Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix CI Visibility to work with DD Admission Controller #6139

Merged
merged 2 commits into from
Nov 6, 2023
Merged

Fix CI Visibility to work with DD Admission Controller #6139

merged 2 commits into from
Nov 6, 2023

Conversation

nikita-tkachenko-datadog
Copy link
Contributor

@nikita-tkachenko-datadog nikita-tkachenko-datadog commented Nov 2, 2023
edited
Loading

What Does This Do

Fixes CI Visibility to work correctly in Kubernetes setups where tracer is injected automatically by Datadog Admission Controller.

Motivation

Using Datadog Admission Controller is much easier for the customers than injecting the tracer manually in a containerised environment.
It should work correctly with CI Visibility.

Additional Notes

Admission Controller, among other things, creates a volume and mounts it both to the agent containers and to the application containers. In the volume there is a Unix domain socket. Instrumented applications write to this socket, and the agent reads from it.
The tracer logic responsible for discovering the socket is in datadog.common.socket.SocketUtils#discoverApmSocket.
datadog.communication.ddagent.SharedCommunicationObjects handles socket detection transparently for the rest of the tracer.
Whenever CI Visibility uses EVP Proxy, it should utilise HTTP client created by the SharedCommunicationObjects.

Jira ticket: CIVIS-7888

@nikita-tkachenko-datadog nikita-tkachenko-datadog added type: bug comp: ci visibility Continuous Integration Visibility labels Nov 2, 2023
@pr-commenter
Copy link

pr-commenter bot commented Nov 2, 2023
edited
Loading

Benchmarks

Startup

Parameters

Baseline Candidate
commit 1.23.0-SNAPSHOT~38ee52be0e 1.23.0-SNAPSHOT~392bc22761
config baseline candidate
See matching parameters
Baseline Candidate
application insecure-bank insecure-bank
module Agent Agent
parent None None
variant iast iast

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 54 cases.

Startup time reports for insecure-bank 
gantt
    title insecure-bank - global startup overhead: candidate=1.23.0-SNAPSHOT~392bc22761, baseline=1.23.0-SNAPSHOT~38ee52be0e

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.045 s) : 0, 1044650
Total [baseline] (8.814 s) : 0, 8813567
Agent [candidate] (1.05 s) : 0, 1050070
Total [candidate] (8.783 s) : 0, 8783498
section iast
Agent [baseline] (1.158 s) : 0, 1157730
Total [baseline] (9.338 s) : 0, 9338105
Agent [candidate] (1.153 s) : 0, 1152815
Total [candidate] (9.316 s) : 0, 9315580
section iast_TELEMETRY_OFF
Agent [baseline] (1.149 s) : 0, 1149497
Total [baseline] (9.322 s) : 0, 9322366
Agent [candidate] (1.151 s) : 0, 1151442
Total [candidate] (9.323 s) : 0, 9323078
Loading
  • baseline results
Module Variant Duration Δ tracing
Agent tracing 1.045 s -
Agent iast 1.158 s 113.081 ms (10.8%)
Agent iast_TELEMETRY_OFF 1.149 s 104.848 ms (10.0%)
Total tracing 8.814 s -
Total iast 9.338 s 524.537 ms (6.0%)
Total iast_TELEMETRY_OFF 9.322 s 508.799 ms (5.8%)
  • candidate results
Module Variant Duration Δ tracing
Agent tracing 1.05 s -
Agent iast 1.153 s 102.745 ms (9.8%)
Agent iast_TELEMETRY_OFF 1.151 s 101.372 ms (9.7%)
Total tracing 8.783 s -
Total iast 9.316 s 532.082 ms (6.1%)
Total iast_TELEMETRY_OFF 9.323 s 539.58 ms (6.1%) 
gantt
    title insecure-bank - break down per module: candidate=1.23.0-SNAPSHOT~392bc22761, baseline=1.23.0-SNAPSHOT~38ee52be0e

