Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

in_ebpf_collector: generic trace collector #9498

Draft
wants to merge 2 commits into
base: master
Choose a base branch
from
Draft

in_ebpf_collector: generic trace collector #9498

wants to merge 2 commits into from

Conversation

niedbalski
Copy link
Collaborator

Enter [N/A] in the box, if an item is not applicable to your change.

Testing
Before we can approve your change; please submit the following in a comment:

  • Example configuration file for the change
  • Debug log output from testing the change
  • Attached Valgrind output that shows no leaks or memory corruption was found

If this is a change to packaging of containers or native binaries then please confirm it works for all targets.

  • Run local packaging test showing all targets (including any new ones) build.
  • Set ok-package-test label to test for all targets (requires maintainer to do).

Documentation

  • Documentation required for this feature

Backporting

  • Backport to latest stable release.

Fluent Bit is licensed under Apache 2.0, by submitting this pull request I understand that this code will be released under the terms of that license.

@niedbalski
in_ebpf: initial version of the plugin
10afcab 
This is an initial proposal of a POC of an ebpf ingestor
plugin. This adds capabilities to load and attach to
an existing ebpf program and consume events from a fixed-sized
ring buffer, subsequently those events are ingested in the log
ingestion buffer.

Events types are known and defined in the fluent-bit codebase and
those has to be implemented by the ebpf program to follow when submitted
into the ring buffer, this in the future must be serialized and
be an extensible part of the project as we possibly make progress towards
compability with other ebpf collectors.

Also, i've implemented a fallback to allow strings to be passed as the
payload of the event, without following a specific event type.

Signed-off-by: Jorge Niedbalski <[email protected]>
@niedbalski
in_ebpf: poc for agent mode
d80049a 
Initial POC code for agent mode of ebpf.

Signed-off-by: Jorge Niedbalski <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@fujimotos fujimotos Awaiting requested review from fujimotos fujimotos will be requested when the pull request is marked ready for review fujimotos is a code owner

@patrick-stephens patrick-stephens Awaiting requested review from patrick-stephens patrick-stephens will be requested when the pull request is marked ready for review patrick-stephens is a code owner

@celalettin1286 celalettin1286 Awaiting requested review from celalettin1286 celalettin1286 will be requested when the pull request is marked ready for review celalettin1286 is a code owner

@edsiper edsiper Awaiting requested review from edsiper edsiper will be requested when the pull request is marked ready for review edsiper is a code owner

@leonardo-albertovich leonardo-albertovich Awaiting requested review from leonardo-albertovich leonardo-albertovich will be requested when the pull request is marked ready for review leonardo-albertovich is a code owner

@koleini koleini Awaiting requested review from koleini koleini will be requested when the pull request is marked ready for review koleini is a code owner

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
docs-required
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@niedbalski