Skip to content

Experimental service mapping pt.1 #163

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
LorenzoTettamanti merged 15 commits into from
Dec 20, 2025
Merged

Experimental service mapping pt.1 #163

LorenzoTettamanti merged 15 commits into from
Dec 20, 2025

Conversation

@LorenzoTettamanti
Copy link
Member

@LorenzoTettamanti LorenzoTettamanti commented Dec 18, 2025
edited
Loading

Changes

This PR features an experimental service mapping that combines the kubeapi and the UID extraction from cgroups. The extracted data are combined in a HashMap for O(1) access. The aim is to give more information such as the pod name to better identify the source of a TCP packet (can also have better precision than the bpf_get_current_comm() function that we are currently using)

Changes:
- added unit tests
- added tcp_analyzer function to extract relevant information from the tcp_v4_connect kprobe
- added a new ClusterRole to allow pod info extraction from the kubeapi
- refactored map pinning function

Testing

Docker image:
cortexflow-identity:0.1.1-cgroup_scannerv_exp

Expected behaviour:
Schermata del 2025-12-19 18-35-09
Schermata del 2025-12-19 18-37-09

LorenzoTettamanti and others added 13 commits November 11, 2025 13:56
@LorenzoTettamanti
[Code refactoring]: improved conntracker file organization
3b5c7c4
@LorenzoTettamanti
[chore]: update gitignore. Removed bindings.rs files
3cb81b3
@LorenzoTettamanti
[docs]: added documentation to conntracker functions
4d6cf47
@LorenzoTettamanti
Merge branch 'CortexFlow:feature/ebpf-core' into feature/ebpf-core
d2003f6
@LorenzoTettamanti
Merge branch 'CortexFlow:feature/ebpf-core' into feature/ebpf-core
6eff339
[CortexFlow#150]: added experimental tcp analyzer function to extract…
74ec525 
… info from tcp packets using tcp_V4_connect kprobe
[CortexFlow#150]: added tcp analyzer user space implementation. Added…
450cbd4 
… experimental service discovery to combine the result from the kprobe and the kubeapi
[CortexFlow#150]: updated cargo.toml dependencies. Updated identity.y…
f495853 
…aml kubernetes manifest, added /sys/fs/cgroup as mountPath
updated cargo.lock
5f852fe
@LorenzoTettamanti
[CortexFlow#119]: optimized map_pinner function
e806057
@LorenzoTettamanti
[CortexFlow#119]: replaced old Bpf import with the new Ebpf import fr…
595b2e5 
…om aya
@LorenzoTettamanti
[CortexFlow#150]: added a new ClusterRole to allow pod metadata queri…
739dd03 
…es from the kubeapi
@LorenzoTettamanti
[CortexFlow#150]:added unit tests. Updated extract_pod_uid function l…
c3618c8 
…ogic
@LorenzoTettamanti LorenzoTettamanti changed the title service mapping Experimental service mapping Dec 20, 2025
@LorenzoTettamanti LorenzoTettamanti changed the title Experimental service mapping Experimental service mapping pt.1 Dec 20, 2025
@LorenzoTettamanti LorenzoTettamanti added enhancement New feature or request rust Pull requests that update Rust code ebpf eBPF related tasks labels Dec 20, 2025
@LorenzoTettamanti LorenzoTettamanti moved this to In Progress in CortexFlow v0.1 Dec 20, 2025
@LorenzoTettamanti LorenzoTettamanti marked this pull request as ready for review December 20, 2025 12:56
@LorenzoTettamanti LorenzoTettamanti linked an issue Dec 20, 2025 that may be closed by this pull request
[Feature]: Add command discovery for network events #150
Open
1 task
@siddh34
Copy link
Collaborator

siddh34 commented Dec 20, 2025

@LorenzoTettamanti mate it is working great 🚀🚀

Keep up the good work!

image

@LorenzoTettamanti
Copy link
Member Author

LorenzoTettamanti commented Dec 20, 2025

Thanks for the review. I'm working on pt.2 💪🏻🚀

@LorenzoTettamanti LorenzoTettamanti merged commit bd5976c into CortexFlow:feature/ebpf-core Dec 20, 2025
3 checks passed
@LorenzoTettamanti LorenzoTettamanti moved this from In Progress to Done in CortexFlow v0.1 Dec 20, 2025
@LorenzoTettamanti LorenzoTettamanti mentioned this pull request Dec 22, 2025
Draft
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@lorebrada lorebrada Awaiting requested review from lorebrada lorebrada is a code owner

1 more reviewer

@siddh34 siddh34 siddh34 approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

@LorenzoTettamanti LorenzoTettamanti

Labels

ebpf eBPF related tasks enhancement New feature or request rust Pull requests that update Rust code

Projects

CortexFlow v0.1
Status: Done

Milestone

CortexBrain core v 0.1.0

Development

Successfully merging this pull request may close these issues.

[Feature]: Add command discovery for network events

2 participants

@LorenzoTettamanti @siddh34