From 7ca8749b187a0f502bea5ffbd8974c24babcdc20 Mon Sep 17 00:00:00 2001 From: Alfonso Acosta Date: Wed, 31 May 2017 10:04:31 +0000 Subject: [PATCH 1/3] Enable eBPF tracking by default --- prog/main.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/prog/main.go b/prog/main.go index b32cc4041..2f698dab0 100644 --- a/prog/main.go +++ b/prog/main.go @@ -289,7 +289,7 @@ func main() { flag.BoolVar(&flags.probe.spyProcs, "probe.proc.spy", true, "associate endpoints with processes (needs root)") flag.StringVar(&flags.probe.procRoot, "probe.proc.root", "/proc", "location of the proc filesystem") flag.BoolVar(&flags.probe.procEnabled, "probe.processes", true, "produce process topology & include procspied connections") - flag.BoolVar(&flags.probe.useEbpfConn, "probe.ebpf.connections", false, "enable connection tracking with eBPF") + flag.BoolVar(&flags.probe.useEbpfConn, "probe.ebpf.connections", true, "enable connection tracking with eBPF") // Docker flag.BoolVar(&flags.probe.dockerEnabled, "probe.docker", false, "collect Docker-related attributes for processes") From 71e035665b8836123a080d0fc6f1c910b38fe2c3 Mon Sep 17 00:00:00 2001 From: Alfonso Acosta Date: Wed, 31 May 2017 10:02:16 +0000 Subject: [PATCH 2/3] Adjust integration tests --- ...th_ebpf_test.sh => 301_internet_edge_without_ebpf_test.sh} | 4 ++-- ...h => 311_container_to_container_edge_without_ebpf_test.sh} | 4 ++-- ....sh => 312_container_to_container_edge_same_netns_test.sh} | 4 ++-- ...ontainer_to_container_edge_with_ebpf_proc_fallback_test.sh | 2 +- integration/314_container_accept_before_kretprobe_test.sh | 2 +- 5 files changed, 8 insertions(+), 8 deletions(-) rename integration/{301_internet_edge_with_ebpf_test.sh => 301_internet_edge_without_ebpf_test.sh} (81%) rename integration/{311_container_to_container_edge_with_ebpf_test.sh => 311_container_to_container_edge_without_ebpf_test.sh} (86%) rename integration/{312_container_to_container_edge_same_netns_with_ebpf_test.sh => 312_container_to_container_edge_same_netns_test.sh} (82%) diff --git a/integration/301_internet_edge_with_ebpf_test.sh b/integration/301_internet_edge_without_ebpf_test.sh similarity index 81% rename from integration/301_internet_edge_with_ebpf_test.sh rename to integration/301_internet_edge_without_ebpf_test.sh index e5ba57415..fa36ff0c3 100755 --- a/integration/301_internet_edge_with_ebpf_test.sh +++ b/integration/301_internet_edge_without_ebpf_test.sh @@ -3,10 +3,10 @@ # shellcheck disable=SC1091 . ./config.sh -start_suite "Test short lived connections from the Internet [DISABLED]" +start_suite "Test short lived connections from the Internet without ebpf [DISABLED]" weave_on "$HOST1" launch -scope_on "$HOST1" launch --probe.ebpf.connections=true +scope_on "$HOST1" launch --probe.ebpf.connections=false ## Test disabled: it is currently flaky ## https://github.com/weaveworks/scope/issues/2308 diff --git a/integration/311_container_to_container_edge_with_ebpf_test.sh b/integration/311_container_to_container_edge_without_ebpf_test.sh similarity index 86% rename from integration/311_container_to_container_edge_with_ebpf_test.sh rename to integration/311_container_to_container_edge_without_ebpf_test.sh index 7c66be7b9..54c954d18 100755 --- a/integration/311_container_to_container_edge_with_ebpf_test.sh +++ b/integration/311_container_to_container_edge_without_ebpf_test.sh @@ -3,10 +3,10 @@ # shellcheck disable=SC1091 . ./config.sh -start_suite "Test short lived connections between containers, with ebpf connection tracking enabled" +start_suite "Test short lived connections between containers, without ebpf connection tracking enabled" weave_on "$HOST1" launch -scope_on "$HOST1" launch --probe.ebpf.connections=true +scope_on "$HOST1" launch --probe.ebpf.connections=false weave_on "$HOST1" run -d --name nginx nginx weave_on "$HOST1" run -d --name client alpine /bin/sh -c "while true; do \ wget http://nginx.weave.local:80/ -O - >/dev/null || true; \ diff --git a/integration/312_container_to_container_edge_same_netns_with_ebpf_test.sh