Skip to content

Commit

Permalink
Merge branch 'main' into NDMII-3154-ha-agent-comp
Browse files Browse the repository at this point in the history
  • Loading branch information
AlexandreYang committed Nov 18, 2024
2 parents 3381eb7 + 947fdd4 commit 167c4ae
Show file tree
Hide file tree
Showing 29 changed files with 416 additions and 152 deletions.
2 changes: 1 addition & 1 deletion .github/workflows/create_rc_pr.yml
Original file line number Diff line number Diff line change
Expand Up @@ -64,7 +64,7 @@ jobs:
with:
ref: ${{ matrix.value }}
fetch-depth: 0
persist-credentials: false
persist-credentials: true

- name: Install python
uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0
Expand Down
2 changes: 1 addition & 1 deletion .gitlab/common/test_infra_version.yml
Original file line number Diff line number Diff line change
Expand Up @@ -4,4 +4,4 @@ variables:
# and check the job creating the image to make sure you have the right SHA prefix
TEST_INFRA_DEFINITIONS_BUILDIMAGES_SUFFIX: ""
# Make sure to update test-infra-definitions version in go.mod as well
TEST_INFRA_DEFINITIONS_BUILDIMAGES: b436617374bf
TEST_INFRA_DEFINITIONS_BUILDIMAGES: 7cd5e8a62570
16 changes: 16 additions & 0 deletions .gitlab/internal_kubernetes_deploy/internal_kubernetes_deploy.yml
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,22 @@ internal_kubernetes_deploy_experimental:
artifacts: false
- job: docker_trigger_cluster_agent_internal
artifacts: false
- job: docker_build_agent7_windows1809
artifacts: false
- job: docker_build_agent7_windows2022
artifacts: false
- job: docker_build_agent7_windows1809_jmx
artifacts: false
- job: docker_build_agent7_windows2022_jmx
artifacts: false
- job: docker_build_agent7_windows1809_core
artifacts: false
- job: docker_build_agent7_windows2022_core
artifacts: false
- job: docker_build_agent7_windows1809_core_jmx
artifacts: false
- job: docker_build_agent7_windows2022_core_jmx
artifacts: false
- job: k8s-e2e-main # Currently only require container Argo workflow
artifacts: false
optional: true
Expand Down
11 changes: 6 additions & 5 deletions cmd/system-probe/modules/network_tracer.go
Original file line number Diff line number Diff line change
Expand Up @@ -34,6 +34,7 @@ import (
redisdebugging "github.com/DataDog/datadog-agent/pkg/network/protocols/redis/debugging"
"github.com/DataDog/datadog-agent/pkg/network/protocols/telemetry"
"github.com/DataDog/datadog-agent/pkg/network/tracer"
usmconsts "github.com/DataDog/datadog-agent/pkg/network/usm/consts"
usm "github.com/DataDog/datadog-agent/pkg/network/usm/utils"
"github.com/DataDog/datadog-agent/pkg/process/statsd"
"github.com/DataDog/datadog-agent/pkg/util/log"
Expand Down Expand Up @@ -293,11 +294,11 @@ func (nt *networkTracer) Register(httpMux *module.Router) error {
})

httpMux.HandleFunc("/debug/usm_telemetry", telemetry.Handler)
httpMux.HandleFunc("/debug/usm/traced_programs", usm.TracedProgramsEndpoint)
httpMux.HandleFunc("/debug/usm/blocked_processes", usm.BlockedPathIDEndpoint)
httpMux.HandleFunc("/debug/usm/clear_blocked", usm.ClearBlockedEndpoint)
httpMux.HandleFunc("/debug/usm/attach-pid", usm.AttachPIDEndpoint)
httpMux.HandleFunc("/debug/usm/detach-pid", usm.DetachPIDEndpoint)
httpMux.HandleFunc("/debug/usm/traced_programs", usm.GetTracedProgramsEndpoint(usmconsts.USMModuleName))
httpMux.HandleFunc("/debug/usm/blocked_processes", usm.GetBlockedPathIDEndpoint(usmconsts.USMModuleName))
httpMux.HandleFunc("/debug/usm/clear_blocked", usm.GetClearBlockedEndpoint(usmconsts.USMModuleName))
httpMux.HandleFunc("/debug/usm/attach-pid", usm.GetAttachPIDEndpoint(usmconsts.USMModuleName))
httpMux.HandleFunc("/debug/usm/detach-pid", usm.GetDetachPIDEndpoint(usmconsts.USMModuleName))

