Merge pull request #408 from msherif1234/intf-discovery

Add interfaces discovery to bpf agent process

Author: anfredette

apis/v1alpha1/cluster_tc_program_types.go

@@ -37,7 +37,7 @@ type ClTcAttachInfo struct {
 	// program. If Containers is not specified, the BPF program will be attached
 	// in the root network namespace.
 	// +optional
-	Containers *ClContainerSelector `json:"containers"`
+	Containers *ClContainerSelector `json:"containers,omitempty"`
 
 	// direction specifies the direction of traffic the tc program should
 	// attach to for a given network device.
@@ -49,13 +49,14 @@ type ClTcAttachInfo struct {
 	// from 0 to 1000 where lower values have higher precedence.
 	// +kubebuilder:validation:Minimum=0
 	// +kubebuilder:validation:Maximum=1000
-	Priority int32 `json:"priority"`
+	// +optional
+	Priority int32 `json:"priority,omitempty"`
 
 	// proceedOn allows the user to call other tc programs in chain on this exit code.
 	// Multiple values are supported by repeating the parameter.
 	// +optional
 	// +kubebuilder:default:={Pipe,DispatcherReturn}
-	ProceedOn []TcProceedOnValue `json:"proceedOn"`
+	ProceedOn []TcProceedOnValue `json:"proceedOn,omitempty"`
 }
 
 type ClTcProgramInfoState struct {

apis/v1alpha1/cluster_tcx_program_types.go

@@ -34,7 +34,7 @@ type ClTcxAttachInfo struct {
 	// program. If Containers is not specified, the BPF program will be attached
 	// in the root network namespace.
 	// +optional
-	Containers *ClContainerSelector `json:"containers"`
+	Containers *ClContainerSelector `json:"containers,omitempty"`
 
 	// direction specifies the direction of traffic the tcx program should
 	// attach to for a given network device.
@@ -46,7 +46,8 @@ type ClTcxAttachInfo struct {
 	// from 0 to 1000 where lower values have higher precedence.
 	// +kubebuilder:validation:Minimum=0
 	// +kubebuilder:validation:Maximum=1000
-	Priority int32 `json:"priority"`
+	// +optional
+	Priority int32 `json:"priority,omitempty"`
 }
 
 type ClTcxProgramInfoState struct {

apis/v1alpha1/cluster_xdp_program_types.go

@@ -37,20 +37,21 @@ type ClXdpAttachInfo struct {
 	// program. If Containers is not specified, the BPF program will be attached
 	// in the root network namespace.
 	// +optional
-	Containers *ClContainerSelector `json:"containers"`
+	Containers *ClContainerSelector `json:"containers,omitempty"`
 
 	// priority specifies the priority of the bpf program in relation to
 	// other programs of the same type with the same attach point. It is a value
 	// from 0 to 1000 where lower values have higher precedence.
 	// +kubebuilder:validation:Minimum=0
 	// +kubebuilder:validation:Maximum=1000
-	Priority int32 `json:"priority"`
+	// +optional
+	Priority int32 `json:"priority,omitempty"`
 
 	// proceedOn allows the user to call other xdp programs in chain on this exit code.
 	// Multiple values are supported by repeating the parameter.
 	// +optional
 	// +kubebuilder:default:={Pass,DispatcherReturn}
-	ProceedOn []XdpProceedOnValue `json:"proceedOn"`
+	ProceedOn []XdpProceedOnValue `json:"proceedOn,omitempty"`
 }
 
 type ClXdpProgramInfoState struct {

apis/v1alpha1/shared_types.go

@@ -21,14 +21,32 @@ import (
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 )
 
