github.com/cilium/cilium@v1.16.2/api/v1/observer/observer.proto (about) 1 // SPDX-License-Identifier: Apache-2.0 2 // Copyright Authors of Hubble 3 4 syntax = "proto3"; 5 6 import "google/protobuf/any.proto"; 7 import "google/protobuf/wrappers.proto"; 8 import "google/protobuf/timestamp.proto"; 9 import "google/protobuf/field_mask.proto"; 10 import public "flow/flow.proto"; 11 import "relay/relay.proto"; 12 13 package observer; 14 15 option go_package = "github.com/cilium/cilium/api/v1/observer"; 16 17 // Observer returns a stream of Flows depending on which filter the user want 18 // to observe. 19 service Observer { 20 // GetFlows returning structured data, meant to eventually obsolete GetLastNFlows. 21 rpc GetFlows(GetFlowsRequest) returns (stream GetFlowsResponse) {} 22 23 // GetAgentEvents returns Cilium agent events. 24 rpc GetAgentEvents(GetAgentEventsRequest) returns (stream GetAgentEventsResponse) {} 25 26 // GetDebugEvents returns Cilium datapath debug events. 27 rpc GetDebugEvents(GetDebugEventsRequest) returns (stream GetDebugEventsResponse) {} 28 29 // GetNodes returns information about nodes in a cluster. 30 rpc GetNodes(GetNodesRequest) returns (GetNodesResponse) {} 31 32 // GetNamespaces returns information about namespaces in a cluster. 33 // The namespaces returned are namespaces which have had network flows in 34 // the last hour. The namespaces are returned sorted by cluster name and 35 // namespace in ascending order. 36 rpc GetNamespaces(GetNamespacesRequest) returns (GetNamespacesResponse) {} 37 38 // ServerStatus returns some details about the running hubble server. 39 rpc ServerStatus(ServerStatusRequest) returns (ServerStatusResponse) {} 40 } 41 42 message ServerStatusRequest {} 43 44 message ServerStatusResponse { 45 // number of currently captured flows 46 // In a multi-node context, this is the cumulative count of all captured 47 // flows. 48 uint64 num_flows = 1; 49 50 // maximum capacity of the ring buffer 51 // In a multi-node context, this is the aggregation of all ring buffers 52 // capacities. 53 uint64 max_flows = 2; 54 55 // total amount of flows observed since the observer was started 56 // In a multi-node context, this is the aggregation of all flows that have 57 // been seen. 58 uint64 seen_flows = 3; 59 60 // uptime of this observer instance in nanoseconds 61 // In a multi-node context, this field corresponds to the uptime of the 62 // longest living instance. 63 uint64 uptime_ns = 4; 64 65 // number of nodes for which a connection is established 66 google.protobuf.UInt32Value num_connected_nodes = 5; 67 68 // number of nodes for which a connection cannot be established 69 google.protobuf.UInt32Value num_unavailable_nodes = 6; 70 71 // list of nodes that are unavailable 72 // This list may not be exhaustive. 73 repeated string unavailable_nodes = 7; 74 75 // Version is the version of Cilium/Hubble. 76 string version = 8; 77 78 // Approximate rate of flows seen by Hubble per second over the last minute. 79 // In a multi-node context, this is the sum of all flows rates. 80 double flows_rate = 9; 81 } 82 83 message GetFlowsRequest { 84 // Number of flows that should be returned. Incompatible with `since/until`. 85 // Defaults to the most recent (last) `number` flows, unless `first` is 86 // true, then it will return the earliest `number` flows. 87 uint64 number = 1; 88 89 // first specifies if we should look at the first `number` flows or the 90 // last `number` of flows. Incompatible with `follow`. 91 bool first = 9; 92 93 reserved 2; // removed, do not use 94 95 // follow sets when the server should continue to stream flows after 96 // printing the last N flows. 97 bool follow = 3; 98 99 // blacklist defines a list of filters which have to match for a flow to be 100 // excluded from the result. 101 // If multiple blacklist filters are specified, only one of them has to 102 // match for a flow to be excluded. 103 repeated flow.FlowFilter blacklist = 5; 104 105 // whitelist defines a list of filters which have to match for a flow to be 106 // included in the result. 107 // If multiple whitelist filters are specified, only one of them has to 108 // match for a flow to be included. 109 // The whitelist and blacklist can both be specified. In such cases, the 110 // set of the returned flows is the set difference `whitelist - blacklist`. 111 // In other words, the result will contain all flows matched by the 112 // whitelist that are not also simultaneously matched by the blacklist. 113 repeated flow.FlowFilter whitelist = 6; 114 115 // Since this time for returned flows. Incompatible with `number`. 116 google.protobuf.Timestamp since = 7; 117 118 // Until this time for returned flows. Incompatible with `number`. 119 google.protobuf.Timestamp until = 8; 120 121 // FieldMask allows clients to limit flow's fields that will be returned. 122 // For example, {paths: ["source.id", "destination.id"]} will return flows 123 // with only these two fields set. 124 google.protobuf.FieldMask field_mask = 10; 125 126 // Experimental contains fields that are not stable yet. Support for 127 // experimental features is always optional and subject to change. 128 message Experimental { 129 // FieldMask allows clients to limit flow's fields that will be returned. 130 // For example, {paths: ["source.id", "destination.id"]} will return flows 131 // with only these two fields set. 132 // Deprecated in favor of top-level field_mask. This field will be 133 // removed in v1.17. 134 google.protobuf.FieldMask field_mask = 1 [deprecated=true]; 135 } 136 Experimental experimental = 999; 137 138 // extensions can be used to add arbitrary additional metadata to GetFlowsRequest. 139 // This can be used to extend functionality for other Hubble compatible 140 // APIs, or experiment with new functionality without needing to change the public API. 141 google.protobuf.Any extensions = 150000; 142 } 143 144 // GetFlowsResponse contains either a flow or a protocol message. 