// Convenience logging if nothing has made any requests to the system-probe in some time, let's log something.
// This should be helpful for customers + support to debug the underlying issue.
Expand Down
6 changes: 3 additions & 3 deletions pkg/ebpf/uprobes/attacher.go
Original file line number Diff line number Diff line change
Expand Up @@ -336,7 +336,7 @@ type UprobeAttacher struct {
// way).
// - The process monitor to be used to subscribe to process start and exit events. The lifecycle of the process monitor is managed by the caller, the attacher
// will not stop the monitor when it stops.
func NewUprobeAttacher(name string, config AttacherConfig, mgr ProbeManager, onAttachCallback AttachCallback, inspector BinaryInspector, processMonitor ProcessMonitor) (*UprobeAttacher, error) {
func NewUprobeAttacher(moduleName, name string, config AttacherConfig, mgr ProbeManager, onAttachCallback AttachCallback, inspector BinaryInspector, processMonitor ProcessMonitor) (*UprobeAttacher, error) {
config.SetDefaults()

if err := config.Validate(); err != nil {
Expand All @@ -346,7 +346,7 @@ func NewUprobeAttacher(name string, config AttacherConfig, mgr ProbeManager, onA
ua := &UprobeAttacher{
name: name,
config: config,
fileRegistry: utils.NewFileRegistry(name),
fileRegistry: utils.NewFileRegistry(moduleName, name),
manager: mgr,
onAttachCallback: onAttachCallback,
pathToAttachedProbes: make(map[string][]manager.ProbeIdentificationPair),
Expand All @@ -355,7 +355,7 @@ func NewUprobeAttacher(name string, config AttacherConfig, mgr ProbeManager, onA
processMonitor: processMonitor,
}

utils.AddAttacher(name, ua)
utils.AddAttacher(moduleName, name, ua)

return ua, nil
}
Expand Down
42 changes: 24 additions & 18 deletions pkg/ebpf/uprobes/attacher_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -38,8 +38,13 @@ import (

// === Tests

const (
testModuleName = "mock-module"
testAttacherName = "mock"
)

func TestCanCreateAttacher(t *testing.T) {
ua, err := NewUprobeAttacher("mock", AttacherConfig{}, &MockManager{}, nil, nil, newMockProcessMonitor())
ua, err := NewUprobeAttacher(testModuleName, testAttacherName, AttacherConfig{}, &MockManager{}, nil, nil, newMockProcessMonitor())
require.NoError(t, err)
require.NotNil(t, ua)
}
Expand All @@ -51,7 +56,7 @@ func TestAttachPidExcludesInternal(t *testing.T) {
ExcludeTargets: ExcludeInternal,
ProcRoot: procRoot,
}
ua, err := NewUprobeAttacher("mock", config, &MockManager{}, nil, nil, newMockProcessMonitor())
ua, err := NewUprobeAttacher(testModuleName, testAttacherName, config, &MockManager{}, nil, nil, newMockProcessMonitor())
require.NoError(t, err)
require.NotNil(t, ua)

Expand All @@ -63,7 +68,7 @@ func TestAttachPidExcludesSelf(t *testing.T) {
config := AttacherConfig{
ExcludeTargets: ExcludeSelf,
}
ua, err := NewUprobeAttacher("mock", config, &MockManager{}, nil, nil, newMockProcessMonitor())
ua, err := NewUprobeAttacher(testModuleName, testAttacherName, config, &MockManager{}, nil, nil, newMockProcessMonitor())
require.NoError(t, err)
require.NotNil(t, ua)

