Merge pull request #219 from StackVista/STAC-23435

[STAC-23435] fix: always close rootNsHandle

Author: Andreagit97

checks/net.go

@@ -17,7 +17,6 @@ import (
 	"github.com/DataDog/datadog-agent/pkg/network/protocols/postgres"
 	"github.com/DataDog/datadog-agent/pkg/network/tracer"
 	"github.com/DataDog/datadog-agent/pkg/process/util"
-	"github.com/DataDog/datadog-agent/pkg/util/kernel"
 	"github.com/DataDog/datadog-agent/pkg/util/kubernetes/kubelet"
 	"github.com/StackVista/stackstate-process-agent/pkg/pods"
 	"github.com/StackVista/stackstate-receiver-go-client/pkg/model/telemetry"
@@ -61,6 +60,9 @@ type ConnectionsCheck struct {
 	cache *NetworkRelationCache
 
 	podCorrelation *podCorrelationInfo
+
+	// Inode of the root network namespace
+	rootNSIno uint32
 }
 
 // Name returns the name of the ConnectionsCheck.
@@ -533,32 +535,21 @@ func (c *ConnectionsCheck) formatConnections(
 	// It is unlikely that we will be able to correlate connections from the root namespace
 	var unsentNonRootObservations = 0
 	var unsentNonRootConnectionMetrics = 0
-	rootHandle, err := kernel.GetRootNetNamespace(kernel.ProcFSRoot())
-	if err == nil {
-		ino, err := kernel.GetInoForNs(rootHandle)
-		if err == nil {
-			for k, v := range uncorrelatedObservations {
-				if k.NetNs != ino {
-					log.Debugf("Unsent non-root observation: %v:%d<-%v:%d @ %d = %v", util.FromLowHigh(k.DstIPLow, k.DstIPHigh), k.DstPort, util.FromLowHigh(k.SrcIPLow, k.SrcIPHigh), k.SrcPort, k.NetNs, v)
-					unsentNonRootObservations++
-					continue
-				}
-				log.Debugf("Unsent connection observation: %v:%d<-%v:%d @ %d = %v", util.FromLowHigh(k.DstIPLow, k.DstIPHigh), k.DstPort, util.FromLowHigh(k.SrcIPLow, k.SrcIPHigh), k.SrcPort, k.NetNs, v)
-			}
 
-			for k := range uncorrelatedConnectionMetrics {
-				if k.NetNs != ino {
-					unsentNonRootConnectionMetrics++
-					continue
-				}
-			}
-		} else {
-			unsentNonRootObservations = 0
-			unsentNonRootConnectionMetrics = 0
+	for k, v := range uncorrelatedObservations {
+		if k.NetNs != c.rootNSIno {
+			log.Debugf("Unsent non-root observation: %v:%d<-%v:%d @ %d = %v", util.FromLowHigh(k.DstIPLow, k.DstIPHigh), k.DstPort, util.FromLowHigh(k.SrcIPLow, k.SrcIPHigh), k.SrcPort, k.NetNs, v)
+			unsentNonRootObservations++
+			continue
+		}
+		log.Debugf("Unsent connection observation: %v:%d<-%v:%d @ %d = %v", util.FromLowHigh(k.DstIPLow, k.DstIPHigh), k.DstPort, util.FromLowHigh(k.SrcIPLow, k.SrcIPHigh), k.SrcPort, k.NetNs, v)
+	}
+
+	for k := range uncorrelatedConnectionMetrics {
+		if k.NetNs != c.rootNSIno {
+			unsentNonRootConnectionMetrics++
+			continue
 		}
-	} else {
-		unsentNonRootObservations = 0
-		unsentNonRootConnectionMetrics = 0
 	}
 
 	connectionMetricsProcessedCounter.WithLabelValues("no_process").Add(connectionMetricNoProcess)

checks/net_linux.go

@@ -9,6 +9,7 @@ import (
 	"time"
 
 	"github.com/DataDog/datadog-agent/pkg/network/tracer"
+	"github.com/DataDog/datadog-agent/pkg/util/kernel"
 	"github.com/StackVista/stackstate-process-agent/config"
 	"github.com/StackVista/stackstate-process-agent/model"
 	"github.com/StackVista/stackstate-process-agent/pkg/pods"
@@ -33,6 +34,18 @@ func (c *ConnectionsCheck) Init(cfg *config.AgentConfig, _ *model.SystemInfo) er
 		return fmt.Errorf("failed to create network tracer: %s.  Set the environment STS_NETWORK_TRACING_ENABLED to false to disable network connections reporting", err)
 	}
 
+	// Get the root NS inode so that we will reuse it when formatting connections.
+	rootHandle, err := kernel.GetRootNetNamespace(kernel.ProcFSRoot())
+	if err != nil {
+		return fmt.Errorf("Failed to get root net namespace handle: %v", err)
+	}
+	defer rootHandle.Close()
+
+	c.rootNSIno, err = kernel.GetInoForNs(rootHandle)
+	if err != nil {
+		return fmt.Errorf("failed to get root network namespace inode: %s", err)
+	}
+
 	if cfg.NetworkTracer.PodCorrelation.Enabled {
 		cfg.NetworkTracer.PodCorrelation.ObserverLogLevel = cfg.LogLevel
 		c.podCorrelation, err = newPodCorrelationInfo(&cfg.NetworkTracer.PodCorrelation)

checks/net_pod_correlation.go

@@ -169,6 +169,7 @@ func newPodCorrelationInfo(cfg *config.PodCorrelationConfig) (*podCorrelationInf
 		if err != nil {
 			return nil, fmt.Errorf("Failed to get root net namespace: %v", err)
 		}
+		defer rootHandle.Close()
 
 		podCorrelationInfo.rootNSIno, err = kernel.GetInoForNs(rootHandle)
 		if err != nil {