mirror of
https://github.com/gravitl/netmaker.git
synced 2026-01-16 07:44:11 +08:00
a4981ffd26
* feat(go): define flow events; * feat(go): improve structure; * feat(go): improve structure; * feat(go): remove old flow definitions; * feat(sql): add clickhouse init scripts; * feat(sql): add protobuf spec; * fix(sql): store ip as string; * feat(go): move proto def to grpc dir; * feat(go): use node instead of host as type; optimize protobuf defs; * feat(go): add clickhouse db support; add endpoint to query flows; * fix(go): fix clickhouse config; * fix(go): use error response structure to report error; * feat(go): pass flow logging status to netclient; * feat(go): add peer ip identity map to host peer info; * feat(go): remove prefix from participant obj fields; * feat(go): add flow logs enabled field to host; * feat(go): add filtering to get flow api; * feat(go): fix record struct; * feat(go): add exporter url to server config; * feat(go): add exporter url to server config; * feat(go): enable flow logs by default; * feat(go): update nm-quick.sh; * feat(go): update nm-quick.sh; * feat(go): update nm-quick.sh; * feat(go): update nm-quick.sh; * feat(go): add db initialization logic; * feat(go): filter by network id; * fix(go): connection issue; * fix(go): connection issue; * fix(go): golang builder version; * feat(go): add server settings for flow logs; * feat(go): initialize clickhouse in pro; check for retention; * feat(go): add exporter feature flags; * feat(go): add grpc behind caddy; * feat(go): expose ports correctly; * fix(go): grpc caddyfile config; * fix(go): publish exporter feature flags on license validation; * fix(go): set server name for netmaker exporter; * fix(go): set server name for netmaker exporter; * fix(go): check for nil cancel func; * fix(go): add flow logs field to api host; * fix(go): add flow logs field to api host; * fix(go): remove port from grpc setting; * chore(go): tabs; * feat(go): introduce egress range participant type;. * feat(go): rename egress range to egress route for uniform language; * feat(go): rename egress range to egress route for uniform language; * feat: add peer addr identity map to host peer update; * feat: add address identity map to host peer update; * feat: add address identity map to host peer update; * feat: set correct from and to args; * feat: add support for filtering by node; * feat: use corresponding base image; * feat: update dockerfile base image version; * fix: disable flow logs for all host when global settings are changed;
144 lines
3.6 KiB
Protocol Buffer
144 lines
3.6 KiB
Protocol Buffer
syntax = "proto3";
|
|
|
|
package netmaker.flow;
|
|
|
|
option go_package = "github.com/gravitl/netmaker/grpc/flow";
|
|
|
|
// ============================================================
|
|
// BUILD COMMAND:
|
|
//
|
|
// protoc --go_out=. --go_opt=paths=source_relative --go-grpc_out=. --go-grpc_opt=paths=source_relative grpc/flow/flow.proto
|
|
//
|
|
// ============================================================
|
|
|
|
// ============================================================
|
|
// ENUMS
|
|
// ============================================================
|
|
|
|
/**
|
|
* Lifecycle stage of a flow event as seen by an netclient.
|
|
* A flow produces:
|
|
* - EVENT_START when conntrack entry is created
|
|
* - EVENT_DESTROY when conntrack entry is removed
|
|
*/
|
|
enum EventType {
|
|
EVENT_TYPE_UNSPECIFIED = 0;
|
|
EVENT_START = 1;
|
|
EVENT_DESTROY = 2;
|
|
}
|
|
|
|
/**
|
|
* Identifies what kind of participant an IP belongs to.
|
|
*/
|
|
enum ParticipantType {
|
|
PARTICIPANT_UNSPECIFIED = 0;
|
|
PARTICIPANT_NODE = 1;
|
|
PARTICIPANT_USER = 2;
|
|
PARTICIPANT_EXTCLIENT = 3;
|
|
PARTICIPANT_EGRESS_ROUTE = 4;
|
|
PARTICIPANT_EXTERNAL = 5; // anything not part of the Netmaker network
|
|
}
|
|
|
|
/**
|
|
* Direction of the flow relative to the observing node.
|
|
*/
|
|
enum Direction {
|
|
DIR_UNSPECIFIED = 0;
|
|
DIR_INGRESS = 1;
|
|
DIR_EGRESS = 2;
|
|
}
|
|
|
|
// ============================================================
|
|
// PARTICIPANT STRUCTURE
|
|
// ============================================================
|
|
|
|
/**
|
|
* Fully enriched representation of one endpoint of a flow.
|
|
*/
|
|
message FlowParticipant {
|
|
string ip = 1;
|
|
ParticipantType type = 2;
|
|
string id = 3;
|
|
}
|
|
|
|
// ============================================================
|
|
// RAW AGENT EVENT
|
|
// ============================================================
|
|
|
|
/**
|
|
* Flow event generated by netclient.
|
|
*/
|
|
message FlowEvent {
|
|
// Flow lifecycle event type (START or DESTROY)
|
|
EventType type = 1;
|
|
|
|
// Stable identity
|
|
string flow_id = 2; // unique per flow
|
|
string network_id = 3; // network this flow belongs to
|
|
string host_id = 4; // node reporting this event
|
|
|
|
// L3/L4 metadata
|
|
uint32 protocol = 5;
|
|
uint32 src_port = 6;
|
|
uint32 dst_port = 7;
|
|
uint32 icmp_type = 8;
|
|
uint32 icmp_code = 9;
|
|
|
|
Direction direction = 10;
|
|
|
|
// Participants — enriched by client
|
|
FlowParticipant src = 11;
|
|
FlowParticipant dst = 12;
|
|
|
|
// Timestamps (milliseconds since epoch)
|
|
int64 start_ts_ms = 13;
|
|
int64 end_ts_ms = 14;
|
|
|
|
// Traffic counters (only valid for destroy events)
|
|
uint64 bytes_sent = 15;
|
|
uint64 bytes_recv = 16;
|
|
uint64 packets_sent = 17;
|
|
uint64 packets_recv = 18;
|
|
|
|
// Netfilter conntrack status flags (bitmask)
|
|
uint32 status = 19;
|
|
|
|
/**
|
|
* Version used by ClickHouse for merging.
|
|
* Must be strictly increasing for START → DESTROY.
|
|
* Usually equal to the netclient event timestamp (ms).
|
|
*/
|
|
int64 version = 20;
|
|
}
|
|
|
|
// ============================================================
|
|
// BATCHING AND STREAMING
|
|
// ============================================================
|
|
|
|
/**
|
|
* Envelope sent by netclients containing multiple FlowEvents.
|
|
*/
|
|
message FlowEnvelope {
|
|
repeated FlowEvent events = 1;
|
|
}
|
|
|
|
/**
|
|
* Response from server acknowledging receipt of a batch.
|
|
*/
|
|
message FlowResponse {
|
|
bool success = 1; // true if batch was accepted
|
|
string error = 2; // optional error information
|
|
}
|
|
|
|
// ============================================================
|
|
// SERVICE
|
|
// ============================================================
|
|
|
|
/**
|
|
* Bidirectional streaming:
|
|
* - Agents continuously send FlowEnvelope batches.
|
|
* - Server replies with FlowResponse ACKs.
|
|
*/
|
|
service FlowService {
|
|
rpc StreamFlows(stream FlowEnvelope) returns (stream FlowResponse);
|
|
}
|