From 17de668839d194edcbe06e7649b05e447b4c1edd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bruno=20Miguel=20Cust=C3=B3dio?= Date: Thu, 2 Sep 2021 09:25:43 +0100 Subject: [PATCH 1/5] sysdump: collect 'clustermesh-apiserver' MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This commit adds support for collecting logs for 'clustermesh-apiserver' as well as the 'Deployment' resource itself. Signed-off-by: Bruno Miguel Custódio --- internal/cli/cmd/sysdump.go | 6 ++++++ sysdump/constants.go | 28 +++++++++++++------------ sysdump/defaults.go | 42 +++++++++++++++++++------------------ sysdump/sysdump.go | 41 +++++++++++++++++++++++++++++++++++- 4 files changed, 83 insertions(+), 34 deletions(-) diff --git a/internal/cli/cmd/sysdump.go b/internal/cli/cmd/sysdump.go index a6cac2db9f..8ec796a2db 100644 --- a/internal/cli/cmd/sysdump.go +++ b/internal/cli/cmd/sysdump.go @@ -52,6 +52,12 @@ func newCmdSysdump() *cobra.Command { cmd.Flags().StringVar(&sysdumpOptions.CiliumOperatorNamespace, "cilium-operator-namespace", sysdump.DefaultCiliumOperatorNamespace, "The namespace Cilium operator is running in") + cmd.Flags().StringVar(&sysdumpOptions.ClustermeshApiserverLabelSelector, + "clustermesh-apiserver-label-selector", sysdump.DefaultClustermeshApiserverLabelSelector, + "The labels used to target 'clustermesh-apiserver' pods") + cmd.Flags().StringVar(&sysdumpOptions.ClustermeshApiserverNamespace, + "clustermesh-apiserver-namespace", sysdump.DefaultClustermeshApiserverNamespace, + "The namespace Cilium operator is running in") cmd.Flags().BoolVar(&sysdumpOptions.Debug, "debug", sysdump.DefaultDebug, "Whether to enable debug logging") diff --git a/sysdump/constants.go b/sysdump/constants.go index 4a2e60d827..830618277d 100644 --- a/sysdump/constants.go +++ b/sysdump/constants.go @@ -10,19 +10,20 @@ import ( ) const ( - awsNodeDaemonSetName = "aws-node" - awsNodeDaemonSetNamespace = "kube-system" - ciliumAgentContainerName = "cilium-agent" - ciliumConfigConfigMapName = "cilium-config" - ciliumDaemonSetName = "cilium" - ciliumEtcdSecretsSecretName = "cilium-etcd-secrets" - ciliumOperatorDeploymentName = "cilium-operator" - hubbleContainerName = "hubble" - hubbleDaemonSetName = "hubble" - hubbleRelayContainerName = "hubble-relay" - hubbleRelayDeploymentName = "hubble-relay" - hubbleUIDeploymentName = "hubble-ui" - redacted = "XXXXXX" + awsNodeDaemonSetName = "aws-node" + awsNodeDaemonSetNamespace = "kube-system" + ciliumAgentContainerName = "cilium-agent" + ciliumConfigConfigMapName = "cilium-config" + ciliumDaemonSetName = "cilium" + ciliumEtcdSecretsSecretName = "cilium-etcd-secrets" + ciliumOperatorDeploymentName = "cilium-operator" + clustermeshApiserverDeploymentName = "clustermesh-apiserver" + hubbleContainerName = "hubble" + hubbleDaemonSetName = "hubble" + hubbleRelayContainerName = "hubble-relay" + hubbleRelayDeploymentName = "hubble-relay" + hubbleUIDeploymentName = "hubble-ui" + redacted = "XXXXXX" ) const ( @@ -39,6 +40,7 @@ const ( ciliumNetworkPoliciesFileName = "ciliumnetworkpolicies-.yaml" ciliumNodesFileName = "ciliumnodes-.yaml" ciliumOperatorDeploymentFileName = "cilium-operator-deployment-.yaml" + clustermeshApiserverDeploymentFileName = "clustermesh-apiserver-deployment-.yaml" eniconfigsFileName = "aws-eniconfigs-.yaml" gopsFileName = "gops-%s-%s--%s.txt" hubbleDaemonsetFileName = "hubble-daemonset-.yaml" diff --git a/sysdump/defaults.go b/sysdump/defaults.go index 7c0bbfd129..545c391aae 100644 --- a/sysdump/defaults.go +++ b/sysdump/defaults.go @@ -14,26 +14,28 @@ const ( ) const ( - DefaultCiliumLabelSelector = labelPrefix + "cilium" - DefaultCiliumNamespace = "kube-system" - DefaultCiliumOperatorLabelSelector = "io.cilium/app=operator" - DefaultCiliumOperatorNamespace = DefaultCiliumNamespace - DefaultDebug = false - DefaultHubbleLabelSelector = labelPrefix + "hubble" - DefaultHubbleNamespace = DefaultCiliumNamespace - DefaultHubbleFlowsCount = 10000 - DefaultHubbleFlowsTimeout = 5 * time.Second - DefaultHubbleRelayLabelSelector = labelPrefix + "hubble-relay" - DefaultHubbleRelayNamespace = DefaultCiliumNamespace - DefaultHubbleUILabelSelector = labelPrefix + "hubble-ui" - DefaultHubbleUINamespace = DefaultCiliumNamespace - DefaultLargeSysdumpAbortTimeout = 5 * time.Second - DefaultLargeSysdumpThreshold = 20 - DefaultLogsSinceTime = 8760 * time.Hour // 1y - DefaultLogsLimitBytes = 1073741824 // 1GiB - DefaultNodeList = "" - DefaultQuick = false - DefaultOutputFileName = "cilium-sysdump-" // "" will be replaced with the timestamp + DefaultCiliumLabelSelector = labelPrefix + "cilium" + DefaultCiliumNamespace = "kube-system" + DefaultCiliumOperatorLabelSelector = "io.cilium/app=operator" + DefaultCiliumOperatorNamespace = DefaultCiliumNamespace + DefaultClustermeshApiserverLabelSelector = "k8s-app=clustermesh-apiserver" + DefaultClustermeshApiserverLabelSelector = labelPrefix + "clustermesh-apiserver" + DefaultDebug = false + DefaultHubbleLabelSelector = labelPrefix + "hubble" + DefaultHubbleNamespace = DefaultCiliumNamespace + DefaultHubbleFlowsCount = 10000 + DefaultHubbleFlowsTimeout = 5 * time.Second + DefaultHubbleRelayLabelSelector = labelPrefix + "hubble-relay" + DefaultHubbleRelayNamespace = DefaultCiliumNamespace + DefaultHubbleUILabelSelector = labelPrefix + "hubble-ui" + DefaultHubbleUINamespace = DefaultCiliumNamespace + DefaultLargeSysdumpAbortTimeout = 5 * time.Second + DefaultLargeSysdumpThreshold = 20 + DefaultLogsSinceTime = 8760 * time.Hour // 1y + DefaultLogsLimitBytes = 1073741824 // 1GiB + DefaultNodeList = "" + DefaultQuick = false + DefaultOutputFileName = "cilium-sysdump-" // "" will be replaced with the timestamp ) var ( diff --git a/sysdump/sysdump.go b/sysdump/sysdump.go index 04b645fe2b..eea0c4ff64 100644 --- a/sysdump/sysdump.go +++ b/sysdump/sysdump.go @@ -34,6 +34,10 @@ type Options struct { CiliumOperatorLabelSelector string // The namespace Cilium operator is running in. CiliumOperatorNamespace string + // The labels used to target 'clustermesh-apiserver' pods. + ClustermeshApiserverLabelSelector string + // The namespace 'clustermesh-apiserver' is running in. + ClustermeshApiserverNamespace string // Whether to enable debug logging. Debug bool // The labels used to target Hubble pods. @@ -448,7 +452,7 @@ func (c *Collector) Run() error { Description: "Collecting the Cilium operator deployment", Quick: true, Task: func(ctx context.Context) error { - v, err := c.client.GetDeployment(ctx, c.options.CiliumNamespace, ciliumOperatorDeploymentName, metav1.GetOptions{}) + v, err := c.client.GetDeployment(ctx, c.options.CiliumOperatorNamespace, ciliumOperatorDeploymentName, metav1.GetOptions{}) if err != nil { return fmt.Errorf("failed to collect the Cilium operator deployment: %w", err) } @@ -458,6 +462,24 @@ func (c *Collector) Run() error { return nil }, }, + { + Description: "Collecting the 'clustermesh-apiserver' deployment", + Quick: true, + Task: func(ctx context.Context) error { + v, err := c.client.GetDeployment(ctx, c.options.ClustermeshApiserverNamespace, clustermeshApiserverDeploymentName, metav1.GetOptions{}) + if err != nil { + if errors.IsNotFound(err) { + c.logWarn("deployment %q not found in namespace %q - this is expected if 'clustermesh-apiserver' isn't enabled", clustermeshApiserverDeploymentName, c.options.ClustermeshApiserverNamespace) + return nil + } + return fmt.Errorf("failed to collect the 'clustermesh-apiserver' deployment: %w", err) + } + if err := writeYaml(absoluteTempPath(clustermeshApiserverDeploymentFileName), v); err != nil { + return fmt.Errorf("failed to collect the 'clustermesh-apiserver' deployment: %w", err) + } + return nil + }, + }, { CreatesSubtasks: true, Description: "Collecting gops stats from Cilium pods", @@ -560,6 +582,23 @@ func (c *Collector) Run() error { return nil }, }, + { + CreatesSubtasks: true, + Description: "Collecting logs from 'clustermesh-apiserver' pods", + Quick: false, + Task: func(ctx context.Context) error { + p, err := c.client.ListPods(ctx, c.options.CiliumNamespace, metav1.ListOptions{ + LabelSelector: c.options.ClustermeshApiserverLabelSelector, + }) + if err != nil { + return fmt.Errorf("failed to get logs from 'clustermesh-apiserver' pods") + } + if err := c.submitLogsTasks(ctx, filterPods(p, nodeList), c.options.LogsSinceTime, c.options.LogsLimitBytes, absoluteTempPath); err != nil { + return fmt.Errorf("failed to collect logs from 'clustermesh-apiserver' pods") + } + return nil + }, + }, { CreatesSubtasks: true, Description: "Collecting logs from Hubble pods", From a319dc8b967e373e2d65deb641546668d42dbdfa Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bruno=20Miguel=20Cust=C3=B3dio?= Date: Thu, 2 Sep 2021 09:27:16 +0100 Subject: [PATCH 2/5] sysdump: assume single namespace MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit It's fairly safe to assume that all Cilium-related resources live in the same namespace as the Cilium daemonset itself. This commit removes support for specifying different namespaces, and hence simplifies the code a bit. Signed-off-by: Bruno Miguel Custódio --- internal/cli/cmd/sysdump.go | 15 -------------- sysdump/defaults.go | 5 ----- sysdump/sysdump.go | 40 ++++++++++++++----------------------- 3 files changed, 15 insertions(+), 45 deletions(-) diff --git a/internal/cli/cmd/sysdump.go b/internal/cli/cmd/sysdump.go index 8ec796a2db..8935079b21 100644 --- a/internal/cli/cmd/sysdump.go +++ b/internal/cli/cmd/sysdump.go @@ -49,24 +49,15 @@ func newCmdSysdump() *cobra.Command { cmd.Flags().StringVar(&sysdumpOptions.CiliumOperatorLabelSelector, "cilium-operator-label-selector", sysdump.DefaultCiliumOperatorLabelSelector, "The labels used to target Cilium operator pods") - cmd.Flags().StringVar(&sysdumpOptions.CiliumOperatorNamespace, - "cilium-operator-namespace", sysdump.DefaultCiliumOperatorNamespace, - "The namespace Cilium operator is running in") cmd.Flags().StringVar(&sysdumpOptions.ClustermeshApiserverLabelSelector, "clustermesh-apiserver-label-selector", sysdump.DefaultClustermeshApiserverLabelSelector, "The labels used to target 'clustermesh-apiserver' pods") - cmd.Flags().StringVar(&sysdumpOptions.ClustermeshApiserverNamespace, - "clustermesh-apiserver-namespace", sysdump.DefaultClustermeshApiserverNamespace, - "The namespace Cilium operator is running in") cmd.Flags().BoolVar(&sysdumpOptions.Debug, "debug", sysdump.DefaultDebug, "Whether to enable debug logging") cmd.Flags().StringVar(&sysdumpOptions.HubbleLabelSelector, "hubble-label-selector", sysdump.DefaultHubbleLabelSelector, "The labels used to target Hubble pods") - cmd.Flags().StringVar(&sysdumpOptions.HubbleNamespace, - "hubble-namespace", sysdump.DefaultHubbleNamespace, - "The namespace Hubble is running in") cmd.Flags().Int64Var(&sysdumpOptions.HubbleFlowsCount, "hubble-flows-count", sysdump.DefaultHubbleFlowsCount, "Number of Hubble flows to collect. Setting to zero disables collecting Hubble flows.") @@ -76,15 +67,9 @@ func newCmdSysdump() *cobra.Command { cmd.Flags().StringVar(&sysdumpOptions.HubbleRelayLabelSelector, "hubble-relay-labels", sysdump.DefaultHubbleRelayLabelSelector, "The labels used to target Hubble Relay pods") - cmd.Flags().StringVar(&sysdumpOptions.HubbleRelayNamespace, - "hubble-relay-namespace", sysdump.DefaultHubbleRelayNamespace, - "The namespace Hubble Relay is running in") cmd.Flags().StringVar(&sysdumpOptions.HubbleUILabelSelector, "hubble-ui-labels", sysdump.DefaultHubbleUILabelSelector, "The labels used to target Hubble UI pods") - cmd.Flags().StringVar(&sysdumpOptions.HubbleUINamespace, - "hubble-ui-namespace", sysdump.DefaultHubbleUINamespace, - "The namespace Hubble UI is running in") cmd.Flags().Int64Var(&sysdumpOptions.LogsLimitBytes, "logs-limit-bytes", sysdump.DefaultLogsLimitBytes, "The limit on the number of bytes to retrieve when collecting logs") diff --git a/sysdump/defaults.go