    dateFormat X
    axisFormat %s
section tracing
BytebuddyAgent [baseline] (652.018 ms) : 0, 652018
BytebuddyAgent [candidate] (654.978 ms) : 0, 654978
GlobalTracer [baseline] (296.635 ms) : 0, 296635
GlobalTracer [candidate] (297.865 ms) : 0, 297865
AppSec [baseline] (49.157 ms) : 0, 49157
AppSec [candidate] (50.021 ms) : 0, 50021
Remote Config [baseline] (702.433 µs) : 0, 702
Remote Config [candidate] (707.52 µs) : 0, 708
Telemetry [baseline] (11.314 ms) : 0, 11314
Telemetry [candidate] (11.542 ms) : 0, 11542
section iast
BytebuddyAgent [baseline] (771.298 ms) : 0, 771298
BytebuddyAgent [candidate] (766.233 ms) : 0, 766233
GlobalTracer [baseline] (275.779 ms) : 0, 275779
GlobalTracer [candidate] (274.183 ms) : 0, 274183
AppSec [baseline] (47.264 ms) : 0, 47264
AppSec [candidate] (46.711 ms) : 0, 46711
IAST [baseline] (14.942 ms) : 0, 14942
IAST [candidate] (16.655 ms) : 0, 16655
Remote Config [baseline] (572.718 µs) : 0, 573
Remote Config [candidate] (574.977 µs) : 0, 575
Telemetry [baseline] (13.199 ms) : 0, 13199
Telemetry [candidate] (13.954 ms) : 0, 13954
section iast_TELEMETRY_OFF
BytebuddyAgent [baseline] (762.166 ms) : 0, 762166
BytebuddyAgent [candidate] (765.234 ms) : 0, 765234
GlobalTracer [baseline] (275.763 ms) : 0, 275763
GlobalTracer [candidate] (275.231 ms) : 0, 275231
AppSec [baseline] (47.091 ms) : 0, 47091
AppSec [candidate] (46.788 ms) : 0, 46788
IAST [baseline] (17.384 ms) : 0, 17384
IAST [candidate] (15.984 ms) : 0, 15984
Remote Config [baseline] (569.458 µs) : 0, 569
Remote Config [candidate] (586.828 µs) : 0, 587
Telemetry [baseline] (11.935 ms) : 0, 11935
Telemetry [candidate] (12.816 ms) : 0, 12816
Loading
Startup time reports for petclinic 
gantt
    title petclinic - global startup overhead: candidate=1.23.0-SNAPSHOT~392bc22761, baseline=1.23.0-SNAPSHOT~38ee52be0e

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.039 s) : 0, 1038912
Total [baseline] (9.33 s) : 0, 9329522
Agent [candidate] (1.052 s) : 0, 1052033
Total [candidate] (9.331 s) : 0, 9330590
section appsec
Agent [baseline] (1.117 s) : 0, 1117438
Total [baseline] (9.401 s) : 0, 9400744
Agent [candidate] (1.136 s) : 0, 1135757
Total [candidate] (9.433 s) : 0, 9432941
section iast
Agent [baseline] (1.152 s) : 0, 1152430
Total [baseline] (9.559 s) : 0, 9559451
Agent [candidate] (1.156 s) : 0, 1156349
Total [candidate] (9.656 s) : 0, 9655674
section profiling
Agent [baseline] (1.217 s) : 0, 1216896
Total [baseline] (9.522 s) : 0, 9521742
Agent [candidate] (1.217 s) : 0, 1217238
Total [candidate] (9.577 s) : 0, 9577398
Loading
  • baseline results
Module Variant Duration Δ tracing
Agent tracing 1.039 s -
Agent appsec 1.117 s 78.526 ms (7.6%)
Agent iast 1.152 s 113.517 ms (10.9%)
Agent profiling 1.217 s 177.984 ms (17.1%)
Total tracing 9.33 s -
Total appsec 9.401 s 71.222 ms (0.8%)
Total iast 9.559 s 229.929 ms (2.5%)
Total profiling 9.522 s 192.22 ms (2.1%)
  • candidate results
Module Variant Duration Δ tracing
Agent tracing 1.052 s -
Agent appsec 1.136 s 83.723 ms (8.0%)
Agent iast 1.156 s 104.315 ms (9.9%)
Agent profiling 1.217 s 165.204 ms (15.7%)
Total tracing 9.331 s -
Total appsec 9.433 s 102.351 ms (1.1%)
Total iast 9.656 s 325.084 ms (3.5%)
Total profiling 9.577 s 246.808 ms (2.6%) 
gantt
    title petclinic - break down per module: candidate=1.23.0-SNAPSHOT~392bc22761, baseline=1.23.0-SNAPSHOT~38ee52be0e

    dateFormat X
    axisFormat %s
section tracing
BytebuddyAgent [baseline] (648.742 ms) : 0, 648742
BytebuddyAgent [candidate] (656.285 ms) : 0, 656285
GlobalTracer [baseline] (294.403 ms) : 0, 294403
GlobalTracer [candidate] (299.137 ms) : 0, 299137
AppSec [baseline] (49.059 ms) : 0, 49059
AppSec [candidate] (49.488 ms) : 0, 49488
Remote Config [baseline] (699.916 µs) : 0, 700
Remote Config [candidate] (708.066 µs) : 0, 708
Telemetry [baseline] (11.332 ms) : 0, 11332
Telemetry [candidate] (11.515 ms) : 0, 11515
section appsec
BytebuddyAgent [baseline] (644.568 ms) : 0, 644568
BytebuddyAgent [candidate] (655.619 ms) : 0, 655619
GlobalTracer [baseline] (292.841 ms) : 0, 292841
GlobalTracer [candidate] (298.194 ms) : 0, 298194
AppSec [baseline] (138.156 ms) : 0, 138156
AppSec [candidate] (139.469 ms) : 0, 139469
Remote Config [baseline] (643.733 µs) : 0, 644
Remote Config [candidate] (660.161 µs) : 0, 660
Telemetry [baseline] (6.87 ms) : 0, 6870
Telemetry [candidate] (6.98 ms) : 0, 6980
section iast
BytebuddyAgent [baseline] (766.652 ms) : 0, 766652
BytebuddyAgent [candidate] (769.028 ms) : 0, 769028
GlobalTracer [baseline] (274.721 ms) : 0, 274721
GlobalTracer [candidate] (276.035 ms) : 0, 276035
AppSec [baseline] (46.539 ms) : 0, 46539
AppSec [candidate] (46.876 ms) : 0, 46876
Remote Config [baseline] (572.595 µs) : 0, 573
Remote Config [candidate] (569.079 µs) : 0, 569
Telemetry [baseline] (12.507 ms) : 0, 12507
Telemetry [candidate] (13.267 ms) : 0, 13267
IAST [baseline] (16.914 ms) : 0, 16914
IAST [candidate] (16.025 ms) : 0, 16025
section profiling
ProfilingAgent [baseline] (88.336 ms) : 0, 88336
ProfilingAgent [candidate] (88.63 ms) : 0, 88630
BytebuddyAgent [baseline] (654.688 ms) : 0, 654688
BytebuddyAgent [candidate] (655.207 ms) : 0, 655207
GlobalTracer [baseline] (358.751 ms) : 0, 358751
GlobalTracer [candidate] (358.331 ms) : 0, 358331
AppSec [baseline] (49.173 ms) : 0, 49173
AppSec [candidate] (48.959 ms) : 0, 48959
Remote Config [baseline] (643.824 µs) : 0, 644
Remote Config [candidate] (644.989 µs) : 0, 645
Telemetry [baseline] (11.269 ms) : 0, 11269
Telemetry [candidate] (11.285 ms) : 0, 11285
Profiling [baseline] (88.36 ms) : 0, 88360
Profiling [candidate] (88.654 ms) : 0, 88654
Loading

Load

Parameters

Baseline Candidate
commit 1.23.0-SNAPSHOT~38ee52be0e 1.23.0-SNAPSHOT~392bc22761
config baseline candidate
end_time 2023-11-03T14:39:27 2023-11-03T14:55:55
start_time 2023-11-03T14:39:14 2023-11-03T14:55:42
See matching parameters
Baseline Candidate
application insecure-bank insecure-bank
variant iast iast

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 22 cases.

