support add kubernetes pod context into the packet comments (#59)

* add new flag: `-n` * support add kubernetes pod context into the packet comments * fix ci * cleanup
mozillazg · Jun 11, 2024 · 1f808db · 1f808db
1 parent 913dfa1
commit 1f808db
Show file tree

Hide file tree

Showing 26 changed files with 670 additions and 129 deletions.
diff --git a/.circleci/config.yml b/.circleci/config.yml
@@ -18,17 +18,6 @@ jobs:
 
     steps:
       - checkout
-
-      - run:
-          name: setup containerd
-          command: |
-            wget https://github.com/containerd/nerdctl/releases/download/v1.7.6/nerdctl-1.7.6-linux-arm64.tar.gz
-            sudo tar Cxzvvf /usr/local/bin nerdctl-1.7.6-linux-arm64.tar.gz
-
-            wget https://github.com/containernetworking/plugins/releases/download/v1.5.0/cni-plugins-linux-arm64-v1.5.0.tgz
-            sudo mkdir -p /opt/cni/bin
-            sudo tar Cxzvvf /opt/cni/bin cni-plugins-linux-arm64-v1.5.0.tgz
-
       - restore_cache:
           keys:
             - go-mod-v4-{{ checksum "go.sum" }}
@@ -104,16 +93,131 @@ jobs:
           command: |
             sudo bash testdata/test_nat.sh ./ptcpdump
 
+  docker-e2e:
+    machine:
+      image: ubuntu-2204:2024.04.4
+    steps:
+      - checkout
+      - restore_cache:
+          keys:
+            - go-mod-v4-{{ checksum "go.sum" }}
+      - run:
+          name: Install Dependencies
+          command: go mod download
+      - save_cache:
+          key: go-mod-v4-{{ checksum "go.sum" }}
+          paths:
+            - "/go/pkg/mod"
+      - run:
+          name: install deps
+          command: |
+            sudo apt-get update && sudo apt-get install -y gcc flex bison make libelf-dev
+            make libpcap
+      - run:
+          name: build
+          command: |
+            make build
+
+            echo '========== info =========='
+            uname -a
+            cat /etc/issue
+            file ./ptcpdump
       - run:
-          name: e2e (test docker)
+          name: test docker
           command: |
             sudo bash testdata/test_docker.sh ./ptcpdump
 
+  containerd-e2e:
+    machine:
+      image: ubuntu-2204:2024.04.4
+    steps:
+      - checkout
       - run:
-          name: e2e (test containerd)
+          name: setup containerd
+          command: |
+            wget https://github.com/containerd/nerdctl/releases/download/v1.7.6/nerdctl-1.7.6-linux-amd64.tar.gz
+            sudo tar Cxzvvf /usr/local/bin nerdctl-1.7.6-linux-amd64.tar.gz
+
+            wget https://github.com/containernetworking/plugins/releases/download/v1.5.0/cni-plugins-linux-amd64-v1.5.0.tgz
+            sudo mkdir -p /opt/cni/bin
+            sudo tar Cxzvvf /opt/cni/bin cni-plugins-linux-amd64-v1.5.0.tgz
+      - restore_cache:
+          keys:
+            - go-mod-v4-{{ checksum "go.sum" }}
+      - run:
+          name: Install Dependencies
+          command: go mod download
+      - save_cache:
+          key: go-mod-v4-{{ checksum "go.sum" }}
+          paths:
+            - "/go/pkg/mod"
+      - run:
+          name: install deps
+          command: |
+            sudo apt-get update && sudo apt-get install -y gcc flex bison make libelf-dev
+            make libpcap
+      - run:
+          name: build
+          command: |
+            make build
+
+            echo '========== info =========='
+            uname -a
+            cat /etc/issue
+            file ./ptcpdump
+      - run:
+          name: test containerd
           command: |
             sudo bash testdata/test_containerd.sh ./ptcpdump
 
+  k8s-e2e:
+    machine:
+      image: ubuntu-2204:2024.04.4
+    steps:
+      - checkout
+      - run:
+          name: setup kind
+          command: |
+            wget https://github.com/kubernetes-sigs/kind/releases/download/v0.23.0/kind-linux-amd64
+            chmod +x kind-linux-amd64
+            sudo cp ./kind-linux-amd64 /usr/local/bin/kind
+
+            IMG=kindest/node:v1.30.0@sha256:047357ac0cfea04663786a612ba1eaba9702bef25227a794b52890dd8bcd692e
+            sudo docker pull "${IMG}"
+            sudo docker pull alpine:3.18
+
+            sudo kind create cluster
+            sudo kind load docker-image alpine:3.18
+            sudo kind export kubeconfig
+
+      - restore_cache:
+          keys:
+            - go-mod-v4-{{ checksum "go.sum" }}
+      - run:
+          name: Install Dependencies
+          command: go mod download
+      - save_cache:
+          key: go-mod-v4-{{ checksum "go.sum" }}
+          paths:
+            - "/go/pkg/mod"
+      - run:
+          name: install deps
+          command: |
+            sudo apt-get update && sudo apt-get install -y gcc flex bison make libelf-dev
+            make libpcap
+      - run:
+          name: build
+          command: |
+            make build
+
+            echo '========== info =========='
+            uname -a
+            cat /etc/issue
+            file ./ptcpdump
+      - run:
+          name: test k8s
+          command: |
+            sudo bash testdata/run_test_k8s.sh
 
 workflows:
   e2e:
@@ -124,3 +228,6 @@ workflows:
               os:
                 - ubuntu-20-04
                 - ubuntu-22-04
+      - docker-e2e
+      - containerd-e2e
+      - k8s-e2e
diff --git a/.github/workflows/release-test.yml b/.github/workflows/release-test.yml
@@ -20,7 +20,7 @@ jobs:
       - name: Set up Go
         uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5
         with:
-          go-version: 1.21
+          go-version: '1.22.4'
 
       - name: Run GoReleaser
         uses: goreleaser/goreleaser-action@5742e2a039330cbb23ebf35f046f814d4c6ff811 # v5

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -20,7 +20,7 @@ jobs:
       - name: Set up Go
         uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5
         with:
-          go-version: '1.21.0'
+          go-version: '1.22.4'
         env:
           GOPATH: ${{ env.HOME }}
 

diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
@@ -20,7 +20,7 @@ jobs:
     - name: Set up Go
       uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5
       with:
-        go-version: '1.21'
+        go-version: '1.22.4'
 
     - name: Set up deps
       run: |

diff --git a/README.md b/README.md
@@ -31,13 +31,13 @@ Table of Contents
 * Process-aware
   * Aware of the process information associated with the packets.
   * Supports filtering packets by process ID and process name.
+* Container-aware and Kubernetes-aware
+  * Aware of the container and pod information associated with the packets.
+  * Supports multiple container runtimes: Docker Engine and containerd
 * Supports using pcap-filter(7) syntax for filtering packets.
 * Directly applies filters in the kernel space.
 * Supports saving captured packets in the PcapNG format for offline analysis with third-party tools such as Wireshark.
 * Supports reading packets from pcapng file.
-* Container-aware
-  * Aware of the container information associated with the packets.
-  * Supports multiple container runtimes: Docker Engine and containerd
 
 
 ## Installation
@@ -73,14 +73,11 @@ ptcpdump -r demo.pcapng
 ### Example output
 
 ```
-12:10:14.384352 wlp4s0 Out IP (tos 0x0, ttl 63, id 14146, offset 0, flags [DF], ip_proto TCP (6), length 52)
-    192.168.1.50.44318 > 139.178.84.217.80: Flags [F.], cksum 0xa28c, seq 945708706, ack 3673127374, win 501, options [nop,nop,TS val 3474241628 ecr 766303359], length 0
-    Process (pid 751465, cmd /usr/bin/wget, args wget kernel.org)
-    Container (name demo, id 087cb587a02f039609061e0e78bf74f8d146fbcb42d1d5647a6776f315d121eb, image docker.io/alpine:3.18, labels {})
-12:10:14.622421 wlp4s0 In IP (tos 0x4, ttl 47, id 43987, offset 0, flags [DF], ip_proto TCP (6), length 52)
-    139.178.84.217.80 > 192.168.1.50.44318: Flags [.], cksum 0xa787, seq 3673127374, ack 945708707, win 114, options [nop,nop,TS val 766303761 ecr 3474241628], length 0
-    Process (pid 751465, cmd /usr/bin/wget, args wget kernel.org)
-    Container (name demo, id 087cb587a02f039609061e0e78bf74f8d146fbcb42d1d5647a6776f315d121eb, image docker.io/alpine:3.18, labels {})
+07:19:55.978310 eth0 Out IP (tos 0x0, ttl 63, id 5180, offset 0, flags [DF], ip_proto TCP (6), length 52)
+    172.19.0.2.40746 > 139.178.84.217.80: Flags [F.], cksum 0x8cc7, seq 2012972889, ack 714167144, win 501, options [nop,nop,TS val 2112687313 ecr 864085110], length 0
+    Process (pid 1571271, cmd /usr/bin/wget, args wget kernel.org)
+    Container (name test, id aa5d0ea5c27f75f5ac7844fea4ca811bbd01fbf64e88e8a4ccab142f632cbaff, image docker.io/library/alpine:3.18, labels {"io.cri-containerd.kind":"container","io.kubernetes.container.name":"test","io.kubernetes.pod.name":"test","io.kubernetes.pod.namespace":"default","io.kubernetes.pod.uid":"9e4bc54b-de48-4b1c-8b9e-54709f67ed0c"})
+    Pod (name test, namespace default, UID 9e4bc54b-de48-4b1c-8b9e-54709f67ed0c, labels {"run":"test"}, annotations {"kubernetes.io/config.seen":"2024-06-10T01:29:58.354119146Z","kubernetes.io/config.source":"api"})
 ```
 
 <p align="right"><a href="#top">🔝</a></p>

diff --git a/docs/wireshark.png b/docs/wireshark.png
diff --git a/go.mod b/go.mod
@@ -1,6 +1,6 @@
 module github.com/mozillazg/ptcpdump
 
-go 1.21.0
+go 1.22.0
 
 require (
 	github.com/cilium/ebpf v0.15.0
@@ -16,6 +16,30 @@ require (
 	github.com/x-way/pktdump v0.0.5
 	golang.org/x/sys v0.20.0
 	golang.org/x/xerrors v0.0.0-20231012003039-104605ab7028
+	k8s.io/cri-client v0.31.0-alpha.0.0.20240530211015-c9749ee02fc0
+	k8s.io/klog/v2 v2.120.1
+)
+
+require (
+	github.com/beorn7/perks v1.0.1 // indirect
+	github.com/blang/semver/v4 v4.0.0 // indirect
+	github.com/cenkalti/backoff/v4 v4.3.0 // indirect
+	github.com/cespare/xxhash/v2 v2.2.0 // indirect
+	github.com/grpc-ecosystem/grpc-gateway/v2 v2.19.1 // indirect
+	github.com/prometheus/client_golang v1.19.0 // indirect
+	github.com/prometheus/client_model v0.6.0 // indirect
+	github.com/prometheus/common v0.48.0 // indirect
+	github.com/prometheus/procfs v0.12.0 // indirect
+	go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.46.0 // indirect
+	go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.26.0 // indirect
+	go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.20.0 // indirect
+	go.opentelemetry.io/proto/otlp v1.2.0 // indirect
+	golang.org/x/oauth2 v0.20.0 // indirect
+	google.golang.org/genproto/googleapis/api v0.0.0-20240227224415-6ceb2ff114de // indirect
+	k8s.io/apimachinery v0.26.2 // indirect
+	k8s.io/client-go v0.26.2 // indirect
+	k8s.io/component-base v0.26.2 // indirect
+	k8s.io/utils v0.0.0-20230726121419-3b25d923346b // indirect
 )
 
 require (
@@ -75,17 +99,18 @@ require (
 	go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.26.0 // indirect
 	go.opentelemetry.io/otel/metric v1.26.0 // indirect
 	go.opentelemetry.io/otel/sdk v1.26.0 // indirect
-	go.opentelemetry.io/otel/trace v1.26.0 // indirect
+	go.opentelemetry.io/otel/trace v1.26.0
 	golang.org/x/exp v0.0.0-20230224173230-c95f2b4c22f2 // indirect
-	golang.org/x/net v0.23.0 // indirect
-	golang.org/x/sync v0.6.0 // indirect
-	golang.org/x/text v0.14.0 // indirect
+	golang.org/x/net v0.25.0 // indirect
+	golang.org/x/sync v0.7.0 // indirect
+	golang.org/x/text v0.15.0 // indirect
 	golang.org/x/time v0.5.0 // indirect
 	google.golang.org/genproto v0.0.0-20240227224415-6ceb2ff114de // indirect
 	google.golang.org/genproto/googleapis/rpc v0.0.0-20240401170217-c3f982113cda // indirect
 	google.golang.org/grpc v1.63.2 // indirect
 	google.golang.org/protobuf v1.33.0 // indirect
 	gotest.tools/v3 v3.5.1 // indirect
+	k8s.io/cri-api v0.31.0-alpha.0.0.20240528091733-69e407966029
 )
 
 replace (