-
Notifications
You must be signed in to change notification settings - Fork 51
/
options.go
209 lines (176 loc) · 6.67 KB
/
options.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
package monitor
import (
"sync"
"go.aporeto.io/enforcerd/trireme-lib/collector"
"go.aporeto.io/enforcerd/trireme-lib/monitor/config"
"go.aporeto.io/enforcerd/trireme-lib/monitor/external"
"go.aporeto.io/enforcerd/trireme-lib/monitor/extractors"
dockermonitor "go.aporeto.io/enforcerd/trireme-lib/monitor/internal/docker"
k8smonitor "go.aporeto.io/enforcerd/trireme-lib/monitor/internal/k8s"
linuxmonitor "go.aporeto.io/enforcerd/trireme-lib/monitor/internal/linux"
"go.aporeto.io/enforcerd/trireme-lib/policy"
criapi "k8s.io/cri-api/pkg/apis"
)
// Options is provided using functional arguments.
type Options func(*config.MonitorConfig)
// DockerMonitorOption is provided using functional arguments.
type DockerMonitorOption func(*dockermonitor.Config)
// K8smonitorOption is provided using functional arguments.
type K8smonitorOption func(*k8smonitor.Config)
// LinuxMonitorOption is provided using functional arguments.
type LinuxMonitorOption func(*linuxmonitor.Config)
// SubOptionMonitorLinuxExtractor provides a way to specify metadata extractor for linux monitors.
func SubOptionMonitorLinuxExtractor(extractor extractors.EventMetadataExtractor) LinuxMonitorOption {
return func(cfg *linuxmonitor.Config) {
cfg.EventMetadataExtractor = extractor
}
}
// SubOptionMonitorLinuxRealeaseAgentPath specifies the path to release agent programmed in cgroup
func SubOptionMonitorLinuxRealeaseAgentPath(releasePath string) LinuxMonitorOption {
return func(cfg *linuxmonitor.Config) {
cfg.ReleasePath = releasePath
}
}
// optionMonitorLinux provides a way to add a linux monitor and related configuration to be used with New().
func optionMonitorLinux(
host bool,
opts ...LinuxMonitorOption,
) Options {
lc := linuxmonitor.DefaultConfig(host)
// Collect all docker options
for _, opt := range opts {
opt(lc)
}
return func(cfg *config.MonitorConfig) {
if host {
cfg.Monitors[config.LinuxHost] = lc
} else {
cfg.Monitors[config.LinuxProcess] = lc
}
}
}
// OptionMonitorLinuxHost provides a way to add a linux host monitor and related configuration to be used with New().
func OptionMonitorLinuxHost(
opts ...LinuxMonitorOption,
) Options {
return optionMonitorLinux(true, opts...)
}
// OptionMonitorLinuxProcess provides a way to add a linux process monitor and related configuration to be used with New().
func OptionMonitorLinuxProcess(
opts ...LinuxMonitorOption,
) Options {
return optionMonitorLinux(false, opts...)
}
// SubOptionMonitorDockerExtractor provides a way to specify metadata extractor for docker.
func SubOptionMonitorDockerExtractor(extractor extractors.DockerMetadataExtractor) DockerMonitorOption {
return func(cfg *dockermonitor.Config) {
cfg.EventMetadataExtractor = extractor
}
}
// SubOptionMonitorDockerSocket provides a way to specify socket info for docker.
func SubOptionMonitorDockerSocket(socketType, socketAddress string) DockerMonitorOption {
return func(cfg *dockermonitor.Config) {
cfg.SocketType = socketType
cfg.SocketAddress = socketAddress
}
}
// SubOptionMonitorDockerFlags provides a way to specify configuration flags info for docker.
func SubOptionMonitorDockerFlags(syncAtStart bool) DockerMonitorOption {
return func(cfg *dockermonitor.Config) {
cfg.SyncAtStart = syncAtStart
}
}
// SubOptionMonitorDockerDestroyStoppedContainers sets the option to destroy stopped containers.
