Commit Graph

47 Commits

Author SHA1 Message Date
Nimrod Gilboa Markevich
1cf9c29ef0 Remove hardump flag (#183)
Removed hardump flag and made it the default (and only) behavior.
2021-08-08 17:31:45 +03:00
Igor Gov
7f2021c312 Several fixes for the release (#175) 2021-08-08 10:32:21 +03:00
Igor Gov
0244f12167 Fixes (#171) 2021-08-05 19:29:06 +03:00
Igor Gov
90f0f603c7 Support getting logs in ns restricted mode (#168) 2021-08-05 12:12:01 +03:00
RoyUP9
683d199774 added support of multiple namespaces (#167) 2021-08-05 11:19:29 +03:00
Igor Gov
fa632b49a7 Introducing mizu logs dump & Log prints alignment in API server using rlog (#165) 2021-08-05 11:01:08 +03:00
Nimrod Gilboa Markevich
04579eb03c Namespace restricted mode (#147) 2021-08-05 10:28:31 +03:00
Selton Fiuza
dea223bfe1 Feature/tra 3349 validation rules merged with develop (#148)
* Implemented validation rules, based on: https://up9.atlassian.net/browse/TRA-3349

* Color on Entry based on rules

* Background red/green based on rules

* Change flag --validation-rules to --test-rules

* rules tab UI updated

* rules tab font and background-color is changed for objects

* Merged with develop

* Fixed compilation issues.

* Renamed fullEntry -> harEntry where appropriate.

* Change green/red logic

* Update models.go

* Fix latency bug and alignment

* Merge Conflicts fix

* Working after merge

* Working on Nimrod comments

* Resolving conflicts

* Resolving conflicts

* Resolving conflicts

* Nimrod Comments pt.3

* Log Error on configmap creation if the user doesn't have permission.

* Checking configmap permission to ignore --test-rules

* Revert time for mizu to get ready

* Nimrod comments pt 4 && merge develop pt3

* Nimrod comments pt 4 && merge develop pt3

* Const rulePolicyPath and filename

Co-authored-by: Neim <elezin9@gmail.com>
Co-authored-by: nimrod-up9 <nimrod@up9.com>
2021-08-04 09:21:36 -03:00
Igor Gov
9e34662511 Adding logs and fixing several issues (#162)
* Config grooming and several general fixes
2021-08-04 08:18:07 +03:00
RamiBerm
f9396e01ca TRA-3415 ignore unready pods (#160)
* Update tapRunner.go and provider.go

* Update tapRunner.go

* Update tapRunner.go

* Update tapRunner.go

* Update tapRunner.go and provider.go

Co-authored-by: RamiBerm <rami.berman@up9.com>
2021-08-03 15:02:31 +03:00
Igor Gov
f64ee23c74 Introducing new logger, logging debug to file and info to stderr (#134)
* Introducing new logger to file debug and info to stderr
2021-07-25 10:08:37 +03:00
nimrod-up9
803681a239 Renamed collector, aggregator to api server, api folder to agent (#133)
* Renamed aggregator -> apiServer.

* Format errors with container names.

* Renamed collector -> apiServer.

* Rephrased help messages.

* Moved api -> agent.

* Continue renameing api -> agent in Makefile and Dockerfiles.
2021-07-22 17:17:17 +03:00
Igor Gov
ac358be877 Making kube config errors more user friendly (#132)
* Making kube config errors more user friendly
2021-07-22 15:26:28 +03:00
nimrod-up9
2996c1a4bc Install Mizu in a dedicated namespace (#123)
* Use "mizu" namespace instead of "default". Create and delete as necessary.

* Wait until namespace is deleted.

* Distinguish between timeout and other errors.

* Sorted consts.

* k8s provider gets the names of Mizu serviceaccount, clusterrole and clusterrolebindings from caller.

* Renames.

* Remove non-namespaced mizu resources when finished: clusterrole and clusterrolebindings.

* Don't wait for namespace deletion if it was already deleted.

* When watching pods, check for cancellation before reading from channels.