b/sysdump/defaults.go index 545c391aae..b528896c46 100644 --- a/sysdump/defaults.go +++ b/sysdump/defaults.go @@ -17,18 +17,13 @@ const ( DefaultCiliumLabelSelector = labelPrefix + "cilium" DefaultCiliumNamespace = "kube-system" DefaultCiliumOperatorLabelSelector = "io.cilium/app=operator" - DefaultCiliumOperatorNamespace = DefaultCiliumNamespace - DefaultClustermeshApiserverLabelSelector = "k8s-app=clustermesh-apiserver" DefaultClustermeshApiserverLabelSelector = labelPrefix + "clustermesh-apiserver" DefaultDebug = false DefaultHubbleLabelSelector = labelPrefix + "hubble" - DefaultHubbleNamespace = DefaultCiliumNamespace DefaultHubbleFlowsCount = 10000 DefaultHubbleFlowsTimeout = 5 * time.Second DefaultHubbleRelayLabelSelector = labelPrefix + "hubble-relay" - DefaultHubbleRelayNamespace = DefaultCiliumNamespace DefaultHubbleUILabelSelector = labelPrefix + "hubble-ui" - DefaultHubbleUINamespace = DefaultCiliumNamespace DefaultLargeSysdumpAbortTimeout = 5 * time.Second DefaultLargeSysdumpThreshold = 20 DefaultLogsSinceTime = 8760 * time.Hour // 1y diff --git a/sysdump/sysdump.go b/sysdump/sysdump.go index eea0c4ff64..1aed13cf80 100644 --- a/sysdump/sysdump.go +++ b/sysdump/sysdump.go @@ -32,30 +32,20 @@ type Options struct { CiliumNamespace string // The labels used to target Cilium operator pods. CiliumOperatorLabelSelector string - // The namespace Cilium operator is running in. - CiliumOperatorNamespace string // The labels used to target 'clustermesh-apiserver' pods. ClustermeshApiserverLabelSelector string - // The namespace 'clustermesh-apiserver' is running in. - ClustermeshApiserverNamespace string // Whether to enable debug logging. Debug bool // The labels used to target Hubble pods. HubbleLabelSelector string - // The namespace Hubble is running in. - HubbleNamespace string // Number of Hubble flows to collect. HubbleFlowsCount int64 // Timeout for collecting Hubble flows. HubbleFlowsTimeout time.Duration // The labels used to target Hubble Relay pods. HubbleRelayLabelSelector string - // The namespace Hubble Relay is running in. - HubbleRelayNamespace string // The labels used to target Hubble UI pods. HubbleUILabelSelector string - // The namespace Hubble UI is running in. - HubbleUINamespace string // The amount of time to wait for the user to cancel the sysdump on a large cluster. LargeSysdumpAbortTimeout time.Duration // The threshold on the number of nodes present in the cluster that triggers a warning message. @@ -398,10 +388,10 @@ func (c *Collector) Run() error { Description: "Collecting the Hubble daemonset", Quick: true, Task: func(ctx context.Context) error { - v, err := c.client.GetDaemonSet(ctx, c.options.HubbleNamespace, hubbleDaemonSetName, metav1.GetOptions{}) + v, err := c.client.GetDaemonSet(ctx, c.options.CiliumNamespace, hubbleDaemonSetName, metav1.GetOptions{}) if err != nil { if errors.IsNotFound(err) { - c.logDebug("daemonset %q not found in namespace %q - this is expected in recent versions of Cilium", hubbleDaemonSetName, c.options.HubbleNamespace) + c.logDebug("daemonset %q not found in namespace %q - this is expected in recent versions of Cilium", hubbleDaemonSetName, c.options.CiliumNamespace) return nil } return fmt.Errorf("failed to collect the Hubble daemonset: %w", err) @@ -416,10 +406,10 @@ func (c *Collector) Run() error { Description: "Collecting the Hubble Relay deployment", Quick: true, Task: func(ctx context.Context) error { - v, err := c.client.GetDeployment(ctx, c.options.HubbleRelayNamespace, hubbleRelayDeploymentName, metav1.GetOptions{}) + v, err := c.client.GetDeployment(ctx, c.options.CiliumNamespace, hubbleRelayDeploymentName, metav1.GetOptions{}) if err != nil { if errors.IsNotFound(err) { - c.logWarn("deployment %q not found in namespace %q", hubbleRelayDeploymentName, c.options.HubbleRelayNamespace) + c.logWarn("deployment %q not found in namespace %q", hubbleRelayDeploymentName, c.options.CiliumNamespace) return