Fix a bug where host networking traffic could be misclassified as con…

…trol plane traffic on Minikube
otterize · Dec 22, 2024 · b60bf31 · b60bf31
1 parent 43dbc5b
commit b60bf31
Show file tree

Hide file tree

Showing 2 changed files with 16 additions and 6 deletions.
diff --git a/src/mapper/pkg/resolvers/helpers.go b/src/mapper/pkg/resolvers/helpers.go
@@ -22,6 +22,15 @@ func (r *Resolver) discoverInternalSrcIdentity(ctx context.Context, src *model.R
 			Host:        lo.ToPtr(src.SrcIP),
 			PodHostname: lo.ToPtr(src.SrcHostname),
 		}
+		pods, err := r.kubeFinder.ResolveServiceToPods(ctx, svc)
+		if err != nil && !errors.Is(err, kubefinder.ErrNoPodFound) {
+			return model.OtterizeServiceIdentity{}, errors.Errorf("could not resolve service %s to pods: %w", svc.Name, err)
+		}
+		// ignore services backed by host networking pods because it might as well be unrelated traffic (not from the control plane)
+		if len(pods) > 0 && lo.SomeBy(pods, func(pod corev1.Pod) bool { return pod.Spec.HostNetwork }) {
+			logrus.Debugf("control plane service is backed by a host networking pod, ignoring")
+			return model.OtterizeServiceIdentity{}, nil
+		}
 		return model.OtterizeServiceIdentity{Name: svc.Name, Namespace: svc.Namespace, KubernetesService: &svc.Name, ResolutionData: &resolutionData}, nil
 	}
 

diff --git a/src/mapper/pkg/resolvers/schema.helpers.resolvers.go b/src/mapper/pkg/resolvers/schema.helpers.resolvers.go
@@ -106,12 +106,13 @@ func (r *Resolver) resolveDestIdentity(ctx context.Context, dest model.Destinati
 		Namespace: destPod.Namespace,
 		Labels:    kubefinder.PodLabelsToOtterizeLabels(destPod),
 		ResolutionData: &model.IdentityResolutionData{
-			Host:      lo.ToPtr(dest.Destination),
-			Port:      dest.DestinationPort,
-			IsService: lo.ToPtr(false),
-			ExtraInfo: lo.ToPtr("resolveDestIdentity"),
-			LastSeen:  lo.ToPtr(dest.LastSeen.String()),
-			Uptime:    lo.ToPtr(time.Since(destPod.CreationTimestamp.Time).String()),
+			Host:        lo.ToPtr(dest.Destination),
+			PodHostname: lo.ToPtr(destPod.Name),
+			Port:        dest.DestinationPort,
+			IsService:   lo.ToPtr(false),
+			ExtraInfo:   lo.ToPtr("resolveDestIdentity"),
+			LastSeen:    lo.ToPtr(dest.LastSeen.String()),
+			Uptime:      lo.ToPtr(time.Since(destPod.CreationTimestamp.Time).String()),
 		},
 	}
 	if dstService.OwnerObject != nil {