b/integration/312_container_to_container_edge_same_netns_test.sh similarity index 82% rename from integration/312_container_to_container_edge_same_netns_with_ebpf_test.sh rename to integration/312_container_to_container_edge_same_netns_test.sh index 820114e9a..5cb731f6a 100755 --- a/integration/312_container_to_container_edge_same_netns_with_ebpf_test.sh +++ b/integration/312_container_to_container_edge_same_netns_test.sh @@ -3,9 +3,9 @@ # shellcheck disable=SC1091 . ./config.sh -start_suite "Test short lived connection between containers in same network namespace, with ebpf connection tracking enabled" +start_suite "Test short lived connection between containers in same network namespace" -scope_on "$HOST1" launch --probe.ebpf.connections=true +scope_on "$HOST1" launch docker_on "$HOST1" run -d --name nginx nginx docker_on "$HOST1" run -d --net=container:nginx --name client albanc/dialer /go/bin/dialer connectshortlived localhost:80 diff --git a/integration/313_container_to_container_edge_with_ebpf_proc_fallback_test.sh b/integration/313_container_to_container_edge_with_ebpf_proc_fallback_test.sh index 7bdfc9bd2..7aee7d2d3 100755 --- a/integration/313_container_to_container_edge_with_ebpf_proc_fallback_test.sh +++ b/integration/313_container_to_container_edge_with_ebpf_proc_fallback_test.sh @@ -11,7 +11,7 @@ weave_on "$HOST1" launch # to make ebpf fail and test the proc fallback. DOCKER_HOST=tcp://${HOST1}:${DOCKER_PORT} CHECKPOINT_DISABLE=true \ WEAVESCOPE_DOCKER_ARGS="-v /tmp:/sys/kernel/debug/tracing:ro" \ - "${SCOPE}" launch --probe.ebpf.connections=true + "${SCOPE}" launch weave_on "$HOST1" run -d --name nginx nginx weave_on "$HOST1" run -d --name client alpine /bin/sh -c "while true; do \ wget http://nginx.weave.local:80/ -O - >/dev/null || true; \ diff --git a/integration/314_container_accept_before_kretprobe_test.sh b/integration/314_container_accept_before_kretprobe_test.sh index d87a4b866..a34582ca5 100755 --- a/integration/314_container_accept_before_kretprobe_test.sh +++ b/integration/314_container_accept_before_kretprobe_test.sh @@ -15,7 +15,7 @@ weave_on "$HOST1" run -d --name server busybox /bin/sh -c "while true; do \ sleep 1 ; done | nc -l -p 8080" -scope_on "$HOST1" launch --probe.ebpf.connections=true +scope_on "$HOST1" launch wait_for_containers "$HOST1" 60 server has_container "$HOST1" server From b2e6b97aa8089423c0f6623375d260ac62379708 Mon Sep 17 00:00:00 2001 From: Alfonso Acosta Date: Wed, 31 May 2017 15:10:52 +0000 Subject: [PATCH 3/3] Fix ebpf-connection checking --- integration/310_container_to_container_edge_test.sh | 5 +++++ .../311_container_to_container_edge_without_ebpf_test.sh | 4 +--- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/integration/310_container_to_container_edge_test.sh b/integration/310_container_to_container_edge_test.sh index bb67b9fd0..e40d86f4c 100755 --- a/integration/310_container_to_container_edge_test.sh +++ b/integration/310_container_to_container_edge_test.sh @@ -17,6 +17,11 @@ wait_for_containers "$HOST1" 60 nginx client has_container "$HOST1" nginx has_container "$HOST1" client + +list_containers "$HOST1" +list_connections "$HOST1" + has_connection containers "$HOST1" client nginx +endpoints_have_ebpf "$HOST1" scope_end_suite diff --git a/integration/311_container_to_container_edge_without_ebpf_test.sh b/integration/311_container_to_container_edge_without_ebpf_test.sh index 54c954d18..c3190ad5a 100755 --- a/integration/311_container_to_container_edge_without_ebpf_test.sh +++ b/integration/311_container_to_container_edge_without_ebpf_test.sh @@ -3,7 +3,7 @@ # shellcheck disable=SC1091 . ./config.sh -start_suite "Test short lived connections between containers, without ebpf connection tracking enabled" +start_suite "Test short lived connections between containers, without ebpf connection tracking disabled" weave_on "$HOST1" launch scope_on "$HOST1" launch --probe.ebpf.connections=false @@ -23,6 +23,4 @@ list_connections "$HOST1" has_connection containers "$HOST1" client nginx -endpoints_have_ebpf "$HOST1" - scope_end_suite