[BPF] Add support for tracking conntrack metrics in Userspace mode #9741
Conversation
marvin-tigera
added
release-note-required
|
Oops, the commit 'Adding flow log support #9737 ' made similar changes before me. But, I'm just wondering why we use different metrics for BPFConntrackModeUserspace and BPFConntrackModeBPFProgram. Since they both actually do the same task, wouldn't it be better to use the same metric for both as I did? This way would likely be more user-friendly IHMO. wdyt? |
|
well, the reason is that the flow log supports pulls in something that precede the bpf cleaner and it stats and should have been merge long time ago. Afaict we can unify those two and ditch the ones that flow logs PR brought over. Feel free to resolve the conflicts in the favor of your PR. The userspace cleaner will be deprecated sooner or later anyway since the bpf one is superior and the default. |
Ah, got it. Let's unify those two to make that more user-friendly ;)
Yeah, I totally agree that the bpf one is superior and should be the default. However, AFAIK, many versions of Linux distributions currently used in data centers do not enable BTF, while CO-RE eBPF programs depend on it. Perhaps, it would be wise to give the Userspace cleaner some time to keep maintaining it util the majority of Linux distributions adopt the CONFIG_DEBUG_INFO_BTF kernel configuration by default, and it becomes widely used. |
|
The userspace cleaner is not going anywhere anytime soon |
ioworker0
force-pushed
the
feat-track-conntrack-map-in-userspace
branch
from
22d4aa2 to
c81fc08
Compare
|
/sem-approve |
When BPFConntrackCleanupMode is set to BPFConntrackModeUserspace, or in cases where the kernel does not support BTF (unfortunately, this is the case with some of our clusters), we are missing metrics related to the conntrack map. These metrics are obviously very useful, so let's also track these metrics under the BPFConntrackModeUserspace setting. Suggested-by: Tomas Hruby <[email protected]> Signed-off-by: Mingzhe Yang <[email protected]> Signed-off-by: Lance Yang <[email protected]>
ioworker0
force-pushed
the
feat-track-conntrack-map-in-userspace
branch
from
c81fc08 to
e9cec6e
Compare
I think the conflicts are resolved, and the CI issues should be fixed as well ;) |
Ping @fasaxc @tomastigera ;p |
Description
When BPFConntrackCleanupMode is set to BPFConntrackModeUserspace, or in cases where the kernel does not support BTF (unfortunately, this is the case with some of our clusters), we are missing metrics related to the conntrack map. These metrics are obviously very useful, so let's also track these metrics under the BPFConntrackModeUserspace setting.
Related issues/PRs
Todos
Release Note
Reminder for the reviewer
Make sure that this PR has the correct labels and milestone set.
Every PR needs one
docs-*label.docs-pr-required: This change requires a change to the documentation that has not been completed yet.docs-completed: This change has all necessary documentation completed.docs-not-required: This change has no user-facing impact and requires no docs.Every PR needs one
release-note-*label.release-note-required: This PR has user-facing changes. Most PRs should have this label.release-note-not-required: This PR has no user-facing changes.Other optional labels:
cherry-pick-candidate: This PR should be cherry-picked to an earlier release. For bug fixes only.needs-operator-pr: This PR is related to install and requires a corresponding change to the operator.