feat: updateConnectionMetricCache and buildConnectionMetric func

Signed-off-by: Yash Patel <[email protected]>

Author: yp969803

pkg/controller/telemetry/metric.go

@@ -47,6 +47,8 @@ const (
 	metricFlushInterval = 5 * time.Second
 
 	DEFAULT_UNKNOWN = "-"
+
+	LONG_CONN_METRIC_THRESHOLD = uint64(30 * time.Second)
 )
 
 var osStartTime time.Time
@@ -68,14 +70,16 @@ var TCP_STATES = map[uint32]string{
 }
 
 type MetricController struct {
-	EnableAccesslog      atomic.Bool
-	EnableMonitoring     atomic.Bool
-	EnableWorkloadMetric atomic.Bool
-	workloadCache        cache.WorkloadCache
-	serviceCache         cache.ServiceCache
-	workloadMetricCache  map[workloadMetricLabels]*workloadMetricInfo
-	serviceMetricCache   map[serviceMetricLabels]*serviceMetricInfo
-	mutex                sync.RWMutex
+	EnableAccesslog        atomic.Bool
+	EnableMonitoring       atomic.Bool
+	EnableWorkloadMetric   atomic.Bool
+	EnableConnectionMetric atomic.Bool
+	workloadCache          cache.WorkloadCache
+	serviceCache           cache.ServiceCache
+	workloadMetricCache    map[workloadMetricLabels]*workloadMetricInfo
+	serviceMetricCache     map[serviceMetricLabels]*serviceMetricInfo
+	connectionMetricCache  map[connectionMetricLabels]*connectionMetricInfo
+	mutex                  sync.RWMutex
 }
 
 type workloadMetricInfo struct {
@@ -96,6 +100,13 @@ type serviceMetricInfo struct {
 	ServiceConnFailed        float64
 }
 
+type connectionMetricInfo struct {
+	ConnSentBytes     float64
+	ConnReceivedBytes float64
+	ConnTotalRetrans  float64
+	ConnPacketLost    float64
+}
+
 type statistics struct {
 	SentBytes      uint32
 	ReceivedBytes  uint32
@@ -144,6 +155,7 @@ type connMetric struct {
 	sentBytes     uint32 // total bytes sent till now
 	totalRetrans  uint32 // total retransmits till now
 	packetLost    uint32 // total packets lost till now
+	totalReports  uint32 // number of times connection data is reported in ringbuffer
 }
 
 type connectionSrcDst struct {
@@ -231,6 +243,39 @@ type serviceMetricLabels struct {
 	connectionSecurityPolicy string
 }
 
+type connectionMetricLabels struct {
+	reporter  string
+	startTime string
+
+	sourceWorkload          string
+	sourceCanonicalService  string
+	sourceCanonicalRevision string
+	sourceWorkloadNamespace string
+	sourcePrincipal         string
+	sourceApp               string
+	sourceVersion           string
+	sourceCluster           string
+	sourceAddress           string
+
+	destinationAddress           string
+	destinationPodAddress        string
+	destinationPodNamespace      string
+	destinationPodName           string
+	destinationWorkload          string
+	destinationCanonicalService  string
+	destinationCanonicalRevision string
+	destinationWorkloadNamespace string
+	destinationPrincipal         string
+	destinationApp               string
+	destinationVersion           string
+	destinationCluster           string
+
+	requestProtocol string
+	// TODO: responseFlags is not used for now
+	responseFlags            string
+	connectionSecurityPolicy string
+}
+
 func NewServiceMetricLabel() *serviceMetricLabels {
 	return &serviceMetricLabels{}
 }
@@ -239,6 +284,10 @@ func NewWorkloadMetricLabel() *workloadMetricLabels {
 	return &workloadMetricLabels{}
 }
 
+func NewConnectionMetricLabel() *connectionMetricLabels {
+	return &connectionMetricLabels{}
+}
+
 func (w *workloadMetricLabels) withSource(workload *workloadapi.Workload) *workloadMetricLabels {
 	if workload == nil {
 		return w
@@ -311,12 +360,45 @@ func (s *serviceMetricLabels) withDestination(workload *workloadapi.Workload) *s
 	return s
 }
 
+func (w *connectionMetricLabels) withSource(workload *workloadapi.Workload) *connectionMetricLabels {
+	if workload == nil {
+		return w
+	}
+	w.sourceWorkload = workload.GetWorkloadName()
+	w.sourceCanonicalService = workload.GetCanonicalName()
+	w.sourceCanonicalRevision = workload.GetCanonicalRevision()
+	w.sourceWorkloadNamespace = workload.GetNamespace()
+	w.sourceApp = workload.GetCanonicalName()
+	w.sourceVersion = workload.GetCanonicalRevision()
+	w.sourceCluster = workload.GetClusterId()
+	w.sourcePrincipal = buildPrincipal(workload)
+	return w
+}
+
+func (w *connectionMetricLabels) withDestination(workload *workloadapi.Workload) *connectionMetricLabels {
+	if workload == nil {
+		return w
+	}
+	w.destinationPodNamespace = workload.GetNamespace()
+	w.destinationPodName = workload.GetName()
+	w.destinationWorkload = workload.GetWorkloadName()
+	w.destinationCanonicalService = workload.GetCanonicalName()
+	w.destinationCanonicalRevision = workload.GetCanonicalRevision()
+	w.destinationWorkloadNamespace = workload.GetNamespace()
+	w.destinationApp = workload.GetCanonicalName()
+	w.destinationVersion = workload.GetCanonicalRevision()
+	w.destinationCluster = workload.GetClusterId()
+	w.destinationPrincipal = buildPrincipal(workload)
+	return w
+}
+
 func NewMetric(workloadCache cache.WorkloadCache, serviceCache cache.ServiceCache, enableMonitoring bool) *MetricController {
 	m := &MetricController{
-		workloadCache:       workloadCache,
-		serviceCache:        serviceCache,
-		workloadMetricCache: map[workloadMetricLabels]*workloadMetricInfo{},
-		serviceMetricCache:  map[serviceMetricLabels]*serviceMetricInfo{},
+		workloadCache:         workloadCache,
+		serviceCache:          serviceCache,
+		workloadMetricCache:   map[workloadMetricLabels]*workloadMetricInfo{},
+		serviceMetricCache:    map[serviceMetricLabels]*serviceMetricInfo{},
+		connectionMetricCache: map[connectionMetricLabels]*connectionMetricInfo{},
 	}
 	m.EnableMonitoring.Store(enableMonitoring)
 	m.EnableAccesslog.Store(false)
@@ -411,6 +493,10 @@ func (m *MetricController) Run(ctx context.Context, mapOfTcpInfo *ebpf.Map) {
 				workloadLabels = m.buildWorkloadMetric(&data)
 			}
 
+			connectionLabels := connectionMetricLabels{}
+			if m.EnableConnectionMetric.Load() && data.duration > LONG_CONN_METRIC_THRESHOLD {
+				connectionLabels = m.buildConnectionMetric(&data)
+			}
 			if m.EnableAccesslog.Load() {
 				// accesslogs at start of connection, at interval of 5 sec during connection lifecycle and at close of connection
 				OutputAccesslog(data, tcp_conns[data.conSrcDstInfo], accesslog)
@@ -422,9 +508,12 @@ func (m *MetricController) Run(ctx context.Context, mapOfTcpInfo *ebpf.Map) {
 
 			m.mutex.Lock()
 			if m.EnableWorkloadMetric.Load() {
-				m.updateWorkloadMetricCache(data, workloadLabels)
+				m.updateWorkloadMetricCache(data, workloadLabels, tcp_conns)
+			}
+			m.updateServiceMetricCache(data, serviceLabels, tcp_conns)
+			if m.EnableConnectionMetric.Load() && data.duration > LONG_CONN_METRIC_THRESHOLD {
+				m.updateConnectionMetricCache(data, connectionLabels)
 			}
-			m.updateServiceMetricCache(data, serviceLabels)
 			m.mutex.Unlock()
 		}
 	}
@@ -466,11 +555,22 @@ func buildV4Metric(buf *bytes.Buffer, tcp_conns map[connectionSrcDst]connMetric)
 	data.minRtt = connectData.statistics.RttMin
 	data.totalRetrans = connectData.statistics.Retransmits - tcp_conns[data.conSrcDstInfo].totalRetrans
 	data.packetLost = connectData.statistics.LostPackets - tcp_conns[data.conSrcDstInfo].packetLost
-	tcp_conns[data.conSrcDstInfo] = connMetric{
-		receivedBytes: connectData.ReceivedBytes,
-		sentBytes:     connectData.SentBytes,
-		totalRetrans:  connectData.statistics.Retransmits,
-		packetLost:    connectData.statistics.LostPackets,
+
+	cm, ok := tcp_conns[data.conSrcDstInfo]
+	if ok {
+		cm.receivedBytes = connectData.ReceivedBytes
+		cm.sentBytes = connectData.SentBytes
+		cm.totalRetrans = connectData.statistics.Retransmits
+		cm.packetLost = connectData.statistics.LostPackets
+		cm.totalReports++
+	} else {
+		tcp_conns[data.conSrcDstInfo] = connMetric{
+			receivedBytes: connectData.ReceivedBytes,
+			sentBytes:     connectData.SentBytes,
+			totalRetrans:  connectData.statistics.Retransmits,
+			packetLost:    connectData.statistics.LostPackets,
+			totalReports:  1,
+		}
 	}
 
