From 8cb6a6ad83f83e478b5833e7eac37c2c5901020e Mon Sep 17 00:00:00 2001 From: Piotr Rygielski <114479+vikin91@users.noreply.github.com> Date: Mon, 7 Apr 2025 16:02:37 +0200 Subject: [PATCH 1/4] Empty From bd071a748e4438ac0e8c41fa5bf25eee27a6a0ce Mon Sep 17 00:00:00 2001 From: Piotr Rygielski <114479+vikin91@users.noreply.github.com> Date: Mon, 7 Apr 2025 16:03:06 +0200 Subject: [PATCH 2/4] Add parameter generateUnclosedEndpoints --- scale/workloads/10-sensors.yaml | 1 + scale/workloads/active-vulnmgmt.yaml | 1 + scale/workloads/default.yaml | 1 + scale/workloads/high-alert.yaml | 1 + scale/workloads/long-running.yaml | 1 + scale/workloads/np-load.yaml | 1 + scale/workloads/okr-single-load.yaml | 1 + scale/workloads/rbac.yaml | 1 + scale/workloads/sample.yaml | 2 ++ scale/workloads/scale-test.yaml | 1 + scale/workloads/small.yaml | 1 + scale/workloads/vulnmgmt.yaml | 1 + scale/workloads/xlarge.yaml | 1 + sensor/kubernetes/fake/flows.go | 5 ++++- sensor/kubernetes/fake/workload.go | 5 +++-- 15 files changed, 21 insertions(+), 3 deletions(-) diff --git a/scale/workloads/10-sensors.yaml b/scale/workloads/10-sensors.yaml index a5fd269aaf1ca..ca46d92a9a425 100644 --- a/scale/workloads/10-sensors.yaml +++ b/scale/workloads/10-sensors.yaml @@ -16,6 +16,7 @@ deploymentWorkload: networkWorkload: batchSize: 5000 flowInterval: 30s + generateUnclosedEndpoints: true nodeWorkload: numNodes: 1000 rbacWorkload: diff --git a/scale/workloads/active-vulnmgmt.yaml b/scale/workloads/active-vulnmgmt.yaml index 2ef90fc6a0a0f..be575de890a65 100644 --- a/scale/workloads/active-vulnmgmt.yaml +++ b/scale/workloads/active-vulnmgmt.yaml @@ -16,6 +16,7 @@ deploymentWorkload: networkWorkload: batchSize: 100 flowInterval: 1s + generateUnclosedEndpoints: true nodeWorkload: numNodes: 500 rbacWorkload: diff --git a/scale/workloads/default.yaml b/scale/workloads/default.yaml index a4ec0c777c455..1b8210cc49735 100755 --- a/scale/workloads/default.yaml +++ b/scale/workloads/default.yaml @@ -16,6 +16,7 @@ deploymentWorkload: networkWorkload: batchSize: 100 flowInterval: 1s + generateUnclosedEndpoints: true nodeWorkload: numNodes: 1000 rbacWorkload: diff --git a/scale/workloads/high-alert.yaml b/scale/workloads/high-alert.yaml index 942cd9bb1a45d..652f91a9b4cf7 100755 --- a/scale/workloads/high-alert.yaml +++ b/scale/workloads/high-alert.yaml @@ -16,6 +16,7 @@ deploymentWorkload: networkWorkload: batchSize: 100 flowInterval: 1s + generateUnclosedEndpoints: true nodeWorkload: numNodes: 1000 rbacWorkload: diff --git a/scale/workloads/long-running.yaml b/scale/workloads/long-running.yaml index 1b87438647bef..aee062cd7ca50 100755 --- a/scale/workloads/long-running.yaml +++ b/scale/workloads/long-running.yaml @@ -16,6 +16,7 @@ deploymentWorkload: networkWorkload: batchSize: 100 flowInterval: 1s + generateUnclosedEndpoints: true nodeWorkload: numNodes: 1000 rbacWorkload: diff --git a/scale/workloads/np-load.yaml b/scale/workloads/np-load.yaml index f976d72329c30..956cbdc2fa9ac 100755 --- a/scale/workloads/np-load.yaml +++ b/scale/workloads/np-load.yaml @@ -40,6 +40,7 @@ networkPolicyWorkload: networkWorkload: batchSize: 100 flowInterval: 1s + generateUnclosedEndpoints: true nodeWorkload: numNodes: 1000 rbacWorkload: diff --git a/scale/workloads/okr-single-load.yaml b/scale/workloads/okr-single-load.yaml index c89d5aa3a223c..532ad8f542c79 100755 --- a/scale/workloads/okr-single-load.yaml +++ b/scale/workloads/okr-single-load.yaml @@ -16,6 +16,7 @@ deploymentWorkload: networkWorkload: batchSize: 500 flowInterval: 24h + generateUnclosedEndpoints: true nodeWorkload: numNodes: 1000 rbacWorkload: diff --git a/scale/workloads/rbac.yaml b/scale/workloads/rbac.yaml index c7de61b11a35f..20d5840572e94 100755 --- a/scale/workloads/rbac.yaml +++ b/scale/workloads/rbac.yaml @@ -16,6 +16,7 @@ deploymentWorkload: networkWorkload: batchSize: 100 flowInterval: 30s + generateUnclosedEndpoints: true nodeWorkload: numNodes: 100 rbacWorkload: diff --git a/scale/workloads/sample.yaml b/scale/workloads/sample.yaml index b51ade3e31cf5..0ddc483261440 100755 --- a/scale/workloads/sample.yaml +++ b/scale/workloads/sample.yaml @@ -56,4 +56,6 @@ networkWorkload: flowInterval: 60s # ...create this many random connections between IP addresses in the cluster batchSize: 500 + # whether to generate endpoints that will never be marked as closed + generateUnclosedEndpoints: true diff --git a/scale/workloads/scale-test.yaml b/scale/workloads/scale-test.yaml index 04f1446d45dbe..aed256d5072d9 100755 --- a/scale/workloads/scale-test.yaml +++ b/scale/workloads/scale-test.yaml @@ -16,6 +16,7 @@ deploymentWorkload: networkWorkload: batchSize: 100 flowInterval: 1s + generateUnclosedEndpoints: true nodeWorkload: numNodes: 1000 rbacWorkload: diff --git a/scale/workloads/small.yaml b/scale/workloads/small.yaml index ca12a11901108..8a8d4aa7c2da4 100755 --- a/scale/workloads/small.yaml +++ b/scale/workloads/small.yaml @@ -16,6 +16,7 @@ deploymentWorkload: networkWorkload: batchSize: 100 flowInterval: 30s + generateUnclosedEndpoints: true nodeWorkload: numNodes: 100 rbacWorkload: diff --git a/scale/workloads/vulnmgmt.yaml b/scale/workloads/vulnmgmt.yaml index 64a21c31abd6e..d20a65a3eb8ca 100755 --- a/scale/workloads/vulnmgmt.yaml +++ b/scale/workloads/vulnmgmt.yaml @@ -16,6 +16,7 @@ deploymentWorkload: networkWorkload: batchSize: 100 flowInterval: 0 + generateUnclosedEndpoints: true nodeWorkload: numNodes: 1000 rbacWorkload: diff --git a/scale/workloads/xlarge.yaml b/scale/workloads/xlarge.yaml index 69e10a055a8ca..7d1a2ca291700 100755 --- a/scale/workloads/xlarge.yaml +++ b/scale/workloads/xlarge.yaml @@ -16,6 +16,7 @@ deploymentWorkload: networkWorkload: batchSize: 500 flowInterval: 1s + generateUnclosedEndpoints: true nodeWorkload: numNodes: 1000 rbacWorkload: diff --git a/sensor/kubernetes/fake/flows.go b/sensor/kubernetes/fake/flows.go index 945e67e87b503..679c055c12300 100644 --- a/sensor/kubernetes/fake/flows.go +++ b/sensor/kubernetes/fake/flows.go @@ -322,7 +322,10 @@ func (w *WorkloadManager) getFakeNetworkConnectionInfo(workload NetworkWorkload) if endpointPool.Size < endpointPool.Capacity { endpointPool.add(networkEndpoint) } - networkEndpoints = append(networkEndpoints, networkEndpoint) + if workload.GenerateUnclosedEndpoints { + // Rouge endpoints will not be closed - i.e., CloseTimestamp will be always nil. + networkEndpoints = append(networkEndpoints, networkEndpoint) + } } for _, endpoint := range endpointPool.EndpointsToBeClosed { diff --git a/sensor/kubernetes/fake/workload.go b/sensor/kubernetes/fake/workload.go index 8f64ea9c0e228..5fd866ad5e8b9 100644 --- a/sensor/kubernetes/fake/workload.go +++ b/sensor/kubernetes/fake/workload.go @@ -42,8 +42,9 @@ type ProcessWorkload struct { // NetworkWorkload defines the rate and size of network flows type NetworkWorkload struct { - FlowInterval time.Duration `yaml:"flowInterval"` - BatchSize int `yaml:"batchSize"` + FlowInterval time.Duration `yaml:"flowInterval"` + BatchSize int `yaml:"batchSize"` + GenerateUnclosedEndpoints bool `yaml:"generateUnclosedEndpoints"` } // PodWorkload defines the workload and lifecycle of the pods within a deployment From 09f293ea990fdb7057ffd2be8f35b59f314de839 Mon Sep 17 00:00:00 2001 From: Piotr Rygielski <114479+vikin91@users.noreply.github.com> Date: Mon, 7 Apr 2025 16:04:21 +0200 Subject: [PATCH 3/4] Fix comment --- sensor/kubernetes/fake/flows.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sensor/kubernetes/fake/flows.go b/sensor/kubernetes/fake/flows.go index 679c055c12300..65cf0cc2e110d 100644 --- a/sensor/kubernetes/fake/flows.go +++ b/sensor/kubernetes/fake/flows.go @@ -323,7 +323,7 @@ func (w *WorkloadManager) getFakeNetworkConnectionInfo(workload NetworkWorkload) endpointPool.add(networkEndpoint) } if workload.GenerateUnclosedEndpoints { - // Rouge endpoints will not be closed - i.e., CloseTimestamp will be always nil. + // Those endpoints will not be closed - i.e., CloseTimestamp will be always nil. networkEndpoints = append(networkEndpoints, networkEndpoint) } } From a63c2b3a8d5f5a91bc658b182ddccbebf5692dcb Mon Sep 17 00:00:00 2001 From: Piotr Rygielski <114479+vikin91@users.noreply.github.com> Date: Wed, 9 Apr 2025 23:06:38 +0200 Subject: [PATCH 4/4] Trivial change to re-trigger stuck CI --- sensor/kubernetes/fake/flows.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sensor/kubernetes/fake/flows.go b/sensor/kubernetes/fake/flows.go index 65cf0cc2e110d..7b550521f0170 100644 --- a/sensor/kubernetes/fake/flows.go +++ b/sensor/kubernetes/fake/flows.go @@ -323,7 +323,7 @@ func (w *WorkloadManager) getFakeNetworkConnectionInfo(workload NetworkWorkload) endpointPool.add(networkEndpoint) } if workload.GenerateUnclosedEndpoints { - // Those endpoints will not be closed - i.e., CloseTimestamp will be always nil. + // These endpoints will not be closed - i.e., CloseTimestamp will be always nil. networkEndpoints = append(networkEndpoints, networkEndpoint) } }