Request duration reports for insecure-bank 
gantt
    title insecure-bank - request duration [CI 0.99] : candidate=1.23.0-SNAPSHOT~392bc22761, baseline=1.23.0-SNAPSHOT~38ee52be0e
    dateFormat X
    axisFormat %s
section baseline
no_agent (359.771 µs) : 340, 379
.   : milestone, 360,
iast (461.832 µs) : 441, 482
.   : milestone, 462,
iast_FULL (525.227 µs) : 504, 546
.   : milestone, 525,
iast_INACTIVE (430.015 µs) : 409, 451
.   : milestone, 430,
iast_TELEMETRY_OFF (453.595 µs) : 433, 474
.   : milestone, 454,
tracing (427.467 µs) : 407, 448
.   : milestone, 427,
section candidate
no_agent (359.45 µs) : 339, 380
.   : milestone, 359,
iast (461.983 µs) : 441, 483
.   : milestone, 462,
iast_FULL (518.415 µs) : 498, 539
.   : milestone, 518,
iast_INACTIVE (434.971 µs) : 414, 456
.   : milestone, 435,
iast_TELEMETRY_OFF (454.839 µs) : 434, 476
.   : milestone, 455,
tracing (429.597 µs) : 409, 450
.   : milestone, 430,
Loading
  • baseline results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 359.771 µs [340.26 µs, 379.282 µs] -
iast 461.832 µs [441.192 µs, 482.473 µs] 102.061 µs (28.4%)
iast_FULL 525.227 µs [504.237 µs, 546.217 µs] 165.456 µs (46.0%)
iast_INACTIVE 430.015 µs [409.164 µs, 450.865 µs] 70.244 µs (19.5%)
iast_TELEMETRY_OFF 453.595 µs [433.121 µs, 474.069 µs] 93.824 µs (26.1%)
tracing 427.467 µs [406.689 µs, 448.244 µs] 67.696 µs (18.8%)
  • candidate results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 359.45 µs [338.546 µs, 380.353 µs] -
iast 461.983 µs [441.25 µs, 482.715 µs] 102.533 µs (28.5%)
iast_FULL 518.415 µs [497.716 µs, 539.115 µs] 158.966 µs (44.2%)
iast_INACTIVE 434.971 µs [413.948 µs, 455.993 µs] 75.521 µs (21.0%)
iast_TELEMETRY_OFF 454.839 µs [433.679 µs, 475.998 µs] 95.389 µs (26.5%)
tracing 429.597 µs [408.729 µs, 450.465 µs] 70.147 µs (19.5%)
Request duration reports for petclinic 
gantt
    title petclinic - request duration [CI 0.99] : candidate=1.23.0-SNAPSHOT~392bc22761, baseline=1.23.0-SNAPSHOT~38ee52be0e
    dateFormat X
    axisFormat %s
section baseline
no_agent (1.338 ms) : 1319, 1357
.   : milestone, 1338,
appsec (1.712 ms) : 1687, 1736
.   : milestone, 1712,
iast (1.458 ms) : 1434, 1482
.   : milestone, 1458,
profiling (1.466 ms) : 1441, 1491
.   : milestone, 1466,
tracing (1.444 ms) : 1419, 1468
.   : milestone, 1444,
section candidate
no_agent (1.331 ms) : 1311, 1350
.   : milestone, 1331,
appsec (1.703 ms) : 1679, 1728
.   : milestone, 1703,
iast (1.462 ms) : 1438, 1486
.   : milestone, 1462,
profiling (1.48 ms) : 1453, 1506
.   : milestone, 1480,
tracing (1.445 ms) : 1421, 1470
.   : milestone, 1445,
Loading
  • baseline results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 1.338 ms [1.319 ms, 1.357 ms] -
appsec 1.712 ms [1.687 ms, 1.736 ms] 374.024 µs (28.0%)
iast 1.458 ms [1.434 ms, 1.482 ms] 120.347 µs (9.0%)
profiling 1.466 ms [1.441 ms, 1.491 ms] 128.691 µs (9.6%)
tracing 1.444 ms [1.419 ms, 1.468 ms] 106.291 µs (7.9%)
  • candidate results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 1.331 ms [1.311 ms, 1.35 ms] -
appsec 1.703 ms [1.679 ms, 1.728 ms] 372.435 µs (28.0%)
iast 1.462 ms [1.438 ms, 1.486 ms] 131.32 µs (9.9%)
profiling 1.48 ms [1.453 ms, 1.506 ms] 148.751 µs (11.2%)
tracing 1.445 ms [1.421 ms, 1.47 ms] 114.442 µs (8.6%)

@nikita-tkachenko-datadog nikita-tkachenko-datadog marked this pull request as ready for review November 3, 2023 15:12
@nikita-tkachenko-datadog nikita-tkachenko-datadog merged commit 198366a into master Nov 6, 2023
67 of 69 checks passed
@nikita-tkachenko-datadog nikita-tkachenko-datadog deleted the nikita-tkachenko/ci-visibility-admission-controller branch November 6, 2023 10:51
@github-actions github-actions bot added this to the 1.23.0 milestone Nov 6, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@anmarchenko anmarchenko anmarchenko approved these changes

@romainkomorndatadog romainkomorndatadog romainkomorndatadog approved these changes

@mcculls mcculls Awaiting requested review from mcculls mcculls is a code owner automatically assigned from DataDog/apm-java

@am312 am312 Awaiting requested review from am312 am312 is a code owner automatically assigned from DataDog/apm-java

Assignees
No one assigned
Labels
comp: ci visibility Continuous Integration Visibility type: bug
Projects
None yet
Milestone
1.23.0
Development

Successfully merging this pull request may close these issues.
3 participants
@nikita-tkachenko-datadog @anmarchenko @romainkomorndatadog