Expand All @@ -77,7 +82,7 @@ func TestGetExecutablePath(t *testing.T) {
config := AttacherConfig{
ProcRoot: procRoot,
}
ua, err := NewUprobeAttacher("mock", config, &MockManager{}, nil, nil, newMockProcessMonitor())
ua, err := NewUprobeAttacher(testModuleName, testAttacherName, config, &MockManager{}, nil, nil, newMockProcessMonitor())
require.NoError(t, err)
require.NotNil(t, ua)

Expand Down Expand Up @@ -120,7 +125,7 @@ func TestGetLibrariesFromMapsFile(t *testing.T) {
config := AttacherConfig{
ProcRoot: procRoot,
}
ua, err := NewUprobeAttacher("mock", config, &MockManager{}, nil, nil, newMockProcessMonitor())
ua, err := NewUprobeAttacher(testModuleName, testAttacherName, config, &MockManager{}, nil, nil, newMockProcessMonitor())
require.NoError(t, err)
require.NotNil(t, ua)

Expand All @@ -132,7 +137,7 @@ func TestGetLibrariesFromMapsFile(t *testing.T) {
}

func TestComputeRequestedSymbols(t *testing.T) {
ua, err := NewUprobeAttacher("mock", AttacherConfig{}, &MockManager{}, nil, nil, newMockProcessMonitor())
ua, err := NewUprobeAttacher(testModuleName, testAttacherName, AttacherConfig{}, &MockManager{}, nil, nil, newMockProcessMonitor())
require.NoError(t, err)
require.NotNil(t, ua)

Expand Down Expand Up @@ -204,7 +209,7 @@ func TestComputeRequestedSymbols(t *testing.T) {
}

func TestStartAndStopWithoutLibraryWatcher(t *testing.T) {
ua, err := NewUprobeAttacher("mock", AttacherConfig{}, &MockManager{}, nil, nil, newMockProcessMonitor())
ua, err := NewUprobeAttacher(testModuleName, testAttacherName, AttacherConfig{}, &MockManager{}, nil, nil, newMockProcessMonitor())
require.NoError(t, err)
require.NotNil(t, ua)

Expand All @@ -223,7 +228,7 @@ func TestStartAndStopWithLibraryWatcher(t *testing.T) {
}

rules := []*AttachRule{{LibraryNameRegex: regexp.MustCompile(`libssl.so`), Targets: AttachToSharedLibraries}}
ua, err := NewUprobeAttacher("mock", AttacherConfig{Rules: rules, EbpfConfig: ebpfCfg}, &MockManager{}, nil, nil, newMockProcessMonitor())
ua, err := NewUprobeAttacher(testModuleName, testAttacherName, AttacherConfig{Rules: rules, EbpfConfig: ebpfCfg}, &MockManager{}, nil, nil, newMockProcessMonitor())
require.NoError(t, err)
require.NotNil(t, ua)
require.True(t, ua.handlesLibraries())
Expand Down Expand Up @@ -283,7 +288,7 @@ func TestMonitor(t *testing.T) {
}},
EbpfConfig: ebpfCfg,
}
ua, err := NewUprobeAttacher("mock", config, &MockManager{}, nil, nil, procMon)
ua, err := NewUprobeAttacher(testModuleName, testAttacherName, config, &MockManager{}, nil, nil, procMon)
require.NoError(t, err)
require.NotNil(t, ua)

Expand All @@ -305,8 +310,9 @@ func TestMonitor(t *testing.T) {
return methodHasBeenCalledAtLeastTimes(mockRegistry, "Register", 2)
}, 1500*time.Millisecond, 10*time.Millisecond, "received calls %v", mockRegistry.Calls)

mockRegistry.AssertCalled(t, "Register", lib, uint32(cmd.Process.Pid), mock.Anything, mock.Anything, mock.Anything)
mockRegistry.AssertCalled(t, "Register", cmd.Path, uint32(cmd.Process.Pid), mock.Anything, mock.Anything, mock.Anything)
mockRegistry.AssertCalled(t, "Register", lib, uint32(cmd.Process.Pid), mock.Anything, mock.Anything, mock.Anything)

