NETOBSERV-1216 PacketDrop enhancements

[jpinsonneau]

Requires:
netobserv/flowlogs-pipeline#470
netobserv/network-observability-operator#401

This is a followup on NETOBSERV-1064 to improve Packet drop functionnality:

• moved ICMP type / code to protocol
• moved drop cause to packets
• improved descriptions with clickable popovers including link to documentations
• allow filter on drop cause / tcp state
• removed green color when when drop info are not provided
  • flows containing the info will keep green / red colors even if the feature is disabled

[codecov]

Codecov Report

Merging #362 (c15abab) into main (13e24e4) will increase coverage by 0.03%.
Report is 1 commits behind head on main.
The diff coverage is 54.78%.

❗ Current head c15abab differs from pull request most recent head 6e698a5. Consider uploading reports for the commit 6e698a5 to get more accurate results

@@            Coverage Diff             @@
##             main     #362      +/-   ##
==========================================
+ Coverage   57.15%   57.18%   +0.03%     
==========================================
  Files         163      167       +4     
  Lines        7543     7738     +195     
  Branches      921      913       -8     
==========================================
+ Hits         4311     4425     +114     
- Misses       2967     3046      +79     
- Partials      265      267       +2     

Flag	Coverage Δ
uitests	58.09% <54.78%> (+0.06%)	⬆️
unittests	54.69% <ø> (+0.14%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

Files Changed	Coverage Δ
web/src/components/filters/filters-toolbar.tsx	64.17% <ø> (ø)
...c/components/netflow-overview/netflow-overview.tsx	67.02% <ø> (+1.39%)	⬆️
web/src/components/netflow-traffic.tsx	55.77% <ø> (+3.10%)	⬆️
web/src/model/filters.ts	72.30% <ø> (ø)
web/src/utils/filter-options.ts	52.05% <30.00%> (-2.64%)	⬇️
web/src/components/filters/filter-hints.tsx	63.63% <33.33%> (-11.37%)	⬇️
web/src/components/netflow-record/record-field.tsx	69.56% <39.13%> (-5.20%)	⬇️
...eb/src/components/netflow-overview/panel-kebab.tsx	60.86% <41.66%> (ø)
web/src/utils/icmp.ts	57.69% <58.82%> (-23.44%)	⬇️
web/src/utils/pkt-drop.ts	88.88% <88.88%> (ø)
... and 4 more

... and 19 files with indirect coverage changes

[msherif1234]

this isn't TCP specific here and below ?

[jpinsonneau]

sorry my bad

[jpinsonneau]

c29eb9f

[msherif1234]

well this filter be off when the dropped packet is for UDP as an example ?

[jpinsonneau]

No specific mechanism is done here. The user can set 2 filters as PktDropLatestState=TCP_XXX, Proto=UDP with match any query option to get both dropped TCP & UDP flows

[msherif1234]

pls rename the pkg to pkt-drop instead ?

[jpinsonneau]

c29eb9f

[msherif1234]

what about icmp6 codes and types they aren't the same as in icmp4 ?

[jpinsonneau]

Correct:
https://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml#icmp-parameters-types
https://www.iana.org/assignments/icmpv6-parameters/icmpv6-parameters.xhtml#icmpv6-parameters-2

I should implement both and switch according to for protocol field

1 | ICMP | Internet Control Message
vs 
58 | IPv6-ICMP | ICMP for IPv6

[jpinsonneau]

eb1c5be

[msherif1234]

do we have to maintain this translation from number to string in two components ? if it makes more sense to have it here we probably removed from FLP and just keep it as a number to reduce future efforts adding new drops ?

[jpinsonneau]

That's a tradeoff to decide. If we want the user to be able to type either number or name in the filters, we need these in console plugin.

[msherif1234]

I think we need to be able to filter on both as u have

[jotak]

is there a specific reason to use a URL from elixir.bootlin.com ? (I don't know about this site)
This one sounds more official / primary source: https://github.com/torvalds/linux/blob/master/include/net/dropreason-core.h ?

[jpinsonneau]

sure github sounds better 👍

[jotak]

Like you put a link to the drop reasons, we may have a link to these states definitions? https://github.com/torvalds/linux/blob/master/include/net/tcp_states.h

[jpinsonneau]

added doc url in examples popover pointing to github ressources

74edded

[jotak]

looks good to me in general (two comments about the external links)
You could also add a couple of tests, for example in https://github.com/netobserv/network-observability-console-plugin/blob/main/web/src/components/filters/__tests__/autocomplete-filter.spec.tsx#L29-L51 we could have similar tests for the new autocompleted fields

[jpinsonneau]

You could also add a couple of tests, for example in https://github.com/netobserv/network-observability-console-plugin/blob/main/web/src/components/filters/__tests__/autocomplete-filter.spec.tsx#L29-L51 we could have similar tests for the new autocompleted fields

Currently the new filters are just rejecting empty values validate: rejectEmptyValue,
Do you think we should force the user to the defined list only ? This was made on purpose to allow any new value to be filtered on, even if we didn't defined these.

I tried to check for the popover suggestions but the wrapper.find function can't find it 😞
It seems that the waitForComponentToPaint is not enough to wait for the popover to show or maybe the popover doesn't even show in these tests.

[msherif1234]

/lgtm

[Amoghrd]

/ok-to-test

[github-actions]

New image:
quay.io/netobserv/network-observability-console-plugin:f125544

It will expire after two weeks.

To deploy this build, run from the operator repo, assuming the operator is running:

USER=netobserv VERSION=f125544 make set-plugin-image

[jpinsonneau]

Rebased without changes

[github-actions]

New image:
quay.io/netobserv/network-observability-console-plugin:32d3f9d

It will expire after two weeks.

To deploy this build, run from the operator repo, assuming the operator is running:

USER=netobserv VERSION=32d3f9d make set-plugin-image

[msherif1234]

/lgtm

[openshift-ci]

New changes are detected. LGTM label has been removed.

[jpinsonneau]

@Amoghrd Addressing feedback from QE doc:

• Filters still available when feature is disabled 03d6282

• Show others -- can't reproduce all the time

I changed the stat out of show others and it seems to be more consistent d8ab9fd Can you please double check ?
Also took the opportunity to remove others on DNS latency since it's an average and add kebab on all graphs (export was missing on the ones without options)

• Weird IP in total panel -- seems to work fine on my cluster; any tips to reproduce ?

• Missing DNS options filtering c15abab

[jpinsonneau]

While testing I noticed Bytes and Packets fields are not skipped when zero on FLP side.
That create inconsistency between flows and conversations. I've added a commit for that
06ed39b

That makes this PR dependant of netobserv/flowlogs-pipeline#470 one. Waiting for feedback about that approach

[github-actions]

New image:
quay.io/netobserv/network-observability-console-plugin:0219ec4

It will expire after two weeks.

To deploy this build, run from the operator repo, assuming the operator is running:

USER=netobserv VERSION=0219ec4 make set-plugin-image

[openshift-ci]

[APPROVALNOTIFIER] This PR is APPROVED

Approval requirements bypassed by manually added approval.

This pull-request has been approved by:

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment