From 7324607f4b7d1244928d8bd8fc2ecfc130db92ea Mon Sep 17 00:00:00 2001 From: JoukoVirtanen Date: Tue, 11 Mar 2025 19:36:04 -0700 Subject: [PATCH 01/13] X-Smart-Branch-Parent: master From e406412ee603a888d738b84633e84fa03c5d1808 Mon Sep 17 00:00:00 2001 From: JoukoVirtanen Date: Tue, 11 Mar 2025 10:23:27 -0700 Subject: [PATCH 02/13] Fake workload generation now includes external IPs --- sensor/kubernetes/fake/flows.go | 101 ++++++++++++++++++++++++++++---- 1 file changed, 91 insertions(+), 10 deletions(-) diff --git a/sensor/kubernetes/fake/flows.go b/sensor/kubernetes/fake/flows.go index 11b974db597cb..66598b8192144 100644 --- a/sensor/kubernetes/fake/flows.go +++ b/sensor/kubernetes/fake/flows.go @@ -18,9 +18,10 @@ import ( ) var ( - ipPool = newPool() - containerPool = newPool() - endpointPool = newEndpointPool() + ipPool = newPool() + externalIpPool = newPool() + containerPool = newPool() + endpointPool = newEndpointPool() registeredHostConnections []manager.HostNetworkInfo ) @@ -120,6 +121,30 @@ func generateIP() string { return fmt.Sprintf("10.%d.%d.%d", rand.Intn(256), rand.Intn(256), rand.Intn(256)) } +func isPublicIP(ip string) bool { + return net.ParseIP(ip).IsPublic() +} + +func generateExternalIP() string { + for { + ip := fmt.Sprintf("%d.%d.%d.%d", rand.Intn(256), rand.Intn(256), rand.Intn(256), rand.Intn(256)) + + if isPublicIP(ip) { + return ip + } + } +} + +// We want to reuse some external IPs, so we test the cases where muliple +// entities connect to the same external IP, but we also want many external IPs +// that are only used once. +func (w *WorkloadManager) generateExternalIPPool() { + for range 1000 { + ip := generateExternalIP() + externalIpPool.add(ip) + } +} + func generateAndAddIPToPool() string { ip := generateIP() for !ipPool.add(ip) { @@ -210,18 +235,72 @@ func makeNetworkConnection(src string, dst string, containerID string, closeTime } } -func (w *WorkloadManager) getFakeNetworkConnectionInfo(workload NetworkWorkload) *sensor.NetworkConnectionInfo { - conns := make([]*sensor.NetworkConnection, 0, workload.BatchSize) - networkEndpoints := make([]*sensor.NetworkEndpoint, 0, workload.BatchSize) - for i := 0; i < workload.BatchSize; i++ { - src, ok := ipPool.randomElem() +// Randomly decide to get an interal or external IP. If the IP is external +// randomly decide to pick it from a pool of external IPs or a new exteranl IP. +// We want to have cases where multiple different entities connect to the same +// external IP, but we also want a large number of unique external IPs. +func (w *WorkloadManager) getRandomInternalExternalIP() (string, bool, bool) { + ip := "" + var ok bool + + p := rand.Float32() + probInternal := float32(0.8) + var internal bool + if p < probInternal { + internal = true + ip, ok = ipPool.randomElem() if !ok { log.Error("found no IPs in pool") - continue + return "", internal, false + } + } else { + probPool := float32(0.5) + p := rand.Float32() + if p < probPool { + internal = false + ip, ok = externalIpPool.randomElem() + if !ok { + log.Error("found no IPs in pool") + return "", internal, false + } + } else { + ip = generateExternalIP() + } + } + + return ip, internal, true +} + +func (w *WorkloadManager) getRandomSrcDst() (string, string, bool) { + src, internal, ok := w.getRandomInternalExternalIP() + if !ok { + return "", "", false + } + var dst string + // If the src is internal, the dst can be internal or external, but + // if the src is external, the dst cannot also be external. + if internal { + dst, _, ok = w.getRandomInternalExternalIP() + if !ok { + return "", "", false } - dst, ok := ipPool.randomElem() + } else { + dst, ok = ipPool.randomElem() if !ok { log.Error("found no IPs in pool") + return "", "", false + } + } + + return src, dst, ok +} + +func (w *WorkloadManager) getFakeNetworkConnectionInfo(workload NetworkWorkload) *sensor.NetworkConnectionInfo { + conns := make([]*sensor.NetworkConnection, 0, workload.BatchSize) + networkEndpoints := make([]*sensor.NetworkEndpoint, 0, workload.BatchSize) + for i := 0; i < workload.BatchSize; i++ { + src, dst, ok := w.getRandomSrcDst() + if !ok { continue } @@ -273,6 +352,8 @@ func (w *WorkloadManager) manageFlows(ctx context.Context, workload NetworkWorkl ticker := time.NewTicker(workload.FlowInterval) defer ticker.Stop() + w.generateExternalIPPool() + for { select { case <-ctx.Done(): From 42dce30d00309386f06cf341e161bc8dcc1ace1f Mon Sep 17 00:00:00 2001 From: JoukoVirtanen Date: Wed, 12 Mar 2025 11:54:49 -0700 Subject: [PATCH 03/13] Getting external IPs from a range. Guaranteeing that there are 1000 IPs in pool. Improving comments --- sensor/kubernetes/fake/flows.go | 27 +++++++++++---------------- 1 file changed, 11 insertions(+), 16 deletions(-) diff --git a/sensor/kubernetes/fake/flows.go b/sensor/kubernetes/fake/flows.go index 66598b8192144..94d1d125534c6 100644 --- a/sensor/kubernetes/fake/flows.go +++ b/sensor/kubernetes/fake/flows.go @@ -121,18 +121,9 @@ func generateIP() string { return fmt.Sprintf("10.%d.%d.%d", rand.Intn(256), rand.Intn(256), rand.Intn(256)) } -func isPublicIP(ip string) bool { - return net.ParseIP(ip).IsPublic() -} - +// Generate IP addresses from 11.0.0.0 to 171.255.255.255 which are all public func generateExternalIP() string { - for { - ip := fmt.Sprintf("%d.%d.%d.%d", rand.Intn(256), rand.Intn(256), rand.Intn(256), rand.Intn(256)) - - if isPublicIP(ip) { - return ip - } - } + return fmt.Sprintf("%d.%d.%d.%d", rand.Intn(171)+11, rand.Intn(256), rand.Intn(256), rand.Intn(256)) } // We want to reuse some external IPs, so we test the cases where muliple @@ -141,7 +132,9 @@ func generateExternalIP() string { func (w *WorkloadManager) generateExternalIPPool() { for range 1000 { ip := generateExternalIP() - externalIpPool.add(ip) + for !externalIpPool.add(ip) { + ip = generateExternalIP() + } } } @@ -235,10 +228,12 @@ func makeNetworkConnection(src string, dst string, containerID string, closeTime } } -// Randomly decide to get an interal or external IP. If the IP is external -// randomly decide to pick it from a pool of external IPs or a new exteranl IP. -// We want to have cases where multiple different entities connect to the same -// external IP, but we also want a large number of unique external IPs. +// Randomly decide to get an interal or external IP, with an 80% chance of the IP +// being internal and 20% of being external. If the IP is external randomly decide +// to pick it from a pool of external IPs or a new exteranl IP, with a 50/50 chance +// of being from the pool or a newly generated IP address. We want to have cases +// where multiple different entities