Skip to content

Commit

Permalink
address review comments
Browse files Browse the repository at this point in the history
Signed-off-by: Mohamed Mahmoud <mmahmoud@redhat.com>
  • Loading branch information
msherif1234 committed Jun 14, 2024
1 parent 5d07500 commit 23f279f
Show file tree
Hide file tree
Showing 12 changed files with 425 additions and 109 deletions.
39 changes: 28 additions & 11 deletions apis/v1alpha1/bpfapplication_types.go
Original file line number Diff line number Diff line change
Expand Up @@ -24,44 +24,54 @@ import (
type EBPFProgType string

const (
// ProgTypeXDP refers to the eBPF XDP programs type.
// ProgTypeXDP refers to the XDP program type.
ProgTypeXDP EBPFProgType = "XDP"

// ProgTypeTC refers to the eBPF TC programs type.
// ProgTypeTC refers to the TC program type.
ProgTypeTC EBPFProgType = "TC"

// ProgTypeTCX refers to the eBPF TCx programs type.
// ProgTypeTCX refers to the TCx program type.
ProgTypeTCX EBPFProgType = "TCX"

// ProgTypeFentry refers to the eBPF Fentry programs type.
// ProgTypeFentry refers to the Fentry program type.
ProgTypeFentry EBPFProgType = "Fentry"

// ProgTypeFexit refers to the eBPF Fexit programs type.
// ProgTypeFexit refers to the Fexit program type.
ProgTypeFexit EBPFProgType = "Fexit"

// ProgTypeKprobe refers to the eBPF Kprobe programs type.
// ProgTypeKprobe refers to the Kprobe program type.
ProgTypeKprobe EBPFProgType = "Kprobe"

// ProgTypeKretprobe refers to the eBPF Kprobe programs type.
// ProgTypeKretprobe refers to the Kprobe program type.
ProgTypeKretprobe EBPFProgType = "Kretprobe"

// ProgTypeUprobe refers to the eBPF Uprobe programs type.
// ProgTypeUprobe refers to the Uprobe program type.
ProgTypeUprobe EBPFProgType = "Uprobe"

// ProgTypeUretprobe refers to the eBPF Uretprobe programs type.
// ProgTypeUretprobe refers to the Uretprobe program type.
ProgTypeUretprobe EBPFProgType = "Uretprobe"

// ProgTypeTracepoint refers to the eBPF Tracepoint programs type.
// ProgTypeTracepoint refers to the Tracepoint program type.
ProgTypeTracepoint EBPFProgType = "Tracepoint"
)

// BpfApplicationProgram defines the desired state of BpfApplication
// +union
// +kubebuilder:validation:XValidation:rule="has(self.type) && self.type == 'XDP' ? has(self.xdp) : !has(self.xdp)",message="xdp configuration is required when type is XDP, and forbidden otherwise"
// +kubebuilder:validation:XValidation:rule="has(self.type) && self.type == 'TC' ? has(self.tc) : !has(self.tc)",message="tc configuration is required when type is TC, and forbidden otherwise"
// +kubebuilder:validation:XValidation:rule="has(self.type) && self.type == 'TCX' ? has(self.tcx) : !has(self.tcx)",message="tcx configuration is required when type is TCX, and forbidden otherwise"
// +kubebuilder:validation:XValidation:rule="has(self.type) && self.type == 'Fentry' ? has(self.fentry) : !has(self.fentry)",message="fentry configuration is required when type is Fentry, and forbidden otherwise"
// +kubebuilder:validation:XValidation:rule="has(self.type) && self.type == 'Fexit' ? has(self.fexit) : !has(self.fexit)",message="fexit configuration is required when type is Fexit, and forbidden otherwise"
// +kubebuilder:validation:XValidation:rule="has(self.type) && self.type == 'Kprobe' ? has(self.kprobe) : !has(self.kprobe)",message="kprobe configuration is required when type is Kprobe, and forbidden otherwise"
// +kubebuilder:validation:XValidation:rule="has(self.type) && self.type == 'Kretprobe' ? has(self.kretprobe) : !has(self.kretprobe)",message="kretprobe configuration is required when type is Kretprobe, and forbidden otherwise"
// +kubebuilder:validation:XValidation:rule="has(self.type) && self.type == 'Uprobe' ? has(self.uprobe) : !has(self.uprobe)",message="uprobe configuration is required when type is Uprobe, and forbidden otherwise"
// +kubebuilder:validation:XValidation:rule="has(self.type) && self.type == 'Uretprobe' ? has(self.uretprobe) : !has(self.uretprobe)",message="uretprobe configuration is required when type is Uretprobe, and forbidden otherwise"
// +kubebuilder:validation:XValidation:rule="has(self.type) && self.type == 'Tracepoint' ? has(self.tracepoint) : !has(self.tracepoint)",message="tracepoint configuration is required when type is Tracepoint, and forbidden otherwise"
type BpfApplicationProgram struct {
// Type specifies the bpf program type
// +unionDiscriminator
// +kubebuilder:validation:Required
// +kubebuilder:validation:Enum:="XDP";"TC";"TCX";"Fentry";"Fexit";"Kprobe";"Kretprobe";"Uprobe";"Uretprobe";"Tracepoint"
// +optional
Type EBPFProgType `json:"type,omitempty"`

