NETOBSERV-1426: detect external workloads / openshift subnets

netobserv · Feb 5, 2024 · 3bd04ea · 3bd04ea
1 parent 34fd0ae
commit 3bd04ea
Show file tree

Hide file tree

Showing 26 changed files with 731 additions and 72 deletions.
diff --git a/apis/flowcollector/v1alpha1/zz_generated.conversion.go b/apis/flowcollector/v1alpha1/zz_generated.conversion.go
diff --git a/apis/flowcollector/v1beta1/flowcollector_types.go b/apis/flowcollector/v1beta1/flowcollector_types.go
@@ -493,6 +493,10 @@ type FlowCollectorFLP struct {
 	// This feature requires the "topology.kubernetes.io/zone" label to be set on nodes.
 	AddZone *bool `json:"addZone,omitempty"`
 
+	//+optional
+	// `subnetLabels` allows to define custom labels on subnets and IPs or to enable automatic labelling of recognized subnets in OpenShift.
+	SubnetLabels SubnetLabels `json:"subnetLabels,omitempty"`
+
 	// `debug` allows setting some aspects of the internal configuration of the flow processor.
 	// This section is aimed exclusively for debugging and fine-grained performance optimizations,
 	// such as `GOGC` and `GOMAXPROCS` env vars. Users setting its values do it at their own risk.
@@ -832,6 +836,24 @@ type DebugConfig struct {
 	Env map[string]string `json:"env,omitempty"`
 }
 
+// `SubnetLabels` allows to define custom labels on subnets and IPs or to enable automatic labelling of recognized subnets in OpenShift.
+type SubnetLabels struct {
+	// `openShiftAutoDetect` allows, when set to `true`, to detect automatically the machines, pods and services subnets based on the
+	// OpenShift install configuration and the Cluster Network Operator configuration.
+	//+optional
+	OpenShiftAutoDetect *bool `json:"openShiftAutoDetect,omitempty"`
+
+	// `customLabels` allows to customize subnets and IPs labelling, such as to identify cluster-external workloads or web services.
+	//+optional
+	CustomLabels []SubnetLabel `json:"customLabels,omitempty"`
+}
+
+// SubnetLabel allows to label subnets and IPs, such as to identify cluster-external workloads or web services.
+type SubnetLabel struct {
+	CIDRs []string `json:"cidrs,omitempty"`
+	Name  string   `json:"name,omitempty"`
+}
+
 // Add more exporter types below
 type ExporterType string
 

diff --git a/apis/flowcollector/v1beta1/zz_generated.conversion.go b/apis/flowcollector/v1beta1/zz_generated.conversion.go
diff --git a/apis/flowcollector/v1beta1/zz_generated.deepcopy.go b/apis/flowcollector/v1beta1/zz_generated.deepcopy.go
diff --git a/apis/flowcollector/v1beta2/flowcollector_types.go b/apis/flowcollector/v1beta2/flowcollector_types.go
@@ -450,6 +450,10 @@ type FlowCollectorFLP struct {
 	// This feature requires the "topology.kubernetes.io/zone" label to be set on nodes.
 	AddZone *bool `json:"addZone,omitempty"`
 
+	//+optional
+	// `SubnetLabels` allows to define custom labels on subnets and IPs or to enable automatic labelling of recognized subnets in OpenShift.
+	SubnetLabels SubnetLabels `json:"subnetLabels,omitempty"`
+
 	// `advanced` allows setting some aspects of the internal configuration of the flow processor.
 	// This section is aimed mostly for debugging and fine-grained performance optimizations,
 	// such as `GOGC` and `GOMAXPROCS` env vars. Users setting its values do it at their own risk.
@@ -983,6 +987,24 @@ type AdvancedPluginConfig struct {
 	Port *int32 `json:"port,omitempty"`
 }
 