connect to the same external IP, but we also +// want a large number of unique external IPs. func (w *WorkloadManager) getRandomInternalExternalIP() (string, bool, bool) { ip := "" var ok bool From 8436aaab2e5ecc9bb8e7d2bca0a1f0960ee43993 Mon Sep 17 00:00:00 2001 From: JoukoVirtanen Date: Wed, 12 Mar 2025 14:59:48 -0700 Subject: [PATCH 04/13] Empty commit From b090720aa789b9034a34867bce54d46194ce5b21 Mon Sep 17 00:00:00 2001 From: JoukoVirtanen Date: Wed, 12 Mar 2025 17:38:47 -0700 Subject: [PATCH 05/13] Empty commit From 2f23c77691c260a520bb0bed2323c249702ec2fe Mon Sep 17 00:00:00 2001 From: JoukoVirtanen Date: Wed, 12 Mar 2025 17:53:08 -0700 Subject: [PATCH 06/13] Empty commit From 37acb250f0c51f157d2efd4957b7dd7e5affc4ba Mon Sep 17 00:00:00 2001 From: Jouko Virtanen Date: Thu, 13 Mar 2025 08:25:44 -0700 Subject: [PATCH 07/13] Apply suggestions from code review MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: Michaƫl Co-authored-by: Piotr Rygielski <114479+vikin91@users.noreply.github.com> --- sensor/kubernetes/fake/flows.go | 18 ++++++------------ 1 file changed, 6 insertions(+), 12 deletions(-) diff --git a/sensor/kubernetes/fake/flows.go b/sensor/kubernetes/fake/flows.go index 94d1d125534c6..88016eef27c8e 100644 --- a/sensor/kubernetes/fake/flows.go +++ b/sensor/kubernetes/fake/flows.go @@ -126,7 +126,7 @@ func generateExternalIP() string { return fmt.Sprintf("%d.%d.%d.%d", rand.Intn(171)+11, rand.Intn(256), rand.Intn(256), rand.Intn(256)) } -// We want to reuse some external IPs, so we test the cases where muliple +// We want to reuse some external IPs, so we test the cases where multiple // entities connect to the same external IP, but we also want many external IPs // that are only used once. func (w *WorkloadManager) generateExternalIPPool() { @@ -230,7 +230,7 @@ func makeNetworkConnection(src string, dst string, containerID string, closeTime // Randomly decide to get an interal or external IP, with an 80% chance of the IP // being internal and 20% of being external. If the IP is external randomly decide -// to pick it from a pool of external IPs or a new exteranl IP, with a 50/50 chance +// to pick it from a pool of external IPs or a new external IP, with a 50/50 chance // of being from the pool or a newly generated IP address. We want to have cases // where multiple different entities connect to the same external IP, but we also // want a large number of unique external IPs. @@ -238,21 +238,15 @@ func (w *WorkloadManager) getRandomInternalExternalIP() (string, bool, bool) { ip := "" var ok bool - p := rand.Float32() - probInternal := float32(0.8) - var internal bool - if p < probInternal { - internal = true + internal := rand.Intn(100) < 80 + if internal { ip, ok = ipPool.randomElem() if !ok { log.Error("found no IPs in pool") return "", internal, false } } else { - probPool := float32(0.5) - p := rand.Float32() - if p < probPool { - internal = false + if rand.Intn(100) < 50 { ip, ok = externalIpPool.randomElem() if !ok { log.Error("found no IPs in pool") @@ -273,7 +267,7 @@ func (w *WorkloadManager) getRandomSrcDst() (string, string, bool) { } var dst string // If the src is internal, the dst can be internal or external, but - // if the src is external, the dst cannot also be external. + // if the src is external, the dst must be