 	return data, nil
@@ -510,11 +610,22 @@ func buildV6Metric(buf *bytes.Buffer, tcp_conns map[connectionSrcDst]connMetric)
 	data.minRtt = connectData.statistics.RttMin
 	data.totalRetrans = connectData.statistics.Retransmits - tcp_conns[data.conSrcDstInfo].totalRetrans
 	data.packetLost = connectData.statistics.LostPackets - tcp_conns[data.conSrcDstInfo].packetLost
-	tcp_conns[data.conSrcDstInfo] = connMetric{
-		receivedBytes: connectData.ReceivedBytes,
-		sentBytes:     connectData.SentBytes,
-		totalRetrans:  connectData.statistics.Retransmits,
-		packetLost:    connectData.statistics.LostPackets,
+
+	cm, ok := tcp_conns[data.conSrcDstInfo]
+	if ok {
+		cm.receivedBytes = connectData.ReceivedBytes
+		cm.sentBytes = connectData.SentBytes
+		cm.totalRetrans = connectData.statistics.Retransmits
+		cm.packetLost = connectData.statistics.LostPackets
+		cm.totalReports++
+	} else {
+		tcp_conns[data.conSrcDstInfo] = connMetric{
+			receivedBytes: connectData.ReceivedBytes,
+			sentBytes:     connectData.SentBytes,
+			totalRetrans:  connectData.statistics.Retransmits,
+			packetLost:    connectData.statistics.LostPackets,
+			totalReports:  1,
+		}
 	}
 
 	return data, nil
@@ -652,6 +763,43 @@ func (m *MetricController) buildServiceMetric(data *requestMetric) (serviceMetri
 	return *trafficLabels, *accesslog
 }
 
+func (m *MetricController) buildConnectionMetric(data *requestMetric) connectionMetricLabels {
+	var dstAddr, srcAddr []byte
+	for i := range data.conSrcDstInfo.dst {
+		dstAddr = binary.LittleEndian.AppendUint32(dstAddr, data.conSrcDstInfo.dst[i])
+		srcAddr = binary.LittleEndian.AppendUint32(srcAddr, data.conSrcDstInfo.src[i])
+	}
+
+	dstWorkload, dstIP := m.getWorkloadByAddress(restoreIPv4(dstAddr))
+	srcWorkload, srcIP := m.getWorkloadByAddress(restoreIPv4(srcAddr))
+
+	if srcWorkload == nil {
+		return connectionMetricLabels{}
+	}
+
+	trafficLabels := NewConnectionMetricLabel()
+	trafficLabels.withSource(srcWorkload).withDestination(dstWorkload)
+
+	trafficLabels.destinationAddress = dstIP + ":" + fmt.Sprintf("%d", data.conSrcDstInfo.dstPort)
+	trafficLabels.sourceAddress = srcIP + ":" + fmt.Sprintf("%d", data.conSrcDstInfo.srcPort)
+	trafficLabels.destinationPodAddress = dstIP
+	trafficLabels.requestProtocol = "tcp"
+	trafficLabels.connectionSecurityPolicy = "mutual_tls"
+
+	switch data.direction {
+	case constants.INBOUND:
+		trafficLabels.reporter = "destination"
+	case constants.OUTBOUND:
+		trafficLabels.reporter = "source"
+	}
+
+	startTime := calculateUptime(osStartTime, data.startTime)
+	startTimeInfo := fmt.Sprintf("%v", startTime)
+	trafficLabels.startTime = startTimeInfo
+
+	return *trafficLabels
+}
+
 func (m *MetricController) getWorkloadByAddress(address []byte) (*workloadapi.Workload, string) {
 	networkAddr := cache.NetworkAddress{}
 	networkAddr.Address, _ = netip.AddrFromSlice(address)
@@ -669,10 +817,10 @@ func buildPrincipal(workload *workloadapi.Workload) string {
 	return DEFAULT_UNKNOWN
 }
 
-func (m *MetricController) updateWorkloadMetricCache(data requestMetric, labels workloadMetricLabels) {
+func (m *MetricController) updateWorkloadMetricCache(data requestMetric, labels workloadMetricLabels, tcp_conns map[connectionSrcDst]connMetric) {
 	v, ok := m.workloadMetricCache[labels]
 	if ok {
-		if data.state == TCP_ESTABLISHED {
+		if data.state == TCP_ESTABLISHED && tcp_conns[data.conSrcDstInfo].totalReports == 1 {
 			v.WorkloadConnOpened = v.WorkloadConnOpened + 1
 		}
 		if data.state == TCP_CLOSTED {
@@ -704,10 +852,10 @@ func (m *MetricController) updateWorkloadMetricCache(data requestMetric, labels
 	}
 }
 
-func (m *MetricController) updateServiceMetricCache(data requestMetric, labels serviceMetricLabels) {
+func (m *MetricController) updateServiceMetricCache(data requestMetric, labels serviceMetricLabels, tcp_conns map[connectionSrcDst]connMetric) {
 	v, ok := m.serviceMetricCache[labels]
 	if ok {
-		if data.state == TCP_ESTABLISHED {
+		if data.state == TCP_ESTABLISHED && tcp_conns[data.conSrcDstInfo].totalReports == 1 {
 			v.ServiceConnOpened = v.ServiceConnOpened + 1
 		}
 		if data.state == TCP_CLOSTED {
@@ -735,12 +883,31 @@ func (m *MetricController) updateServiceMetricCache(data requestMetric, labels s
 	}
 }
 
+func (m *MetricController) updateConnectionMetricCache(data requestMetric, labels connectionMetricLabels) {
+	v, ok := m.connectionMetricCache[labels]
+	if ok {
+		v.ConnSentBytes = v.ConnSentBytes + float64(data.sentBytes)
+		v.ConnReceivedBytes = v.ConnReceivedBytes + float64(data.receivedBytes)
+		v.ConnPacketLost = v.ConnPacketLost + float64(data.packetLost)
+		v.ConnTotalRetrans = v.ConnTotalRetrans + float64(data.totalRetrans)
+	} else {
+		newConnectionMetricInfo := connectionMetricInfo{}
+		newConnectionMetricInfo.ConnSentBytes = float64(data.sentBytes)
+		newConnectionMetricInfo.ConnReceivedBytes = float64(data.receivedBytes)
+		newConnectionMetricInfo.ConnPacketLost = float64(data.packetLost)
+		newConnectionMetricInfo.ConnTotalRetrans = float64(data.totalRetrans)
+		m.connectionMetricCache[labels] = &newConnectionMetricInfo
+	}
+}
+
 func (m *MetricController) updatePrometheusMetric() {
 	m.mutex.Lock()
 	workloadInfoCache := m.workloadMetricCache
 	serviceInfoCache := m.serviceMetricCache
+	connectionInfoCache := m.connectionMetricCache
 	m.workloadMetricCache = map[workloadMetricLabels]*workloadMetricInfo{}
 	m.serviceMetricCache = map[serviceMetricLabels]*serviceMetricInfo{}
+	m.connectionMetricCache = map[connectionMetricLabels]*connectionMetricInfo{}
 	m.mutex.Unlock()
 
 	for k, v := range workloadInfoCache {
@@ -763,6 +930,14 @@ func (m *MetricController) updatePrometheusMetric() {
 		tcpSentBytesInService.With(serviceLabels).Add(v.ServiceConnSentBytes)
 	}
 
+	for k, v := range connectionInfoCache {
+		connectionLabels := struct2map(k)
+		tcpConnectionTotalSendBytes.With(connectionLabels).Add(v.ConnSentBytes)
+		tcpConnectionTotalReceivedBytes.With(connectionLabels).Add(v.ConnReceivedBytes)
+		tcpConnectionTotalPacketLost.With(connectionLabels).Add(v.ConnPacketLost)
+		tcpConnectionTotalRetrans.With(connectionLabels).Add(v.ConnTotalRetrans)
+	}
+
 	// delete metrics
 	deleteLock.Lock()
 	// Creating a copy reduces the amount of time spent adding locks in the programme

pkg/controller/telemetry/utils.go

@@ -92,6 +92,7 @@ var (
 
 	connectionLabels = []string{
 		"reporter",
+		"start_time",
 		"source_workload",
 		"source_canonical_service",
 		"source_canonical_revision",
@@ -120,6 +121,7 @@ var (
 
 	labelsMap = map[string]string{
 		"reporter":                     "reporter",
+		"startTime":                    "start_time",
 		"sourceWorkload":               "source_workload",
 		"sourceCanonicalService":       "source_canonical_service",
 		"sourceCanonicalRevision":      "source_canonical_revision",
@@ -312,6 +314,7 @@ func runPrometheusClient(registry *prometheus.Registry) {
 	defer mu.Unlock()
 	registry.MustRegister(tcpConnectionOpenedInWorkload, tcpConnectionClosedInWorkload, tcpReceivedBytesInWorkload, tcpSentBytesInWorkload, tcpConnectionTotalRetransInWorkload, tcpConnectionPacketLostInWorkload)
 	registry.MustRegister(tcpConnectionOpenedInService, tcpConnectionClosedInService, tcpReceivedBytesInService, tcpSentBytesInService)
+	registry.MustRegister(tcpConnectionTotalSendBytes, tcpConnectionTotalReceivedBytes, tcpConnectionTotalPacketLost, tcpConnectionTotalRetrans)
 	registry.MustRegister(bpfProgOpDuration, bpfProgOpCount)
 	registry.MustRegister(mapEntryCount, mapCountInNode)