NETOBSERV-1732: add logic to lkup all previous tc filters and remove them

[msherif1234]

Description

Today if ebpf agent pod is killed with SIGKILL the clean up code never get a chance to remove all TC filters and qdisc installed
this PR check all previously installed TC filters and remove them

Dependencies

n/a

Checklist

If you are not familiar with our processes or don't know what to answer in the list below, let us know in a comment: the maintainers will take care of that.

• Will this change affect NetObserv / Network Observability operator? If not, you can ignore the rest of this checklist.
• Is this PR backed with a JIRA ticket? If so, make sure it is written as a title prefix (in general, PRs affecting the NetObserv/Network Observability product should be backed with a JIRA ticket - especially if they bring user facing changes).
• Does this PR require product documentation?
  • If so, make sure the JIRA epic is labelled with "documentation" and provides a description relevant for doc writers, such as use cases or scenarios. Any required step to activate or configure the feature should be documented there, such as new CRD knobs.
• Does this PR require a product release notes entry?
  • If so, fill in "Release Note Text" in the JIRA.
• Is there anything else the QE team should know before testing? E.g: configuration changes, environment setup, etc.
  • If so, make sure it is described in the JIRA ticket.
• QE requirements (check 1 from the list):
  • Standard QE validation, with pre-merge tests unless stated otherwise.
  • Regression tests only (e.g. refactoring with no user-facing change).
  • No QE (e.g. trivial change with high reviewer's confidence, or per agreement with the QE team).

[openshift-ci-robot]

@msherif1234: This pull request references NETOBSERV-1732 which is a valid jira issue.

Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the bug to target the "4.17.0" version, but no target version was set.

In response to this:

Description

Today if ebpf agent pod is killed with SIGKILL the clean up code never get a chance to remove all TC filters and qdisc installed
this PR check all previously installed TC filters and remove them

Dependencies

n/a

Checklist

If you are not familiar with our processes or don't know what to answer in the list below, let us know in a comment: the maintainers will take care of that.

• Will this change affect NetObserv / Network Observability operator? If not, you can ignore the rest of this checklist.
• Is this PR backed with a JIRA ticket? If so, make sure it is written as a title prefix (in general, PRs affecting the NetObserv/Network Observability product should be backed with a JIRA ticket - especially if they bring user facing changes).
• Does this PR require product documentation?
• If so, make sure the JIRA epic is labelled with "documentation" and provides a description relevant for doc writers, such as use cases or scenarios. Any required step to activate or configure the feature should be documented there, such as new CRD knobs.
• Does this PR require a product release notes entry?
• If so, fill in "Release Note Text" in the JIRA.
• Is there anything else the QE team should know before testing? E.g: configuration changes, environment setup, etc.
• If so, make sure it is described in the JIRA ticket.
• QE requirements (check 1 from the list):
• Standard QE validation, with pre-merge tests unless stated otherwise.
• Regression tests only (e.g. refactoring with no user-facing change).
• No QE (e.g. trivial change with high reviewer's confidence, or per agreement with the QE team).

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

[msherif1234]

/ok-to-test

[github-actions]

New image:
quay.io/netobserv/netobserv-ebpf-agent:29b9188

It will expire after two weeks.

To deploy this build, run from the operator repo, assuming the operator is running:

USER=netobserv VERSION=29b9188 make set-agent-image

[msherif1234]

/ok-to-test

[github-actions]

New image:
quay.io/netobserv/netobserv-ebpf-agent:846d29a

It will expire after two weeks.

To deploy this build, run from the operator repo, assuming the operator is running:

USER=netobserv VERSION=846d29a make set-agent-image

[codecov]

Codecov Report

Attention: Patch coverage is 0% with 52 lines in your changes missing coverage. Please review.

Please upload report for BASE (main@484bc41). Learn more about missing BASE report.
Report is 3 commits behind head on main.

Additional details and impacted files

@@           Coverage Diff           @@
##             main     #360   +/-   ##
=======================================
  Coverage        ?   32.67%           
=======================================
  Files           ?       48           
  Lines           ?     3593           
  Branches        ?        0           
=======================================
  Hits            ?     1174           
  Misses          ?     2317           
  Partials        ?      102           

Flag	Coverage Δ
unittests	32.67% <0.00%> (?)

Flags with carried forward coverage won't be shown. Click here to find out more.

Files	Coverage Δ
pkg/ebpf/tracer.go	0.00% <0.00%> (ø)

[jotak]

@msherif1234 I thought it was already managed e.g. here: https://github.com/netobserv/netobserv-ebpf-agent/blob/main/pkg/ebpf/tracer.go#L308 , what's the difference exactly with the existing deletions?

Is it because previously it would only delete for the current interfaces, but not if interfaces have changed in the meantime?

[msherif1234]

@msherif1234 I thought it was already managed e.g. here: https://github.com/netobserv/netobserv-ebpf-agent/blob/main/pkg/ebpf/tracer.go#L308 , what's the difference exactly with the existing deletions?

Is it because previously it would only delete for the current interfaces, but not if interfaces have changed in the meantime?

current logic won't work as when the pod restart the FD value won't be the same as old program so the existing code won't ever kick in https://github.com/netobserv/netobserv-ebpf-agent/blob/main/pkg/ebpf/tracer.go#L304

[jotak]

not sure how likely it is to get an error here, but to be more resilient you could accumulate all errors in a slice and use errors.Join : that would avoid returning after an error in case there's still filters to delete in the list.

[msherif1234]

I can use Aggregrate error too which does the same like errors join

[jotak]

Nit: unnecessary {}

Suggested change

	if strings.HasPrefix(bpfFilter.Name, tcEgressFilterName) {
	{
	egressDevs = append(egressDevs, l)
	}
	}
	if strings.HasPrefix(bpfFilter.Name, tcEgressFilterName) {
	egressDevs = append(egressDevs, l)
	}

[jotak]

some minor comments, lgtm otherwise

[jotak]

/lgtm

[msherif1234]

/ok-to-test

[github-actions]

New image:
quay.io/netobserv/netobserv-ebpf-agent:a705627

It will expire after two weeks.

To deploy this build, run from the operator repo, assuming the operator is running:

USER=netobserv VERSION=a705627 make set-agent-image

[memodi]

/label no-qe

[msherif1234]

/approve

[openshift-ci]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: msherif1234

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• OWNERS [msherif1234]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment