Skip to content

Add USM instrumentation #4813

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
Yumasi merged 52 commits into from
Apr 5, 2023
Merged

Add USM instrumentation #4813

Yumasi merged 52 commits into from
Apr 5, 2023

Conversation

@Yumasi
Copy link
Member

@Yumasi Yumasi commented Feb 28, 2023
edited
Loading

What Does This Do

This PR adds a new instrumentation, sslsocket, that captures HTTPS traffic in Java applications that use SSLSocket under the hood, and sends it to system-probe via a custom ioctl. This part of USM's HTTPS monitoring support.

Few things to note:

  • This is meant to be attached to Java process by system-probe (which uses jattach under the hood), which requires a different way to get the javaagent args, hence the addition to agentmain.
  • The instrumentation does not produce traces, but instead does an ioctl using jna. The dependency to jna is the reason UsmMessage and UsmExtractor implementations are in separate packages.
  • Due to it only making an ioctl call as a side-effect, the included instrumentation test focuses on the "instrumentation part" i.e the advices, to make sure it does the expected calls to the implementation that makes the actual ioctl call.

Changes for second review round

  • The instrumentation now targets SSLSocket instead of SSLSocketImpl.

Motivation

Additional Notes

val06 and others added 27 commits February 15, 2023 08:14
@val06 @Yumasi
added USM profile and configuration
d02b026
@val06 @Yumasi
- added sslsocketImpl instrumentations
b6d12bd 
- removed SSLSocketImpl and its inner classes from ignored_class_name.trie to allow instrumenting them
@val06 @Yumasi
- removed SSLSocketImpl and its inner classes from ignored_class_name…
7a46a19 
….trie to allow instrumenting them
@val06 @Yumasi
- added USMExtractor to agent-bootstrap
7457d9c 
    - sending captured data via ioctl with a special request code
- using USMExtractor directly from SSLSocket advices
@val06 @Yumasi
- replaced println with log
e663854
@val06 @Yumasi
- small changes in structs layout
f690350 
- updated MAX_HTTP_BUFFER_SIZE to match the relevant value on the Systemprobe side
@val06 @Yumasi
- adjusted connection encoding to match conn_tuple_t struct in datado…
8e2e145 
…g-agent/pkg/network/ebpf/c/tracer.h
@val06 @Yumasi
- changed CONNECTION_INFO_SIZE to const size
13b5e7f
@val06 @Yumasi
- removed PidHelper usage
23eea05
@val06 @Yumasi
- changed prints to match the fields actually encoded into a ioctl bu…
4c81727 
…ffer

- added prints to ioctl execution
- fixed connection encoding
- fixed message validation bug
@Yumasi
removed instrumentation dependency on jna
777a383 
Signed-off-by: Guillaume Pagnoux <[email protected]>
@Yumasi
remove old files
0397c83 
Signed-off-by: Guillaume Pagnoux <[email protected]>
@Yumasi
fix muzzle tests
99a4746 
Signed-off-by: Guillaume Pagnoux <[email protected]>
@val06 @Yumasi
- fixed endianess for ipv4 encoding
5849459 
- added args parsing when injecting the agent dynamically
@val06 @Yumasi
- fixed endianess for ipv4 - take 2
717a2a5
@Yumasi
fix formatting
08737a9 
Signed-off-by: Guillaume Pagnoux <[email protected]>
@Yumasi
fix null pointer exception when loading the agent statically
c7475a5 
Signed-off-by: Guillaume Pagnoux <[email protected]>
@Yumasi
bootstrap: remove forbidden call to str.split
e28c71a 
Signed-off-by: Guillaume Pagnoux <[email protected]>
@Yumasi
internal-api: Strings: add split function
20cf3e8 
Signed-off-by: Guillaume Pagnoux <[email protected]>
@Yumasi
bootstrap: remove forbidden call to str.split
2549022 
Signed-off-by: Guillaume Pagnoux <[email protected]>
@Yumasi
internal-api: Strings: add split function
241fa4b 
Signed-off-by: Guillaume Pagnoux <[email protected]>
@Yumasi
sun-sslsocketimpl: add instrumentation tests (WIP)
28a624b 
Signed-off-by: Guillaume Pagnoux <[email protected]>
@val06
- added support for JDK 16 and above by removing SSLSocketImpl depend…
1c1fc77 
…encies in internal-api and agent-tooling modules. Instead, passing the connenction tuple directly from the advice
@val06
Merge remote-tracking branch 'origin/guillaume.pagnoux/usm-intrumenta…
882b156 
…tion-profile' into valeri.pliskin/java-tls-support-java-sdk16-and-above
@val06
- fixed formatting
a9596e3
@val06
Merge pull request #4799 from DataDog/valeri.pliskin/java-tls-support…
571acc8 
…-java-sdk16-and-above

Remove SSLSocketImpl references to support JDK 16 and above
@Yumasi
fix test
1b5768f 
Signed-off-by: Guillaume Pagnoux <[email protected]>
@Yumasi Yumasi requested a review from a team as a code owner February 28, 2023 14:45
Yumasi added 5 commits March 28, 2023 16:44
@Yumasi
add null checks when accessing dest IP
526c1f9 
Signed-off-by: Guillaume Pagnoux <[email protected]>
@Yumasi
add Usm filter streams
2193b74 
Signed-off-by: Guillaume Pagnoux <[email protected]>
@Yumasi
rename instrumentation to sslsocket
12f82e1 
Signed-off-by: Guillaume Pagnoux <[email protected]>
@Yumasi
Merge remote-tracking branch 'origin/master' into guillaume.pagnoux/u…
7d9afcc 
…sm-intrumentation-profile
@Yumasi
apply spotless
7d63842 
Signed-off-by: Guillaume Pagnoux <[email protected]>
mcculls
mcculls reviewed Apr 5, 2023
View reviewed changes
@Yumasi
remove stale test
a3244f0 
Signed-off-by: Guillaume Pagnoux <[email protected]>
Yumasi added 2 commits April 5, 2023 12:41
@Yumasi
remove extraneous instrumentations' names
1b2f673 
Signed-off-by: Guillaume Pagnoux <[email protected]>
@Yumasi
remove unused logger
ba5dfeb 
Signed-off-by: Guillaume Pagnoux <[email protected]>
mcculls
mcculls requested changes Apr 5, 2023
View reviewed changes
Copy link
Contributor

@mcculls mcculls left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Needs a bit more cleanup before this can be merged - see comments about using USM specific package for new types and preferring agent-bootstrap over internal-api for bootstrap related instrumentation types

mcculls
mcculls reviewed Apr 5, 2023
View reviewed changes
mcculls
mcculls approved these changes Apr 5, 2023
View reviewed changes
Copy link
Contributor

@mcculls mcculls left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Once the unrelated formatting changes have been cleaned up this should be OK to merge

Yumasi added 2 commits April 5, 2023 14:29
@Yumasi
remove empty if
6127b94 
Signed-off-by: Guillaume Pagnoux <[email protected]>
@Yumasi
revert accidental comments reformating
80b637b 
Signed-off-by: Guillaume Pagnoux <[email protected]>
@Yumasi Yumasi dismissed val06’s stale review April 5, 2023 13:09

Valeri is on PTO but we need this merged this week

@Yumasi
adjust expect jar size
96853a1 
Signed-off-by: Guillaume Pagnoux <[email protected]>
@Yumasi Yumasi merged commit 8019600 into master Apr 5, 2023
@Yumasi Yumasi deleted the guillaume.pagnoux/usm-intrumentation-profile branch April 5, 2023 16:18
@github-actions github-actions bot added this to the 1.12.0 milestone Apr 5, 2023
@nikita-tkachenko-datadog
Copy link
Contributor

nikita-tkachenko-datadog commented Apr 9, 2023
edited
Loading

This breaks logic introduced in #4888

Specifically the part in AgentBootstrap:

parseAsSystemProperties(agentArgs);

parses agent arguments and injects them as system properties.

The same logic was implemented in AgentArgsInjector in the PR linked above (the only difference being that , is used to separate arguments rather than ).

As the code added here expects args to be separated with space, when args are supplied in previous comma-separated format, they are all lumped together and injected under the name of the first arg.

My suggestion would be to revert the parseAsSystemProperties part of the changes done here in favour of the AgentArgsInjector logic, as that has already been released to the public.

@Yumasi Yumasi mentioned this pull request Apr 11, 2023
Merged
@richardstartin richardstartin added the comp: universal service monitoring Universal Service Monitoring label Apr 13, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@amarziali amarziali amarziali left review comments

@mcculls mcculls mcculls approved these changes

+1 more reviewer

@val06 val06 val06 left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

comp: universal service monitoring Universal Service Monitoring

Projects

None yet

Milestone

1.12.0

Development

Successfully merging this pull request may close these issues.

7 participants

@Yumasi @nikita-tkachenko-datadog @mcculls @amarziali @val06 @richardstartin