Enable simultaneous packet capture of pods given a deployment, daemonset or a service

eldadru / ksniff

Kubectl plugin to ease sniffing on kubernetes pods using tcpdump and wireshark

Apache License 2.0

3.18k stars 190 forks source link

Enable simultaneous packet capture of pods given a deployment, daemonset or a service #104

Open sthaha opened 3 years ago

sthaha commented 3 years ago

Allow packet capturing of an entire deployment or a daemonset.

# Packet capture an entire daemonset
kubectl sniff [--capture-node-traffic] daemonset/dns -n kube-dns

The command above would find all pods created (owned) by daemonset dns and start tcpdump of all pods, write the output to a local directory. --capture-node-traffic is an optional flag that also captures the entire node traffic

You can find a POC here that makes use of oc debug and oc exec to achieve the same.

sthaha commented 3 years ago

@bostrt @eldadru , please feel free to assign this to me if you feel this feature is worth adding.

bostrt commented 3 years ago

I think this is a fantastic idea @sthaha. Please let me know if you have any questions during development!

MichaelWasher commented 3 years ago

/assign

bostrt commented 3 years ago

@MichaelWasher unfortunately no bot here to assign with :) I re-assigned to you manually

MichaelWasher commented 3 years ago

@bostrt I wrote some code to work towards this but there needs to be quite a change to the CLI arch so want to have a call to discuss what we should do about this.

I think hooking into the Kubectl libraries to do the resource parsing/extracting and argument parsing will make it feel more like an oc / kubectl command when ksniff is called.