nil } return fmt.Errorf("failed to collect the Hubble Relay deployment: %w", err) @@ -434,10 +424,10 @@ func (c *Collector) Run() error { Description: "Collecting the Hubble UI deployment", Quick: true, Task: func(ctx context.Context) error { - v, err := c.client.GetDeployment(ctx, c.options.HubbleUINamespace, hubbleUIDeploymentName, metav1.GetOptions{}) + v, err := c.client.GetDeployment(ctx, c.options.CiliumNamespace, hubbleUIDeploymentName, metav1.GetOptions{}) if err != nil { if errors.IsNotFound(err) { - c.logWarn("deployment %q not found in namespace %q", hubbleUIDeploymentName, c.options.HubbleUINamespace) + c.logWarn("deployment %q not found in namespace %q", hubbleUIDeploymentName, c.options.CiliumNamespace) return nil } return fmt.Errorf("failed to collect the Hubble UI deployment: %w", err) @@ -452,7 +442,7 @@ func (c *Collector) Run() error { Description: "Collecting the Cilium operator deployment", Quick: true, Task: func(ctx context.Context) error { - v, err := c.client.GetDeployment(ctx, c.options.CiliumOperatorNamespace, ciliumOperatorDeploymentName, metav1.GetOptions{}) + v, err := c.client.GetDeployment(ctx, c.options.CiliumNamespace, ciliumOperatorDeploymentName, metav1.GetOptions{}) if err != nil { return fmt.Errorf("failed to collect the Cilium operator deployment: %w", err) } @@ -466,10 +456,10 @@ func (c *Collector) Run() error { Description: "Collecting the 'clustermesh-apiserver' deployment", Quick: true, Task: func(ctx context.Context) error { - v, err := c.client.GetDeployment(ctx, c.options.ClustermeshApiserverNamespace, clustermeshApiserverDeploymentName, metav1.GetOptions{}) + v, err := c.client.GetDeployment(ctx, c.options.CiliumNamespace, clustermeshApiserverDeploymentName, metav1.GetOptions{}) if err != nil { if errors.IsNotFound(err) { - c.logWarn("deployment %q not found in namespace %q - this is expected if 'clustermesh-apiserver' isn't enabled", clustermeshApiserverDeploymentName, c.options.ClustermeshApiserverNamespace) + c.logWarn("deployment %q not found in namespace %q - this is expected if 'clustermesh-apiserver' isn't enabled", clustermeshApiserverDeploymentName, c.options.CiliumNamespace) return nil } return fmt.Errorf("failed to collect the 'clustermesh-apiserver' deployment: %w", err) @@ -502,7 +492,7 @@ func (c *Collector) Run() error { Description: "Collecting gops stats from Hubble pods", Quick: true, Task: func(ctx context.Context) error { - p, err := c.client.ListPods(ctx, c.options.HubbleNamespace, metav1.ListOptions{ + p, err := c.client.ListPods(ctx, c.options.CiliumNamespace, metav1.ListOptions{ LabelSelector: c.options.HubbleLabelSelector, }) if err != nil { @@ -519,7 +509,7 @@ func (c *Collector) Run() error { Description: "Collecting gops stats from Hubble Relay pods", Quick: true, Task: func(ctx context.Context) error { - p, err := c.client.ListPods(ctx, c.options.HubbleNamespace, metav1.ListOptions{ + p, err := c.client.ListPods(ctx, c.options.CiliumNamespace, metav1.ListOptions{ LabelSelector: c.options.HubbleRelayLabelSelector, }) if err != nil { @@ -570,7 +560,7 @@ func (c *Collector) Run() error { Description: "Collecting logs from Cilium operator pods", Quick: false, Task: func(ctx context.Context) error { - p, err := c.client.ListPods(ctx, c.options.CiliumOperatorNamespace, metav1.ListOptions{ + p, err := c.client.ListPods(ctx, c.options.CiliumNamespace, metav1.ListOptions{ LabelSelector: c.options.CiliumOperatorLabelSelector, }) if err != nil { @@ -604,7 +594,7 @@ func (c *Collector) Run() error { Description: "Collecting logs from Hubble pods", Quick: false, Task: func(ctx context.Context) error { - p, err := c.client.ListPods(ctx, c.options.HubbleNamespace, metav1.ListOptions{ + p, err := c.client.ListPods(ctx, c.options.CiliumNamespace, metav1.ListOptions{ LabelSelector: c.options.HubbleLabelSelector, }) if err != nil { @@ -621,7 +611,7 @@ func (c *Collector) Run() error { Description: "Collecting logs