Merge pull request #1 from mariomac/main

Basic project structure + Build scripts

Author: Mario Macias

.gitignore

@@ -1,15 +1,4 @@
-# Binaries for programs and plugins
-*.exe
-*.exe~
-*.dll
-*.so
-*.dylib
-
-# Test binary, built with `go test -c`
-*.test
-
-# Output of the go coverage tool, specifically when used with LiteIDE
+.idea/
+.vscode/
 *.out
-
-# Dependency directories (remove the comment below to include it)
-# vendor/
+bin/

.golangci.yml

@@ -0,0 +1,34 @@
+linters:
+  enable:
+    - deadcode
+    - errcheck
+    - errorlint
+    - cyclop
+    - errname
+    - exhaustive
+    - exportloopref
+    - gocritic
+    - goimports
+    - gosimple
+    - govet
+    - ineffassign
+    - revive
+    - staticcheck
+    - structcheck
+    - stylecheck
+    - typecheck
+    - unused
+    - varcheck
+linters-settings:
+  stylecheck:
+    go: "1.17"
+  gocritic:
+    enabled-checks:
+      - hugeParam
+      - rangeExprCopy
+      - rangeValCopy
+      - indexAlloc
+      - deprecatedComment
+  cyclop:
+    max-complexity: 20
+

Dockerfile

@@ -0,0 +1,34 @@
+# Build the manager binary
+FROM registry.access.redhat.com/ubi8/go-toolset:1.16.7-5 as builder
+ARG VERSION="unknown"
+
+WORKDIR /opt/app-root
+
+# TEMPORARY STEPS UNTIL ubi8 releases a go1.17 image
+RUN wget -q https://go.dev/dl/go1.17.8.linux-amd64.tar.gz && tar -xzf go1.17.8.linux-amd64.tar.gz
+ENV GOROOT /opt/app-root/go
+RUN mkdir -p /opt/app-root/gopath
+ENV GOPATH /opt/app-root/gopath
+ENV PATH $GOROOT/bin:$GOPATH/bin:$PATH
+WORKDIR /opt/app-root/src
+# END OF LINES TO REMOVE
+
+# Copy the go manifests and source
+COPY bpf/ bpf/
+COPY cmd/ cmd/
+COPY pkg/ pkg/
+COPY vendor/ vendor/
+COPY go.mod go.mod
+COPY go.sum go.sum
+COPY Makefile Makefile
+
+# Build
+RUN make build
+
+# Create final image from minimal + built binary
+FROM registry.access.redhat.com/ubi8/ubi-minimal:8.5-204
+WORKDIR /
+COPY --from=builder /opt/app-root/src/bin/netobserv-agent .
+USER 65532:65532
+
+ENTRYPOINT ["/netobserv-agent"]

Makefile

@@ -0,0 +1,81 @@
+# VERSION defines the project version for the bundle.
+# Update this value when you upgrade the version of your project.
+# To re-generate a bundle for another specific version without changing the standard setup, you can:
+# - use the VERSION as arg of the bundle target (e.g make bundle VERSION=0.0.2)
+# - use environment variables to overwrite this value (e.g export VERSION=0.0.2)
+VERSION ?= main
+
+# IMAGE_TAG_BASE defines the namespace and part of the image name for remote images.
+# This variable is used to construct full image tags for bundle and catalog images.
+IMAGE_TAG_BASE ?= quay.io/netobserv/netobserv-agent
+
+# Image URL to use all building/pushing image targets
+IMG ?= $(IMAGE_TAG_BASE):$(VERSION)
+
+CILIUM_EBPF_VERSION := v0.8.1
+GOLANGCI_LINT_VERSION = v1.42.1
+
+CLANG ?= clang
+CFLAGS := -O2 -g -Wall -Werror $(CFLAGS)
+GOOS := linux
+
+# Image building tool (docker / podman)
+ifeq (,$(shell which podman 2>/dev/null))
+OCI_BIN=docker
+else
+OCI_BIN=podman
+endif
+
+.PHONY: vendors
+vendors:
+	@echo "### Checking vendors"
+	go mod tidy && go mod vendor
+
+.PHONY: prereqs
+prereqs:
+	@echo "### Check if prerequisites are met, and installing missing dependencies"
+	test -f $(go env GOPATH)/bin/golangci-lint || GOFLAGS="" go install github.com/golangci/golangci-lint/cmd/golangci-lint@${GOLANGCI_LINT_VERSION}
+	test -f $(go env GOPATH)/bin/bpf2go || go install github.com/cilium/ebpf/cmd/bpf2go@${CILIUM_EBPF_VERSION}
+
+.PHONY: fmt
+fmt: ## Run go fmt against code.
+	@echo "### Formatting code"
+	go fmt ./...
+
+.PHONY: lint
+lint: prereqs
+	@echo "### Linting code"
+	golangci-lint run ./...
+
+.PHONY: generate
+generate: export BPF_CLANG := $(CLANG)
+generate: export BPF_CFLAGS := $(CFLAGS)
+generate: prereqs
+	@echo "### Generating BPF Go bindings"
+	go generate ./pkg/...
+
+.PHONY: build
+build: prereqs fmt lint
+	@echo "### Building project"
+	GOOS=$(GOOS) go build -ldflags "-X main.version=${VERSION}" -mod vendor -a -o bin/netobserv-agent cmd/netobserv-agent.go
+
+.PHONY: test
+test:
+	@echo "### Testing code"
+	GOOS=$(GOOS) go test -mod vendor -a ./... -coverpkg=./... -coverprofile cover.out
+
+.PHONY: coverage-report
+coverage-report:
+	@echo "### Generating coverage report"
+	go tool cover --func=./cover.out
+
+.PHONY: coverage-report-html
+coverage-report-html:
+	@echo "### Generating HTML coverage report"
+	go tool cover --html=./cover.out
+
+image-build: test ## Build OCI image with the manager.
+	$(OCI_BIN) build --build-arg VERSION="$(VERSION)" -t ${IMG} .
+
+image-push: ## Push OCI image with the manager.
+	$(OCI_BIN) push ${IMG}

