ROX-25719: Enable ExternalIPs based on runtime-config (#1888)

collector/lib/CollectorConfig.h

@@ -64,6 +64,9 @@ class CollectorConfig {
   static constexpr bool kEnableProcessesListeningOnPorts = true;
 
   CollectorConfig();
+  CollectorConfig(const CollectorConfig&) = delete;
+  CollectorConfig(CollectorConfig&&) = delete;
+
   void InitCollectorConfig(CollectorArgs* collectorArgs);
 
   std::string asString() const;
@@ -161,7 +164,7 @@ class CollectorConfig {
   bool enable_processes_listening_on_ports_;
   bool import_users_;
   bool collect_connection_status_;
-  bool enable_external_ips_;
+  bool enable_external_ips_ = false;
   bool enable_connection_stats_;
   bool enable_detailed_metrics_;
   bool enable_runtime_config_;

collector/lib/CollectorConfigInspector.cpp

@@ -9,11 +9,11 @@ namespace collector {
 
 const std::string CollectorConfigInspector::kBaseRoute = "/state/config";
 
-CollectorConfigInspector::CollectorConfigInspector(const std::shared_ptr<CollectorConfig> config) : config_(config) {
+CollectorConfigInspector::CollectorConfigInspector(const CollectorConfig& config) : config_(config) {
 }
 
 std::string CollectorConfigInspector::configToJson(bool& isError) {
-  const auto& runtime_config = config_->GetRuntimeConfig();
+  const auto& runtime_config = config_.GetRuntimeConfig();
 
   if (!runtime_config.has_value()) {
     return "{}";

collector/lib/CollectorConfigInspector.h

@@ -1,8 +1,6 @@
 #ifndef COLLECTOR_CONFIG_INSPECTOR_H
 #define COLLECTOR_CONFIG_INSPECTOR_H
 
-#include <memory>
-
 #include <json/writer.h>
 
 #include "CollectorConfig.h"
@@ -14,13 +12,13 @@ class CollectorConfigInspector : public IntrospectionEndpoint {
  public:
   static const std::string kBaseRoute;
 
-  CollectorConfigInspector(const std::shared_ptr<CollectorConfig> config);
+  CollectorConfigInspector(const CollectorConfig& config);
 
   // implementation of CivetHandler
   bool handleGet(CivetServer* server, struct mg_connection* conn) override;
 
  private:
-  const std::shared_ptr<CollectorConfig> config_;
+  const CollectorConfig& config_;
   std::string configToJson(bool& isError);
 };
 

collector/lib/CollectorService.cpp

@@ -29,7 +29,7 @@ extern unsigned char g_bpf_drop_syscalls[];  // defined in libscap
 
 namespace collector {
 
-CollectorService::CollectorService(const CollectorConfig& config, std::atomic<ControlValue>* control,
+CollectorService::CollectorService(CollectorConfig& config, std::atomic<ControlValue>* control,
                                    const std::atomic<int>* signum)
     : config_(config), control_(control), signum_(*signum) {
   CLOG(INFO) << "Config: " << config;
@@ -91,7 +91,6 @@ void CollectorService::RunForever() {
     conn_tracker->UpdateIgnoredL4ProtoPortPairs(std::move(ignored_l4proto_port_pairs));
     conn_tracker->UpdateIgnoredNetworks(config_.IgnoredNetworks());
     conn_tracker->UpdateNonAggregatedNetworks(config_.NonAggregatedNetworks());
-    conn_tracker->EnableExternalIPs(config_.EnableExternalIPs());
 
     auto network_connection_info_service_comm = std::make_shared<NetworkConnectionInfoServiceComm>(config_.Hostname(), config_.grpc_channel);
 
@@ -113,7 +112,7 @@ void CollectorService::RunForever() {
     server.addHandler(container_info_inspector->kBaseRoute, container_info_inspector.get());
     network_status_inspector = std::make_unique<NetworkStatusInspector>(conn_tracker);
     server.addHandler(network_status_inspector->kBaseRoute, network_status_inspector.get());
-    collector_config_inspector = std::make_unique<CollectorConfigInspector>(std::make_shared<CollectorConfig>(config_));
+    collector_config_inspector = std::make_unique<CollectorConfigInspector>(config_);
     server.addHandler(collector_config_inspector->kBaseRoute, collector_config_inspector.get());
   }
 

collector/lib/CollectorService.h

@@ -9,7 +9,7 @@ namespace collector {
 
 class CollectorService {
  public:
-  CollectorService(const CollectorConfig& config, std::atomic<ControlValue>* control, const std::atomic<int>* signum);
+  CollectorService(CollectorConfig& config, std::atomic<ControlValue>* control, const std::atomic<int>* signum);
 
   void RunForever();
 
@@ -18,7 +18,7 @@ class CollectorService {
  private:
   bool WaitForGRPCServer();
 
-  CollectorConfig config_;
+  CollectorConfig& config_;
 
   std::atomic<ControlValue>* control_;
   const std::atomic<int>& signum_;

collector/lib/NetworkStatusNotifier.cpp

@@ -239,6 +239,8 @@ void NetworkStatusNotifier::RunSingle(IDuplexClientWriter<sensor::NetworkConnect
     ConnMap new_conn_state, delta_conn;
     AdvertisedEndpointMap new_cep_state;
     WITH_TIMER(CollectorStats::net_fetch_state) {
+      conn_tracker_->EnableExternalIPs(config_.EnableExternalIPs());
+
       new_conn_state = conn_tracker_->FetchConnState(true, true);
       if (enable_afterglow_) {
         ConnectionTracker::ComputeDeltaAfterglow(new_conn_state, old_conn_state, delta_conn, time_micros, time_at_last_scrape, afterglow_period_micros_);

collector/lib/NetworkStatusNotifier.h

@@ -28,6 +28,7 @@ class NetworkStatusNotifier : protected ProtoAllocator<sensor::NetworkConnection
         conn_tracker_(std::move(conn_tracker)),
         afterglow_period_micros_(config.AfterglowPeriod()),
         enable_afterglow_(config.EnableAfterglow()),
+        config_(config),
         comm_(comm),
         connections_total_reporter_(connections_total_reporter),
         connections_rate_reporter_(connections_rate_reporter) {
@@ -65,6 +66,7 @@ class NetworkStatusNotifier : protected ProtoAllocator<sensor::NetworkConnection
 
   int64_t afterglow_period_micros_;
   bool enable_afterglow_;
+  const CollectorConfig& config_;
   std::shared_ptr<INetworkConnectionInfoServiceComm> comm_;
 
   std::shared_ptr<CollectorConnectionStats<unsigned int>> connections_total_reporter_;