from Hubble Relay pods", Quick: false, Task: func(ctx context.Context) error { - p, err := c.client.ListPods(ctx, c.options.HubbleRelayNamespace, metav1.ListOptions{ + p, err := c.client.ListPods(ctx, c.options.CiliumNamespace, metav1.ListOptions{ LabelSelector: c.options.HubbleRelayLabelSelector, }) if err != nil { @@ -638,7 +628,7 @@ func (c *Collector) Run() error { Description: "Collecting logs from Hubble UI pods", Quick: false, Task: func(ctx context.Context) error { - p, err := c.client.ListPods(ctx, c.options.HubbleNamespace, metav1.ListOptions{ + p, err := c.client.ListPods(ctx, c.options.CiliumNamespace, metav1.ListOptions{ LabelSelector: c.options.HubbleLabelSelector, }) if err != nil { From 03824acb2b5a338e5f00f62a8461e515b9421500 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bruno=20Miguel=20Cust=C3=B3dio?= Date: Thu, 2 Sep 2021 09:30:29 +0100 Subject: [PATCH 3/5] sysdump: improve log messages MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Be consistent about casing, and let the user know when and why something is expected. Signed-off-by: Bruno Miguel Custódio --- sysdump/sysdump.go | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/sysdump/sysdump.go b/sysdump/sysdump.go index 1aed13cf80..f27722add6 100644 --- a/sysdump/sysdump.go +++ b/sysdump/sysdump.go @@ -341,7 +341,7 @@ func (c *Collector) Run() error { v, err := c.client.GetSecret(ctx, c.options.CiliumNamespace, ciliumEtcdSecretsSecretName, metav1.GetOptions{}) if err != nil { if errors.IsNotFound(err) { - c.logDebug("secret %q not found in namespace %q - this is expected when using the CRD KVStore", ciliumEtcdSecretsSecretName, c.options.CiliumNamespace) + c.logDebug("Secret %q not found in namespace %q - this is expected when using the CRD KVStore", ciliumEtcdSecretsSecretName, c.options.CiliumNamespace) return nil } return fmt.Errorf("failed to collect Cilium etcd secret: %w", err) @@ -391,7 +391,7 @@ func (c *Collector) Run() error { v, err := c.client.GetDaemonSet(ctx, c.options.CiliumNamespace, hubbleDaemonSetName, metav1.GetOptions{}) if err != nil { if errors.IsNotFound(err) { - c.logDebug("daemonset %q not found in namespace %q - this is expected in recent versions of Cilium", hubbleDaemonSetName, c.options.CiliumNamespace) + c.logDebug("Daemonset %q not found in namespace %q - this is expected in recent versions of Cilium", hubbleDaemonSetName, c.options.CiliumNamespace) return nil } return fmt.Errorf("failed to collect the Hubble daemonset: %w", err) @@ -409,7 +409,7 @@ func (c *Collector) Run() error { v, err := c.client.GetDeployment(ctx, c.options.CiliumNamespace, hubbleRelayDeploymentName, metav1.GetOptions{}) if err != nil { if errors.IsNotFound(err) { - c.logWarn("deployment %q not found in namespace %q", hubbleRelayDeploymentName, c.options.CiliumNamespace) + c.logWarn("Deployment %q not found in namespace %q - this is expected if Hubble is not enabled", hubbleRelayDeploymentName, c.options.CiliumNamespace) return nil } return fmt.Errorf("failed to collect the Hubble Relay deployment: %w", err) @@ -427,7 +427,7 @@ func (c *Collector) Run() error { v, err := c.client.GetDeployment(ctx, c.options.CiliumNamespace, hubbleUIDeploymentName, metav1.GetOptions{}) if err != nil { if errors.IsNotFound(err) { - c.logWarn("deployment %q not found in namespace %q", hubbleUIDeploymentName, c.options.CiliumNamespace) + c.logWarn("Deployment %q not found in namespace %q - this is expected if Hubble UI is not enabled", hubbleUIDeploymentName, c.options.CiliumNamespace) return nil } return fmt.Errorf("failed to collect the Hubble UI deployment: %w", err) @@ -459,7 +459,7 @@ func (c *Collector) Run() error { v, err := c.client.GetDeployment(ctx, c.options.CiliumNamespace, clustermeshApiserverDeploymentName, metav1.GetOptions{}) if err != nil { if errors.IsNotFound(err) { - c.logWarn("deployment %q not found in namespace %q - this is expected if 'clustermesh-apiserver' isn't enabled", clustermeshApiserverDeploymentName, c.options.CiliumNamespace) + c.logWarn("Deployment %q not found in namespace %q - this is expected if 'clustermesh-apiserver' isn't enabled", clustermeshApiserverDeploymentName, c.options.CiliumNamespace) return nil } return fmt.Errorf("failed to collect the 'clustermesh-apiserver' deployment: %w", err) From eacf95cb4ebace45f15dbb44f97144ae3ea5ef71 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bruno=20Miguel=20Cust=C3=B3dio?