README.md

@@ -1,2 +1,3 @@
-# netobserv-agent
+# Network Observability Agent
+
 Network Observability Agent

bpf/flows.c

@@ -0,0 +1,79 @@
+#include <vmlinux.h>
+#include <bpf_helpers.h>
+
+#define TC_ACT_OK 0
+#define TC_ACT_SHOT 2
+
+// definitions to not having to include arpa/inet.h version of 32-bit in the compiler
+// TODO: to unload even more the Kernel space, we can do this calculation in the Go userspace
+#define htons(x)                       \
+    ((u16)((((u16)(x)&0xff00U) >> 8) | \
+           (((u16)(x)&0x00ffU) << 8)))
+
+#define htonl(x)                            \
+    ((u32)((((u32)(x)&0xff000000U) >> 24) | \
+           (((u32)(x)&0x00ff0000U) >> 8) |  \
+           (((u32)(x)&0x0000ff00U) << 8) |  \
+           (((u32)(x)&0x000000ffU) << 24)))
+
+struct {
+    __uint(type, BPF_MAP_TYPE_RINGBUF);
+    __uint(max_entries, 1 << 24);
+} flows SEC(".maps");
+
+struct egress_t {
+    u32 src_ip;
+    u16 src_port;
+    u32 dst_ip;
+    u16 dst_port;
+    u8 protocol;
+    u64 bytes;
+} __attribute__((packed));
+
+SEC("tc/flow_parse")
+static inline int flow_parse(struct __sk_buff *skb) {
+    void *data = (void *)(long)skb->data;
+    void *data_end = (void *)(long)skb->data_end;
+    struct ethhdr *eth = data;
+
+    if ((void *)eth + sizeof(*eth) <= data_end) {
+        struct iphdr *ip = data + sizeof(*eth);
+        if ((void *)ip + sizeof(*ip) <= data_end) {
+
+            struct egress_t *event = bpf_ringbuf_reserve(&flows, sizeof(struct egress_t), 0);
+            if (!event) {
+                return TC_ACT_OK;
+            }
+
+            event->src_ip = htonl(ip->saddr);
+            event->dst_ip = htonl(ip->daddr);
+            event->protocol = ip->protocol;
+
+            switch (ip->protocol) {
+            case IPPROTO_TCP: {
+                struct tcphdr *tcp = (void *)ip + sizeof(*ip);
+                if ((void *)tcp + sizeof(*tcp) <= data_end) {
+                    event->src_port = htons(tcp->source);
+                    event->dst_port = htons(tcp->dest);
+                }
+            } break;
+            case IPPROTO_UDP: {
+                struct udphdr *udp = (void *)ip + sizeof(*ip);
+                if ((void *)udp + sizeof(*udp) <= data_end) {
+                    event->src_port = htons(udp->source);
+                    event->dst_port = htons(udp->dest);
+                }
+            } break;
+            default:
+                break;
+            }
+            event->bytes = skb->len;
+
+            bpf_ringbuf_submit(event, 0);
+        }
+    }
+
+    return TC_ACT_OK;
+}
+
+char __license[] SEC("license") = "GPL";