func()

in pkg/ebpf/bpf_client.go [590:642]

• 41 lines of code
• 5 McCabe index (conditional complexity)

func (l *bpfClient) AttacheBPFProbes(pod types.NamespacedName, podIdentifier string) error {
	// Two go routines can try to attach the probes at the same time
	// Locking will help updating all the datastructures correctly
	value, _ := l.AttachProbesToPodLock.LoadOrStore(podIdentifier, &sync.Mutex{})
	attachProbesLock := value.(*sync.Mutex)
	attachProbesLock.Lock()
	l.logger.Info("Got the attachProbesLock for", "Pod: ", pod.Name, " Namespace: ", pod.Namespace, " PodIdentifier: ", podIdentifier)
	defer attachProbesLock.Unlock()

	// Check if an eBPF probe is already attached on both ingress and egress direction(s) for this pod.
	// If yes, then skip probe attach flow for this pod and update the relevant map entries.
	isIngressProbeAttached, isEgressProbeAttached := l.IsEBPFProbeAttached(pod.Name, pod.Namespace)

	start := time.Now()
	// We attach the TC probes to the hostVeth interface of the pod. Derive the hostVeth
	// name from the Name and Namespace of the Pod.
	// Note: The below naming convention is tied to VPC CNI and isn't meant to be generic
	hostVethName := utils.GetHostVethName(pod.Name, pod.Namespace, []string{POD_VETH_PREFIX, BRANCH_ENI_VETH_PREFIX}, l.logger)

	l.logger.Info("AttacheBPFProbes for", "pod", pod.Name, " in namespace", pod.Namespace, " with hostVethName", hostVethName)
	podNamespacedName := utils.GetPodNamespacedName(pod.Name, pod.Namespace)

	if !isIngressProbeAttached {
		progFD, err := l.attachIngressBPFProbe(hostVethName, podIdentifier)
		duration := msSince(start)
		sdkAPILatency.WithLabelValues("attachIngressBPFProbe", fmt.Sprint(err != nil)).Observe(duration)
		if err != nil {
			l.logger.Info("Failed to Attach Ingress TC probe for", "pod: ", pod.Name, " in namespace", pod.Namespace)
			sdkAPIErr.WithLabelValues("attachIngressBPFProbe").Inc()
			return err
		}
		l.logger.Info("Successfully attached Ingress TC probe for", "pod: ", pod.Name, " in namespace", pod.Namespace)
		l.IngressPodToProgMap.Store(podNamespacedName, progFD)
		currentPodSet, _ := l.IngressProgToPodsMap.LoadOrStore(progFD, make(map[string]struct{}))
		currentPodSet.(map[string]struct{})[podNamespacedName] = struct{}{}
	}

	if !isEgressProbeAttached {
		progFD, err := l.attachEgressBPFProbe(hostVethName, podIdentifier)
		duration := msSince(start)
		sdkAPILatency.WithLabelValues("attachEgressBPFProbe", fmt.Sprint(err != nil)).Observe(duration)
		if err != nil {
			l.logger.Info("Failed to Attach Egress TC probe for", "pod: ", pod.Name, " in namespace", pod.Namespace)
			sdkAPIErr.WithLabelValues("attachEgressBPFProbe").Inc()
			return err
		}
		l.logger.Info("Successfully attached Egress TC probe for", "pod: ", pod.Name, " in namespace", pod.Namespace)
		l.EgressPodToProgMap.Store(podNamespacedName, progFD)
		currentPodSet, _ := l.EgressProgToPodsMap.LoadOrStore(progFD, make(map[string]struct{}))
		currentPodSet.(map[string]struct{})[podNamespacedName] = struct{}{}
	}
	return nil
}