= Date: Thu, 2 Sep 2021 10:37:02 +0100 Subject: [PATCH 4/5] sysdump: avoid redefining constants MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Reuse constants defined in the 'defaults' package. Signed-off-by: Bruno Miguel Custódio --- connectivity/check/deployment.go | 2 +- connectivity/check/policy.go | 4 ++-- defaults/defaults.go | 2 ++ hubble/relay.go | 2 +- install/install.go | 2 +- internal/k8s/client.go | 6 ++++-- sysdump/constants.go | 21 ++++++++++++--------- 7 files changed, 23 insertions(+), 16 deletions(-) diff --git a/connectivity/check/deployment.go b/connectivity/check/deployment.go index 6dabc077d8..fd20297e5f 100644 --- a/connectivity/check/deployment.go +++ b/connectivity/check/deployment.go @@ -542,7 +542,7 @@ func (ct *ConnectivityTest) waitForIPCache(ctx context.Context, pod Pod) error { r := time.After(time.Second) stdout, err := pod.K8sClient.ExecInPodWithTTY(ctx, pod.Pod.Namespace, pod.Pod.Name, - "cilium-agent", []string{"cilium", "bpf", "ipcache", "list", "-o", "json"}) + defaults.AgentContainerName, []string{"cilium", "bpf", "ipcache", "list", "-o", "json"}) if err == nil { var ic ipCache diff --git a/connectivity/check/policy.go b/connectivity/check/policy.go index b804cf7033..33bf8e49ff 100644 --- a/connectivity/check/policy.go +++ b/connectivity/check/policy.go @@ -85,7 +85,7 @@ func (t *Test) waitCiliumPolicyRevisions(ctx context.Context, revisions map[Pod] // getCiliumPolicyRevision returns the current policy revision of a Cilium pod. func getCiliumPolicyRevision(ctx context.Context, pod Pod) (int, error) { stdout, err := pod.K8sClient.ExecInPodWithTTY(ctx, pod.Pod.Namespace, pod.Pod.Name, - "cilium-agent", []string{"cilium", "policy", "get", "-o", "jsonpath='{.revision}'"}) + defaults.AgentContainerName, []string{"cilium", "policy", "get", "-o", "jsonpath='{.revision}'"}) if err != nil { return 0, err } @@ -100,7 +100,7 @@ func getCiliumPolicyRevision(ctx context.Context, pod Pod) (int, error) { func waitCiliumPolicyRevision(ctx context.Context, pod Pod, rev int, timeout time.Duration) error { timeoutStr := strconv.Itoa(int(timeout.Seconds())) _, err := pod.K8sClient.ExecInPodWithTTY(ctx, pod.Pod.Namespace, pod.Pod.Name, - "cilium-agent", []string{"cilium", "policy", "wait", strconv.Itoa(rev), "--max-wait-time", timeoutStr}) + defaults.AgentContainerName, []string{"cilium", "policy", "wait", strconv.Itoa(rev), "--max-wait-time", timeoutStr}) return err } diff --git a/defaults/defaults.go b/defaults/defaults.go index 126888e852..23cfb8fcd4 100644 --- a/defaults/defaults.go +++ b/defaults/defaults.go @@ -6,6 +6,7 @@ package defaults import "time" const ( + AgentContainerName = "cilium-agent" AgentServiceAccountName = "cilium" AgentClusterRoleName = "cilium" AgentDaemonSetName = "cilium" @@ -29,6 +30,7 @@ const ( HubbleSocketPath = "/var/run/cilium/hubble.sock" HubbleServerSecretName = "hubble-server-certs" + RelayContainerName = "hubble-relay" RelayDeploymentName = "hubble-relay" RelayClusterRoleName = "hubble-relay" RelayServiceAccountName = "hubble-relay" diff --git a/hubble/relay.go b/hubble/relay.go index 05777f50ad..98c9b94566 100644 --- a/hubble/relay.go +++ b/hubble/relay.go @@ -95,7 +95,7 @@ func (k *K8sHubble) generateRelayDeployment() *appsv1.Deployment { ServiceAccountName: defaults.RelayServiceAccountName, Containers: []corev1.Container{ { - Name: "hubble-relay", + Name: defaults.RelayContainerName, Command: []string{"hubble-relay"}, Args: []string{ "serve", diff --git