hubble: add trace reason support in hubble flows #31226
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
kaworu
added
kind/feature
kaworu
force-pushed
the
pr/kaworu/trace-reason-support-in-hubble-flows
branch
from
51a4fca
to
58b278f
Compare
kaworu
force-pushed
the
pr/kaworu/trace-reason-support-in-hubble-flows
branch
from
58b278f
to
083fa5f
Compare
bimmlerd
approved these changes
Mar 28, 2024
|
/test |
lambdanis
reviewed
Apr 2, 2024
kaworu
force-pushed
the
pr/kaworu/trace-reason-support-in-hubble-flows
branch
from
083fa5f
to
879801c
Compare
|
@lambdanis addressed your feedback and now setting |
kaworu
force-pushed
the
pr/kaworu/trace-reason-support-in-hubble-flows
branch
from
879801c
to
973db16
Compare
|
/test |
kaworu
force-pushed
the
pr/kaworu/trace-reason-support-in-hubble-flows
branch
from
973db16
to
7bd6a83
Compare
glibsm
approved these changes
Apr 19, 2024
kaworu
force-pushed
the
pr/kaworu/trace-reason-support-in-hubble-flows
branch
from
7bd6a83
to
9f33194
Compare
|
/test |
gentoo-root
approved these changes
Apr 22, 2024
kaworu
force-pushed
the
pr/kaworu/trace-reason-support-in-hubble-flows
branch
from
9f33194
to
bdff831
Compare
|
/test |
1 similar comment
|
/test |
maintainer-s-little-helper
bot
added
the
ready-to-merge
kaworu
force-pushed
the
pr/kaworu/trace-reason-support-in-hubble-flows
branch
from
bdff831
to
e18c3d2
Compare
kaworu
removed
the
ready-to-merge
|
/test |
cilium#30154 and cilium#31073 introduced new datapath trace reasons and had an impact on Hubble, but the sig-hubble team doesn't get automatically pulled in for review. This patch adds the sig-hubble team to review datapath_trace.go changes. Signed-off-by: Alexandre Perrin <alex@isovalent.com>
Before this patch, both the monitor package and Hubble's "threefour" parser would access the TraceNotify.Reason field directly. However, it is easy to miss that the Reason field contains the "encrypted" bit and has to be masked to retrieve the actual trace reason (e.g. TraceReasonCtReply), as shown by 9939fa2. This commit introduces several TraceNotify helpers around trace reason and encryption status, so that both the monitor code and Hubble "threefour" parser don't have to access the Reason field anymore. Signed-off-by: Alexandre Perrin <alex@isovalent.com>
Before this patch, TraceReasonEncryptOverlay traces would result in flows with ingress traffic direction. Since the flow source is the local host and destination a remote node, egress arguably make more sense to expose at a high level. Thus, this patch set the traffic direction to egress consistently for TraceReasonEncryptOverlay hubble flows. Signed-off-by: Alexandre Perrin <alex@isovalent.com>
Before this patch, the datapath trace reason was not exposed in Hubble flows. In Hubble, the trace reason is used to infer the traffic direction and reply status. Before a6bfb79 all trace reasons were CT related, so the information was "converted" by Hubble into higher level concept / terminology. Since a6bfb79 there are now non-CT trace reason that don't map with Hubble's traffic direction and/or reply status, and thus it make sense to start exposing the underlying trace reason. Signed-off-by: Alexandre Perrin <alex@isovalent.com>
kaworu
force-pushed
the
pr/kaworu/trace-reason-support-in-hubble-flows
branch
from
e18c3d2
to
8aa0551
Compare
|
/test |
maintainer-s-little-helper
bot
added
the
ready-to-merge
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Reviewer note: this PR is a draft as the patch are on top of #31211, and I wish to wait for #31073 to be merged and handle conflicts in this PR.See commits, closes #31202.