func TestSaveNetworkEvent(t *testing.T) { + containercollection "github.com/inspektor-gadget/inspektor-gadget/pkg/container-collection" + tracerdnstype "github.com/inspektor-gadget/inspektor-gadget/pkg/gadgets/trace/dns/types" + "github.com/inspektor-gadget/inspektor-gadget/pkg/types" + "github.com/stretchr/testify/assert" +) + +func TestDNSManager(t *testing.T) { + cfg := config.Config{ + InitialDelay: 1 * time.Second, + MaxSniffingTime: 5 * time.Minute, + UpdateDataPeriod: 20 * time.Second, + } + + ctx := context.TODO() + k8sClient := &k8sclient.K8sClientMock{} + storageClient := &storage.StorageHttpClientMock{} + nm := CreateDNSManager(ctx, cfg, k8sClient, storageClient, "test") + + container := &containercollection.Container{ + K8s: containercollection.K8sMetadata{ + BasicK8sMetadata: types.BasicK8sMetadata{ + Namespace: "ns", + PodName: "pod", + ContainerName: "cont", + }, + }, + Runtime: containercollection.RuntimeMetadata{ + BasicRuntimeMetadata: types.BasicRuntimeMetadata{ + ContainerID: "5fff6a395ce4e6984a9447cc6cfb09f473eaf278498243963fcc944889bc8400", + }, + }, + } + nm.ContainerCallback(containercollection.PubSubEvent{ + Type: containercollection.EventTypeAddContainer, + Container: container, + }) + + dnsEvent := &tracerdnstype.Event{ + Qr: tracerdnstype.DNSPktTypeResponse, + QType: "A", + DNSName: "google.com", + Addresses: []string{ + "15.52.34.53", + "12.52.34.53", + }, + } + + nm.SaveNetworkEvent("test", *dnsEvent) + time.Sleep(12 * time.Second) + + nm.ContainerCallback(containercollection.PubSubEvent{ + Type: containercollection.EventTypeRemoveContainer, + Container: container, + }) + + assert.Equal(t, 2, len(nm.addressToDomainMap.Keys())) } diff --git a/pkg/containerwatcher/v1/container_watcher.go b/pkg/containerwatcher/v1/container_watcher.go index b99cd6e3..b3d3f3f1 100644 --- a/pkg/containerwatcher/v1/container_watcher.go +++ b/pkg/containerwatcher/v1/container_watcher.go @@ -41,6 +41,7 @@ const ( execWorkerPoolSize = 2 openWorkerPoolSize = 8 networkWorkerPoolSize = 1 + dnsWorkerPoolSize = 5 ) type IGContainerWatcher struct { @@ -138,7 +139,7 @@ func CreateIGContainerWatcher(cfg config.Config, applicationProfileManager appli }) // Create a dns worker pool - dnsWorkerPool, err := ants.NewPoolWithFunc(networkWorkerPoolSize, func(i interface{}) { + dnsWorkerPool, err := ants.NewPoolWithFunc(dnsWorkerPoolSize, func(i interface{}) { event := i.(tracerdnstype.Event) if event.Qr != tracerdnstype.DNSPktTypeResponse { diff --git a/pkg/containerwatcher/v1/container_watcher_private.go b/pkg/containerwatcher/v1/container_watcher_private.go index 4cf2d307..a06858ce 100644 --- a/pkg/containerwatcher/v1/container_watcher_private.go +++ b/pkg/containerwatcher/v1/container_watcher_private.go @@ -10,6 +10,7 @@ import ( "time" containercollection "github.com/inspektor-gadget/inspektor-gadget/pkg/container-collection" + "github.com/inspektor-gadget/inspektor-gadget/pkg/utils/host" "github.com/kubescape/go-logger" "github.com/kubescape/go-logger/helpers" ) @@ -102,17 +103,23 @@ func (ch *IGContainerWatcher) startTracers() error { } if ch.cfg.EnableNetworkTracing { - // Start network tracer - if err := ch.startNetworkTracing(); err != nil { - logger.L().Error("error starting network tracing", helpers.Error(err)) + host.Init(host.Config{AutoMountFilesystems: true}) + + if err := ch.startKubernetesResolution(); err != nil { + logger.L().Error("error starting kubernetes resolution", helpers.Error(err)) return err } - // Start dns tracer if err := ch.startDNSTracing(); err != nil { logger.L().Error("error starting dns tracing", helpers.Error(err)) return err } + + if err := ch.startNetworkTracing(); err != nil { + logger.L().Error("error starting network tracing", helpers.Error(err)) + return err + } + } return nil diff --git a/pkg/containerwatcher/v1/network.go b/pkg/containerwatcher/v1/network.go index 60b5a449..045ac589 100644 --- a/pkg/containerwatcher/v1/network.go +++ b/pkg/containerwatcher/v1/network.go @@ -10,7 +10,6 @@ import ( "github.com/inspektor-gadget/inspektor-gadget/pkg/operators/kubeipresolver" "github.com/inspektor-gadget/inspektor-gadget/pkg/operators/kubenameresolver" "github.com/inspektor-gadget/inspektor-gadget/pkg/types" - "github.com/inspektor-gadget/inspektor-gadget/pkg/utils/host" "github.com/kubescape/go-logger" "github.com/kubescape/go-logger/helpers" ) @@ -34,7 +33,6 @@ func (ch *IGContainerWatcher) networkEventCallback(event *tracernetworktypes.Eve } func (ch *IGContainerWatcher) startNetworkTracing() error { - host.Init(host.Config{AutoMountFilesystems: true}) if err := ch.tracerCollection.AddTracer(networkTraceName, ch.containerSelector); err != nil { return fmt.Errorf("adding tracer: %w", err) @@ -45,24 +43,6 @@ func (ch *IGContainerWatcher) startNetworkTracing() error { return fmt.Errorf("creating tracer: %w", err) } - kubeIPOp := operators.GetRaw(kubeipresolver.OperatorName).(*kubeipresolver.KubeIPResolver) - kubeIPOp.Init(nil) - ch.kubeIPInstance, err = kubeIPOp.Instantiate(nil, nil, nil) - if err == nil { - ch.kubeIPInstance.PreGadgetRun() - } else { - return fmt.Errorf("creating kube ip resolver: %w", err) - } - - kubeNameOp := operators.GetRaw(kubenameresolver.OperatorName).