Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Implement pod label filter #254

Merged
merged 2 commits into from
Jul 26, 2022
Merged

Implement pod label filter #254

merged 2 commits into from
Jul 26, 2022

Conversation

michi-covalent
Copy link
Contributor

@michi-covalent michi-covalent commented Jul 21, 2022
edited
Loading

2 commits:

  • add pod_labels field.
  • implement a filter that matches on pod_labels field.

@michi-covalent michi-covalent force-pushed the pr/michi/add-pod-label branch from 1005018 to 9382604 Compare July 21, 2022 00:17
@michi-covalent michi-covalent force-pushed the pr/michi/add-pod-label branch 5 times, most recently from 457ba35 to 2051125 Compare July 22, 2022 23:03
@michi-covalent michi-covalent changed the title Add pod_labels field Implement pod label filter Jul 22, 2022
@michi-covalent michi-covalent marked this pull request as ready for review July 22, 2022 23:35
@michi-covalent michi-covalent requested a review from a team as a code owner July 22, 2022 23:35
@michi-covalent michi-covalent requested a review from kkourt July 22, 2022 23:35
kkourt
kkourt reviewed Jul 25, 2022
View reviewed changes
pkg/filters/labels.go Show resolved Hide resolved
api/v1/tetragon/events.proto Show resolved Hide resolved
@michi-covalent
Add pod_labels field
8114c29 
This commit adds a "pod_labels" field to the Pod message. The high-level
goal is to implement an event filter that matches on pod labels. The Pod
message currently has labels field that contains Cilium identity labels,
but it's not sufficient for pod label filter since it's a subset of pod
labels.

Another option would be to use the existing labels field and populate it
with pod labels instead of Cilium identity labels. I opted to add a new
field to preserve backward compatibility.

Signed-off-by: Michi Mutsuzaki <[email protected]>
@michi-covalent michi-covalent force-pushed the pr/michi/add-pod-label branch from 2051125 to 2f2c5ca Compare July 25, 2022 17:56
@michi-covalent
Implement pod label filter
468f882 
Add an event filter that matches on process.pod_labels field using
Kubernetes label selector syntax, similar to how Hubble implements
its label filter on flows.

Ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors
Ref: https://github.com/cilium/cilium/blob/master/pkg/hubble/filters/labels.go

Signed-off-by: Michi Mutsuzaki <[email protected]>
@michi-covalent michi-covalent force-pushed the pr/michi/add-pod-label branch from 2f2c5ca to 468f882 Compare July 25, 2022 18:01
@kkourt kkourt merged commit d697772 into main Jul 26, 2022
@kkourt kkourt deleted the pr/michi/add-pod-label branch July 26, 2022 11:59
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@willfindlay willfindlay willfindlay left review comments

@sharlns sharlns sharlns approved these changes

@kkourt kkourt kkourt approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@michi-covalent @kkourt @willfindlay @sharlns