Add a new exporter type: DirectFLP #223
Conversation
jotak
added
no-doc
jotak
force-pushed
the
flp-in-process
branch
from
d04eb19
to
ebae6ee
Compare
Codecov ReportAttention:
Additional details and impacted files@@ Coverage Diff @@
## main #223 +/- ##
==========================================
+ Coverage 31.83% 33.38% +1.55%
==========================================
Files 37 39 +2
Lines 3371 3463 +92
==========================================
+ Hits 1073 1156 +83
- Misses 2234 2241 +7
- Partials 64 66 +2
Flags with carried forward coverage won't be shown. Click here to find out more. ☔ View full report in Codecov by Sentry. |
| // Flowlogs-pipeline configuration, used when export is "direct-flp". Cf https://github.com/netobserv/flowlogs-pipeline | ||
| // The "ingest" stage must be omitted from this configuration, since it is handled internally by the agent. | ||
| FLPConfig string `env:"FLP_CONFIG"` |
There was a problem hiding this comment.
As soon as FLP_CONFIG is set, EXPORT should be ignored.
The export capabilities from pod point of view are inside FLP config right ?
There was a problem hiding this comment.
I guess it depends from where you sit.. In my mind, this new mode is really a new exporter, sitting from the Agent codebase PoV: the agent generates flows and then exports them somewhere, here to FLP; the fact that FLP is in the same process is a detail, it's still an exporter from this codebase PoV.
I guess you have more the "external user point of view" where, once FLP config is set, "export" would mean what happens "after FLP processing", which indeed doesn't really make sense since FLP does the export (to loki, prom, etc.)
idk, I think both approaches can be defended ... @msherif1234 , some preference?
There was a problem hiding this comment.
thinking of it as new exporter mode resonate well with me as well
| case "direct-flp": | ||
| return buildDirectFLPExporter(cfg) |
There was a problem hiding this comment.
I would move that outside of cfg.Export as:
if len(cfg.FLPConfig) {
return buildDirectFLPExporter(cfg)
}
switch cfg.Export {
...
}
| // is screwed up for HTTPClientConfig in github.com/prometheus/common/config (used for Loki) | ||
| // This is ok as YAML is a superset of JSON. | ||
| // E.g. try unmarshaling `{"clientConfig":{"authorization":{}}}` as a api.WriteLoki | ||
| // See also https://github.com/prometheus/prometheus/issues/11816 |
There was a problem hiding this comment.
interesting thanks for referring to the issue in promo its almost 1yr so probably this work around will stay for sometime
There was a problem hiding this comment.
Yeah there's even a PR from @OlivierCazade that is older than that :-) prometheus/common#394
pkg/exporter/direct_flp.go
Outdated
| func (d *DirectFLP) ExportFlows(input <-chan []*flow.Record) { | ||
| for inputRecords := range input { | ||
| pbRecords := flowsToPBNoChunk(inputRecords) | ||
| d.Write(pbRecords) |
There was a problem hiding this comment.
This step can be removed if we let the new FLP pipe process ebpf record directly not protobuf records
pkg/decode/decode_protobuf.go
Outdated
| out["SrcPort"] = flow.Transport.GetSrcPort() | ||
| out["DstPort"] = flow.Transport.GetDstPort() | ||
| } | ||
| if ethType != ethernet.EtherTypeIPv4 && ethType != ethernet.EtherTypeIPv6 { |
There was a problem hiding this comment.
@msherif1234 I'm doing this early return here when it's not ipv4/ipv6, could you confirm this is correct?
Previously, in that case (e.g. with ARP), the code would still check for drops/DNS/RTT fields and would add for instance DnsErrno: 0, while now this isn't the case anymore, but I believe our drops/DNS/RTT metrics wouldn't make sense for non-IP packets, right?
If this doesn't sound good to you, I can rollback, but I'd need to adapt also the ConvertToFLP function because I'm enforcing in my tests that the same flow input produces the exact same output regardless if it's using ConvertToFLP or converting via protobuf.
There was a problem hiding this comment.
the only thing we could be missing here is l2 drops, also pls test with DNS TCP to be sure DNSError is only none zero for TCP handshake I can help you with this test if u like
pkg/exporter/convert_flp_test.go
Outdated
| someTime := time.Now() | ||
| var someDuration time.Duration = 10000000 // 10ms | ||
|
|
||
| tests := []struct { |
There was a problem hiding this comment.
@msherif1234 FYI the tests here are the same that were previously in decode_protobuf_test except that they're now used to test both pb conversion and direct FLP conversion, making sure they both produce the same result
There was a problem hiding this comment.
this test coverting from ebpf record to flp configmap but it seems u deleted from gRPC to configmap in case this mode isn't set ?
| assert.Equalf(t, *tt.expected, out, tt.name) | ||
| } | ||
| } | ||
| // NOTE: more tests in convert_flp_test.go |
There was a problem hiding this comment.
did intentionally deleted conversion from gRPC to generic map test cases here ?
There was a problem hiding this comment.
yes, like I wrote this test was moved (and sightly changed) to convert_flp_test, but I admit the name is misleading, I'll rename that file to clarify it's testing BOTH grpc and direct-flp conversions
pkg/flow/record.go
Outdated
| @@ -17,7 +17,8 @@ const ( | |||
| ) | |||
| const MacLen = 6 | |||
|
|
|||
| // IPv6Type value as defined in IEEE 802: https://www.iana.org/assignments/ieee-802-numbers/ieee-802-numbers.xhtml | |||
| // IPv4Type / IPv6Type value as defined in IEEE 802: https://www.iana.org/assignments/ieee-802-numbers/ieee-802-numbers.xhtml | |||
| const IPv4Type = 0x0800 | |||
There was a problem hiding this comment.
nit: let use ethernet.EtherTypeIPv4 and ethernet.EtherTypeIPv6 instead of hardcoding them ourself
pkg/exporter/convert_flp_test.go
Outdated
| require.NoError(t, err) | ||
| assert.Equalf(t, *tt.expected, outDirect, tt.name) | ||
|
|
||
| // Test pb conversion |
There was a problem hiding this comment.
see here @msherif1234 : I am testing both FLP conversion AND protobuf conversion, with the bonus thatit makes sure the two are producing the same result (they're both compared against the same expected map)
jotak
force-pushed
the
flp-in-process
branch
from
2be7d31
to
2a848d8
Compare
DirectFLP starts the whole flowlogs-pipeline process directly from the Agent, eliminating the need for a network connection between them. This can be useful when both Agent and FLP run on the same host, saving resources. This is mutually exclusive with other exporters such as with Kafka. rollback e2e deps bump Avoid pbuf conversion when using direct-flp Clarify test file name, use existing ipv6 const Restore L2 drops
jotak
force-pushed
the
flp-in-process
branch
from
35398d6
to
8a3894f
Compare
|
/lgtm |
|
/unhold |
|
/lgtm |
|
thanks @msherif1234 ! |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: jotak The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
Description
DirectFLP starts the whole flowlogs-pipeline process directly from the
Agent, eliminating the need for a network connection between them.
This can be useful when both Agent and FLP run on the same host, saving
resources. This is mutually exclusive with other exporters such as with
Kafka.
Dependencies
netobserv/flowlogs-pipeline#538
(hold until this is merged => replace directive to remove)
Checklist
If you are not familiar with our processes or don't know what to answer in the list below, let us know in a comment: the maintainers will take care of that.