* initial tls tapper commit
* add tls flag to mizu cli
* support ssl_read_ex/ssl_write_ex
* use hostproc to find libssl
* auto discover tls processes
* support libssl1.0
* recompile ebpf with old clang/llvm
* Update tap/passive_tapper.go
Co-authored-by: M. Mert Yıldıran <mehmet@up9.com>
* Update tap/tlstapper/tls_poller.go
Co-authored-by: M. Mert Yıldıran <mehmet@up9.com>
* Update tap/tlstapper/tls_poller.go
Co-authored-by: M. Mert Yıldıran <mehmet@up9.com>
* Update tap/tlstapper/tls_poller.go
Co-authored-by: M. Mert Yıldıran <mehmet@up9.com>
* Update tap/tlstapper/tls_poller.go
Co-authored-by: M. Mert Yıldıran <mehmet@up9.com>
* Update tap/tlstapper/tls_poller.go
Co-authored-by: M. Mert Yıldıran <mehmet@up9.com>
* Update tap/tlstapper/tls_poller.go
Co-authored-by: M. Mert Yıldıran <mehmet@up9.com>
* Update tap/tlstapper/tls_poller.go
Co-authored-by: M. Mert Yıldıran <mehmet@up9.com>
* upgrade ebpf go lib
* handling big tls messages
* fixing max buffer size in ebpf
* remove unused import
* fix linter issues
* minor pr fixes
* compile with old clang
* fix cgroup file format
* pr fixes + cgroup extract enhance
* fix linter
* adding indirect ebpf dep to agent go.mod
* adding ebpf docker builder
* minor pr fixes
* add req resp matcher to dissect
* rename ssl hooks to ssl hooks structs
* move to alpine, use local copy of mizu instead of git, add readme
* use global req resp mather for tls
Co-authored-by: M. Mert Yıldıran <mehmet@up9.com>
Co-authored-by: gadotroee <55343099+gadotroee@users.noreply.github.com>
* TRA-4235 Revert "Move Basenine binary into a separate container"
* Deploy the same agent image as a separate container for Basenine
Co-authored-by: Igor Gov <iggvrv@gmail.com>
* Enable acceptance tests
* Fix the acceptance tests and a typo in `CONFIGURATION.md`
* Include the container name into the log fetching function
* Duplicate the fix for the logs test
* Revert "Enable acceptance tests"
This reverts commit c10a67c293.
- Rename --istio flag to the more general --service-mesh
- Rename internal variables, consts and structures to reflect this conceptual change
- Update the docs accordingly
* Move Basenine binary into a separate container
* Set `WorkingDir` to `shared.DataDirPath` in the `basenine` container
* Use `consts.go` to set the Basenine image and port
* Bring back the `net-wait-go` usage to prevent startup failures
Motivation: Allow users to change the default RBAC resources (ServiceAccount, ClusterRole, ClusterRoleBinding, Role and RoleBinding) without having Mizu delete them every run.
Adds app.kubernetes.io/created-by and app.kubernetes.io/managed-by labels to all resources.
The value of app.kubernetes.io/created-by is either mizu-cli or mizu-agent.
The value of app.kubernetes.io/managed-by is mizu.
When Mizu cleans resources (ctrl-c in tap cmd or mizu clean cmd) it removes all RBAC resources that have managed-by=mizu, and only those.
A user may have a ClusterRole named mizu-clusterrole. If it doesn't have the label app.kubernetes.io/managed-by=mizu, then Mizu won't overwrite it and won't delete it.
Other resources (deployments, services etc.) are always removed, regardless of their labels.
* discover envoy pids using cluster ips
* add istio flag to cli + rename mtls flag to istio
* add istio.md to docs
* Fixing typos
* Fix minor typos and grammer in docs
Co-authored-by: Nimrod Gilboa Markevich <nimrod@up9.com>
Currently shared/kubernetes/watch.go:FilteredWatch only watches pods.
This PR makes it reusable for other types of resources.
This is done in preparation for watching k8s events.
* multiple netns listen - initial commit
* multiple netns listen - actual work
* remove redundant log line
* map /proc of host to tapper
* changing kubernetes provider again after big conflict
* revert node-sass version back to 5.0.0
* Rename host_source to hostSource
Co-authored-by: gadotroee <55343099+gadotroee@users.noreply.github.com>
* PR fixes - adding comment + typos + naming conventions
* go fmt + making procfs read only
* setns back to the original value after packet source initialized
Co-authored-by: gadotroee <55343099+gadotroee@users.noreply.github.com>
* WIP
* WIP
* WIP
* WIP
* WIP
* Update tapRunner.go and k8sTapManager.go
* Update cleanRunner.go, common.go, and 8 more files...
* Update common.go, tapConfig.go, and 2 more files...
* Update config.go, config.go, and 5 more files...
* Update tapRunner.go, config.go, and 7 more files...
* Update cleanRunner.go, logs.go, and 2 more files...
* Update k8sTapManager.go, provider.go, and watch.go
* Update go.sum, go.mod, and go.sum
* Update go.mod and go.sum
* Update go.mod, go.sum, and 2 more files...
* Revert "Update go.mod, go.sum, and 2 more files..."
This reverts commit 8140311349.
* Update funcWrappers.go, tapRunner.go, and 4 more files...
* Update main.go, tapRunner.go, and mizuTapperSyncer.go
