Please describe the planned improvement in enough detail that someone who is not you could start working on it. Code hints, acceptance criteria, etc., are all encouraged.
Currently, when exporting a trace, you can filter in one of three ways:
Exclude particular namespaces
Exclude particular label selectors
Exclude DaemonSets
This doesn't really provide the level of flexibility that we want. We should really have some sort of allow/deny rules for namespaces and label selectors, and excluding daemonsets just doesn't even make sense anymore (originally when we were just tracking pods, it made sense because we didn't want simulated copies of the daemonset objects running on the simulated nodes).
I think this requires a bit of thought before writing code. Can we include in this issue a proposal for the various filtering mechanisms that we want? E.g., allow by default vs deny by default, are namespaces and label selectors enough granularity, what happens if we "deny a namespace but include a label selector in that namespace", etc. I think there is some prior art we can look at for guidance here, e.g., how does iptables do this?
See also #68
When making any changes to the tracer API, please read Making API changes.
Description
Please describe the planned improvement in enough detail that someone who is not you could start working on it. Code hints, acceptance criteria, etc., are all encouraged.
Currently, when exporting a trace, you can filter in one of three ways:
This doesn't really provide the level of flexibility that we want. We should really have some sort of allow/deny rules for namespaces and label selectors, and excluding daemonsets just doesn't even make sense anymore (originally when we were just tracking pods, it made sense because we didn't want simulated copies of the daemonset objects running on the simulated nodes).
I think this requires a bit of thought before writing code. Can we include in this issue a proposal for the various filtering mechanisms that we want? E.g., allow by default vs deny by default, are namespaces and label selectors enough granularity, what happens if we "deny a namespace but include a label selector in that namespace", etc. I think there is some prior art we can look at for guidance here, e.g., how does iptables do this?
See also #68
When making any changes to the tracer API, please read Making API changes.