Comments (12)
+1
Iād also like to see L4 support. My applications have a mix of HTTP and proprietary TCP messages.
from kubeshark.
@whites11 intrusion is very welcome! We are evaluating introducing DNS protocol support. I'm curious how common this need is.
from kubeshark.
Hi @pxpnetworks
Mizu specializes in API observability, meaning L7.
For pure TCP I would recommend the classic tcpdump + Wireshark.
What are you looking for in Mizu that is missing in Wireshark? (for L4)
from kubeshark.
Could describe what is the problem you are facing?
Maybe Mizu can still be of use to you.
If find that something is missing then we are happy to take feature requests.
from kubeshark.
Hi @nimrod-up9 ,
Sure, I understand Mizu specializes in L7 :)
I have in my clusters 50/50 split of HTTP traffic and the other half is pure TCP+TLS... mainly L4 proxies.
It would be nice to still be able to see the TCP traffic flows real time too alongside the HTTP traffic in Mizu as i really like its UI.
Thanks for your comment and will see what the future holds š
BR,
Stoyan
from kubeshark.
@pxpnetworks thanks for your question - can you clarify how would you like the TCP (L4) traffic presented - do you mean to see plain packet contents (tcpdump-style) or something different ?
from kubeshark.
Hi @haiut ,
To be honest i would like to see at this point just the communication flowing on L4 on the left hand side with basic IP:PORT info (source pod / destination pod too if possible). I'm not interested in seeing the TCP flags tcpdump style.
I understand currently Mizu tags the requests as HTTP/H2/GRPC/KAFKA/REDIS. The pure L4 traffic can be simply tagged as "TCP" or "UDP" or "TLS" or "QUIC".
In summary i need to be able to tap my L4 processing pods - I run a lot of Envoy proxies which are used as L4 forwarding proxies (utilizing TLS SNI) or in a Service Mesh pattern but again only to proxy L4 traffic like Syslog, MSSQL etc.
Right now I tap into such L4 proxy pod and see nothing in the UI.
When i do a service rollout i think Mizu can be a great tool to observe if the traffic is flowing as intended and catch any issues on the fly. (I know there are lots of other tools and methods to do this but again speaking from an end user perspective i find Mizu most appealing to me from the first try).
In the end if you decide it's worth and feasible to add showing the L4 traffic probably it needs to map to some kind of TCP flags similar to response.status/request.method for HTTP but it might be too noisy to live stream it. Don't know if something simpler tracking only Started / Completed TCP sessions will make more sense if the intention after all is not to make Mizu like tcpdump :)
BR,
Stoyan
BR,
Stoyan
from kubeshark.
At first I also missed L4 information as I wanted to investigate some networking anomalies we were facing. Another thing is that some of our services are communicating with external endpoints via https and this traffic is also not covered.
I understand that this might not be the case for Mizu and agree that it might be too noisy to get this presented.
Anyway, thanks for the great tool!
from kubeshark.
Regarding the external endpoints: Mizu is actually able to tap HTTPS traffic :)
It is an experimental feature that you can turn it on with the --tls
flag. Note that currently Mizu only captures TLS traffic from pods which use the openssl library. For instance, traffic from Python and cURL is captured while traffic from Java and Go is not.
About the L4 support, we are considering if and how to display it.
from kubeshark.
Yes, I tried this flag out and it didn't work in our case. It seems the problem was that I tried to tap the Java service. Thanks for the clarification!
from kubeshark.
@mudged would you mind opening a feature request issue? Can you clarify how would you like the TCP (L4) traffic presented - do you mean to see plain packet contents (tcpdump-style) or something different ?
from kubeshark.
Sorry for the intrusion, I can add my use case that I think is partially related. I would love to be able to use kubeshark for udp traffic as well. this would be for example useful when troubleshooting DNS in a cluster. Are there any plans to support UDP-based protocols?
from kubeshark.
Related Issues (20)
- Couldn't initialize the tracer HOT 10
- Improve support for homebrew HOT 8
- Add Websocket support
- Detect socket creation errors using eBPF
- Kind support( pf-ring, ebpf, serviceMesh) HOT 8
- Specific PCAP TTL for Errors HOT 1
- Kubeshark with Bottlerocket? HOT 1
- kubeshark deployment DOSes `kube-apiserver` if k8s audit events enabled HOT 10
- Client OS: `windows 10`, chrome: `121.0.6167.185` failing HOT 1
- New Helper named Uniqe HOT 1
- Using kubeshark CLI with multiple kubeconfig files
- We can't verify pre-built binaries for windows/amd64 with checksum files HOT 1
- WebSockets in an IPv6 primary cluster fail HOT 2
- no push access for the kubeshark fork HOT 1
- Windows 11 Curl install does not work HOT 1
- Improve/Complete AMQP support
- Resolved K8s component name is inaccurate
- Does ICMP Traffic Capture is not possible?
- Upgrade fails HOT 1
- eBPF tracer Crashes for Kernel versions older than 5.5 HOT 7
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
š Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ššš
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ā¤ļø Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from kubeshark.