internal. if internal { dst, _, ok = w.getRandomInternalExternalIP() if !ok { From 6be2e4ed19cc1a5be3b425c20135487d556420ba Mon Sep 17 00:00:00 2001 From: JoukoVirtanen Date: Thu, 13 Mar 2025 13:50:48 -0700 Subject: [PATCH 08/13] External IPs should not include loop back address. Listening endpoints should not have external IP --- sensor/kubernetes/fake/flows.go | 48 +++++++++++++++++++++------------ 1 file changed, 31 insertions(+), 17 deletions(-) diff --git a/sensor/kubernetes/fake/flows.go b/sensor/kubernetes/fake/flows.go index 88016eef27c8e..f4ef2d08e239e 100644 --- a/sensor/kubernetes/fake/flows.go +++ b/sensor/kubernetes/fake/flows.go @@ -121,9 +121,9 @@ func generateIP() string { return fmt.Sprintf("10.%d.%d.%d", rand.Intn(256), rand.Intn(256), rand.Intn(256)) } -// Generate IP addresses from 11.0.0.0 to 171.255.255.255 which are all public +// Generate IP addresses from 11.0.0.0 to 126.255.255.255 which are all public func generateExternalIP() string { - return fmt.Sprintf("%d.%d.%d.%d", rand.Intn(171)+11, rand.Intn(256), rand.Intn(256), rand.Intn(256)) + return fmt.Sprintf("%d.%d.%d.%d", rand.Intn(116)+11, rand.Intn(256), rand.Intn(256), rand.Intn(256)) } // We want to reuse some external IPs, so we test the cases where multiple @@ -194,17 +194,6 @@ func getRandomOriginator(containerID string) *storage.NetworkProcessUniqueKey { return getNetworkProcessUniqueKeyFromProcess(process) } -func getNetworkEndpointFromConnectionAndOriginator(conn *sensor.NetworkConnection, originator *storage.NetworkProcessUniqueKey) *sensor.NetworkEndpoint { - return &sensor.NetworkEndpoint{ - SocketFamily: conn.SocketFamily, - Protocol: conn.Protocol, - ListenAddress: conn.LocalAddress, - ContainerId: conn.ContainerId, - CloseTimestamp: nil, - Originator: originator, - } -} - func makeNetworkConnection(src string, dst string, containerID string, closeTimestamp time.Time) *sensor.NetworkConnection { closeTS, err := protocompat.ConvertTimeToTimestampOrError(closeTimestamp) if err != nil { @@ -284,6 +273,30 @@ func (w *WorkloadManager) getRandomSrcDst() (string, string, bool) { return src, dst, ok } +func (w *WorkloadManager) getRandomNetworkEndpoint(containerID string) (*sensor.NetworkEndpoint, bool) { + originator := getRandomOriginator(containerID) + + ip, ok := ipPool.randomElem() + if !ok { + log.Error("found no IPs in pool") + return nil, false + } + + networkEndpoint := &sensor.NetworkEndpoint{ + SocketFamily: sensor.SocketFamily_SOCKET_FAMILY_IPV4, + Protocol: storage.L4Protocol_L4_PROTOCOL_TCP, + ListenAddress: &sensor.NetworkAddress{ + AddressData: net.ParseIP(ip).AsNetIP(), + Port: rand.Uint32() % 63556, + }, + ContainerId: containerID, + CloseTimestamp: nil, + Originator: originator, + } + + return networkEndpoint, ok +} + func (w *WorkloadManager) getFakeNetworkConnectionInfo(workload NetworkWorkload) *sensor.NetworkConnectionInfo { conns := make([]*sensor.NetworkConnection, 0, workload.BatchSize) networkEndpoints := make([]*sensor.NetworkEndpoint, 0, workload.BatchSize) @@ -300,10 +313,11 @@ func (w *WorkloadManager) getFakeNetworkConnectionInfo(workload NetworkWorkload) } conn := makeNetworkConnection(src, dst, containerID, time.Now().Add(-5*time.Second)) - - originator := getRandomOriginator(containerID) - - networkEndpoint := getNetworkEndpointFromConnectionAndOriginator(conn, originator) + networkEndpoint, ok := w.getRandomNetworkEndpoint(containerID) + if !ok { + log.Error("found no IPs in pool") + continue + } conns = append(conns, conn) if endpointPool.Size < endpointPool.Capacity { From 80619a998e4caccb31bd76e768d715fc8b430767 Mon Sep 17 00:00:00 2001 From: JoukoVirtanen Date: Thu, 13 Mar 2025 14:49:52 -0700 Subject: [PATCH 09/13] Changed range where external IPs are generated. Added a test --- sensor/kubernetes/fake/flows.go | 8 +++--- sensor/kubernetes/fake/flows_test.go | 39 ++++++++++++++++++++++++++++ 2 files changed, 43 insertions(+), 4 deletions(-) create mode 100644 sensor/kubernetes/fake/flows_test.go diff --git a/sensor/kubernetes/fake/flows.go b/sensor/kubernetes/fake/flows.go index f4ef2d08e239e..6f5927be50359 100644 --- a/sensor/kubernetes/fake/flows.go +++ b/sensor/kubernetes/fake/flows.go @@ -121,15 +121,15 @@ func generateIP() string { return fmt.Sprintf("10.%d.%d.%d", rand.Intn(256), rand.Intn(256), rand.Intn(256)) } -// Generate IP addresses from 11.0.0.0 to 126.255.255.255 which are all public +// Generate IP addresses from 11.0.0.0 to 99.255.255.255 which are all public func generateExternalIP() string { - return fmt.Sprintf("%d.%d.%d.%d", rand.Intn(116)+11, rand.Intn(256), rand.Intn(256), rand.Intn(256)) + return fmt.Sprintf("%d.%d.%d.%d", rand.Intn(89)+11, rand.Intn(256), rand.Intn(256), rand.Intn(256)) } // We want to reuse some external IPs, so we test the cases where multiple // entities connect to the same external IP, but we also want many external IPs // that are only used once. -func (w *WorkloadManager) generateExternalIPPool() { +func generateExternalIPPool() { for range 1000 { ip := generateExternalIP() for !externalIpPool.add(ip) { @@ -355,7 +355,7 @@ func (w *WorkloadManager) manageFlows(ctx context.Context, workload NetworkWorkl ticker := time.NewTicker(workload.FlowInterval) defer ticker.Stop() - w.generateExternalIPPool() + generateExternalIPPool() for { select { diff --git a/sensor/kubernetes/fake/flows_test.go b/sensor/kubernetes/fake/flows_test.go new file mode 100644 index 0000000000000..e3d267078e013 --- /dev/null +++ b/sensor/kubernetes/fake/flows_test.go @@ -0,0 +1,39 @@ +package fake + +import ( + "fmt" + "testing" + + "github.com/stackrox/rox/pkg/net" + "github.com/stretchr/testify/suite" +) + +type flowsSuite struct { + suite.Suite +} + +func TestFlowsSuite(t *testing.T) { + suite.Run(t, new(flowsSuite)) +} + +func (s* flowsSuite) TestGetRandomInternalExternalIP() { + var w WorkloadManager + for _ = range 1000 { + generateAndAddIPToPool() + } + generateExternalIPPool() + + for _ = range 1000 { + ip, internal, ok := w.getRandomInternalExternalIP() + if internal == net.ParseIP(ip).IsPublic() { + fmt.Println() + fmt.Println(ip) + fmt.Println(internal) + fmt.Println(net.ParseIP(ip).IsPublic()) + fmt.Println() + } + s.Equal(true, ok) + s.Equal(internal, !net.ParseIP(ip).IsPublic()) + } +} + From 9b80718527790cf86f9c6443acfc2ae22aa0d9fd Mon Sep 17 00:00:00 2001 From: JoukoVirtanen Date: Thu, 13 Mar 2025 15:20:02 -0700 Subject: [PATCH 10/13] Generate external IPs sequentially --- sensor/kubernetes/fake/flows.go | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) diff --git a/sensor/kubernetes/fake/flows.go b/sensor/kubernetes/fake/flows.go index 