Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Use conntrack to detect short lived connections. #386

Merged
merged 4 commits into from
Aug 28, 2015
Merged

Use conntrack to detect short lived connections. #386

merged 4 commits into from
Aug 28, 2015

Conversation

tomwilkie
Copy link
Contributor

Fixes #356

Status: Good to go. Review feedback welcome.

Steps are:

  1. Refactor the rendering pipeline such that mappers can emit multiple nodes
  2. Use conntrack to populate the endpoint table (in addition to procspy). NB nodes from conntrack will not have a pid
  3. Enhance the container render with an extra pipeline which joins containers to endpoints via their IP addresses

@tomwilkie tomwilkie self-assigned this Aug 21, 2015
@tomwilkie tomwilkie force-pushed the 356-conntrack branch 3 times, most recently from c68bb82 to 0cc54b0 Compare August 24, 2015 12:18
2opremio
2opremio reviewed Aug 24, 2015
View reviewed changes
Makefile
$(DOCKER_DISTRIB):
curl -o $(DOCKER_DISTRIB) $(DOCKER_DISTRIB_URL)

docker/weave:

This comment was marked as abuse.

Sign in to view

This comment was marked as abuse.

Sign in to view

This comment was marked as abuse.

Sign in to view

This comment was marked as abuse.

Sign in to view

This comment was marked as abuse.

Sign in to view

@tomwilkie tomwilkie mentioned this pull request Aug 24, 2015
Closed
@peterbourgon
Copy link
Contributor

To be clear: short-lived connections are visible, for processes that are running in containers, and talking to other containers?

peterbourgon
peterbourgon reviewed Aug 24, 2015
View reviewed changes
probe/endpoint/reporter.go
"strconv"
"time"

"github.com/prometheus/client_golang/prometheus"
"github.com/typetypetype/conntrack"

This comment was marked as abuse.

Sign in to view

This comment was marked as abuse.

Sign in to view

@tomwilkie
Copy link
Contributor Author

To be clear: short-lived connections are visible, for processes that are running in containers, and talking to other containers?

Short lived connections will only be visible for containers with a unique IP address in the containers and container image view. This rules out some of the kubernetes use cases as containers share a network namespace and IP address (although we can do the same thing for pods in the k8n views, so its not too bad), and also rules out --net=host containers (ie scope itself).

These short lived connections will not be visible in the process view (nothing to join them on). We could back-propagate the links for singleton process in containers (again, not scope).

Container-to-container links are covered, as are/will be pseudo nodes (both random ips and the internet node)

@tomwilkie tomwilkie mentioned this pull request Aug 25, 2015
Merged
@tomwilkie tomwilkie force-pushed the 356-conntrack branch 5 times, most recently from 5155a9d to eb30946 Compare August 26, 2015 13:36
@tomwilkie tomwilkie force-pushed the master branch 2 times, most recently from 66be8bd to d9ab9d8 Compare August 26, 2015 14:25
@tomwilkie tomwilkie changed the title [WIP] Use conntrack to detect short lived connections. Use conntrack to detect short lived connections. Aug 26, 2015
@tomwilkie tomwilkie force-pushed the 356-conntrack branch 2 times, most recently from 532a8b3 to 2a56ec9 Compare August 26, 2015 16:46
@tomwilkie tomwilkie mentioned this pull request Aug 26, 2015
Closed
peterbourgon
peterbourgon reviewed Aug 27, 2015
View reviewed changes
probe/endpoint/conntrack.go
} else if err != nil {
log.Printf("conntrack error: %v", err)
return
}

This comment was marked as abuse.

Sign in to view

peterbourgon
peterbourgon reviewed Aug 27, 2015
View reviewed changes
probe/endpoint/conntrack_test.go
})
return result
}
ts := 1000 * time.Millisecond

This comment was marked as abuse.

Sign in to view

This comment was marked as abuse.

Sign in to view

@tomwilkie tomwilkie force-pushed the 356-conntrack branch 2 times, most recently from 2b44189 to b805e84 Compare August 27, 2015 12:19
@tomwilkie tomwilkie removed their assignment Aug 27, 2015
@tomwilkie
Copy link
Contributor Author

I solved #403 by ensure each edge is only included once, by construction.

peterbourgon
peterbourgon reviewed Aug 27, 2015
View reviewed changes
render/mapping.go
@@ -48,20 +45,20 @@ type PseudoFunc func(srcNodeID, dstNodeID string, srcIsClient bool, local report
//
// As with LeafMapFunc, if the final output parameter is false, the node
// shall be omitted from the rendered topology.
type MapFunc func(RenderableNode) (RenderableNode, bool)
type MapFunc func(RenderableNode) RenderableNodes

This comment was marked as abuse.

Sign in to view

@peterbourgon
Copy link
Contributor

After reading this a little bit, very eager to go ahead and merge RenderableNode/NodeMetadata/.... as we discussed...

@tomwilkie
Copy link
Contributor Author

Yeah I've got a WIP branch to get there - https://github.com/weaveworks/scope/tree/357-adjacencies-to-nodemetadata

Will do it tomorrow.

peterbourgon
peterbourgon reviewed Aug 27, 2015
View reviewed changes
probe/endpoint/conntrack.go
"strings"
"sync"

"github.com/weaveworks/scope/test/exec"

This comment was marked as abuse.

Sign in to view

@peterbourgon
Copy link
Contributor

Alright, those comments aside, this LGTM-ish. It's a shame that we have to exploit IP-per-container to get this info, but now that I understand it, I think it's reasonable enough.

@tomwilkie
Copy link
Contributor Author

Thanks! Any suggestions on where to put exec? Maybe a lib package?
Theres more to follow; we've got bits and pieces of a mock filesystem that
should probably be brought together.

On Thu, Aug 27, 2015 at 6:25 PM, Peter Bourgon [email protected]
wrote:

Alright, those comments aside, this LGTM-ish. It's a shame that we have to
exploit IP-per-container to get this info, but now that I understand it, I
think it's reasonable enough.


Reply to this email directly or view it on GitHub
#386 (comment).

@peterbourgon
Copy link
Contributor

Any suggestions on where to put exec?

common/{exec,foo,bar}?

tomwilkie added a commit that referenced this pull request Aug 28, 2015
@tomwilkie
Merge pull request #386 from weaveworks/356-conntrack
9edd507 
Use conntrack to detect short lived connections.
@tomwilkie tomwilkie merged commit 9edd507 into master Aug 28, 2015
@tomwilkie tomwilkie deleted the 356-conntrack branch August 28, 2015 09:28
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@tomwilkie tomwilkie

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@tomwilkie @peterbourgon @2opremio