}

func TestSync(t *testing.T) {
Expand All @@ -333,7 +339,7 @@ func TestSync(t *testing.T) {
EnablePeriodicScanNewProcesses: true,
}

ua, err := NewUprobeAttacher("mock", config, &MockManager{}, nil, nil, newMockProcessMonitor())
ua, err := NewUprobeAttacher(testModuleName, testAttacherName, config, &MockManager{}, nil, nil, newMockProcessMonitor())
require.NoError(tt, err)
require.NotNil(tt, ua)

Expand Down Expand Up @@ -365,7 +371,7 @@ func TestSync(t *testing.T) {
EnablePeriodicScanNewProcesses: true,
}

ua, err := NewUprobeAttacher("mock", config, &MockManager{}, nil, nil, newMockProcessMonitor())
ua, err := NewUprobeAttacher(testModuleName, testAttacherName, config, &MockManager{}, nil, nil, newMockProcessMonitor())
require.NoError(tt, err)
require.NotNil(tt, ua)

Expand Down Expand Up @@ -441,7 +447,7 @@ func TestAttachToBinaryAndDetach(t *testing.T) {

mockMan := &MockManager{}
inspector := &MockBinaryInspector{}
ua, err := NewUprobeAttacher("mock", config, mockMan, nil, inspector, newMockProcessMonitor())
ua, err := NewUprobeAttacher(testModuleName, testAttacherName, config, mockMan, nil, inspector, newMockProcessMonitor())
require.NoError(t, err)
require.NotNil(t, ua)

Expand Down Expand Up @@ -502,7 +508,7 @@ func TestAttachToBinaryAtReturnLocation(t *testing.T) {

mockMan := &MockManager{}
inspector := &MockBinaryInspector{}
ua, err := NewUprobeAttacher("mock", config, mockMan, nil, inspector, newMockProcessMonitor())
ua, err := NewUprobeAttacher(testModuleName, testAttacherName, config, mockMan, nil, inspector, newMockProcessMonitor())
require.NoError(t, err)
require.NotNil(t, ua)

Expand Down Expand Up @@ -583,7 +589,7 @@ func TestAttachToLibrariesOfPid(t *testing.T) {
mockMan := &MockManager{}
inspector := &MockBinaryInspector{}
registry := &MockFileRegistry{}
ua, err := NewUprobeAttacher("mock", config, mockMan, nil, inspector, newMockProcessMonitor())
ua, err := NewUprobeAttacher(testModuleName, testAttacherName, config, mockMan, nil, inspector, newMockProcessMonitor())
require.NoError(t, err)
require.NotNil(t, ua)
ua.fileRegistry = registry
Expand Down Expand Up @@ -700,7 +706,7 @@ func TestUprobeAttacher(t *testing.T) {
attachedProbes = append(attachedProbes, attachedProbe{probe: probe, fpath: fpath})
}

ua, err := NewUprobeAttacher("test", attacherCfg, &mgr, callback, &NativeBinaryInspector{}, procMon)
ua, err := NewUprobeAttacher(testModuleName, testAttacherName, attacherCfg, &mgr, callback, &NativeBinaryInspector{}, procMon)
require.NoError(t, err)
require.NotNil(t, ua)

Expand Down Expand Up @@ -808,7 +814,7 @@ func (s *SharedLibrarySuite) TestSingleFile() {
PerformInitialScan: false,
}

ua, err := NewUprobeAttacher("test", attachCfg, &MockManager{}, nil, nil, s.procMonitor)
ua, err := NewUprobeAttacher(testModuleName, testAttacherName, attachCfg, &MockManager{}, nil, nil, s.procMonitor)
require.NoError(t, err)

mockRegistry := &MockFileRegistry{}
Expand Down Expand Up @@ -885,7 +891,7 @@ func (s *SharedLibrarySuite) TestDetectionWithPIDAndRootNamespace() {
EbpfConfig: ebpfCfg,
}

ua, err := NewUprobeAttacher("test", attachCfg, &MockManager{}, nil, nil, s.procMonitor)
ua, err := NewUprobeAttacher(testModuleName, testAttacherName, attachCfg, &MockManager{}, nil, nil, s.procMonitor)
require.NoError(t, err)

