[NETOBSERV-44] Consumming goflow2 as a library. #6
Conversation
OlivierCazade
force-pushed
the
goflow2-as-lib
branch
from
4235eb4 to
6604751
Compare
There was a problem hiding this comment.
Just a first-pass superficial review, I still want to review & test more in deep, thanks @OlivierCazade for this PR!
OlivierCazade
force-pushed
the
goflow2-as-lib
branch
from
6604751 to
bc26bad
Compare
Using goflow2 as a library to directly receive netflow event with the kube-enricher
OlivierCazade
force-pushed
the
goflow2-as-lib
branch
from
bc26bad to
4163a90
Compare
|
The linter shows an issue with a lock being copied on There's also a second lint error about deprecated |
|
Looks good to me for a first approach (there's just the lint error that should be fixed). For a follow-up task, we should probably be able to avoid the unnecessary PB step that happens between Formatter stage and Transport/Enrichment. If I understand correctly, goflow2 works with a Formatter and a Transporter, and we previously had: Now we basically have: Next step could be to try having something like: It's unclear yet to me if the Formatter and Transporter stages will still be around when we'll integrate the loki client, or if they will be like no-ops... (it's just an implementation detail anyway). |
|
Yes we could try to implement the enricher as a goflow2 Formatter. Goflow2 API use []bytes to pass data between the formatter and the transporter so if we want to enrich this datas without having to unmarshal them, we have to do it before passing them to the transporter. What is not clear to me is if we want to use this enricher only with goflow2, or if other collectors like the eBPF are also going to use it. Keeping the Formatter and Transporter stages will make interactions with goflow2 easier, but I don't know how this is going to work if we also want to use another source. |
|
I opened https://issues.redhat.com/browse/NETOBSERV-64 for a follow-up |
- literal strings are now defined as constants - netflow format internal channel is now buffered - rename of GoflowDriver to Driver (already in netflow package) - rename of NewDriver function to StartDriver - StartDriver now also has a context parameter instead of creating one - simplification of the internal function of StartDriver
| COPY go.mod ./ | ||
| COPY go.sum ./ | ||
|
|
||
| RUN go mod download |
There was a problem hiding this comment.
this will surely change in the future if we want to include vendors in sources as Mario did for the loki client. But we can do that as a follow-up.
| @@ -1,15 +1,20 @@ | |||
| FROM golang:alpine as builder | |||
| FROM registry.access.redhat.com/ubi8/go-toolset:1.15.14-10 as builder | |||
There was a problem hiding this comment.
Just noting / realizing that if we stick to the redhat-supported tool chain we have to use this older version of go. Generics will wait :)
Implement goflow-kube reconciler
Using goflow2 as a library to directly receive netflow event with the kube-enricher