* Allow user to cancel resource deletion and to cancel the wait.

* Increased cleanup timeout.

* go mod tidy.

* Ignore cli build products.

* Print err.

* Don't delete clusterrole and clusterrolebinding if we do not have permissions.

* Added roles list in README.

* Added clusterrole and clusterrolebindings examples.
2021-07-22 14:26:12 +03:00
Igor Gov
e42c4f8648 Cleaning unused code (#129)
* Cleaning unused code
2021-07-21 17:07:32 +03:00
RamiBerm
80e97e7f7e Update main.go, tap.go, and 4 more files... 2021-07-21 10:49:27 +03:00
RamiBerm
eaa120cad8 Merge branch 'develop'
Conflicts:
	cli/cmd/tap.go
2021-07-14 09:06:40 +03:00
gadotroee
35f9e16e7c Fix resource limits (#110) 2021-07-14 08:33:00 +03:00
RamiBerm
90c9d8b0d0 Merge branch 'develop'
Conflicts:
	cli/cmd/tapRunner.go
2021-07-13 16:23:27 +03:00
RamiBerm
96f47116f0 Update go.sum, main.go, and 10 more files... 2021-07-13 16:21:32 +03:00
nimrod-up9
78456d7987 TRA-3410 Resource limits (#105)
* Added resource requests and limits.

* Set limits to realistic values.

* Reduced requests.

* Fixed: Swapped limites.

* Reordered.

* Reduces memory request for tappers.
2021-07-13 16:11:38 +03:00
nimrod-up9
c59aadb221 Fix crash when there are no pods matching the regex (#85)
* Removed done todo.

* Error when trying to apply tapper-daemonset with 0 pods in affinity.

* Reorder imports.

* Create/update mizu tappers if there are tapped pods. Delete if there are no tapped pods.

* Skip deletion if tapper daemonset is not installed.

* Renamed createMizuTappers -> updateMizuTappers.

* Renamed IsDaemonSetApplied -> CheckDaemonSetExists.

* Skip deletion if pod / service is not installed.

* Fixed: Inverted logic.

* Rename.

* Fixed compilation bugs.

* Warn if no pods are found. Suggest changing the namespace.

* Use consts.

* Removed empty line.
2021-06-27 18:24:14 +03:00
nimrod-up9
6aaee4b519 Refactoring (#84)
* Only use one channel for filtering HARs.

* Only check if dest is service ip if message is outgoing.

* Parse direction flag on input.

* Renamed filterHarHeaders -> filterHarItems.

* Fixed compilation bugs.
2021-06-27 16:26:12 +03:00
nimrod-up9
6f47ad862e TRA-3317 Tap and show outbound traffic (#83)
* Tap outgoing: If --anydirection flag is passed with HOST_MODE, tap by source IP.

* Moved ConnectionInfo from http_matcher to http_reader.

* Generalized shouldTap in stream factory to get more properties.

* tap reports IsOutgoing property of tcp connection.

* gofmt.

* CLI instructs tapper to tap outgoing connections.

* API saves IsOutgoing to DB and passes it to UI.

* Add a visual marker in the HAR list for outgoing messages.

* Fixed: Swapped src and dst.

* Resolver keeps a list of all ClusterIP services.

* Do not save HARs with destination ClusterIP services.

* CLI accepts flag that controls traffic direction.

* Indicate incoming/outgoing with icon instead of with border color.

* Fixed: Didn't filter messages to services in aggregator.

* Clearer syntax around the direction icon. Added title text.

* Fixed width around direction icon.

* Less repetition.

* Removed TODO.

* Renamed incoming -> ingoing.

* More verbose title text to image.

* Switched routine order for readability.
2021-06-24 15:10:11 +03:00
nimrod-up9
756f5f5720 TRA-3360 Fix: Mizu ignores -n namespace flag and records traffic from all pods (#75)
Do not tap pods in namespaces which were not requested.
2021-06-21 12:07:25 +03:00
gadotroee
31dcfc4b2e TRA-3318 - Cookies not null and fix har file names (#69)
* no message
2021-06-08 11:17:02 +03:00
Igor Gov
8316f8456f . 2021-06-06 17:18:58 +03:00
Igor Gov
88a5befd4b Implementation of Mizu view command 2021-06-06 17:00:23 +03:00
nimrod-up9
1bf5bf0b31 TRA-3299 Reduce footprint and Add Tolerances(#65)
* Use lib const for DNSClusterFirstWithHostNet.