mockRegistry := &MockFileRegistry{}
Expand Down
3 changes: 2 additions & 1 deletion pkg/gpu/probe.go
Original file line number Diff line number Diff line change
Expand Up @@ -32,6 +32,7 @@ import (

const (
gpuAttacherName = "gpu"
gpuModuleName = gpuAttacherName

// consumerChannelSize controls the size of the go channel that buffers ringbuffer
// events (*ddebpf.RingBufferHandler).
Expand Down Expand Up @@ -142,7 +143,7 @@ func NewProbe(cfg *config.Config, deps ProbeDependencies) (*Probe, error) {
}
}

p.attacher, err = uprobes.NewUprobeAttacher(gpuAttacherName, attachCfg, p.m, nil, &uprobes.NativeBinaryInspector{}, deps.ProcessMonitor)
p.attacher, err = uprobes.NewUprobeAttacher(gpuModuleName, gpuAttacherName, attachCfg, p.m, nil, &uprobes.NativeBinaryInspector{}, deps.ProcessMonitor)
if err != nil {
return nil, fmt.Errorf("error creating uprobes attacher: %w", err)
}
Expand Down
14 changes: 7 additions & 7 deletions pkg/gpu/probe_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -74,7 +74,7 @@ func (s *probeTestSuite) TestCanReceiveEvents() {
probe := s.getProbe()
cmd := testutil.RunSample(t, testutil.CudaSample)

utils.WaitForProgramsToBeTraced(t, gpuAttacherName, cmd.Process.Pid, utils.ManualTracingFallbackDisabled)
utils.WaitForProgramsToBeTraced(t, gpuModuleName, gpuAttacherName, cmd.Process.Pid, utils.ManualTracingFallbackDisabled)

var handlerStream, handlerGlobal *StreamHandler
require.Eventually(t, func() bool {
Expand Down Expand Up @@ -117,12 +117,12 @@ func (s *probeTestSuite) TestCanGenerateStats() {

cmd := testutil.RunSample(t, testutil.CudaSample)

utils.WaitForProgramsToBeTraced(t, gpuAttacherName, cmd.Process.Pid, utils.ManualTracingFallbackDisabled)
utils.WaitForProgramsToBeTraced(t, gpuModuleName, gpuAttacherName, cmd.Process.Pid, utils.ManualTracingFallbackDisabled)

// Wait until the process finishes and we can get the stats. Run this instead of waiting for the process to finish
// so that we can time out correctly
require.Eventually(t, func() bool {
return !utils.IsProgramTraced(gpuAttacherName, cmd.Process.Pid)
return !utils.IsProgramTraced(gpuModuleName, gpuAttacherName, cmd.Process.Pid)
}, 20*time.Second, 500*time.Millisecond, "process not stopped")

stats, err := probe.GetAndFlush()
Expand Down Expand Up @@ -153,12 +153,12 @@ func (s *probeTestSuite) TestMultiGPUSupport() {
selectedGPU := testutil.GPUUUIDs[2]

cmd := testutil.RunSampleWithArgs(t, testutil.CudaSample, sampleArgs)
utils.WaitForProgramsToBeTraced(t, gpuAttacherName, cmd.Process.Pid, utils.ManualTracingFallbackEnabled)
utils.WaitForProgramsToBeTraced(t, gpuModuleName, gpuAttacherName, cmd.Process.Pid, utils.ManualTracingFallbackEnabled)

