The same container image may be in use on multiple hosts. The
latest-map HostNodeID of a node in the ContainerImage topology is
therefore meaningless - it gets set to whatever host reported that
image last in the time window covered by the report. Hence using it as
a basis for mapping to hosts, as we did, a) fails to associate images
with all the right hosts (hence they are missing from the host details
panel), and b) causes that association to change semi-randomly (hence
the list in the details panel is unstable).
By contrast, the host topology parents of container image nodes is the
complete set of all hosts the image is used on. So making that the
basis for mapping fixes the problem.
The same technique - mapping based on host parents rather than
latest-map HostNodeID - also works for the other nodes we are mapping:
processes, containers and pods. So we might as well use it there
too. That's also what Map2Parent does in other topology renderers.
Fixes#2629.
This namely involved importing new libraries and using the new Clientset.
Changes worth mentioning:
* The new kubernetes library doesn't provide StoreToLister wrappers, so now I am going the casting directly.
* Deleting the pods and getting their logs is done in a cleaner way (using the
Clientset instead of the lower-level RESTclient).
This map function isn't actually needed.
Children are only populated from mapping to parents during rendering,
so there's no pre-existing replicasets to map.
Simply having the Map2Parent function map pods to deployments has it do the right thing.
This was always temporary until we could search for type via the search box instead,
since it resulted in too much clutter / didn't seem a useful use-case.
As it turns out, searching like this was already possible.
Use a special kind of selector renderer to elide replica sets from pod nodes
and directly reference deployment parents instead.
Do the inverse (replace replica sets with pods) during the mapping from pod to deployment.
Note we can no longer use renderParents since we're using a non-standard Selector
This has been tested on OpenShift Orgin v1.4.1 (`oc cluster up --version=v1.4.1 --skip-registry-check`),
(using latest builds of `oc` [412b5d6] command and Docker for Mac [v17.06.0-rc5-ce-mac16]).
The change is necessitated by the removal of procspied/ebpf endpoint
filtering in the renderers, as a result of which the odd
conntracked-only, unconnected pseudo node can sneak through.
This new way of doing things also makes renderers more composable and
robust, and more directly reflects the objective:
- in the process topologies, filter out all unconnected nodes
- in all other topologies, filter out unconnected pseudo nodes
The filtering of endpoints causes some connections to get missed for
non-eBPF-tracked connections. Furthermore, the filtering of endpoints
is entirely pointless when the probes run eBPF since the filters just
pass through eBPF-tracked endpoints (for good reason too; because
otherwise some connections would be missed). So in that case it is
just costing CPU and removing it actually improves performance.
Note that removing the filtering does not result in over-counting
connections since that is done by source ip:port pairs.
Fixes#2551.
Fixes#2558.
* Maps metrics if there is a single pod in the controller, as per all other views.
* Also added heavy commenting on the increasingly-complex render chain