* Whitespace.

* Break lines.

* Added affinity to pod names.

* Added tolerations to NoExecute and NoSchedule taints.
2021-06-03 19:48:12 +03:00
RamiBerm
76bb3db553 Update provider.go 2021-06-01 14:40:34 +03:00
RamiBerm
107c2d5b59 Update main.go, messageSensitiveDataCleaner.go, and 3 more files... 2021-06-01 14:27:19 +03:00
RamiBerm
4bc16fa0b4 Update main.go, messageSensitiveDataCleaner.go, and 6 more files... 2021-06-01 14:25:52 +03:00
nimrod-up9
620f046a26 TRA-3257 Dynamic tappers (#57)
* Defer cleanup.

* Split createMizuResources into two functions.

* Re-create daemonset when changes to tapped pods occur.

* Reordered imports.

* Use Printf instead of Println.

* Workaround for variable scope.

* WIP Apply daemonset instead of create.

* Whitespaces.

* Fixed: Using the right types for Apply.

* Fixed missing pod IP by adding a delay.

* Debounce pod restart.

* Proper field manager name.
2021-05-26 17:25:12 +03:00
nimrod-up9
da24608bec Tap multiple pods statically (#51)
* WIP

* Update tap.go, provider.go, and 2 more files...

* WIP

* WIP

* Solved routine hanging forever: Added missing flag when calling mizuagent.

* Iterate channel with range.

* Panic if har channel is nil or if websocket connection is nil.

* StartPassiveTapper returns read only channel.

* Solved program exiting immediately: Wait for interrupt signal instead of exiting.

* Solve connecting issue - Retry a few times.

* Use lib const instead of magic.

* Nicer error prints.

* Don't coninue piping message if there is an error.

* Comment.

* Dependency injection.

* no message

* Fixed comment.

* Print tapped addresses when they are updated.

* Print errors in cleanup if there are any.

Co-authored-by: RamiBerm <rami.berman@up9.com>
Co-authored-by: Roee Gadot <roee.gadot@up9.com>
2021-05-20 12:22:23 +03:00
RamiBerm
9bd4fb0619 Update provider.go 2021-05-11 15:35:31 +03:00
RamiBerm
bc165dbbaf Update Makefile, version.go, and 3 more files... 2021-05-11 10:26:24 +03:00
RamiBerm
d817f5b3d3 Update provider.go, consts.go, and mizuRunner.go 2021-05-10 16:03:01 +03:00
RamiBerm
4429de93b6 Update go.mod, main.go, and 4 more files... 2021-05-10 15:44:38 +03:00
nimrod-up9
e932a340e3 Only record traffic of the requested pod. Filtered by pod IP. (#21) 2021-04-29 18:19:59 +03:00
nimrod-up9
38146a644d Select node by pod (#18)
* Select node by pod.

* Removed watch pod by regex. Irrelevant for now.

* Changed default image to develop:latest.
2021-04-29 15:46:18 +03:00
Roee Gadot
1dd36dc208 add HOST_MODE env var 2021-04-29 08:22:42 +03:00
Roee Gadot
8078eb3728 start the pod with host network and privileged 2021-04-29 08:13:10 +03:00
up9-github
78f5a569c6 Update go.sum and provider.go 2021-04-22 10:16:27 +03:00
up9-github
5bbf541f04 Update provider.go 2021-04-22 09:59:32 +03:00
up9-github
44b8e3634e Update provider.go 2021-04-21 17:46:32 +03:00
up9-github
4afd3ec9ac WIP 2021-04-21 15:21:12 +03:00
up9-github
7167923a49 WIP 2021-04-20 17:30:03 +03:00