diff --git a/controller/kube-guardian/src/cgroup.rs b/controller/kube-guardian/src/cgroup.rs index 0b16f414a..0078d652d 100644 --- a/controller/kube-guardian/src/cgroup.rs +++ b/controller/kube-guardian/src/cgroup.rs @@ -144,16 +144,9 @@ impl EbpfPgm { let tracker = container_map.lock().await; let key_value = tracker.get(&data.if_index); - if let Some(pod_info) = key_value { - let pod_ip = pod_info.status.pod_ip.to_string(); - let p = PodInfo { - pod_name: pod_info.status.pod_name.to_string(), - pod_namespace: pod_info.status.pod_namespace.to_owned(), - pod_ip: pod_info.status.pod_ip.to_string(), - }; - + if let Some(pod_inspect) = key_value { + let pod_data = &pod_inspect.status; let t = Traffic { - pod_data: p, src_addr: Ipv4Addr::from(data.source_addr).to_string(), dst_addr: Ipv4Addr::from(data.dest_addr).to_string(), src_port: data.src_port, @@ -163,14 +156,16 @@ impl EbpfPgm { }; // check if data exists in cache let mut cache = traced_address_cache.lock().await; - let traced_traffic = t.define_traffic(&pod_ip); + let traced_traffic = t.define_traffic(&pod_data.pod_ip); if !cache.contains(&traced_traffic) { - let parse = t.parse_message(&pod_ip).await; - cache.insert(traced_traffic); - if let Err(e) = parse { - error!("{}", e); + match t.parse_message(pod_data).await { + Ok(_) => { + cache.insert(traced_traffic); + } + Err(e) => { + error!("{}", e); + } } - drop(cache) } else { info!("Record exists"); } @@ -253,15 +248,16 @@ impl Traffic { } }; } - pub async fn parse_message(&self, pod_ip: &str) -> Result<(), Error> { - let pod_namespace = &self.pod_data.pod_namespace; - let pod_name = &self.pod_data.pod_name; + pub async fn parse_message(&self, pod_data: &PodInfo) -> Result<(), Error> { + let pod_name = pod_data.pod_name.to_string(); + let pod_namespace = pod_data.pod_namespace.to_owned(); + let pod_ip = &pod_data.pod_ip; let (traffic_type, pod_ip, pod_port, traffic_in_out_ip, traffic_in_out_port) = self.define_traffic(pod_ip); let z = json!(PodTraffic { uuid: Uuid::new_v4().to_string(), pod_name: pod_name.to_string(), - pod_namespace: pod_namespace.to_owned(), + pod_namespace: pod_namespace, pod_ip, pod_port: Some(pod_port.to_string()), traffic_in_out_ip: Some(traffic_in_out_ip.to_string()), diff --git a/controller/kube-guardian/src/model.rs b/controller/kube-guardian/src/model.rs index a1c2467e6..d56a0b56d 100644 --- a/controller/kube-guardian/src/model.rs +++ b/controller/kube-guardian/src/model.rs @@ -22,11 +22,6 @@ pub struct PodInfo { pub pod_ip: String, } -#[derive(Debug, Default, Deserialize, Clone)] -pub struct Network { - pub ip: String, -} - #[derive(Debug, Default, Deserialize, Clone)] pub struct Metadata { pub name: String, @@ -40,7 +35,6 @@ pub struct Config { #[derive(Debug, Deserialize, Clone)] pub struct Traffic { - pub(crate) pod_data: PodInfo, pub(crate) src_addr: String, pub(crate) dst_addr: String, pub(crate) src_port: u16, @@ -49,17 +43,6 @@ pub struct Traffic { pub(crate) ip_protocol: String, } -#[derive(Debug, Deserialize, Default, Clone)] -pub struct Labels { - #[serde(rename = "io.kubernetes.pod.name")] - pub pod_name: String, - #[serde(rename = "io.kubernetes.pod.namespace")] - pub pod_namespace: String, - #[allow(dead_code)] - #[serde(rename = "io.kubernetes.pod.uid")] - pod_uid: String, -} - #[derive(Debug, Deserialize)] pub struct Linux { pub linux: Namespaces, @@ -76,23 +59,3 @@ pub struct Namespace { pub nstype: Option, pub path: Option, } - -#[derive(Debug, Deserialize, Clone)] -pub struct PodDetails { - pub items: Vec, -} -#[derive(Debug, Deserialize, Clone)] -pub struct PodItems { - pub id: String, -} - -#[derive(Debug, Deserialize, Clone)] -pub struct Containers { - pub containers: Vec, -} -#[derive(Debug, Deserialize, Clone)] -pub struct Container { - #[serde(rename = "id")] - pub container_id: String, - pub labels: Labels, -}