// xdp defines the desired state of the application's XdpPrograms.
Expand All @@ -74,6 +84,11 @@ type BpfApplicationProgram struct {
// +optional
TC *TcProgramInfo `json:"tc,omitempty"`

// tcx defines the desired state of the application's TcPrograms.
// +unionMember
// +optional
TCX *TcProgramInfo `json:"tcx,omitempty"`

// fentry defines the desired state of the application's FentryPrograms.
// +unionMember
// +optional
Expand Down Expand Up @@ -133,7 +148,9 @@ type BpfApplicationStatus struct {
//+kubebuilder:resource:scope=Cluster

// BpfApplication is the Schema for the bpfapplications API
// +kubebuilder:printcolumn:name="NodeSelector",type=string,JSONPath=`.spec.nodeselector`
// +kubebuilder:printcolumn:name="Status",type=string,JSONPath=`.status.conditions[0].reason`
// +kubebuilder:printcolumn:name="Age",type="date",JSONPath=".metadata.creationTimestamp"
type BpfApplication struct {
metav1.TypeMeta `json:",inline"`
metav1.ObjectMeta `json:"metadata,omitempty"`
Expand Down
5 changes: 5 additions & 0 deletions apis/v1alpha1/zz_generated.deepcopy.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

16 changes: 10 additions & 6 deletions bundle/manifests/bpfman-operator.clusterserviceversion.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -56,14 +56,18 @@ metadata:
"bpffunctionname": "uprobe_counter",
"containers": {
"containernames": [
"go-target"
"bpfman",
"bpfman-agent"
],
"namespace": "go-target",
"pods": {}
"namespace": "bpfman",
"pods": {
"matchLabels": null,
"name": "bpfman-daemon"
}
},
"func_name": "main.getCount",
"func_name": "malloc",
"retprobe": false,
"target": "/go-target"
"target": "libc"
}
},
{
Expand Down Expand Up @@ -290,7 +294,7 @@ metadata:
]
capabilities: Basic Install
containerImage: quay.io/bpfman/bpfman-operator:v0.0.0
createdAt: "2024-06-12T13:33:30Z"
createdAt: "2024-06-14T22:46:49Z"
operators.operatorframework.io/builder: operator-sdk-v1.27.0
operators.operatorframework.io/project_layout: go.kubebuilder.io/v3
repository: https://github.com/bpfman/bpfman
Expand Down
170 changes: 170 additions & 0 deletions bundle/manifests/bpfman.io_bpfapplications.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -15,9 +15,15 @@ spec:
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .spec.nodeselector
name: NodeSelector
type: string
- jsonPath: .status.conditions[0].reason
name: Status
type: string
- jsonPath: .metadata.creationTimestamp
name: Age
type: date
name: v1alpha1
schema:
openAPIV3Schema:
Expand Down Expand Up @@ -567,6 +573,129 @@ spec:
- interfaceselector
- priority
type: object
tcx:
description: tcx defines the desired state of the application's
TcPrograms.
properties:
bpffunctionname:
description: |-
BpfFunctionName is the name of the function that is the entry point for the BPF
program
type: string
direction:
description: |-
Direction specifies the direction of traffic the tc program should
attach to for a given network device.
enum:
- ingress
- egress
type: string
interfaceselector:
description: Selector to determine the network interface
(or interfaces)
maxProperties: 1
minProperties: 1
properties:
interfaces:
description: |-
Interfaces refers to a list of network interfaces to attach the BPF
program to.
items:
type: string
type: array
primarynodeinterface:
description: Attach BPF program to the primary interface
on the node. Only 'true' accepted.
type: boolean
type: object
mapownerselector:
description: |-
MapOwnerSelector is used to select the loaded eBPF program this eBPF program
will share a map with. The value is a label applied to the BpfProgram to select.
The selector must resolve to exactly one instance of a BpfProgram on a given node
or the eBPF program will not load.
properties:
matchExpressions:
description: matchExpressions is a list of label selector
requirements. The requirements are ANDed.
items:
description: |-
A label selector requirement is a selector that contains values, a key, and an operator that
relates the key and values.
properties:
key:
description: key is the label key that the selector
applies to.
type: string
operator:
description: |-
operator represents a key's relationship to a set of values.
Valid operators are In, NotIn, Exists and DoesNotExist.
type: string
values:
description: |-
values is an array of string values. If the operator is In or NotIn,
the values array must be non-empty. If the operator is Exists or DoesNotExist,
the values array must be empty. This array is replaced during a strategic
merge patch.
items:
type: string
type: array
x-kubernetes-list-type: atomic
required:
- key
- operator
type: object
type: array
x-kubernetes-list-type: atomic
matchLabels:
additionalProperties:
type: string
description: |-
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
map is equivalent to an element of matchExpressions, whose key field is "key", the
operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object
type: object
x-kubernetes-map-type: atomic
priority:
description: |-
Priority specifies the priority of the tc program in relation to
other programs of the same type with the same attach point. It is a value
from 0 to 1000 where lower values have higher precedence.
format: int32
maximum: 1000
minimum: 0
type: integer
proceedon:
default:
- pipe
- dispatcher_return
description: |-
ProceedOn allows the user to call other tc programs in chain on this exit code.
Multiple values are supported by repeating the parameter.
items:
enum:
- unspec
- ok
- reclassify
- shot
- pipe
- stolen
- queued
- repeat
- redirect
- trap
- dispatcher_return
type: string
maxItems: 11
type: array
required:
- bpffunctionname
- direction
- interfaceselector
- priority
type: object
tracepoint:
description: tracepoint defines the desired state of the application's
TracepointPrograms.
Expand Down Expand Up @@ -1074,6 +1203,47 @@ spec:
- priority
type: object
type: object
x-kubernetes-validations:
- message: xdp configuration is required when type is XDP, and forbidden
otherwise
rule: 'has(self.type) && self.type == ''XDP'' ? has(self.xdp)
: !has(self.xdp)'
- message: tc configuration is required when type is TC, and forbidden
otherwise
rule: 'has(self.type) && self.type == ''TC'' ? has(self.tc) :
!has(self.tc)'
- message: tcx configuration is required when type is TCX, and forbidden
otherwise
rule: 'has(self.type) && self.type == ''TCX'' ? has(self.tcx)
: !has(self.tcx)'
- message: fentry configuration is required when type is Fentry,
and forbidden otherwise
rule: 'has(self.type) && self.type == ''Fentry'' ? has(self.fentry)
: !has(self.fentry)'
- message: fexit configuration is required when type is Fexit, and
forbidden otherwise
rule: 'has(self.type) && self.type == ''Fexit'' ? has(self.fexit)
: !has(self.fexit)'
- message: kprobe configuration is required when type is Kprobe,
and forbidden otherwise
rule: 'has(self.type) && self.type == ''Kprobe'' ? has(self.kprobe)
: !has(self.kprobe)'
- message: kretprobe configuration is required when type is Kretprobe,
and forbidden otherwise
rule: 'has(self.type) && self.type == ''Kretprobe'' ? has(self.kretprobe)
: !has(self.kretprobe)'
- message: uprobe configuration is required when type is Uprobe,
and forbidden otherwise
rule: 'has(self.type) && self.type == ''Uprobe'' ? has(self.uprobe)
: !has(self.uprobe)'
- message: uretprobe configuration is required when type is Uretprobe,
and forbidden otherwise
rule: 'has(self.type) && self.type == ''Uretprobe'' ? has(self.uretprobe)
: !has(self.uretprobe)'
- message: tracepoint configuration is required when type is Tracepoint,
and forbidden otherwise
rule: 'has(self.type) && self.type == ''Tracepoint'' ? has(self.tracepoint)
: !has(self.tracepoint)'
minItems: 1
type: array
required:
Expand Down
2 changes: 1 addition & 1 deletion config/bpfman-operator-deployment/kustomization.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -5,4 +5,4 @@ kind: Kustomization
images:
- name: quay.io/bpfman/bpfman-operator
newName: quay.io/bpfman/bpfman-operator
newTag: latest-amd64
newTag: latest
Loading

0 comments on commit 23f279f

Please sign in to comment.