+type InterfaceDiscovery struct {
+	// interfaceAutoDiscovery when enabled, the agent process monitors the creation and deletion of interfaces,
+	// automatically attaching eBPF hooks to newly discovered interfaces in both directions.
+	//+kubebuilder:default:=false
+	// +optional
+	InterfaceAutoDiscovery *bool `json:"interfaceAutoDiscovery,omitempty"`
+
+	// excludeInterfaces contains the interface names that are excluded from interface discovery
+	// it is matched as a case-sensitive string.
+	//+kubebuilder:default:={"lo"}
+	//+optional
+	ExcludeInterfaces []string `json:"excludeInterfaces,omitempty"`
+}
+
 // InterfaceSelector defines interface to attach to.
 // +kubebuilder:validation:MaxProperties=1
 // +kubebuilder:validation:MinProperties=1
 type InterfaceSelector struct {
+	// discoveryConfig allow configuring interface discovery functionality,
+	// +optional
+	InterfacesDiscoveryConfig *InterfaceDiscovery `json:"interfacesDiscoveryConfig,omitempty"`
+
 	// interfaces refers to a list of network interfaces to attach the BPF
 	// program to.
 	// +optional
-	Interfaces *[]string `json:"interfaces,omitempty"`
+	Interfaces []string `json:"interfaces,omitempty"`
 
 	// primaryNodeInterface to attach BPF program to the primary interface on the node. Only 'true' accepted.
 	// +optional

apis/v1alpha1/tc_program_types.go

@@ -32,7 +32,8 @@ type TcAttachInfo struct {
 
 	// containers identify the set of containers in which to attach the eBPF
 	// program.
-	Containers ContainerSelector `json:"containers"`
+	// +optional
+	Containers ContainerSelector `json:"containers,omitempty"`
 
 	// direction specifies the direction of traffic the tc program should
 	// attach to for a given network device.
@@ -44,13 +45,14 @@ type TcAttachInfo struct {
 	// from 0 to 1000 where lower values have higher precedence.
 	// +kubebuilder:validation:Minimum=0
 	// +kubebuilder:validation:Maximum=1000
-	Priority int32 `json:"priority"`
+	// +optional
+	Priority int32 `json:"priority,omitempty"`
 
 	// proceedOn allows the user to call other tc programs in chain on this exit code.
 	// Multiple values are supported by repeating the parameter.
 	// +optional
 	// +kubebuilder:default:={Pipe,DispatcherReturn}
-	ProceedOn []TcProceedOnValue `json:"proceedOn"`
+	ProceedOn []TcProceedOnValue `json:"proceedOn,omitempty"`
 }
 
 type TcProgramInfoState struct {

apis/v1alpha1/tcx_program_types.go

@@ -62,20 +62,24 @@ type TcxAttachInfoState struct {
 	AttachInfoStateCommon `json:",inline"`
 
 	// interfaceName is the Interface name to attach the tc program to.
-	InterfaceName string `json:"interfaceName"`
+	// +optional
+	InterfaceName string `json:"interfaceName,omitempty"`
 
 	// containerPid is the container pid to attach the tcx program in.
-	ContainerPid int32 `json:"containerPid"`
+	// +optional
+	ContainerPid int32 `json:"containerPid,omitempty"`
 
 	// direction specifies the direction of traffic the tcx program should
 	// attach to for a given network device.
 	// +kubebuilder:validation:Enum=Ingress;Egress
-	Direction TCDirectionType `json:"direction"`
+	// +optional
+	Direction TCDirectionType `json:"direction,omitempty"`
 
 	// priority specifies the priority of the tcx program in relation to
 	// other programs of the same type with the same attach point. It is a value
 	// from 0 to 1000 where lower values have higher precedence.
 	// +kubebuilder:validation:Minimum=0
 	// +kubebuilder:validation:Maximum=1000
-	Priority int32 `json:"priority"`
+	// +optional
+	Priority int32 `json:"priority,omitempty"`
 }

apis/v1alpha1/xdp_program_types.go

@@ -32,20 +32,22 @@ type XdpAttachInfo struct {
 
 	// containers identify the set of containers in which to attach the eBPF
 	// program.
-	Containers ContainerSelector `json:"containers"`
+	// +optional
+	Containers ContainerSelector `json:"containers,omitempty"`
 
 	// priority specifies the priority of the bpf program in relation to
 	// other programs of the same type with the same attach point. It is a value
 	// from 0 to 1000 where lower values have higher precedence.
 	// +kubebuilder:validation:Minimum=0
 	// +kubebuilder:validation:Maximum=1000
-	Priority int32 `json:"priority"`
+	// +optional
+	Priority int32 `json:"priority,omitempty"`
 
 	// proceedOn allows the user to call other xdp programs in chain on this exit code.
 	// Multiple values are supported by repeating the parameter.
 	// +optional
 	// +kubebuilder:default:={Pass,DispatcherReturn}
-	ProceedOn []XdpProceedOnValue `json:"proceedOn"`
+	ProceedOn []XdpProceedOnValue `json:"proceedOn,omitempty"`
 }
 
 type XdpProgramInfoState struct {

apis/v1alpha1/zz_generated.deepcopy.go

@@ -820,7 +820,7 @@ metadata:
     capabilities: Basic Install
     categories: OpenShift Optional
     containerImage: quay.io/bpfman/bpfman-operator:latest
-    createdAt: "2025-03-21T19:22:04Z"
+    createdAt: "2025-03-25T15:29:54Z"
     description: The bpfman Operator is designed to manage eBPF programs for applications.
     features.operators.openshift.io/cnf: "false"
     features.operators.openshift.io/cni: "false"

bundle/manifests/bpfman-operator.clusterserviceversion.yaml

@@ -315,6 +315,26 @@ spec:
                                     items:
                                       type: string
                                     type: array
+                                  interfacesDiscoveryConfig:
+                                    description: discoveryConfig allow configuring
+                                      interface discovery functionality,
+                                    properties:
+                                      excludeInterfaces:
+                                        default:
+                                        - lo
+                                        description: |-
+                                          excludeInterfaces contains the interface names that are excluded from interface discovery
+                                          it is matched as a case-sensitive string.
+                                        items:
+                                          type: string
+                                        type: array
+                                      interfaceAutoDiscovery:
+                                        default: false
+                                        description: |-
+                                          interfaceAutoDiscovery when enabled, the agent process monitors the creation and deletion of interfaces,
+                                          automatically attaching eBPF hooks to newly discovered interfaces in both directions.
+                                        type: boolean
+                                    type: object
                                   primaryNodeInterface:
                                     description: primaryNodeInterface to attach BPF
                                       program to the primary interface on the node.
@@ -353,10 +373,8 @@ spec:
                                   type: string
                                 type: array
                             required:
-                            - containers
                             - direction
                             - interfaceSelector
-                            - priority
                             type: object
                           type: array
                       type: object
@@ -456,6 +474,26 @@ spec:
                                     items:
                                       type: string
                                     type: array
+                                  interfacesDiscoveryConfig:
+                                    description: discoveryConfig allow configuring
+                                      interface discovery functionality,
+                                    properties:
+                                      excludeInterfaces:
+                                        default:
+                                        - lo
+                                        description: |-
+                                          excludeInterfaces contains the interface names that are excluded from interface discovery
+                                          it is matched as a case-sensitive string.
+                                        items:
+                                          type: string
+                                        type: array
+                                      interfaceAutoDiscovery:
+                                        default: false
+                                        description: |-
+                                          interfaceAutoDiscovery when enabled, the agent process monitors the creation and deletion of interfaces,
+                                          automatically attaching eBPF hooks to newly discovered interfaces in both directions.
+                                        type: boolean
+                                    type: object
                                   primaryNodeInterface:
                                     description: primaryNodeInterface to attach BPF
                                       program to the primary interface on the node.
@@ -782,6 +820,26 @@ spec:
                                     items:
                                       type: string
                                     type: array
+                                  interfacesDiscoveryConfig:
+                                    description: discoveryConfig allow configuring
+                                      interface discovery functionality,
+                                    properties:
+                                      excludeInterfaces:
+                                        default:
+                                        - lo
+                                        description: |-
+                                          excludeInterfaces contains the interface names that are excluded from interface discovery
+                                          it is matched as a case-sensitive string.
+                                        items:
+                                          type: string
+                                        type: array
+                                      interfaceAutoDiscovery:
+                                        default: false
+                                        description: |-
+                                          interfaceAutoDiscovery when enabled, the agent process monitors the creation and deletion of interfaces,
+                                          automatically attaching eBPF hooks to newly discovered interfaces in both directions.
+                                        type: boolean
+                                    type: object
                                   primaryNodeInterface:
                                     description: primaryNodeInterface to attach BPF
                                       program to the primary interface on the node.
@@ -815,9 +873,7 @@ spec:
                                   type: string
                                 type: array
                             required:
-                            - containers
                             - interfaceSelector
-                            - priority
                             type: object
                           type: array
                       type: object