func SubOptionMonitorDockerDestroyStoppedContainers(f bool) DockerMonitorOption {
return func(cfg *dockermonitor.Config) {
cfg.DestroyStoppedContainers = f
}
}
// OptionMonitorDocker provides a way to add a docker monitor and related configuration to be used with New().
func OptionMonitorDocker(opts ...DockerMonitorOption) Options {
dc := dockermonitor.DefaultConfig()
// Collect all docker options
for _, opt := range opts {
opt(dc)
}
return func(cfg *config.MonitorConfig) {
cfg.Monitors[config.Docker] = dc
}
}
// OptionMonitorK8s provides a way to add a K8s monitor and related configuration to be used with New().
func OptionMonitorK8s(opts ...K8smonitorOption) Options {
kc := k8smonitor.DefaultConfig()
for _, opt := range opts {
opt(kc)
}
return func(cfg *config.MonitorConfig) {
cfg.Monitors[config.K8s] = kc
}
}
// SubOptionMonitorK8sKubeconfig provides a way to specify a kubeconfig to use to connect to Kubernetes.
// In case of an in-cluter config, leave the kubeconfig field blank
func SubOptionMonitorK8sKubeconfig(kubeconfig string) K8smonitorOption {
return func(cfg *k8smonitor.Config) {
cfg.Kubeconfig = kubeconfig
}
}
// SubOptionMonitorK8sNodename provides a way to specify the kubernetes node name.
// This is useful for filtering
func SubOptionMonitorK8sNodename(nodename string) K8smonitorOption {
return func(cfg *k8smonitor.Config) {
cfg.Nodename = nodename
}
}
// SubOptionMonitorK8sMetadataExtractor provides a way to specify metadata extractor for Kubernetes
func SubOptionMonitorK8sMetadataExtractor(extractor extractors.PodMetadataExtractor) K8smonitorOption {
return func(cfg *k8smonitor.Config) {
cfg.MetadataExtractor = extractor
}
}
// SubOptionMonitorK8sCRIRuntimeService provides a way to pass through the CRI runtime service
func SubOptionMonitorK8sCRIRuntimeService(criRuntimeService criapi.RuntimeService) K8smonitorOption {
return func(cfg *k8smonitor.Config) {
cfg.CRIRuntimeService = criRuntimeService
}
}
// OptionMergeTags provides a way to add merge tags to be used with New().
func OptionMergeTags(tags []string) Options {
return func(cfg *config.MonitorConfig) {
cfg.MergeTags = tags
cfg.Common.MergeTags = tags
}
}
// OptionCollector provide a way to add to the monitor the collector instance
func OptionCollector(c collector.EventCollector) Options {
return func(cfg *config.MonitorConfig) {
cfg.Common.Collector = c
}
}
// OptionPolicyResolver provides a way to add to the monitor the policy resolver instance
func OptionPolicyResolver(p policy.Resolver) Options {
return func(cfg *config.MonitorConfig) {
cfg.Common.Policy = p
}
}
// OptionExternalEventSenders provide a way to add to the monitor the external event senders
func OptionExternalEventSenders(evs []external.ReceiverRegistration) Options {
return func(cfg *config.MonitorConfig) {
cfg.Common.ExternalEventSender = evs
}
}
// OptionResyncLock provide a shared lock between monitors if the monitor desires to sync with other components during PU resync at startup
func OptionResyncLock(resyncLock *sync.RWMutex) Options {
return func(cfg *config.MonitorConfig) {
cfg.Common.ResyncLock = resyncLock
}
}
// NewMonitor provides a configuration for monitors.
func NewMonitor(opts ...Options) *config.MonitorConfig {
cfg := &config.MonitorConfig{
Monitors: make(map[config.Type]interface{}),
}
for _, opt := range opts {
opt(cfg)
}
return cfg
}