(*kubenameresolver.KubeNameResolver) - kubeNameOp.Init(nil) - ch.kubeNameInstance, err = kubeNameOp.Instantiate(nil, nil, nil) - if err == nil { - ch.kubeNameInstance.PreGadgetRun() - } else { - return fmt.Errorf("creating kube name resolver: %w", err) - } - tracerNetwork.SetEventHandler(ch.networkEventCallback) ch.networkTracer = tracerNetwork @@ -82,6 +62,32 @@ func (ch *IGContainerWatcher) startNetworkTracing() error { return nil } +// startKubernetesResolution starts the kubeIP and kube name resolution, which are used to enrich network communication data +func (ch *IGContainerWatcher) startKubernetesResolution() error { + kubeIPOp := operators.GetRaw(kubeipresolver.OperatorName).(*kubeipresolver.KubeIPResolver) + kubeIPOp.Init(nil) + + kubeIPInstance, err := kubeIPOp.Instantiate(nil, nil, nil) + if err != nil { + return fmt.Errorf("creating kube ip resolver: %w", err) + } + + ch.kubeIPInstance = kubeIPInstance + ch.kubeIPInstance.PreGadgetRun() + + kubeNameOp := operators.GetRaw(kubenameresolver.OperatorName).(*kubenameresolver.KubeNameResolver) + kubeNameOp.Init(nil) + kubeNameInstance, err := kubeNameOp.Instantiate(nil, nil, nil) + if err != nil { + return fmt.Errorf("creating kube name resolver: %w", err) + } + + ch.kubeNameInstance = kubeNameInstance + ch.kubeNameInstance.PreGadgetRun() + + return nil +} + func (ch *IGContainerWatcher) stopNetworkTracing() error { // Stop network tracer if err := ch.tracerCollection.RemoveTracer(networkTraceName); err != nil { diff --git a/pkg/networkmanager/network_manager.go b/pkg/networkmanager/network_manager.go index 8c84dabe..8a3ca2ad 100644 --- a/pkg/networkmanager/network_manager.go +++ b/pkg/networkmanager/network_manager.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "node-agent/pkg/config" + "node-agent/pkg/containerwatcher/dnsmanager" "node-agent/pkg/k8sclient" "node-agent/pkg/storage" "node-agent/pkg/utils" @@ -52,17 +53,19 @@ type NetworkManager struct { containerAndPodToEventsMap maps.SafeMap[string, mapset.Set[NetworkEvent]] clusterName string watchedContainerChannels maps.SafeMap[string, chan error] // key is ContainerID + dnsResolverClient dnsmanager.DNSResolver } var _ NetworkManagerClient = (*NetworkManager)(nil) -func CreateNetworkManager(ctx context.Context, cfg config.Config, k8sClient k8sclient.K8sClientInterface, storageClient storage.StorageClient, clusterName string) *NetworkManager { +func CreateNetworkManager(ctx context.Context, cfg config.Config, k8sClient k8sclient.K8sClientInterface, storageClient storage.StorageClient, clusterName string, dnsResolverClient dnsmanager.DNSResolver) *NetworkManager { return &NetworkManager{ - cfg: cfg, - ctx: ctx, - k8sClient: k8sClient, - storageClient: storageClient, - clusterName: clusterName, + cfg: cfg, + ctx: ctx, + k8sClient: k8sClient, + storageClient: storageClient, + clusterName: clusterName, + dnsResolverClient: dnsResolverClient, } } @@ -390,6 +393,15 @@ func (am *NetworkManager) generateNetworkNeighborsEntries(namespace string, netw continue } neighborEntry.IPAddress = networkEvent.Destination.IPAddress + + if am.dnsResolverClient != nil { + domain, ok := am.dnsResolverClient.ResolveIPAddress(networkEvent.Destination.IPAddress) + if ok { + neighborEntry.DNS = domain + } else { + logger.L().Debug("failed to resolve ip address", helpers.String("ip address", networkEvent.Destination.IPAddress), helpers.Interface("am.dnsResolverClient", am.dnsResolverClient)) + } + } } saveNeighborEntry(networkEvent, neighborEntry, egressIdentifiersMap, ingressIdentifiersMap) diff --git a/pkg/networkmanager/network_manager_test.go b/pkg/networkmanager/network_manager_test.go index fdaf0e6d..b23e2319 100644 --- a/pkg/networkmanager/network_manager_test.go +++ b/pkg/networkmanager/network_manager_test.go @@ -4,6 +4,7 @@ import ( "context" "fmt" "node-agent/pkg/config" + "node-agent/pkg/containerwatcher/dnsmanager" "testing" _ "embed" @@ -12,6 +13,7 @@ import ( "k8s.io/utils/ptr" mapset "github.com/deckarep/golang-set/v2" + "github.com/goradd/maps" tracernetworktype "github.com/inspektor-gadget/inspektor-gadget/pkg/gadgets/trace/network/types" "github.com/inspektor-gadget/inspektor-gadget/pkg/types" "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1" @@ -316,17 +318,30 @@ func TestGeneratePortIdentifierFromEvent(t *testing.T) { } } +type dnsResolverMock struct { + addressToDomainMap *maps.SafeMap[string, string] +} + +func (d *dnsResolverMock) ResolveIPAddress(ipAddr string) (string, bool) { + domain := d.addressToDomainMap.Get(ipAddr) + return domain, domain != "" +} + func TestGenerateNetworkNeighborsEntries(t *testing.T) { tests := []struct { - name string - namespace string - networkEvents []NetworkEvent - expectedSpec v1beta1.NetworkNeighborsSpec + name string + namespace string + networkEvents []NetworkEvent + expectedSpec v1beta1.NetworkNeighborsSpec + addressToDomainMap map[string]string }{ { - name: "empty", - namespace: "default", - expectedSpec: v1beta1.NetworkNeighborsSpec{}, + name: "empty", + namespace: "default", + expectedSpec: v1beta1.NetworkNeighborsSpec{ + Egress: []v1beta1.NetworkNeighbor{}, + Ingress: []v1beta1.NetworkNeighbor{}, + }, }, { name: "pod from same namespace ingress - should not have namespace selector", @@ -358,6 +373,7 @@ func TestGenerateNetworkNeighborsEntries(t *testing.T) { Identifier: "0d13d659ca4ba62f02f78781a15e1bfb4f88b29761d06c1b90cfa8834d9845c7", }, }, + Egress: []v1beta1.NetworkNeighbor{}, }, }, { @@ -390,6 +406,7 @@ func TestGenerateNetworkNeighborsEntries(t *testing.T) { Identifier: "0d13d659ca4ba62f02f78781a15e1bfb4f88b29761d06c1b90cfa8834d9845c7", }, }, + Ingress: []v1beta1.NetworkNeighbor{}, }, }, { @@ -422,6 +439,7 @@ func TestGenerateNetworkNeighborsEntries(t *testing.T) { Identifier: "c86024d63c2bfddde96a258c3005e963e06fb9d8ee941a6de3003d6eae5dd7cc", }, }, + Ingress: []v1beta1.NetworkNeighbor{}, }, }, { @@ -448,6 +466,7 @@ func TestGenerateNetworkNeighborsEntries(t *testing.T) { Identifier: "3bbd32606a8516f97e7e3c11b0e914744c56cd6b8a2cadf010dd5fc648285535", }, }, + Ingress: []v1beta1.NetworkNeighbor{}, }, }, { @@ -464,7 +483,10 @@ func TestGenerateNetworkNeighborsEntries(t *testing.T) { }, }, }, - expectedSpec: v1beta1.NetworkNeighborsSpec{}, + expectedSpec: v1beta1.NetworkNeighborsSpec{ + Egress: []v1beta1.NetworkNeighbor{}, + Ingress: []v1beta1.NetworkNeighbor{}, + }, }, { name: "multiple events with different ports - ports are merged", @@ -601,6 +623,7 @@ func TestGenerateNetworkNeighborsEntries(t *testing.T) { Identifier: "b94b02766fdf0694c9d2d03696f41c70e0df0784b4dc9e2ce2c9b1808bc8d273", }, }, + Egress: []v1beta1.NetworkNeighbor{}, }, }, { @@ -646,10 +669,10 @@ func TestGenerateNetworkNeighborsEntries(t *testing.T) { Port: ptr.To(int32(1)), }, }, - PodSelector: &metav1.LabelSelector{MatchLabels: map[string]string{"app": "destination"}}, + PodSelector: &metav1.LabelSelector{MatchLabels: map[string]string{"app": "destination2"}}, NamespaceSelector: nil, IPAddress: "", - Identifier: "0d13d659ca4ba62f02f78781a15e1bfb4f88b29761d06c1b90cfa8834d9845c7", + Identifier: "4c4c30e0f156db2ec7212a9ce68f17613a4a755325e647084ef9379f8eb6caaa", }, { Type: "internal", @@ -661,12 +684,13 @@ func TestGenerateNetworkNeighborsEntries(t *testing.T) { Port: ptr.To(int32(1)), }, }, - PodSelector: &metav1.LabelSelector{MatchLabels: map[string]string{"app": "destination2"}}, + PodSelector: &metav1.LabelSelector{MatchLabels: map[string]string{"app": "destination"}}, NamespaceSelector: nil, IPAddress: "", - Identifier: "4c4c30e0f156db2ec7212a9ce68f17613a4a755325e647084ef9379f8eb6caaa", + Identifier: "0d13d659ca4ba62f02f78781a15e1bfb4f88b29761d06c1b90cfa8834d9845c7", }, }, + Egress: []v1beta1.NetworkNeighbor{}, }, }, { @@ -717,13 +741,56 @@ func TestGenerateNetworkNeighborsEntries(t *testing.T) { Identifier: "0d13d659ca4ba62f02f78781a15e1bfb4f88b29761d06c1b90cfa8834d9845c7", }, }, + Egress: []v1beta1.NetworkNeighbor{}, + }, + }, + { + name: "IP is resolved - DNS is enriched", + namespace: "kubescape", + networkEvents: []NetworkEvent{ + { + Port: 1, + PktType: "HOST", + Protocol: "TCP", + Destination: Destination{ + Kind: EndpointKindRaw, + IPAddress: "1.2.3.4", + }, + }, + }, + expectedSpec: v1beta1.NetworkNeighborsSpec{ + Ingress: []v1beta1.NetworkNeighbor{ + { + Type: "external", + DNS: "domain.com", + Ports: []v1beta1.NetworkPort{ + { + Name: "TCP-1", + Protocol: "TCP", + Port: ptr.To(int32(1)), + }, + }, + IPAddress: "1.2.3.4", + Identifier: "12f9a2d88f8ca830047d7b6324e9ded773a803e42b50a01a36009fc447fc6fb0", + }, + }, + Egress: []v1beta1.NetworkNeighbor{}, + }, + addressToDomainMap: map[string]string{ + "1.2.3.4": "domain.com", }, }, } - am := CreateNetworkManager(context.TODO(), config.Config{}, nil, nil, "") - for _, tc := range tests { + dnsResolver := dnsResolverMock{} + dnsResolver.addressToDomainMap = &maps.SafeMap[string, string]{} + + for k, v := range tc.addressToDomainMap { + dnsResolver.addressToDomainMap.Set(k, v) + } + + am := CreateNetworkManager(context.TODO(), config.Config{}, nil, nil, "", &dnsResolver) networkEventsSet := mapset.NewSet[NetworkEvent]() for _, ne := range tc.networkEvents { networkEventsSet.Add(ne) @@ -892,7 +959,8 @@ func TestIsValidEvent(t *testing.T) { }, } - am := CreateNetworkManager(context.TODO(), config.Config{}, nil, nil, "test") + dnsResolver := dnsmanager.CreateDNSManagerMock() + am := CreateNetworkManager(context.TODO(), config.Config{}, nil, nil, "test", dnsResolver) for _, tc := range tests { t.Run(fmt.Sprintf("Input: %s", tc.name), func(t *testing.T) { From 2d426c0be3c2353c45f5cff2fd3ea3540097d07e Mon Sep 17 00:00:00 2001 From: Daniel-GrunbergerCA Date: Tue, 7 Nov 2023 16:28:50 +0200 Subject: [PATCH 5/9] remove container logic Signed-off-by: Daniel-GrunbergerCA --- main.go | 3 +- .../dnsmanager/dns_manager.go | 113 ++++++++--------- .../dnsmanager/dns_manager_interface.go | 3 +- .../dnsmanager/dns_manager_test.go | 116 ++++++++---------- .../v1/container_watcher_private.go | 4 +- 5 files changed, 105 insertions(+), 134 deletions(-) diff --git a/main.go b/main.go index 646ae4c0..36e08547 100644 --- a/main.go +++ b/main.go @@ -19,7 +19,6 @@ import ( "os" "os/signal" "syscall" - "time" utilsmetadata "github.com/armosec/utils-k8s-go/armometadata" @@ -111,7 +110,7 @@ func main() { if cfg.EnableNetworkTracing { dnsCfg := cfg - dnsCfg.InitialDelay = cfg.InitialDelay - 30*time.Second + dnsCfg.InitialDelay = cfg.InitialDelay dnsManager := dnsmanager.CreateDNSManager(ctx, dnsCfg, k8sClient, storageClient, clusterData.ClusterName) dnsManagerClient = dnsManager diff --git a/pkg/containerwatcher/dnsmanager/dns_manager.go b/pkg/containerwatcher/dnsmanager/dns_manager.go index b269c342..63b75285 100644 --- a/pkg/containerwatcher/dnsmanager/dns_manager.go +++ b/pkg/containerwatcher/dnsmanager/dns_manager.go @@ -5,28 +5,19 @@ import ( "node-agent/pkg/config" "node-agent/pkg/k8sclient" "node-agent/pkg/storage" - "node-agent/pkg/utils" - "time" "github.com/goradd/maps" - containercollection "github.com/inspektor-gadget/inspektor-gadget/pkg/container-collection" tracerdnstype "github.com/inspektor-gadget/inspektor-gadget/pkg/gadgets/trace/dns/types" - "github.com/kubescape/go-logger" - "github.com/kubescape/go-logger/helpers" - "github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1" - "go.opentelemetry.io/otel" - "go.opentelemetry.io/otel/attribute" - "go.opentelemetry.io/otel/trace" ) type DNSManager struct { - cfg config.Config - ctx context.Context - k8sClient k8sclient.K8sClientInterface - storageClient storage.StorageClient - clusterName string - watchedContainerChannels maps.SafeMap[string, chan error] // key is ContainerID - addressToDomainMap maps.SafeMap[string, string] + cfg config.Config + ctx context.Context + // k8sClient k8sclient.K8sClientInterface + // storageClient storage.StorageClient + // clusterName string + // watchedContainerChannels maps.SafeMap[string, chan error] // key is ContainerID + addressToDomainMap maps.SafeMap[string, string] // this map is used to resolve IP address to domain name } var _ DNSManagerClient = (*DNSManager)(nil) @@ -34,62 +25,58 @@ var _ DNSResolver = (*DNSManager)(nil) func CreateDNSManager(ctx context.Context, cfg config.Config, k8sClient k8sclient.K8sClientInterface, storageClient storage.StorageClient, clusterName string) *DNSManager { return &DNSManager{ - cfg: cfg, - ctx: ctx, - k8sClient: k8sClient, - storageClient: storageClient, - clusterName: clusterName, + cfg: cfg, + ctx: ctx, + // k8sClient: k8sClient, + // storageClient: storageClient, + // clusterName: clusterName, } } -func (n *DNSManager) ContainerCallback(notif containercollection.PubSubEvent) { - k8sContainerID := utils.CreateK8sContainerID(notif.Container.K8s.Namespace, notif.Container.K8s.PodName, notif.Container.K8s.ContainerName) - ctx, span := otel.Tracer("").Start(n.ctx, "NetworkManager.ContainerCallback", trace.WithAttributes(attribute.String("containerID", notif.Container.Runtime.ContainerID), attribute.String("k8s workload", k8sContainerID))) - defer span.End() - switch notif.Type { - case containercollection.EventTypeAddContainer: - if n.watchedContainerChannels.Has(notif.Container.Runtime.ContainerID) { - logger.L().Debug("container already exist in memory", helpers.String("container ID", notif.Container.Runtime.ContainerID), helpers.String("k8s workload", k8sContainerID)) - return - } - go n.handleContainerStarted(ctx, notif.Container, k8sContainerID) +// func (dn *DNSManager) ContainerCallback(notif containercollection.PubSubEvent) { +// k8sContainerID := utils.CreateK8sContainerID(notif.Container.K8s.Namespace, notif.Container.K8s.PodName, notif.Container.K8s.ContainerName) +// ctx, span := otel.Tracer("").Start(dn.ctx, "NetworkManager.ContainerCallback", trace.WithAttributes(attribute.String("containerID", notif.Container.Runtime.ContainerID), attribute.String("k8s workload", k8sContainerID))) +// defer span.End() - case containercollection.EventTypeRemoveContainer: - channel := n.watchedContainerChannels.Get(notif.Container.Runtime.ContainerID) - if channel != nil { - channel <- utils.ContainerHasTerminatedError - } - n.watchedContainerChannels.Delete(notif.Container.Runtime.ContainerID) - } -} +// switch notif.Type { +// case containercollection.EventTypeAddContainer: +// if dn.watchedContainerChannels.Has(notif.Container.Runtime.ContainerID) { +// logger.L().Debug("container already exist in memory", helpers.String("container ID", notif.Container.Runtime.ContainerID), helpers.String("k8s workload", k8sContainerID)) +// return +// } +// go dn.handleContainerStarted(ctx, notif.Container, k8sContainerID) -func (n *DNSManager) handleContainerStarted(ctx context.Context, container *containercollection.Container, k8sContainerID string) { - ctx, span := otel.Tracer("").Start(ctx, "DNSManager.handleContainerStarted") - defer span.End() +// case containercollection.EventTypeRemoveContainer: +// channel := dn.watchedContainerChannels.Get(notif.Container.Runtime.ContainerID) +// if channel != nil { +// channel <- utils.ContainerHasTerminatedError +// } +// dn.watchedContainerChannels.Delete(notif.Container.Runtime.ContainerID) +// } +// } - watchedContainer := &utils.WatchedContainerData{ - ContainerID: container.Runtime.ContainerID, - UpdateDataTicker: time.NewTicker(n.cfg.InitialDelay - 30*time.Second), - SyncChannel: make(chan error, 10), - K8sContainerID: k8sContainerID, - RelevantRealtimeFilesByPackageSourceInfo: map[string]*utils.PackageSourceInfoData{}, - RelevantRealtimeFilesBySPDXIdentifier: map[v1beta1.ElementID]bool{}, - } - n.watchedContainerChannels.Set(watchedContainer.ContainerID, watchedContainer.SyncChannel) -} +// func (dn *DNSManager) handleContainerStarted(ctx context.Context, container *containercollection.Container, k8sContainerID string) { +// ctx, span := otel.Tracer("").Start(ctx, "DNSManager.handleContainerStarted") +// defer span.End() -func (n *DNSManager) SaveNetworkEvent(podName string, dnsEvent tracerdnstype.Event) { +// watchedContainer := &utils.WatchedContainerData{ +// ContainerID: container.Runtime.ContainerID, +// UpdateDataTicker: time.NewTicker(dn.cfg.InitialDelay), +// SyncChannel: make(chan error, 10), +// K8sContainerID: k8sContainerID, +// RelevantRealtimeFilesByPackageSourceInfo: map[string]*utils.PackageSourceInfoData{}, +// RelevantRealtimeFilesBySPDXIdentifier: map[v1beta1.ElementID]bool{}, +// } +// dn.watchedContainerChannels.Set(watchedContainer.ContainerID, watchedContainer.SyncChannel) +// } + +func (dn *DNSManager) SaveNetworkEvent(podName string, dnsEvent tracerdnstype.Event) { for _, address := range dnsEvent.Addresses { - n.addressToDomainMap.Set(address, dnsEvent.DNSName) + dn.addressToDomainMap.Set(address, dnsEvent.DNSName) } - - logger.L().Debug("DNS event", helpers.Interface("event", dnsEvent), helpers.String("pod name", podName)) } -func (n *DNSManager) ResolveIPAddress(ipAddr string) (string, bool) { - domain := n.addressToDomainMap.Get(ipAddr) - if domain == "" { - return "", false - } - return domain, true +func (dn *DNSManager) ResolveIPAddress(ipAddr string) (string, bool) { + domain := dn.addressToDomainMap.Get(ipAddr) + return domain, domain != "" } diff --git a/pkg/containerwatcher/dnsmanager/dns_manager_interface.go b/pkg/containerwatcher/dnsmanager/dns_manager_interface.go index a439da46..2448e22d 100644 --- a/pkg/containerwatcher/dnsmanager/dns_manager_interface.go +++ b/pkg/containerwatcher/dnsmanager/dns_manager_interface.go @@ -1,12 +1,11 @@ package dnsmanager import ( - containercollection "github.com/inspektor-gadget/inspektor-gadget/pkg/container-collection" tracerdnstype "github.com/inspektor-gadget/inspektor-gadget/pkg/gadgets/trace/dns/types" ) type DNSManagerClient interface { - ContainerCallback(notif containercollection.PubSubEvent) + // ContainerCallback(notif containercollection.PubSubEvent) SaveNetworkEvent(podName string, networkEvent tracerdnstype.Event) } diff --git a/pkg/containerwatcher/dnsmanager/dns_manager_test.go b/pkg/containerwatcher/dnsmanager/dns_manager_test.go index 941704dc..9f691b48 100644 --- a/pkg/containerwatcher/dnsmanager/dns_manager_test.go +++ b/pkg/containerwatcher/dnsmanager/dns_manager_test.go @@ -1,67 +1,53 @@ package dnsmanager -import ( - "context" - "node-agent/pkg/config" - "node-agent/pkg/k8sclient" - "node-agent/pkg/storage" - "testing" - "time" - - containercollection "github.com/inspektor-gadget/inspektor-gadget/pkg/container-collection" - tracerdnstype "github.com/inspektor-gadget/inspektor-gadget/pkg/gadgets/trace/dns/types" - "github.com/inspektor-gadget/inspektor-gadget/pkg/types" - "github.com/stretchr/testify/assert" -) - -func TestDNSManager(t *testing.T) { - cfg := config.Config{ - InitialDelay: 1 * time.Second, - MaxSniffingTime: 5 * time.Minute, - UpdateDataPeriod: 20 * time.Second, - } - - ctx := context.TODO() - k8sClient := &k8sclient.K8sClientMock{} - storageClient := &storage.StorageHttpClientMock{} - nm := CreateDNSManager(ctx, cfg, k8sClient, storageClient, "test") - - container := &containercollection.Container{ - K8s: containercollection.K8sMetadata{ - BasicK8sMetadata: types.BasicK8sMetadata{ - Namespace: "ns", - PodName: "pod", - ContainerName: "cont", - }, - }, - Runtime: containercollection.RuntimeMetadata{ - BasicRuntimeMetadata: types.BasicRuntimeMetadata{ - ContainerID: "5fff6a395ce4e6984a9447cc6cfb09f473eaf278498243963fcc944889bc8400", - }, - }, - } - nm.ContainerCallback(containercollection.PubSubEvent{ - Type: containercollection.EventTypeAddContainer, - Container: container, - }) - - dnsEvent := &tracerdnstype.Event{ - Qr: tracerdnstype.DNSPktTypeResponse, - QType: "A", - DNSName: "google.com", - Addresses: []string{ - "15.52.34.53", - "12.52.34.53", - }, - } - - nm.SaveNetworkEvent("test", *dnsEvent) - time.Sleep(12 * time.Second) - - nm.ContainerCallback(containercollection.PubSubEvent{ - Type: containercollection.EventTypeRemoveContainer, - Container: container, - }) - - assert.Equal(t, 2, len(nm.addressToDomainMap.Keys())) -} +// func TestDNSManager(t *testing.T) { +// cfg := config.Config{ +// InitialDelay: 1 * time.Second, +// MaxSniffingTime: 5 * time.Minute, +// UpdateDataPeriod: 20 * time.Second, +// } + +// ctx := context.TODO() +// k8sClient := &k8sclient.K8sClientMock{} +// storageClient := &storage.StorageHttpClientMock{} +// nm := CreateDNSManager(ctx, cfg, k8sClient, storageClient, "test") + +// container := &containercollection.Container{ +// K8s: containercollection.K8sMetadata{ +// BasicK8sMetadata: types.BasicK8sMetadata{ +// Namespace: "ns", +// PodName: "pod", +// ContainerName: "cont", +// }, +// }, +// Runtime: containercollection.RuntimeMetadata{ +// BasicRuntimeMetadata: types.BasicRuntimeMetadata{ +// ContainerID: "5fff6a395ce4e6984a9447cc6cfb09f473eaf278498243963fcc944889bc8400", +// }, +// }, +// } +// nm.ContainerCallback(containercollection.PubSubEvent{ +// Type: containercollection.EventTypeAddContainer, +// Container: container, +// }) + +// dnsEvent := &tracerdnstype.Event{ +// Qr: tracerdnstype.DNSPktTypeResponse, +// QType: "A", +// DNSName: "google.com", +// Addresses: []string{ +// "15.52.34.53", +// "12.52.34.53", +// }, +// } + +// nm.SaveNetworkEvent("test", *dnsEvent) +// time.Sleep(12 * time.Second) + +// nm.ContainerCallback(containercollection.PubSubEvent{ +// Type: containercollection.EventTypeRemoveContainer, +// Container: container, +// }) + +// assert.Equal(t, 2, len(nm.addressToDomainMap.Keys())) +// } diff --git a/pkg/containerwatcher/v1/container_watcher_private.go b/pkg/containerwatcher/v1/container_watcher_private.go index a06858ce..0d46e41b 100644 --- a/pkg/containerwatcher/v1/container_watcher_private.go +++ b/pkg/containerwatcher/v1/container_watcher_private.go @@ -38,7 +38,7 @@ func (ch *IGContainerWatcher) startContainerCollection(ctx context.Context) erro