145 message GetFlowsResponse { 146 oneof response_types{ 147 flow.Flow flow = 1; 148 // node_status informs clients about the state of the nodes 149 // participating in this particular GetFlows request. 150 relay.NodeStatusEvent node_status = 2; 151 // lost_events informs clients about events which got dropped due to 152 // a Hubble component being unavailable 153 flow.LostEvent lost_events = 3; 154 } 155 // Name of the node where this event was observed. 156 string node_name = 1000; 157 // Timestamp at which this event was observed. 158 google.protobuf.Timestamp time = 1001; 159 } 160 161 message GetAgentEventsRequest { 162 // Number of flows that should be returned. Incompatible with `since/until`. 163 // Defaults to the most recent (last) `number` events, unless `first` is 164 // true, then it will return the earliest `number` events. 165 uint64 number = 1; 166 167 // first specifies if we should look at the first `number` events or the 168 // last `number` of events. Incompatible with `follow`. 169 bool first = 9; 170 171 // follow sets when the server should continue to stream agent events after 172 // printing the last N agent events. 173 bool follow = 2; 174 175 // TODO: do we want to be able to specify blocklist/allowlist (previously 176 // known as blacklist/whitelist)? 177 178 // Since this time for returned agent events. Incompatible with `number`. 179 google.protobuf.Timestamp since = 7; 180 181 // Until this time for returned agent events. Incompatible with `number`. 182 google.protobuf.Timestamp until = 8; 183 } 184 185 // GetAgentEventsResponse contains an event received from the Cilium agent. 186 message GetAgentEventsResponse { 187 flow.AgentEvent agent_event = 1; 188 // Name of the node where this event was observed. 189 string node_name = 1000; 190 // Timestamp at which this event was observed. 191 google.protobuf.Timestamp time = 1001; 192 } 193 194 message GetDebugEventsRequest { 195 // Number of events that should be returned. Incompatible with `since/until`. 196 // Defaults to the most recent (last) `number` events, unless `first` is 197 // true, then it will return the earliest `number` events. 198 uint64 number = 1; 199 200 // first specifies if we should look at the first `number` events or the 201 // last `number` of events. Incompatible with `follow`. 202 bool first = 9; 203 204 // follow sets when the server should continue to stream debug events after 205 // printing the last N debug events. 206 bool follow = 2; 207 208 // TODO: do we want to be able to specify blocklist/allowlist (previously 209 // known as blacklist/whitelist)? 210 211 // Since this time for returned debug events. Incompatible with `number`. 212 google.protobuf.Timestamp since = 7; 213 214 // Until this time for returned debug events. Incompatible with `number`. 215 google.protobuf.Timestamp until = 8; 216 } 217 218 // GetDebugEventsResponse contains a Cilium datapath debug events. 219 message GetDebugEventsResponse { 220 flow.DebugEvent debug_event = 1; 221 // Name of the node where this event was observed. 222 string node_name = 1000; 223 // Timestamp at which this event was observed. 224 google.protobuf.Timestamp time = 1001; 225 } 226 227 message GetNodesRequest {} 228 229 // GetNodesResponse contains the list of nodes. 230 message GetNodesResponse { 231 // Nodes is an exhaustive list of nodes. 232 repeated Node nodes = 1; 233 } 234 235 // Node represents a cluster node. 236 message Node { 237 // Name is the name of the node. 238 string name = 1; 239 // Version is the version of Cilium/Hubble as reported by the node. 240 string version = 2; 241 242 // Address is the network address of the API endpoint. 243 string address = 3; 244 245 // State represents the known state of the node. 246 relay.NodeState state = 4; 247 248 // TLS reports TLS related information. 249 TLS tls = 5; 250 251 // UptimeNS is the uptime of this instance in nanoseconds 252 uint64 uptime_ns = 6; 253 254 // number of currently captured flows 255 uint64 num_flows = 7; 256 257 // maximum capacity of the ring buffer 258 uint64 max_flows = 8; 259 260 // total amount of flows observed since the observer was started 261 uint64 seen_flows = 9; 262 } 263 264 // TLS represents TLS information. 265 message TLS { 266 // Enabled reports whether TLS is enabled or not. 267 bool enabled = 1; 268 // ServerName is the TLS server name that can be used as part of the TLS 269 // cert validation process. 270 string server_name = 2; 271 } 272 273 message GetNamespacesRequest {} 274 275 // GetNamespacesResponse contains the list of namespaces. 276 message GetNamespacesResponse { 277 // Namespaces is a list of namespaces with flows 278 repeated Namespace namespaces = 1; 279 } 280 281 message Namespace { 282 string cluster = 1; 283 string namespace = 2; 284 } 285 286 // ExportEvent contains an event to be exported. Not to be used outside of the 287 // exporter feature. 288 message ExportEvent { 289 oneof response_types{ 290 flow.Flow flow = 1; 291 // node_status informs clients about the state of the nodes 292 // participating in this particular GetFlows request. 293 relay.NodeStatusEvent node_status = 2; 294 // lost_events informs clients about events which got dropped due to 295 // a Hubble component being unavailable 296 flow.LostEvent lost_events = 3; 297 // agent_event informs clients about an event received from the Cilium 298 // agent. 299 flow.AgentEvent agent_event = 4; 300 // debug_event contains Cilium datapath debug events 301 flow.DebugEvent debug_event = 5; 302 } 303 // Name of the node where this event was observed. 304 string node_name = 1000; 305 // Timestamp at which this event was observed. 306 google.protobuf.Timestamp time = 1001; 307 }