hubble: Fix filter by reply reporting flows with unknown reply state #13248
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Not all trace observation points have access to the connection tracking state and populate the `Reason` field of `TraceNotify` accordingly. This commit extracts a helper function to determine which trace points currently do have access to connection tracking state. Signed-off-by: Sebastian Wicki <sebastian@isovalent.com>
This fixes a bug in the reply filter on `reply=false` would report flows for which we actually do not know if they were replies or not. Not all trace points have connection tracking state available, thus looking at the reply flag alone is not sufficent to tell if something a flow was a reply or not. Ideally, we would fix this in the parser and make the `reply` an optional boolean, so we can distinguish between a `false` value and an absent value. This however is a breaking change in the Hubble API, which we want to avoid. Therefore, this commit modifies the reply filter to only report flows here for which we know that the reply field is reliable. Signed-off-by: Sebastian Wicki <sebastian@isovalent.com>
rolinh
approved these changes
Sep 22, 2020
|
test-me-please |
|
retest-net-next |
gandro
added a commit
that referenced
this pull request
Oct 26, 2020
This fixes a long-standing issue with Hubble not being able to distingiush between the reply field being false and the reply field being absent. To address the issue, the old `reply` field is replaced with a tri-state `is_reply` field which can be either nil, true or false. All uses of the old field are removed in the source tree, but the field itself is preserved for backwards-compatibility. This incidentally also fixes a bug where the `port-distribution` metric suffered from the same confusion, which caused it to report source ports as destination ports. Ref: #13248 Fixes: #13744 Signed-off-by: Sebastian Wicki <sebastian@isovalent.com>
pchaigno
pushed a commit
that referenced
this pull request
Oct 27, 2020
This fixes a long-standing issue with Hubble not being able to distingiush between the reply field being false and the reply field being absent. To address the issue, the old `reply` field is replaced with a tri-state `is_reply` field which can be either nil, true or false. All uses of the old field are removed in the source tree, but the field itself is preserved for backwards-compatibility. This incidentally also fixes a bug where the `port-distribution` metric suffered from the same confusion, which caused it to report source ports as destination ports. Ref: #13248 Fixes: #13744 Signed-off-by: Sebastian Wicki <sebastian@isovalent.com>
aditighag
pushed a commit
to aditighag/cilium
that referenced
this pull request
Oct 27, 2020
[ upstream commit 0507c62 ] This fixes a long-standing issue with Hubble not being able to distingiush between the reply field being false and the reply field being absent. To address the issue, the old `reply` field is replaced with a tri-state `is_reply` field which can be either nil, true or false. All uses of the old field are removed in the source tree, but the field itself is preserved for backwards-compatibility. This incidentally also fixes a bug where the `port-distribution` metric suffered from the same confusion, which caused it to report source ports as destination ports. Ref: cilium#13248 Fixes: cilium#13744 Signed-off-by: Sebastian Wicki <sebastian@isovalent.com> Signed-off-by: Aditi Ghag <aditi@cilium.io>
jrajahalme
pushed a commit
that referenced
this pull request
Oct 28, 2020
[ upstream commit 0507c62 ] This fixes a long-standing issue with Hubble not being able to distingiush between the reply field being false and the reply field being absent. To address the issue, the old `reply` field is replaced with a tri-state `is_reply` field which can be either nil, true or false. All uses of the old field are removed in the source tree, but the field itself is preserved for backwards-compatibility. This incidentally also fixes a bug where the `port-distribution` metric suffered from the same confusion, which caused it to report source ports as destination ports. Ref: #13248 Fixes: #13744 Signed-off-by: Sebastian Wicki <sebastian@isovalent.com> Signed-off-by: Aditi Ghag <aditi@cilium.io>
gandro
added a commit
that referenced
this pull request
Nov 3, 2020
[ upstream commit 0507c62 ] This fixes a long-standing issue with Hubble not being able to distingiush between the reply field being false and the reply field being absent. To address the issue, the old `reply` field is replaced with a tri-state `is_reply` field which can be either nil, true or false. All uses of the old field are removed in the source tree, but the field itself is preserved for backwards-compatibility. This incidentally also fixes a bug where the `port-distribution` metric suffered from the same confusion, which caused it to report source ports as destination ports. Ref: #13248 Fixes: #13744 Signed-off-by: Sebastian Wicki <sebastian@isovalent.com>
joestringer
pushed a commit
that referenced
this pull request
Nov 3, 2020
[ upstream commit 0507c62 ] This fixes a long-standing issue with Hubble not being able to distingiush between the reply field being false and the reply field being absent. To address the issue, the old `reply` field is replaced with a tri-state `is_reply` field which can be either nil, true or false. All uses of the old field are removed in the source tree, but the field itself is preserved for backwards-compatibility. This incidentally also fixes a bug where the `port-distribution` metric suffered from the same confusion, which caused it to report source ports as destination ports. Ref: #13248 Fixes: #13744 Signed-off-by: Sebastian Wicki <sebastian@isovalent.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This fixes a bug where a Hubble filter on
reply=falsewould report flowsfor which we actually do not know if they were replies or not. Not all
trace points have connection tracking state available, thus looking at
the reply flag alone is not sufficient to tell if something a flow was a
reply or not.
Ideally, we would fix this in the parser and make the
replyanoptional boolean, so we can distinguish between a
falsevalue and anabsent value. This however is a breaking change in the Hubble API, which
we want to avoid. Therefore, this commit modifies the reply filter to
only report flows here for which we know that the reply field is
reliable.