6f5927be50359..ed2182e8e1430 100644 --- a/sensor/kubernetes/fake/flows.go +++ b/sensor/kubernetes/fake/flows.go @@ -130,11 +130,18 @@ func generateExternalIP() string { // entities connect to the same external IP, but we also want many external IPs // that are only used once. func generateExternalIPPool() { - for range 1000 { - ip := generateExternalIP() - for !externalIpPool.add(ip) { - ip = generateExternalIP() + ip := []int{11, 0, 0, 0} + for _ = range 1000 { + for j := 3; j >= 0; j-- { + ip[j]++ + if ip[j] > 255 { + ip[j] = 0 + } else { + break + } } + ipString := fmt.Sprintf("%d.%d.%d.%d", ip[0], ip[1], ip[2], ip[3]) + externalIpPool.add(ipString) } } From 6d6b24eee784a335b172e0f7077bca46e2ef647d Mon Sep 17 00:00:00 2001 From: JoukoVirtanen Date: Thu, 13 Mar 2025 15:25:39 -0700 Subject: [PATCH 11/13] Fixed style --- sensor/kubernetes/fake/flows.go | 2 +- sensor/kubernetes/fake/flows_test.go | 11 +++++------ 2 files changed, 6 insertions(+), 7 deletions(-) diff --git a/sensor/kubernetes/fake/flows.go b/sensor/kubernetes/fake/flows.go index ed2182e8e1430..76c2cd48517ee 100644 --- a/sensor/kubernetes/fake/flows.go +++ b/sensor/kubernetes/fake/flows.go @@ -131,7 +131,7 @@ func generateExternalIP() string { // that are only used once. func generateExternalIPPool() { ip := []int{11, 0, 0, 0} - for _ = range 1000 { + for range 1000 { for j := 3; j >= 0; j-- { ip[j]++ if ip[j] > 255 { diff --git a/sensor/kubernetes/fake/flows_test.go b/sensor/kubernetes/fake/flows_test.go index e3d267078e013..41a358b2f9a8a 100644 --- a/sensor/kubernetes/fake/flows_test.go +++ b/sensor/kubernetes/fake/flows_test.go @@ -9,21 +9,21 @@ import ( ) type flowsSuite struct { - suite.Suite + suite.Suite } func TestFlowsSuite(t *testing.T) { - suite.Run(t, new(flowsSuite)) + suite.Run(t, new(flowsSuite)) } -func (s* flowsSuite) TestGetRandomInternalExternalIP() { +func (s *flowsSuite) TestGetRandomInternalExternalIP() { var w WorkloadManager - for _ = range 1000 { + for range 1000 { generateAndAddIPToPool() } generateExternalIPPool() - for _ = range 1000 { + for range 1000 { ip, internal, ok := w.getRandomInternalExternalIP() if internal == net.ParseIP(ip).IsPublic() { fmt.Println() @@ -36,4 +36,3 @@ func (s* flowsSuite) TestGetRandomInternalExternalIP() { s.Equal(internal, !net.ParseIP(ip).IsPublic()) } } - From 56d9b7a9aedf1316bd5ec642f85b23e2124b41eb Mon Sep 17 00:00:00 2001 From: JoukoVirtanen Date: Thu, 13 Mar 2025 19:33:18 -0700 Subject: [PATCH 12/13] Improved testing --- sensor/kubernetes/fake/flows_test.go | 25 ++++++++++++++++--------- 1 file changed, 16 insertions(+), 9 deletions(-) diff --git a/sensor/kubernetes/fake/flows_test.go b/sensor/kubernetes/fake/flows_test.go index 41a358b2f9a8a..1d577f41ad96c 100644 --- a/sensor/kubernetes/fake/flows_test.go +++ b/sensor/kubernetes/fake/flows_test.go @@ -1,7 +1,6 @@ package fake import ( - "fmt" "testing" "github.com/stackrox/rox/pkg/net" @@ -18,21 +17,29 @@ func TestFlowsSuite(t *testing.T) { func (s *flowsSuite) TestGetRandomInternalExternalIP() { var w WorkloadManager + + _, _, ok := w.getRandomInternalExternalIP() + s.False(ok) + + _, _, ok = w.getRandomSrcDst() + s.False(ok) + for range 1000 { generateAndAddIPToPool() } + generateExternalIPPool() for range 1000 { ip, internal, ok := w.getRandomInternalExternalIP() - if internal == net.ParseIP(ip).IsPublic() { - fmt.Println() - fmt.Println(ip) - fmt.Println(internal) - fmt.Println(net.ParseIP(ip).IsPublic()) - fmt.Println() - } - s.Equal(true, ok) + s.True(ok) s.Equal(internal, !net.ParseIP(ip).IsPublic()) } + + for range 1000 { + src, dst, ok := w.getRandomSrcDst() + // At least one has to be internal + s.True(!net.ParseIP(src).IsPublic() || !net.ParseIP(dst).IsPublic()) + s.True(ok) + } } From 68301c6a8bf42c7d8c1c601967c7d9974d8daa46 Mon Sep 17 00:00:00 2001 From: JoukoVirtanen Date: Fri, 14 Mar 2025 09:53:39 -0700 Subject: [PATCH 13/13] Refactor to reduce code duplication and improve logging --- sensor/kubernetes/fake/flows.go | 26 +++++++++----------------- sensor/kubernetes/fake/flows_test.go | 5 +---- 2 files changed, 10 insertions(+), 21 deletions(-) diff --git a/sensor/kubernetes/fake/flows.go b/sensor/kubernetes/fake/flows.go index 76c2cd48517ee..945e67e87b503 100644 --- a/sensor/kubernetes/fake/flows.go +++ b/sensor/kubernetes/fake/flows.go @@ -237,23 +237,20 @@ func (w *WorkloadManager) getRandomInternalExternalIP() (string, bool, bool) { internal := rand.Intn(100) < 80 if internal { ip, ok = ipPool.randomElem() - if !ok { - log.Error("found no IPs in pool") - return "", internal, false - } } else { if rand.Intn(100) < 50 { ip, ok = externalIpPool.randomElem() - if !ok { - log.Error("found no IPs in pool") - return "", internal, false - } } else { ip = generateExternalIP() + ok = true } } - return ip, internal, true + if !ok { + log.Errorf("Found no IPs in the %s pool", map[bool]string{true: "internal", false: "external"}[internal]) + } + + return ip, internal, ok } func (w *WorkloadManager) getRandomSrcDst() (string, string, bool) { @@ -266,14 +263,10 @@ func (w *WorkloadManager) getRandomSrcDst() (string, string, bool) { // if the src is external, the dst must be internal. if internal { dst, _, ok = w.getRandomInternalExternalIP() - if !ok { - return "", "", false - } } else { dst, ok = ipPool.randomElem() if !ok { - log.Error("found no IPs in pool") - return "", "", false + log.Error("Found no IPs in the internal pool") } } @@ -285,7 +278,6 @@ func (w *WorkloadManager) getRandomNetworkEndpoint(containerID string) (*sensor. ip, ok := ipPool.randomElem() if !ok { - log.Error("found no IPs in pool") return nil, false } @@ -315,14 +307,14 @@ func (w *WorkloadManager) getFakeNetworkConnectionInfo(workload NetworkWorkload) containerID, ok := containerPool.randomElem() if !ok { - log.Error("found no containers in pool") + log.Error("Found no containers in pool") continue } conn := makeNetworkConnection(src, dst, containerID, time.Now().Add(-5*time.Second)) networkEndpoint, ok := w.getRandomNetworkEndpoint(containerID) if !ok { - log.Error("found no IPs in pool") + log.Error("Found no IPs in the internal pool") continue } diff --git a/sensor/kubernetes/fake/flows_test.go b/sensor/kubernetes/fake/flows_test.go index 1d577f41ad96c..1d8682bb38e6a 100644 --- a/sensor/kubernetes/fake/flows_test.go +++ b/sensor/kubernetes/fake/flows_test.go @@ -18,10 +18,7 @@ func TestFlowsSuite(t *testing.T) { func (s *flowsSuite) TestGetRandomInternalExternalIP() { var w WorkloadManager - _, _, ok := w.getRandomInternalExternalIP() - s.False(ok) - - _, _, ok = w.getRandomSrcDst() + _, _, ok := w.getRandomSrcDst() s.False(ok) for range 1000 {