hubble: Add GetNamespaces to hubble observer API

Signed-off-by: Chance Zibolski <chance.zibolski@gmail.com>
cilium · May 19, 2023 · 209ecfe · 209ecfe
1 parent 4e9aff0
commit 209ecfe
Show file tree

Hide file tree

Showing 14 changed files with 954 additions and 140 deletions.
diff --git a/Documentation/internals/hubble.rst b/Documentation/internals/hubble.rst
@@ -49,11 +49,13 @@ as well as being exposed as a Kubernetes Service when enabled via TCP.
 The Observer service
 ^^^^^^^^^^^^^^^^^^^^
 
-The Observer service is the principal service. It provides three RPC endpoints:
-``GetFlows``, ``GetNodes`` and ``ServerStatus``.  While ``ServerStatus`` and
-``GetNodes`` endpoints are pretty straightforward (they provides metrics and
-other information related to the running instance(s)), ``GetFlows`` is far more
-sophisticated and the more important one.
+The Observer service is the principal service. It provides four RPC endpoints:
+``GetFlows``, ``GetNodes``, ``GetNamespaces``  and ``ServerStatus``.
+
+* ``GetNodes`` returns a list of metrics and other information related for each Hubble instance
+* ``ServerStatus`` returns a summary the information in ``GetNodes``
+* ``GetNamespaces`` returns a list of namespaces that had network flows within the last 1 hour
+* ``GetFlows`` returns a stream of flow related events
 
 Using ``GetFlows``, callers get a stream of payloads. Request parameters allow
 callers to specify filters in the form of allow lists and deny lists to allow

diff --git a/api/v1/observer/README.md b/api/v1/observer/README.md
@@ -12,8 +12,11 @@
     - [GetFlowsRequest](#observer-GetFlowsRequest)
     - [GetFlowsRequest.Experimental](#observer-GetFlowsRequest-Experimental)
     - [GetFlowsResponse](#observer-GetFlowsResponse)
+    - [GetNamespacesRequest](#observer-GetNamespacesRequest)
+    - [GetNamespacesResponse](#observer-GetNamespacesResponse)
     - [GetNodesRequest](#observer-GetNodesRequest)
     - [GetNodesResponse](#observer-GetNodesResponse)
+    - [Namespace](#observer-Namespace)
     - [Node](#observer-Node)
     - [ServerStatusRequest](#observer-ServerStatusRequest)
     - [ServerStatusResponse](#observer-ServerStatusResponse)
@@ -183,6 +186,31 @@ GetFlowsResponse contains either a flow or a protocol message.
 
 
 
+<a name="observer-GetNamespacesRequest"></a>
+
+### GetNamespacesRequest
+
+
+
+
+
+
+
+<a name="observer-GetNamespacesResponse"></a>
+
+### GetNamespacesResponse
+GetNamespacesResponse contains the list of namespaces.
+
+
+| Field | Type | Label | Description |
+| ----- | ---- | ----- | ----------- |
+| namespaces | [Namespace](#observer-Namespace) | repeated | Namespaces is a list of namespaces with flows |
+
+
+
+
+
+
 <a name="observer-GetNodesRequest"></a>
 
 ### GetNodesRequest
@@ -208,6 +236,22 @@ GetNodesResponse contains the list of nodes.
 
 
 
+<a name="observer-Namespace"></a>
+
+### Namespace
+
+
+
+| Field | Type | Label | Description |
+| ----- | ---- | ----- | ----------- |
+| cluster | [string](#string) |  |  |
+| namespace | [string](#string) |  |  |
+
+
+
+
+
+
 <a name="observer-Node"></a>
 
 ### Node
@@ -297,6 +341,7 @@ to observe.
 | GetAgentEvents | [GetAgentEventsRequest](#observer-GetAgentEventsRequest) | [GetAgentEventsResponse](#observer-GetAgentEventsResponse) stream | GetAgentEvents returns Cilium agent events. |
 | GetDebugEvents | [GetDebugEventsRequest](#observer-GetDebugEventsRequest) | [GetDebugEventsResponse](#observer-GetDebugEventsResponse) stream | GetDebugEvents returns Cilium datapath debug events. |
 | GetNodes | [GetNodesRequest](#observer-GetNodesRequest) | [GetNodesResponse](#observer-GetNodesResponse) | GetNodes returns information about nodes in a cluster. |
+| GetNamespaces | [GetNamespacesRequest](#observer-GetNamespacesRequest) | [GetNamespacesResponse](#observer-GetNamespacesResponse) | GetNamespaces returns information about namespaces in a cluster. |
 | ServerStatus | [ServerStatusRequest](#observer-ServerStatusRequest) | [ServerStatusResponse](#observer-ServerStatusResponse) | ServerStatus returns some details about the running hubble server. |
 
 

diff --git a/api/v1/observer/observer.pb.go b/api/v1/observer/observer.pb.go
diff --git a/api/v1/observer/observer.pb.json.go b/api/v1/observer/observer.pb.json.go
diff --git a/api/v1/observer/observer.proto b/api/v1/observer/observer.proto
@@ -28,6 +28,9 @@ service Observer {
     // GetNodes returns information about nodes in a cluster.
     rpc GetNodes(GetNodesRequest) returns (GetNodesResponse) {}
 
+    // GetNamespaces returns information about namespaces in a cluster.
+    rpc GetNamespaces(GetNamespacesRequest) returns (GetNamespacesResponse) {}
+
     // ServerStatus returns some details about the running hubble server.
     rpc ServerStatus(ServerStatusRequest) returns (ServerStatusResponse) {}
 }
@@ -247,6 +250,19 @@ message TLS {
     string server_name = 2;
 }
 
+message GetNamespacesRequest {}
+
+// GetNamespacesResponse contains the list of namespaces.
+message GetNamespacesResponse {
+    // Namespaces is a list of namespaces with flows
+    repeated Namespace namespaces = 1;
+}
+
+message Namespace {
+  string cluster = 1;
+  string namespace = 2;
+}
+
 // ExportEvent contains an event to be exported. Not to be used outside of the
 // exporter feature.
 message ExportEvent {

diff --git a/api/v1/observer/observer_grpc.pb.go b/api/v1/observer/observer_grpc.pb.go
diff --git a/daemon/cmd/hubble.go b/daemon/cmd/hubble.go
@@ -8,6 +8,7 @@ import (
 	"fmt"
 	"net/netip"
 	"strings"
+	"sync"
 	"time"
 
 	"github.com/go-openapi/strfmt"
@@ -172,7 +173,19 @@ func (d *Daemon) launchHubble() {
 		}
 	}
 
-	d.hubbleObserver, err = observer.NewLocalServer(payloadParser, logger,
+	namespaceManager := observer.NewNamespaceManager()
+	var wg sync.WaitGroup
+	wg.Add(1)
+	go func() {
+		namespaceManager.Run(d.ctx)
+		wg.Done()
+	}()
+	defer wg.Wait()
+
+	d.hubbleObserver, err = observer.NewLocalServer(
+		payloadParser,
+		namespaceManager,
+		logger,
 		observerOpts...,
 	)
 	if err != nil {