[conntrack] potentially useful metrics that leverage conntrack #806
Assignees
Labels
Comments
7 tasks
github-merge-queue bot
pushed a commit
that referenced
this issue
Dec 13, 2024
# Description BPF implementation for connection tracking metrics. This is the data-plane work mentioned in this comment #1057 (comment) Summary - feature flag enableConntrackMetrics - counters incremented within IFDEF in BPF - counters: packets forward/reply + bytes forward/reply - conntrack metadata includes metrics and is added to packets struct - add/update unit tests for conntrack_linux and packetparser_linux ## Related Issue #806 ## Checklist - [x] I have read the [contributing documentation](https://retina.sh/docs/contributing). - [x] I signed and signed-off the commits (`git commit -S -s ...`). See [this documentation](https://docs.github.com/en/authentication/managing-commit-signature-verification/about-commit-signature-verification) on signing commits. - [x] I have correctly attributed the author(s) of the code. - [x] I have tested the changes locally. - [x] I have followed the project's style guidelines. - [x] I have updated the documentation, if necessary. - [x] I have added tests, if applicable. ## Screenshots (if applicable) or Testing Completed Please add any relevant screenshots or GIFs to showcase the changes made. 1. `enableConntrackMetrics=false` ```sh # bpftool map dump id 994 -j | jq -r .[0] { "key": [ ... ], "value": [ ... ], "formatted": { "key": { ... }, "value": { ... "conntrack_metadata": { "bytes_forward_count": 0, "bytes_reply_count": 0, "packets_forward_count": 0, "packets_reply_count": 0 } } } } ``` 2. `enableConntrackMetrics=true` ```sh # bpftool map dump id 1019 -j | jq -r .[0] { "key": [ ... ], "value": [ ... ], "formatted": { "key": { ... }, "value": { ..., "conntrack_metadata": { "bytes_forward_count": 13440, "bytes_reply_count": 56335, "packets_forward_count": 56, "packets_reply_count": 43 } } } } ``` At userland level I provisionally added a debug statement, just for this test, in `packetparser_linux.go` (without IP and proto translation) ```sh ❯ k logs -n kube-system retina-agent-chvdh | head -n 10 | grep metadata Defaulted container "retina" out of: retina, init-retina (init) ts=2024-12-13T10:37:08.881Z level=debug caller=packetparser/packetparser_linux.go:577 msg="Conntrack metadata" SrcIp=788657162 DstIp=2499867658 SrcPort=19117 DstPort=23313 Proto=6 PacketsForwardCount=73 PacketsReplyCount=83 BytesForwardCount=16068 BytesReplyCount=6936 ts=2024-12-13T10:37:08.881Z level=debug caller=packetparser/packetparser_linux.go:577 msg="Conntrack metadata" SrcIp=788657162 DstIp=2499867658 SrcPort=19117 DstPort=23313 Proto=6 PacketsForwardCount=73 PacketsReplyCount=82 BytesForwardCount=16068 BytesReplyCount=6870 ``` ## Additional Notes Add any additional notes or context about the pull request here. --- Please refer to the [CONTRIBUTING.md](../CONTRIBUTING.md) file for more information on how to contribute to this project.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
These can be useful as Prometheus's metrics:
The text was updated successfully, but these errors were encountered: