API Specification
Packages:
bpfman.io/v1alpha1
Package v1alpha1 contains API Schema definitions for the bpfman.io API group.
Resource Types:
- BpfApplication
- BpfProgram
- FentryProgram
- FexitProgram
- KprobeProgram
- TcProgram
- TracepointProgram
- UprobeProgram
- XdpProgram
BpfApplication ¶
BpfApplication is the Schema for the bpfapplications API
| Field | Description | ||||
|---|---|---|---|---|---|
apiVersion
string |
bpfman.io/v1alpha1
|
||||
kind
string
|
BpfApplication |
||||
metadata
Kubernetes meta/v1.ObjectMeta
|
Refer to the Kubernetes API documentation for the fields of the
metadata field.
|
||||
spec
BpfApplicationSpec
|
|
||||
status
BpfApplicationStatus
|
BpfProgram ¶
BpfProgram is the Schema for the Bpfprograms API
| Field | Description | ||
|---|---|---|---|
apiVersion
string |
bpfman.io/v1alpha1
|
||
kind
string
|
BpfProgram |
||
metadata
Kubernetes meta/v1.ObjectMeta
|
Refer to the Kubernetes API documentation for the fields of the
metadata field.
|
||
spec
BpfProgramSpec
|
|
||
status
BpfProgramStatus
|
(Optional) |
FentryProgram ¶
FentryProgram is the Schema for the FentryPrograms API
| Field | Description | ||||
|---|---|---|---|---|---|
apiVersion
string |
bpfman.io/v1alpha1
|
||||
kind
string
|
FentryProgram |
||||
metadata
Kubernetes meta/v1.ObjectMeta
|
Refer to the Kubernetes API documentation for the fields of the
metadata field.
|
||||
spec
FentryProgramSpec
|
|
||||
status
FentryProgramStatus
|
(Optional) |
FexitProgram ¶
FexitProgram is the Schema for the FexitPrograms API
| Field | Description | ||||
|---|---|---|---|---|---|
apiVersion
string |
bpfman.io/v1alpha1
|
||||
kind
string
|
FexitProgram |
||||
metadata
Kubernetes meta/v1.ObjectMeta
|
Refer to the Kubernetes API documentation for the fields of the
metadata field.
|
||||
spec
FexitProgramSpec
|
|
||||
status
FexitProgramStatus
|
(Optional) |
KprobeProgram ¶
KprobeProgram is the Schema for the KprobePrograms API
| Field | Description | ||||
|---|---|---|---|---|---|
apiVersion
string |
bpfman.io/v1alpha1
|
||||
kind
string
|
KprobeProgram |
||||
metadata
Kubernetes meta/v1.ObjectMeta
|
Refer to the Kubernetes API documentation for the fields of the
metadata field.
|
||||
spec
KprobeProgramSpec
|
|
||||
status
KprobeProgramStatus
|
(Optional) |
TcProgram ¶
TcProgram is the Schema for the TcProgram API
| Field | Description | ||||
|---|---|---|---|---|---|
apiVersion
string |
bpfman.io/v1alpha1
|
||||
kind
string
|
TcProgram |
||||
metadata
Kubernetes meta/v1.ObjectMeta
|
Refer to the Kubernetes API documentation for the fields of the
metadata field.
|
||||
spec
TcProgramSpec
|
|
||||
status
TcProgramStatus
|
(Optional) |
TracepointProgram ¶
TracepointProgram is the Schema for the TracepointPrograms API
| Field | Description | ||||
|---|---|---|---|---|---|
apiVersion
string |
bpfman.io/v1alpha1
|
||||
kind
string
|
TracepointProgram |
||||
metadata
Kubernetes meta/v1.ObjectMeta
|
Refer to the Kubernetes API documentation for the fields of the
metadata field.
|
||||
spec
TracepointProgramSpec
|
|
||||
status
TracepointProgramStatus
|
(Optional) |
UprobeProgram ¶
UprobeProgram is the Schema for the UprobePrograms API
| Field | Description | ||||
|---|---|---|---|---|---|
apiVersion
string |
bpfman.io/v1alpha1
|
||||
kind
string
|
UprobeProgram |
||||
metadata
Kubernetes meta/v1.ObjectMeta
|
Refer to the Kubernetes API documentation for the fields of the
metadata field.
|
||||
spec
UprobeProgramSpec
|
|
||||
status
UprobeProgramStatus
|
(Optional) |
XdpProgram ¶
XdpProgram is the Schema for the XdpPrograms API
| Field | Description | ||||
|---|---|---|---|---|---|
apiVersion
string |
bpfman.io/v1alpha1
|
||||
kind
string
|
XdpProgram |
||||
metadata
Kubernetes meta/v1.ObjectMeta
|
Refer to the Kubernetes API documentation for the fields of the
metadata field.
|
||||
spec
XdpProgramSpec
|
|
||||
status
XdpProgramStatus
|
(Optional) |
BpfAppCommon ¶
(Appears on: BpfApplicationSpec, FentryProgramSpec, FexitProgramSpec, KprobeProgramSpec, TcProgramSpec, TracepointProgramSpec, UprobeProgramSpec, XdpProgramSpec)
BpfAppCommon defines the common attributes for all BpfApp programs
| Field | Description |
|---|---|
nodeselector
Kubernetes meta/v1.LabelSelector
|
NodeSelector allows the user to specify which nodes to deploy the bpf program to. This field must be specified, to select all nodes use standard metav1.LabelSelector semantics and make it empty. |
globaldata
map[string][]byte
|
(Optional)
GlobalData allows the user to set global variables when the program is loaded with an array of raw bytes. This is a very low level primitive. The caller is responsible for formatting the byte string appropriately considering such things as size, endianness, alignment and packing of data structures. |
bytecode
BytecodeSelector
|
Bytecode configures where the bpf program’s bytecode should be loaded from. |
BpfApplicationProgram ¶
(Appears on: BpfApplicationSpec)
BpfApplicationProgram defines the desired state of BpfApplication
| Field | Description |
|---|---|
type
EBPFProgType
|
Type specifies the bpf program type |
xdp
XdpProgramInfo
|
(Optional)
xdp defines the desired state of the application’s XdpPrograms. |
tc
TcProgramInfo
|
(Optional)
tc defines the desired state of the application’s TcPrograms. |
tcx
TcProgramInfo
|
(Optional)
tcx defines the desired state of the application’s TcPrograms. |
fentry
FentryProgramInfo
|
(Optional)
fentry defines the desired state of the application’s FentryPrograms. |
fexit
FexitProgramInfo
|
(Optional)
fexit defines the desired state of the application’s FexitPrograms. |
kprobe
KprobeProgramInfo
|
(Optional)
kprobe defines the desired state of the application’s KprobePrograms. |
kretprobe
KprobeProgramInfo
|
(Optional)
kretprobe defines the desired state of the application’s KretprobePrograms. |
uprobe
UprobeProgramInfo
|
(Optional)
uprobe defines the desired state of the application’s UprobePrograms. |
uretprobe
UprobeProgramInfo
|
(Optional)
uretprobe defines the desired state of the application’s UretprobePrograms. |
tracepoint
TracepointProgramInfo
|
(Optional)
tracepoint defines the desired state of the application’s TracepointPrograms. |
BpfApplicationSpec ¶
(Appears on: BpfApplication)
BpfApplicationSpec defines the desired state of BpfApplication
| Field | Description |
|---|---|
BpfAppCommon
BpfAppCommon
|
(Members of |
programs
[]BpfApplicationProgram
|
Programs is a list of bpf programs supported for a specific application. It’s possible that the application can selectively choose which program(s) to run from this list. |
BpfApplicationStatus ¶
(Appears on: BpfApplication)
BpfApplicationStatus defines the observed state of BpfApplication
| Field | Description |
|---|---|
BpfProgramStatusCommon
BpfProgramStatusCommon
|
(Members of |
BpfProgramCommon ¶
(Appears on: FentryProgramInfo, FexitProgramInfo, KprobeProgramInfo, TcProgramInfo, TracepointProgramInfo, UprobeProgramInfo, XdpProgramInfo)
BpfProgramCommon defines the common attributes for all BPF programs
| Field | Description |
|---|---|
bpffunctionname
string
|
BpfFunctionName is the name of the function that is the entry point for the BPF program |
mapownerselector
Kubernetes meta/v1.LabelSelector
|
(Optional)
MapOwnerSelector is used to select the loaded eBPF program this eBPF program will share a map with. The value is a label applied to the BpfProgram to select. The selector must resolve to exactly one instance of a BpfProgram on a given node or the eBPF program will not load. |
BpfProgramConditionType
(string alias)¶
BpfProgramConditionType is a condition type to indicate the status of a BPF program at the individual node level.
| Value | Description |
|---|---|
"BytecodeSelectorError" |
BpfProgCondBytecodeSelectorError indicates that an error occurred when trying to process the bytecode selector. |
"Loaded" |
BpfProgCondLoaded indicates that the eBPF program was successfully loaded into the kernel on a specific node. |
"MapOwnerNotFound" |
BpfProgCondMapOwnerNotFound indicates that the eBPF program sharing a map with another eBPF program and that program does not exist. |
"MapOwnerNotLoaded" |
BpfProgCondMapOwnerNotLoaded indicates that the eBPF program sharing a map with another eBPF program and that program is not loaded. |
"NoContainersOnNode" |
BpfProgCondNoContainersOnNode indicates that there are no containers on the node that match the container selector. |
"None" |
None of the above conditions apply |
"NotLoaded" |
BpfProgCondNotLoaded indicates that the eBPF program has not yet been loaded into the kernel on a specific node. |
"NotSelected" |
BpfProgCondNotSelected indicates that the eBPF program is not scheduled to be loaded on a specific node. |
"NotUnLoaded" |
BpfProgCondUnloaded indicates that in the midst of trying to remove the eBPF program from the kernel on the node, that program has not yet been removed. |
"Unloaded" |
BpfProgCondUnloaded indicates that the eBPF program has been unloaded from the kernel on a specific node. |
BpfProgramSpec ¶
(Appears on: BpfProgram)
BpfProgramSpec defines the desired state of BpfProgram
| Field | Description |
|---|---|
type
string
|
(Optional)
Type specifies the bpf program type |
BpfProgramStatus ¶
(Appears on: BpfProgram)
BpfProgramStatus defines the observed state of BpfProgram TODO Make these a fixed set of metav1.Condition.types and metav1.Condition.reasons
| Field | Description |
|---|---|
conditions
[]Kubernetes meta/v1.Condition
|
Conditions houses the updates regarding the actual implementation of the bpf program on the node Known .status.conditions.type are: “Available”, “Progressing”, and “Degraded” |
BpfProgramStatusCommon ¶
(Appears on: BpfApplicationStatus, FentryProgramStatus, FexitProgramStatus, KprobeProgramStatus, TcProgramStatus, TracepointProgramStatus, UprobeProgramStatus, XdpProgramStatus)
BpfProgramStatusCommon defines the BpfProgram status
| Field | Description |
|---|---|
conditions
[]Kubernetes meta/v1.Condition
|
Conditions houses the global cluster state for the eBPFProgram. The explicit condition types are defined internally. |
BytecodeImage ¶
(Appears on: BytecodeSelector)
BytecodeImage defines how to specify a bytecode container image.
| Field | Description |
|---|---|
url
string
|
Valid container image URL used to reference a remote bytecode image. |
imagepullpolicy
PullPolicy
|
(Optional)
PullPolicy describes a policy for if/when to pull a bytecode image. Defaults to IfNotPresent. |
imagepullsecret
ImagePullSecretSelector
|
(Optional)
ImagePullSecret is the name of the secret bpfman should use to get remote image repository secrets. |
BytecodeSelector ¶
(Appears on: BpfAppCommon)
BytecodeSelector defines the various ways to reference bpf bytecode objects.
| Field | Description |
|---|---|
image
BytecodeImage
|
Image used to specify a bytecode container image. |
path
string
|
Path is used to specify a bytecode object via filepath. |
ContainerSelector ¶
(Appears on: UprobeProgramInfo)
ContainerSelector identifies a set of containers. For example, this can be used to identify a set of containers in which to attach uprobes.
| Field | Description |
|---|---|
namespace
string
|
(Optional)
Target namespaces. |
pods
Kubernetes meta/v1.LabelSelector
|
Target pods. This field must be specified, to select all pods use standard metav1.LabelSelector semantics and make it empty. |
containernames
[]string
|
(Optional)
Name(s) of container(s). If none are specified, all containers in the pod are selected. |
EBPFProgType
(string alias)¶
(Appears on: BpfApplicationProgram)
EBPFProgType defines the supported eBPF program types
| Value | Description |
|---|---|
"Fentry" |
ProgTypeFentry refers to the Fentry program type. |
"Fexit" |
ProgTypeFexit refers to the Fexit program type. |
"Kprobe" |
ProgTypeKprobe refers to the Kprobe program type. |
"Kretprobe" |
ProgTypeKretprobe refers to the Kprobe program type. |
"TC" |
ProgTypeTC refers to the TC program type. |
"TCX" |
ProgTypeTCX refers to the TCx program type. |
"Tracepoint" |
ProgTypeTracepoint refers to the Tracepoint program type. |
"Uprobe" |
ProgTypeUprobe refers to the Uprobe program type. |
"Uretprobe" |
ProgTypeUretprobe refers to the Uretprobe program type. |
"XDP" |
ProgTypeXDP refers to the XDP program type. |
FentryProgramInfo ¶
(Appears on: BpfApplicationProgram, FentryProgramSpec)
FentryProgramInfo defines the Fentry program details
| Field | Description |
|---|---|
BpfProgramCommon
BpfProgramCommon
|
(Members of |
func_name
string
|
Function to attach the fentry to. |
FentryProgramSpec ¶
(Appears on: FentryProgram)
FentryProgramSpec defines the desired state of FentryProgram
| Field | Description |
|---|---|
FentryProgramInfo
FentryProgramInfo
|
(Members of |
BpfAppCommon
BpfAppCommon
|
(Members of |
FentryProgramStatus ¶
(Appears on: FentryProgram)
FentryProgramStatus defines the observed state of FentryProgram
| Field | Description |
|---|---|
BpfProgramStatusCommon
BpfProgramStatusCommon
|
(Members of |
FexitProgramInfo ¶
(Appears on: BpfApplicationProgram, FexitProgramSpec)
FexitProgramInfo defines the Fexit program details
| Field | Description |
|---|---|
BpfProgramCommon
BpfProgramCommon
|
(Members of |
func_name
string
|
Function to attach the fexit to. |
FexitProgramSpec ¶
(Appears on: FexitProgram)
FexitProgramSpec defines the desired state of FexitProgram
| Field | Description |
|---|---|
FexitProgramInfo
FexitProgramInfo
|
(Members of |
BpfAppCommon
BpfAppCommon
|
(Members of |
FexitProgramStatus ¶
(Appears on: FexitProgram)
FexitProgramStatus defines the observed state of FexitProgram
| Field | Description |
|---|---|
BpfProgramStatusCommon
BpfProgramStatusCommon
|
(Members of |
ImagePullSecretSelector ¶
(Appears on: BytecodeImage)
ImagePullSecretSelector defines the name and namespace of an image pull secret.
| Field | Description |
|---|---|
name
string
|
Name of the secret which contains the credentials to access the image repository. |
namespace
string
|
Namespace of the secret which contains the credentials to access the image repository. |
InterfaceSelector ¶
(Appears on: TcProgramInfo, XdpProgramInfo)
InterfaceSelector defines interface to attach to.
| Field | Description |
|---|---|
interfaces
[]string
|
(Optional)
Interfaces refers to a list of network interfaces to attach the BPF program to. |
primarynodeinterface
bool
|
(Optional)
Attach BPF program to the primary interface on the node. Only ‘true’ accepted. |
KprobeProgramInfo ¶
(Appears on: BpfApplicationProgram, KprobeProgramSpec)
KprobeProgramInfo defines the common fields for KprobeProgram
| Field | Description |
|---|---|
BpfProgramCommon
BpfProgramCommon
|
(Members of |
func_name
string
|
Functions to attach the kprobe to. |
offset
uint64
|
(Optional)
Offset added to the address of the function for kprobe. Not allowed for kretprobes. |
retprobe
bool
|
(Optional)
Whether the program is a kretprobe. Default is false |
KprobeProgramSpec ¶
(Appears on: KprobeProgram)
KprobeProgramSpec defines the desired state of KprobeProgram
| Field | Description |
|---|---|
KprobeProgramInfo
KprobeProgramInfo
|
(Members of |
BpfAppCommon
BpfAppCommon
|
(Members of |
KprobeProgramStatus ¶
(Appears on: KprobeProgram)
KprobeProgramStatus defines the observed state of KprobeProgram
| Field | Description |
|---|---|
BpfProgramStatusCommon
BpfProgramStatusCommon
|
(Members of |
ProgramConditionType
(string alias)¶
ProgramConditionType is a condition type to indicate the status of a BPF program at the cluster level.
| Value | Description |
|---|---|
"DeleteError" |
ProgramDeleteError indicates that the BPF program was marked for deletion, but deletion was unsuccessful. |
"NotYetLoaded" |
ProgramNotYetLoaded indicates that the program in question has not yet been loaded on all nodes in the cluster. |
"ReconcileError" |
ProgramReconcileError indicates that an unforeseen situation has occurred in the controller logic, and the controller will retry. |
"ReconcileSuccess" |
BpfmanProgConfigReconcileSuccess indicates that the BPF program has been successfully reconciled. TODO: we should consider removing “reconciled” type logic from the public API as it’s an implementation detail of our use of controller runtime, but not necessarily relevant to human users or integrations. |
PullPolicy
(string alias)¶
(Appears on: BytecodeImage)
PullPolicy describes a policy for if/when to pull a container image
| Value | Description |
|---|---|
"Always" |
PullAlways means that bpfman always attempts to pull the latest bytecode image. Container will fail If the pull fails. |
"IfNotPresent" |
PullIfNotPresent means that bpfman pulls if the image isn’t present on disk. Container will fail if the image isn’t present and the pull fails. |
"Never" |
PullNever means that bpfman never pulls an image, but only uses a local image. Container will fail if the image isn’t present |
TcProceedOnValue
(string alias)¶
(Appears on: TcProgramInfo)
TcProgramInfo ¶
(Appears on: BpfApplicationProgram, TcProgramSpec)
TcProgramInfo defines the tc program details
| Field | Description |
|---|---|
BpfProgramCommon
BpfProgramCommon
|
(Members of |
interfaceselector
InterfaceSelector
|
Selector to determine the network interface (or interfaces) |
priority
int32
|
Priority specifies the priority of the tc program in relation to other programs of the same type with the same attach point. It is a value from 0 to 1000 where lower values have higher precedence. |
direction
string
|
Direction specifies the direction of traffic the tc program should attach to for a given network device. |
proceedon
[]TcProceedOnValue
|
(Optional)
ProceedOn allows the user to call other tc programs in chain on this exit code. Multiple values are supported by repeating the parameter. |
TcProgramSpec ¶
(Appears on: TcProgram)
TcProgramSpec defines the desired state of TcProgram
| Field | Description |
|---|---|
TcProgramInfo
TcProgramInfo
|
(Members of |
BpfAppCommon
BpfAppCommon
|
(Members of |
TcProgramStatus ¶
(Appears on: TcProgram)
TcProgramStatus defines the observed state of TcProgram
| Field | Description |
|---|---|
BpfProgramStatusCommon
BpfProgramStatusCommon
|
(Members of |
TracepointProgramInfo ¶
(Appears on: BpfApplicationProgram, TracepointProgramSpec)
TracepointProgramInfo defines the Tracepoint program details
| Field | Description |
|---|---|
BpfProgramCommon
BpfProgramCommon
|
(Members of |
names
[]string
|
Names refers to the names of kernel tracepoints to attach the bpf program to. |
TracepointProgramSpec ¶
(Appears on: TracepointProgram)
TracepointProgramSpec defines the desired state of TracepointProgram
| Field | Description |
|---|---|
TracepointProgramInfo
TracepointProgramInfo
|
(Members of |
BpfAppCommon
BpfAppCommon
|
(Members of |
TracepointProgramStatus ¶
(Appears on: TracepointProgram)
TracepointProgramStatus defines the observed state of TracepointProgram
| Field | Description |
|---|---|
BpfProgramStatusCommon
BpfProgramStatusCommon
|
(Members of |
UprobeProgramInfo ¶
(Appears on: BpfApplicationProgram, UprobeProgramSpec)
UprobeProgramInfo contains the information about the uprobe program
| Field | Description |
|---|---|
BpfProgramCommon
BpfProgramCommon
|
(Members of |
func_name
string
|
(Optional)
Function to attach the uprobe to. |
offset
uint64
|
(Optional)
Offset added to the address of the function for uprobe. |
target
string
|
Library name or the absolute path to a binary or library. |
retprobe
bool
|
(Optional)
Whether the program is a uretprobe. Default is false |
pid
int32
|
(Optional)
Only execute uprobe for given process identification number (PID). If PID is not provided, uprobe executes for all PIDs. |
containers
ContainerSelector
|
(Optional)
Containers identifes the set of containers in which to attach the uprobe. If Containers is not specified, the uprobe will be attached in the bpfman-agent container. The ContainerSelector is very flexible and even allows the selection of all containers in a cluster. If an attempt is made to attach uprobes to too many containers, it can have a negative impact on on the cluster. |
UprobeProgramSpec ¶
(Appears on: UprobeProgram)
UprobeProgramSpec defines the desired state of UprobeProgram
| Field | Description |
|---|---|
UprobeProgramInfo
UprobeProgramInfo
|
(Members of |
BpfAppCommon
BpfAppCommon
|
(Members of |
UprobeProgramStatus ¶
(Appears on: UprobeProgram)
UprobeProgramStatus defines the observed state of UprobeProgram
| Field | Description |
|---|---|
BpfProgramStatusCommon
BpfProgramStatusCommon
|
(Members of |
XdpProceedOnValue
(string alias)¶
(Appears on: XdpProgramInfo)
XdpProgramInfo ¶
(Appears on: BpfApplicationProgram, XdpProgramSpec)
XdpProgramInfo defines the common fields for all XdpProgram types
| Field | Description |
|---|---|
BpfProgramCommon
BpfProgramCommon
|
(Members of |
interfaceselector
InterfaceSelector
|
Selector to determine the network interface (or interfaces) |
priority
int32
|
Priority specifies the priority of the bpf program in relation to other programs of the same type with the same attach point. It is a value from 0 to 1000 where lower values have higher precedence. |
proceedon
[]XdpProceedOnValue
|
XdpProgramSpec ¶
(Appears on: XdpProgram)
XdpProgramSpec defines the desired state of XdpProgram
| Field | Description |
|---|---|
XdpProgramInfo
XdpProgramInfo
|
(Members of |
BpfAppCommon
BpfAppCommon
|
(Members of |
XdpProgramStatus ¶
(Appears on: XdpProgram)
XdpProgramStatus defines the observed state of XdpProgram
| Field | Description |
|---|---|
BpfProgramStatusCommon
BpfProgramStatusCommon
|
(Members of |
Generated with gen-crd-api-reference-docs.