a/install/install.go b/install/install.go index 9541bfb644..384acb8e9e 100644 --- a/install/install.go +++ b/install/install.go @@ -257,7 +257,7 @@ func (k *K8sInstaller) generateAgentDaemonSet() *appsv1.DaemonSet { }, Containers: []corev1.Container{ { - Name: "cilium-agent", + Name: defaults.AgentContainerName, Command: []string{"cilium-agent"}, Args: []string{"--config-dir=/tmp/cilium/config-map"}, Image: k.fqAgentImage(), diff --git a/internal/k8s/client.go b/internal/k8s/client.go index 3be1125ffe..15ea5a3d09 100644 --- a/internal/k8s/client.go +++ b/internal/k8s/client.go @@ -36,6 +36,8 @@ import ( // Register all auth providers (azure, gcp, oidc, openstack, ..). _ "k8s.io/client-go/plugin/pkg/client/auth" + + "github.com/cilium/cilium-cli/defaults" ) type Client struct { @@ -281,7 +283,7 @@ var logSplitter = regexp.MustCompile(`\r?\n[^ ]+ level=[[:alpha:]]+ msg=`) func (c *Client) CiliumLogs(ctx context.Context, namespace, pod string, since time.Time, filter *regexp.Regexp) (string, error) { opts := &corev1.PodLogOptions{ - Container: "cilium-agent", + Container: defaults.AgentContainerName, Timestamps: true, SinceTime: &metav1.Time{Time: since}, } @@ -371,7 +373,7 @@ func (c *Client) ExecInPod(ctx context.Context, namespace, pod, container string } func (c *Client) CiliumStatus(ctx context.Context, namespace, pod string) (*models.StatusResponse, error) { - stdout, err := c.ExecInPod(ctx, namespace, pod, "cilium-agent", []string{"cilium", "status", "-o", "json"}) + stdout, err := c.ExecInPod(ctx, namespace, pod, defaults.AgentContainerName, []string{"cilium", "status", "-o", "json"}) if err != nil { return nil, err } diff --git a/sysdump/constants.go b/sysdump/constants.go index 830618277d..741dec3b9d 100644 --- a/sysdump/constants.go +++ b/sysdump/constants.go @@ -6,23 +6,26 @@ package sysdump import ( "regexp" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime/schema" + + "github.com/cilium/cilium-cli/defaults" ) const ( awsNodeDaemonSetName = "aws-node" - awsNodeDaemonSetNamespace = "kube-system" - ciliumAgentContainerName = "cilium-agent" - ciliumConfigConfigMapName = "cilium-config" - ciliumDaemonSetName = "cilium" + awsNodeDaemonSetNamespace = metav1.NamespaceSystem + ciliumAgentContainerName = defaults.AgentContainerName + ciliumConfigConfigMapName = defaults.ConfigMapName + ciliumDaemonSetName = defaults.AgentDaemonSetName ciliumEtcdSecretsSecretName = "cilium-etcd-secrets" - ciliumOperatorDeploymentName = "cilium-operator" - clustermeshApiserverDeploymentName = "clustermesh-apiserver" + ciliumOperatorDeploymentName = defaults.OperatorDeploymentName + clustermeshApiserverDeploymentName = defaults.ClusterMeshDeploymentName hubbleContainerName = "hubble" hubbleDaemonSetName = "hubble" - hubbleRelayContainerName = "hubble-relay" - hubbleRelayDeploymentName = "hubble-relay" - hubbleUIDeploymentName = "hubble-ui" + hubbleRelayContainerName = defaults.RelayContainerName + hubbleRelayDeploymentName = defaults.RelayDeploymentName + hubbleUIDeploymentName = defaults.HubbleUIDeploymentName redacted = "XXXXXX" ) From d0d28f87126a85b60e79430b239bbf216c44c7c9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bruno=20Miguel=20Cust=C3=B3dio?= Date: Thu, 2 Sep 2021 17:07:20 +0100 Subject: [PATCH 5/5] sysdump: use the correct hubble ui label selector MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Bruno Miguel Custódio --- sysdump/sysdump.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sysdump/sysdump.go b/sysdump/sysdump.go index f27722add6..03aa0c0fde 100644 --- a/sysdump/sysdump.go +++ b/sysdump/sysdump.go @@ -629,7 +629,7 @@ func (c *Collector) Run() error { Quick: false, Task: func(ctx context.Context) error { p, err := c.client.ListPods(ctx, c.options.CiliumNamespace, metav1.ListOptions{ - LabelSelector: c.options.HubbleLabelSelector, + LabelSelector: c.options.HubbleUILabelSelector, }) if err != nil { return fmt.Errorf("failed to get logs from Hubble UI pods")