// Wait until the process finishes and we can get the stats. Run this instead of waiting for the process to finish
// so that we can time out correctly
require.Eventually(t, func() bool {
return !utils.IsProgramTraced(gpuAttacherName, cmd.Process.Pid)
return !utils.IsProgramTraced(gpuModuleName, gpuAttacherName, cmd.Process.Pid)
}, 60*time.Second, 500*time.Millisecond, "process not stopped")

stats, err := probe.GetAndFlush()
Expand All @@ -184,12 +184,12 @@ func (s *probeTestSuite) TestDetectsContainer() {
args.EndWaitTimeSec = 1
pid, cid := testutil.RunSampleInDockerWithArgs(t, testutil.CudaSample, testutil.MinimalDockerImage, args)

utils.WaitForProgramsToBeTraced(t, gpuAttacherName, pid, utils.ManualTracingFallbackDisabled)
utils.WaitForProgramsToBeTraced(t, gpuModuleName, gpuAttacherName, pid, utils.ManualTracingFallbackDisabled)

// Wait until the process finishes and we can get the stats. Run this instead of waiting for the process to finish
// so that we can time out correctly
require.Eventually(t, func() bool {
return !utils.IsProgramTraced(gpuAttacherName, pid)
return !utils.IsProgramTraced(gpuModuleName, gpuAttacherName, pid)
}, 20*time.Second, 500*time.Millisecond, "process not stopped")

// Check that the stream handlers have the correct container ID assigned
Expand Down
12 changes: 12 additions & 0 deletions pkg/network/usm/consts/consts.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
// Unless explicitly stated otherwise all files in this repository are licensed
// under the Apache License Version 2.0.
// This product includes software developed at Datadog (https://www.datadoghq.com/).
// Copyright 2024-present Datadog, Inc.

// Package consts contains constants used by the USM package.
package consts

const (
// USMModuleName is the name of the USM module, that is being used for registering attachers.
USMModuleName = "usm"
)
3 changes: 2 additions & 1 deletion pkg/network/usm/ebpf_gotls.go
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,7 @@ import (
libtelemetry "github.com/DataDog/datadog-agent/pkg/network/protocols/telemetry"
"github.com/DataDog/datadog-agent/pkg/network/usm/buildmode"
usmconfig "github.com/DataDog/datadog-agent/pkg/network/usm/config"
"github.com/DataDog/datadog-agent/pkg/network/usm/consts"
"github.com/DataDog/datadog-agent/pkg/network/usm/utils"
"github.com/DataDog/datadog-agent/pkg/process/monitor"
)
Expand Down Expand Up @@ -148,7 +149,7 @@ func newGoTLSProgramProtocolFactory(m *manager.Manager) protocols.ProtocolFactor
}

procMon := monitor.GetProcessMonitor()
attacher, err := uprobes.NewUprobeAttacher(GoTLSAttacherName, attacherCfg, m, nil, inspector, procMon)
attacher, err := uprobes.NewUprobeAttacher(consts.USMModuleName, GoTLSAttacherName, attacherCfg, m, nil, inspector, procMon)
if err != nil {
return nil, fmt.Errorf("cannot create uprobe attacher: %w", err)
}
Expand Down
5 changes: 3 additions & 2 deletions pkg/network/usm/ebpf_ssl_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,7 @@ import (
"github.com/DataDog/datadog-agent/pkg/network/config"
"github.com/DataDog/datadog-agent/pkg/network/protocols/http/testutil"
usmconfig "github.com/DataDog/datadog-agent/pkg/network/usm/config"
"github.com/DataDog/datadog-agent/pkg/network/usm/consts"
fileopener "github.com/DataDog/datadog-agent/pkg/network/usm/sharedlibraries/testutil"
"github.com/DataDog/datadog-agent/pkg/network/usm/utils"
)
Expand All @@ -45,9 +46,9 @@ func testArch(t *testing.T, arch string) {
require.NoError(t, err)

if arch == runtime.GOARCH {
utils.WaitForProgramsToBeTraced(t, "shared_libraries", cmd.Process.Pid, utils.ManualTracingFallbackDisabled)
utils.WaitForProgramsToBeTraced(t, consts.USMModuleName, "shared_libraries", cmd.Process.Pid, utils.ManualTracingFallbackDisabled)
} else {
utils.WaitForPathToBeBlocked(t, "shared_libraries", lib)
utils.WaitForPathToBeBlocked(t, consts.USMModuleName, "shared_libraries", lib)
}
}

Expand Down
Loading

0 comments on commit 167c4ae

Please sign in to comment.