+// `SubnetLabels` allows to define custom labels on subnets and IPs or to enable automatic labelling of recognized subnets in OpenShift.
+type SubnetLabels struct {
+	// `openShiftAutoDetect` allows, when set to `true`, to detect automatically the machines, pods and services subnets based on the
+	// OpenShift install configuration and the Cluster Network Operator configuration.
+	//+optional
+	OpenShiftAutoDetect *bool `json:"openShiftAutoDetect,omitempty"`
+
+	// `customLabels` allows to customize subnets and IPs labelling, such as to identify cluster-external workloads or web services.
+	//+optional
+	CustomLabels []SubnetLabel `json:"customLabels,omitempty"`
+}
+
+// SubnetLabel allows to label subnets and IPs, such as to identify cluster-external workloads or web services.
+type SubnetLabel struct {
+	CIDRs []string `json:"cidrs,omitempty"`
+	Name  string   `json:"name,omitempty"`
+}
+
 // Add more exporter types below
 type ExporterType string
 

diff --git a/apis/flowcollector/v1beta2/zz_generated.deepcopy.go b/apis/flowcollector/v1beta2/zz_generated.deepcopy.go
diff --git a/bundle/manifests/flows.netobserv.io_flowcollectors.yaml b/bundle/manifests/flows.netobserv.io_flowcollectors.yaml
@@ -5055,6 +5055,35 @@ spec:
                           Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
                         type: object
                     type: object
+                  subnetLabels:
+                    description: '`subnetLabels` allows to define custom labels on
+                      subnets and IPs or to enable automatic labelling of recognized
+                      subnets in OpenShift.'
+                    properties:
+                      customLabels:
+                        description: '`customLabels` allows to customize subnets and
+                          IPs labelling, such as to identify cluster-external workloads
+                          or web services.'
+                        items:
+                          description: SubnetLabel allows to label subnets and IPs,
+                            such as to identify cluster-external workloads or web
+                            services.
+                          properties:
+                            cidrs:
+                              items:
+                                type: string
+                              type: array
+                            name:
+                              type: string
+                          type: object
+                        type: array
+                      openShiftAutoDetect:
+                        description: '`openShiftAutoDetect` allows, when set to `true`,
+                          to detect automatically the machines, pods and services
+                          subnets based on the OpenShift install configuration and
+                          the Cluster Network Operator configuration.'
+                        type: boolean
+                    type: object
                 type: object
             type: object
           status:
@@ -8008,6 +8037,35 @@ spec:
                           Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
                         type: object
                     type: object
+                  subnetLabels:
+                    description: '`SubnetLabels` allows to define custom labels on
+                      subnets and IPs or to enable automatic labelling of recognized
+                      subnets in OpenShift.'
+                    properties:
+                      customLabels:
+                        description: '`customLabels` allows to customize subnets and
+                          IPs labelling, such as to identify cluster-external workloads
+                          or web services.'
+                        items:
+                          description: SubnetLabel allows to label subnets and IPs,
+                            such as to identify cluster-external workloads or web
+                            services.
+                          properties:
+                            cidrs:
+                              items:
+                                type: string
+                              type: array
+                            name:
+                              type: string
+                          type: object
+                        type: array
+                      openShiftAutoDetect:
+                        description: '`openShiftAutoDetect` allows, when set to `true`,
+                          to detect automatically the machines, pods and services
+                          subnets based on the OpenShift install configuration and
+                          the Cluster Network Operator configuration.'
+                        type: boolean
+                    type: object
                 type: object
             type: object
           status:

diff --git a/bundle/manifests/netobserv-operator.clusterserviceversion.yaml b/bundle/manifests/netobserv-operator.clusterserviceversion.yaml
@@ -752,6 +752,12 @@ spec:
         path: processor.metrics.includeList
       - displayName: Port
         path: processor.metrics.server.port
+      - displayName: Subnet labels
+        path: processor.subnetLabels
+      - displayName: Custom labels
+        path: processor.subnetLabels.customLabels
+      - displayName: Open shift auto detect
+        path: processor.subnetLabels.openShiftAutoDetect
       statusDescriptors:
       - description: Namespace where console plugin and flowlogs-pipeline have been
           deployed.
@@ -1020,6 +1026,14 @@ spec:
           - list
           - update
           - watch
+        - apiGroups:
+          - operator.openshift.io
+          resources:
+          - networks
+          verbs:
+          - get
+          - list
+          - watch
         - apiGroups:
           - rbac.authorization.k8s.io
           resources: