Support antctl command for packetcapture #6884
Conversation
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
hangyan
force-pushed
the
topic/yhang/packetcapture-antctl
branch
from
4a616d6 to
bf4cb68
Compare
hangyan
changed the title
|
cc @antoninbas Can you help review this? also maybe merge #3659 first cc @luolanzone |
hangyan
force-pushed
the
topic/yhang/packetcapture-antctl
branch
from
676981f to
b27b72b
Compare
Signed-off-by: Hang Yan <[email protected]>
Signed-off-by: Hang Yan <[email protected]>
hangyan
force-pushed
the
topic/yhang/packetcapture-antctl
branch
from
b27b72b to
43a9451
Compare
pkg/antctl/raw/packetcapture/cp.go
Outdated
| restInterface rest.Interface | ||
| } | ||
|
|
||
| func (p *podFile) CopyFromPod(ctx context.Context, namespace, name, containerName, srcPath, dstDir string) error { |
There was a problem hiding this comment.
We already have ExecInPod defined in pkg/antctl/raw/check/. Can we unify a bit?
There was a problem hiding this comment.
I think it would make more sense to move the common code to pkg/antctl/raw/helper.go
There was a problem hiding this comment.
moved. I only verified this with single file in container, not directory.
| return fmt.Sprintf("%s-%s", prefix, rand.String(8)) | ||
| } | ||
|
|
||
| func parseFlow() (*v1alpha1.Packet, error) { |
There was a problem hiding this comment.
could you group all input parsing functions together?
There was a problem hiding this comment.
getFlowFields is not grouped with the other ones
|
Please fix the antctl e2e test failures: https://github.com/antrea-io/antrea/actions/runs/13198383877?pr=6884 |
Co-authored-by: Lan <[email protected]> Co-authored-by: Antonin Bas <[email protected]>
|
@hangyan there are lots of failures in github checks, please check and fix them. |
hangyan
force-pushed
the
topic/yhang/packetcapture-antctl
branch
from
e1ba1b2 to
3436bfe
Compare
I disable the flag to run packetcapture sub-command in agentMode but controllerMode will still fail. One must be chosen, or this sub-command wont be registered to the rootCmd. However, seems packetcapture doens't make much sense in agentMode or controllerMode(controllerMode also contains outside of cluster case I think, but the e2e will check the command in controller pod). The tests expect run Can we make an exception in the test-case or we need to provide some sane defaults for it to working in the controllerMode? |
Signed-off-by: Hang Yan <[email protected]>
hangyan
force-pushed
the
topic/yhang/packetcapture-antctl
branch
from
5ac92d9 to
e44de62
Compare
| return false, nil | ||
| }) | ||
|
|
||
| if wait.Interrupted(err) { |
There was a problem hiding this comment.
my concern is that when the timeout is hit, these 2 events will happen at roughly the same time:
- the PacketCapture expires and the agent writes the partial pcap to disk
- the
wait.PollUntilContextTimeoutis interrupted and the antctl command exits right away, without retrieving the capture results
Do you think this can happen?
Maybe after the wait.PollUntilContextTimeout expires, we could wait for the results for an extra (at most) 5 seconds. What do you think?
There was a problem hiding this comment.
the concern make sense.updated with increased timeout for PollUntilContextTimeout. If the PC timeout, and we have a pacap file path, it will be copied
There was a problem hiding this comment.
lgtm, can you add a comment before the wait.PollUntilContextTimeout line to explain why we are doing this
pkg/antctl/raw/packetcapture/cp.go
Outdated
| restInterface rest.Interface | ||
| } | ||
|
|
||
| func (p *podFile) CopyFromPod(ctx context.Context, namespace, name, containerName, srcPath, dstDir string) error { |
There was a problem hiding this comment.
I think it would make more sense to move the common code to pkg/antctl/raw/helper.go
Signed-off-by: Hang Yan <[email protected]>
Signed-off-by: Hang Yan <[email protected]>
| ### PacketCapture | ||
|
|
||
| `antctl packetcapture` (or `antctl pc`) command is used to start a `PacketCapture` | ||
| and retrieve the captured result. After the result packet file is copied out, |
There was a problem hiding this comment.
After the result packet file (in pcapng format)
|
|
||
| The `--flow` (or `-f`) argument can be used to specify the PacketCapture packet | ||
| headers with the [ovs-ofctl](http://www.openvswitch.org//support/dist-docs/ovs-ofctl.8.txt) | ||
| flow syntax(This argument works similar as Traceflow). The supported flow fields |
There was a problem hiding this comment.
| flow syntax(This argument works similar as Traceflow). The supported flow fields | |
| flow syntax. This argument works the same way as the one for `antctl traceflow`. The supported flow fields |
| (`tcp_src`, `tcp_dst`, `udp_src`, `udp_dst`). | ||
|
|
||
| By default, the command will wait for the PacketCapture to succeed or fail, or | ||
| timeout. The default timeout is 10 seconds, but can be changed with the |
| (`tcp_src`, `tcp_dst`, `udp_src`, `udp_dst`). | ||
|
|
||
| By default, the command will wait for the PacketCapture to succeed or fail, or | ||
| timeout. The default timeout is 10 seconds, but can be changed with the |
There was a problem hiding this comment.
wrong default timeout value, it is 60s
| More examples of `antctl packetcapture`: | ||
|
|
||
| ```bash | ||
| Start capturing packets from pod1 to pod2, both Pods are in Namespace default |
There was a problem hiding this comment.
if you use the bash syntax highlighting, add the comment sign # before each description sentence
| return false, nil | ||
| }) | ||
|
|
||
| if wait.Interrupted(err) { |
There was a problem hiding this comment.
lgtm, can you add a comment before the wait.PollUntilContextTimeout line to explain why we are doing this
| splits := strings.Split(latestPC.Status.FilePath, ":") | ||
| if len(splits) < 2 { | ||
| return errors.New("no packets file generated, this maybe caused by timeout") | ||
| } |
There was a problem hiding this comment.
do you think we should check the Status field first?
| if len(splits) < 2 { | ||
| return errors.New("no packets file generated, this maybe caused by timeout") | ||
| } | ||
| fileName := filepath.Base(splits[1]) |
There was a problem hiding this comment.
same comment as earlier, path would make more sense
| defer func() { | ||
| if !option.nowait { | ||
| if err = antreaClient.CrdV1alpha1().PacketCaptures().Delete(context.TODO(), pc.Name, metav1.DeleteOptions{}); err != nil { | ||
| fmt.Fprintf(cmd.OutOrStdout(), "error when deleting PacketCapture: %s", err.Error()) |
There was a problem hiding this comment.
nit: maybe define out := cmd.OutOrStdout() instead of repeating cmd.OutOrStdout() multiple times (whenever you call fmt.Printf)
| return fmt.Sprintf("%s-%s", prefix, rand.String(8)) | ||
| } | ||
|
|
||
| func parseFlow() (*v1alpha1.Packet, error) { |
There was a problem hiding this comment.
getFlowFields is not grouped with the other ones
TODO items:
after #3659 , the CodeQL alert should be fixed and UT coverage will also be improved.