ch.applicationProfileManager.ContainerCallback, ch.relevancyManager.ContainerCallback, ch.networkManager.ContainerCallback, - ch.dnsManager.ContainerCallback, + // ch.dnsManager.ContainerCallback, } // Define the different options for the container collection instance @@ -186,5 +186,5 @@ func (ch *IGContainerWatcher) unregisterContainer(container *containercollection ch.applicationProfileManager.ContainerCallback(event) ch.relevancyManager.ContainerCallback(event) ch.networkManager.ContainerCallback(event) - ch.dnsManager.ContainerCallback(event) + // ch.dnsManager.ContainerCallback(event) } From e9a5641aa6763876bfff14fa0f73d02e3a0b6491 Mon Sep 17 00:00:00 2001 From: Daniel-GrunbergerCA Date: Tue, 7 Nov 2023 16:51:23 +0200 Subject: [PATCH 6/9] refactor Signed-off-by: Daniel-GrunbergerCA --- .../dnsmanager/dns_manager.go | 60 ++---------- .../dnsmanager/dns_manager_interface.go | 3 +- .../dnsmanager/dns_manager_mock.go | 7 +- .../dnsmanager/dns_manager_test.go | 93 +++++++++---------- pkg/containerwatcher/v1/container_watcher.go | 2 +- 5 files changed, 54 insertions(+), 111 deletions(-) diff --git a/pkg/containerwatcher/dnsmanager/dns_manager.go b/pkg/containerwatcher/dnsmanager/dns_manager.go index 63b75285..15604152 100644 --- a/pkg/containerwatcher/dnsmanager/dns_manager.go +++ b/pkg/containerwatcher/dnsmanager/dns_manager.go @@ -10,13 +10,8 @@ import ( tracerdnstype "github.com/inspektor-gadget/inspektor-gadget/pkg/gadgets/trace/dns/types" ) +// DNSManager is used to manage DNS events and save IP resolutions. It exposes an API to resolve IP address to domain name. type DNSManager struct { - cfg config.Config - ctx context.Context - // k8sClient k8sclient.K8sClientInterface - // storageClient storage.StorageClient - // clusterName string - // watchedContainerChannels maps.SafeMap[string, chan error] // key is ContainerID addressToDomainMap maps.SafeMap[string, string] // this map is used to resolve IP address to domain name } @@ -24,59 +19,16 @@ var _ DNSManagerClient = (*DNSManager)(nil) var _ DNSResolver = (*DNSManager)(nil) func CreateDNSManager(ctx context.Context, cfg config.Config, k8sClient k8sclient.K8sClientInterface, storageClient storage.StorageClient, clusterName string) *DNSManager { - return &DNSManager{ - cfg: cfg, - ctx: ctx, - // k8sClient: k8sClient, - // storageClient: storageClient, - // clusterName: clusterName, - } + return &DNSManager{} } -// func (dn *DNSManager) ContainerCallback(notif containercollection.PubSubEvent) { -// k8sContainerID := utils.CreateK8sContainerID(notif.Container.K8s.Namespace, notif.Container.K8s.PodName, notif.Container.K8s.ContainerName) -// ctx, span := otel.Tracer("").Start(dn.ctx, "NetworkManager.ContainerCallback", trace.WithAttributes(attribute.String("containerID", notif.Container.Runtime.ContainerID), attribute.String("k8s workload", k8sContainerID))) -// defer span.End() - -// switch notif.Type { -// case containercollection.EventTypeAddContainer: -// if dn.watchedContainerChannels.Has(notif.Container.Runtime.ContainerID) { -// logger.L().Debug("container already exist in memory", helpers.String("container ID", notif.Container.Runtime.ContainerID), helpers.String("k8s workload", k8sContainerID)) -// return -// } -// go dn.handleContainerStarted(ctx, notif.Container, k8sContainerID) - -// case containercollection.EventTypeRemoveContainer: -// channel := dn.watchedContainerChannels.Get(notif.Container.Runtime.ContainerID) -// if channel != nil { -// channel <- utils.ContainerHasTerminatedError -// } -// dn.watchedContainerChannels.Delete(notif.Container.Runtime.ContainerID) -// } -// } - -// func (dn *DNSManager) handleContainerStarted(ctx context.Context, container *containercollection.Container, k8sContainerID string) { -// ctx, span := otel.Tracer("").Start(ctx, "DNSManager.handleContainerStarted") -// defer span.End() - -// watchedContainer := &utils.WatchedContainerData{ -// ContainerID: container.Runtime.ContainerID, -// UpdateDataTicker: time.NewTicker(dn.cfg.InitialDelay), -// SyncChannel: make(chan error, 10), -// K8sContainerID: k8sContainerID, -// RelevantRealtimeFilesByPackageSourceInfo: map[string]*utils.PackageSourceInfoData{}, -// RelevantRealtimeFilesBySPDXIdentifier: map[v1beta1.ElementID]bool{}, -// } -// dn.watchedContainerChannels.Set(watchedContainer.ContainerID, watchedContainer.SyncChannel) -// } - -func (dn *DNSManager) SaveNetworkEvent(podName string, dnsEvent tracerdnstype.Event) { +func (dm *DNSManager) SaveNetworkEvent(dnsEvent tracerdnstype.Event) { for _, address := range dnsEvent.Addresses { - dn.addressToDomainMap.Set(address, dnsEvent.DNSName) + dm.addressToDomainMap.Set(address, dnsEvent.DNSName) } } -func (dn *DNSManager) ResolveIPAddress(ipAddr string) (string, bool) { - domain := dn.addressToDomainMap.Get(ipAddr) +func (dm *DNSManager) ResolveIPAddress(ipAddr string) (string, bool) { + domain := dm.addressToDomainMap.Get(ipAddr) return domain, domain != "" } diff --git a/pkg/containerwatcher/dnsmanager/dns_manager_interface.go b/pkg/containerwatcher/dnsmanager/dns_manager_interface.go index 2448e22d..886f2e5c 100644 --- a/pkg/containerwatcher/dnsmanager/dns_manager_interface.go +++ b/pkg/containerwatcher/dnsmanager/dns_manager_interface.go @@ -5,8 +5,7 @@ import ( ) type DNSManagerClient interface { - // ContainerCallback(notif containercollection.PubSubEvent) - SaveNetworkEvent(podName string, networkEvent tracerdnstype.Event) + SaveNetworkEvent(networkEvent tracerdnstype.Event) } type DNSResolver interface { diff --git a/pkg/containerwatcher/dnsmanager/dns_manager_mock.go b/pkg/containerwatcher/dnsmanager/dns_manager_mock.go index cf7597b6..30705a6b 100644 --- a/pkg/containerwatcher/dnsmanager/dns_manager_mock.go +++ b/pkg/containerwatcher/dnsmanager/dns_manager_mock.go @@ -1,7 +1,6 @@ package dnsmanager import ( - containercollection "github.com/inspektor-gadget/inspektor-gadget/pkg/container-collection" tracerdnstype "github.com/inspektor-gadget/inspektor-gadget/pkg/gadgets/trace/dns/types" ) @@ -15,11 +14,7 @@ func CreateDNSManagerMock() *DNSManagerMock { return &DNSManagerMock{} } -func (n *DNSManagerMock) ContainerCallback(notif containercollection.PubSubEvent) { - -} - -func (n *DNSManagerMock) SaveNetworkEvent(podName string, event tracerdnstype.Event) { +func (n *DNSManagerMock) SaveNetworkEvent(event tracerdnstype.Event) { } func (n *DNSManagerMock) ResolveIPAddress(ipAddr string) (string, bool) { diff --git a/pkg/containerwatcher/dnsmanager/dns_manager_test.go b/pkg/containerwatcher/dnsmanager/dns_manager_test.go index 9f691b48..006dda88 100644 --- a/pkg/containerwatcher/dnsmanager/dns_manager_test.go +++ b/pkg/containerwatcher/dnsmanager/dns_manager_test.go @@ -1,53 +1,50 @@ package dnsmanager -// func TestDNSManager(t *testing.T) { -// cfg := config.Config{ -// InitialDelay: 1 * time.Second, -// MaxSniffingTime: 5 * time.Minute, -// UpdateDataPeriod: 20 * time.Second, -// } +import ( + "testing" -// ctx := context.TODO() -// k8sClient := &k8sclient.K8sClientMock{} -// storageClient := &storage.StorageHttpClientMock{} -// nm := CreateDNSManager(ctx, cfg, k8sClient, storageClient, "test") + tracerdnstype "github.com/inspektor-gadget/inspektor-gadget/pkg/gadgets/trace/dns/types" +) -// container := &containercollection.Container{ -// K8s: containercollection.K8sMetadata{ -// BasicK8sMetadata: types.BasicK8sMetadata{ -// Namespace: "ns", -// PodName: "pod", -// ContainerName: "cont", -// }, -// }, -// Runtime: containercollection.RuntimeMetadata{ -// BasicRuntimeMetadata: types.BasicRuntimeMetadata{ -// ContainerID: "5fff6a395ce4e6984a9447cc6cfb09f473eaf278498243963fcc944889bc8400", -// }, -// }, -// } -// nm.ContainerCallback(containercollection.PubSubEvent{ -// Type: containercollection.EventTypeAddContainer, -// Container: container, -// }) +func TestResolveIPAddress(t *testing.T) { + tests := []struct { + name string + dnsEvent tracerdnstype.Event + ipAddr string + want string + }{ + { + name: "ip found", + ipAddr: "14.23.332.4", + dnsEvent: tracerdnstype.Event{ + DNSName: "test.com", + Addresses: []string{ + "14.23.332.4", + }, + }, + want: "test.com", + }, + { + name: "ip not found", + ipAddr: "14.23.332.4", + dnsEvent: tracerdnstype.Event{ + DNSName: "test.com", + Addresses: []string{ + "54.23.332.4", + }, + }, + want: "", + }, + } -// dnsEvent := &tracerdnstype.Event{ -// Qr: tracerdnstype.DNSPktTypeResponse, -// QType: "A", -// DNSName: "google.com", -// Addresses: []string{ -// "15.52.34.53", -// "12.52.34.53", -// }, -// } - -// nm.SaveNetworkEvent("test", *dnsEvent) -// time.Sleep(12 * time.Second) - -// nm.ContainerCallback(containercollection.PubSubEvent{ -// Type: containercollection.EventTypeRemoveContainer, -// Container: container, -// }) - -// assert.Equal(t, 2, len(nm.addressToDomainMap.Keys())) -// } + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + dm := &DNSManager{} + dm.SaveNetworkEvent(tt.dnsEvent) + got, _ := dm.ResolveIPAddress(tt.ipAddr) + if got != tt.want { + t.Errorf("ResolveIPAddress() got = %v, want %v", got, tt.want) + } + }) + } +} diff --git a/pkg/containerwatcher/v1/container_watcher.go b/pkg/containerwatcher/v1/container_watcher.go index b3d3f3f1..eaba32bc 100644 --- a/pkg/containerwatcher/v1/container_watcher.go +++ b/pkg/containerwatcher/v1/container_watcher.go @@ -146,7 +146,7 @@ func CreateIGContainerWatcher(cfg config.Config, applicationProfileManager appli return } - dnsManagerClient.SaveNetworkEvent(event.K8s.PodName, event) + dnsManagerClient.SaveNetworkEvent(event) }) if err != nil { From 5e706a4d8229ff43acfc40f3b3f8d57489894394 Mon Sep 17 00:00:00 2001 From: Daniel-GrunbergerCA Date: Tue, 7 Nov 2023 17:06:33 +0200 Subject: [PATCH 7/9] rm comments Signed-off-by: Daniel-GrunbergerCA --- main.go | 5 +---- pkg/containerwatcher/v1/container_watcher_private.go | 2 -- pkg/networkmanager/network_manager.go | 2 -- 3 files changed, 1 insertion(+), 8 deletions(-) diff --git a/main.go b/main.go index 36e08547..22e549c4 100644 --- a/main.go +++ b/main.go @@ -109,10 +109,7 @@ func main() { var dnsManagerClient dnsmanager.DNSManagerClient if cfg.EnableNetworkTracing { - dnsCfg := cfg - dnsCfg.InitialDelay = cfg.InitialDelay - - dnsManager := dnsmanager.CreateDNSManager(ctx, dnsCfg, k8sClient, storageClient, clusterData.ClusterName) + dnsManager := dnsmanager.CreateDNSManager(ctx, cfg, k8sClient, storageClient, clusterData.ClusterName) dnsManagerClient = dnsManager networkManagerClient = networkmanager.CreateNetworkManager(ctx, cfg, k8sClient, storageClient, clusterData.ClusterName, dnsManager) diff --git a/pkg/containerwatcher/v1/container_watcher_private.go b/pkg/containerwatcher/v1/container_watcher_private.go index 0d46e41b..6fb25873 100644 --- a/pkg/containerwatcher/v1/container_watcher_private.go +++ b/pkg/containerwatcher/v1/container_watcher_private.go @@ -38,7 +38,6 @@ func (ch *IGContainerWatcher) startContainerCollection(ctx context.Context) erro ch.applicationProfileManager.ContainerCallback, ch.relevancyManager.ContainerCallback, ch.networkManager.ContainerCallback, - // ch.dnsManager.ContainerCallback, } // Define the different options for the container collection instance @@ -186,5 +185,4 @@ func (ch *IGContainerWatcher) unregisterContainer(container *containercollection ch.applicationProfileManager.ContainerCallback(event) ch.relevancyManager.ContainerCallback(event) ch.networkManager.ContainerCallback(event) - // ch.dnsManager.ContainerCallback(event) } diff --git a/pkg/networkmanager/network_manager.go b/pkg/networkmanager/network_manager.go index 8a3ca2ad..03412460 100644 --- a/pkg/networkmanager/network_manager.go +++ b/pkg/networkmanager/network_manager.go @@ -398,8 +398,6 @@ func (am *NetworkManager) generateNetworkNeighborsEntries(namespace string, netw domain, ok := am.dnsResolverClient.ResolveIPAddress(networkEvent.Destination.IPAddress) if ok { neighborEntry.DNS = domain - } else { - logger.L().Debug("failed to resolve ip address", helpers.String("ip address", networkEvent.Destination.IPAddress), helpers.Interface("am.dnsResolverClient", am.dnsResolverClient)) } } } From 9c7f498ba267e6cd1b305ed6f41fd3eb019cad58 Mon Sep 17 00:00:00 2001 From: Daniel-GrunbergerCA Date: Tue, 7 Nov 2023 17:09:16 +0200 Subject: [PATCH 8/9] dont fail on err Signed-off-by: Daniel-GrunbergerCA --- pkg/containerwatcher/v1/container_watcher_private.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/containerwatcher/v1/container_watcher_private.go b/pkg/containerwatcher/v1/container_watcher_private.go index 6fb25873..1379a797 100644 --- a/pkg/containerwatcher/v1/container_watcher_private.go +++ b/pkg/containerwatcher/v1/container_watcher_private.go @@ -110,8 +110,8 @@ func (ch *IGContainerWatcher) startTracers() error { } if err := ch.startDNSTracing(); err != nil { + // not failing on dns tracing error logger.L().Error("error starting dns tracing", helpers.Error(err)) - return err } if err := ch.startNetworkTracing(); err != nil { From 172f4b36398db30fb61ca8ceb3f3ed510a812b91 Mon Sep 17 00:00:00 2001 From: Daniel-GrunbergerCA Date: Tue, 7 Nov 2023 17:44:50 +0200 Subject: [PATCH 9/9] rename func Signed-off-by: Daniel-GrunbergerCA --- pkg/containerwatcher/dnsmanager/dns_manager.go | 2 +- pkg/containerwatcher/dnsmanager/dns_manager_interface.go | 2 +- pkg/containerwatcher/dnsmanager/dns_manager_mock.go | 2 +- pkg/containerwatcher/dnsmanager/dns_manager_test.go | 2 +- pkg/containerwatcher/v1/container_watcher.go | 2 +- 5 files changed, 5 insertions(+), 5 deletions(-) diff --git a/pkg/containerwatcher/dnsmanager/dns_manager.go b/pkg/containerwatcher/dnsmanager/dns_manager.go index 15604152..fee3cbe0 100644 --- a/pkg/containerwatcher/dnsmanager/dns_manager.go +++ b/pkg/containerwatcher/dnsmanager/dns_manager.go @@ -22,7 +22,7 @@ func CreateDNSManager(ctx context.Context, cfg config.Config, k8sClient k8sclien return &DNSManager{} } -func (dm *DNSManager) SaveNetworkEvent(dnsEvent tracerdnstype.Event) { +func (dm *DNSManager) ProcessDNSEvent(dnsEvent tracerdnstype.Event) { for _, address := range dnsEvent.Addresses { dm.addressToDomainMap.Set(address, dnsEvent.DNSName) } diff --git a/pkg/containerwatcher/dnsmanager/dns_manager_interface.go b/pkg/containerwatcher/dnsmanager/dns_manager_interface.go index 886f2e5c..2dcd9e9c 100644 --- a/pkg/containerwatcher/dnsmanager/dns_manager_interface.go +++ b/pkg/containerwatcher/dnsmanager/dns_manager_interface.go @@ -5,7 +5,7 @@ import ( ) type DNSManagerClient interface { - SaveNetworkEvent(networkEvent tracerdnstype.Event) + ProcessDNSEvent(networkEvent tracerdnstype.Event) } type DNSResolver interface { diff --git a/pkg/containerwatcher/dnsmanager/dns_manager_mock.go b/pkg/containerwatcher/dnsmanager/dns_manager_mock.go index 30705a6b..29c54790 100644 --- a/pkg/containerwatcher/dnsmanager/dns_manager_mock.go +++ b/pkg/containerwatcher/dnsmanager/dns_manager_mock.go @@ -14,7 +14,7 @@ func CreateDNSManagerMock() *DNSManagerMock { return &DNSManagerMock{} } -func (n *DNSManagerMock) SaveNetworkEvent(event tracerdnstype.Event) { +func (n *DNSManagerMock) ProcessDNSEvent(event tracerdnstype.Event) { } func (n *DNSManagerMock) ResolveIPAddress(ipAddr string) (string, bool) { diff --git a/pkg/containerwatcher/dnsmanager/dns_manager_test.go b/pkg/containerwatcher/dnsmanager/dns_manager_test.go index 006dda88..e99e7d88 100644 --- a/pkg/containerwatcher/dnsmanager/dns_manager_test.go +++ b/pkg/containerwatcher/dnsmanager/dns_manager_test.go @@ -40,7 +40,7 @@ func TestResolveIPAddress(t *testing.T) { for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { dm := &DNSManager{} - dm.SaveNetworkEvent(tt.dnsEvent) + dm.ProcessDNSEvent(tt.dnsEvent) got, _ := dm.ResolveIPAddress(tt.ipAddr) if got != tt.want { t.Errorf("ResolveIPAddress() got = %v, want %v", got, tt.want) diff --git a/pkg/containerwatcher/v1/container_watcher.go b/pkg/containerwatcher/v1/container_watcher.go index eaba32bc..91dc355e 100644 --- a/pkg/containerwatcher/v1/container_watcher.go +++ b/pkg/containerwatcher/v1/container_watcher.go @@ -146,7 +146,7 @@ func CreateIGContainerWatcher(cfg config.Config, applicationProfileManager appli return } - dnsManagerClient.SaveNetworkEvent(event) + dnsManagerClient.ProcessDNSEvent(event) }) if err != nil {