Open jahluwalia opened 1 year ago
@jahluwalia is the traffic encrypted? In other words; is the TLS support enabled in RabbitMQ instances? Because Kubeshark cannot capture encrypted AMQP traffic. The TLS capture feature of Kubeshark currently only works for HTTP(S).
Hi,
I do have multiple instances of rabbit. Only one has amqps. I confirmed in rabbit management console (of one of the non amqps instances) that the connections were amqp (no tls).
Thanks, Jas On Jan 28, 2023 at 11:24 AM -0800, M. Mert Yildiran @.***>, wrote:
@jahluwalia is the traffic encrypted? In other words; is the TLS support enabled in RabbitMQ instances? Because Kubeshark cannot capture encrypted AMQP traffic. The TLS capture feature of Kubeshark currently only works for HTTP(S). — Reply to this email directly, view it on GitHub, or unsubscribe. You are receiving this because you were mentioned.Message ID: @.***>
@jahluwalia does all of the TCP connections of non-TLS AMQP instance start before Kubeshark starts? Because like Kubeshark can't really jump into the middle of a long-lasting TCP connection, understand the protocol and eventually dissect it. (and no other sniffer software can AFAIK)
I recommend either do kubeshark tap
and restart the AMQP server (or its client) or start with a minimal example like this.
Hi,
I tried restarting the rabbit server pod, and was able to observe various instances of connection start
connection tune
and connection close
But not actual messages being queued and consumed.
@jahluwalia we support only a subset of AMQP methods and we support only AMQP 0-9-1. If you can share a PCAP file or a small script that contains AMQP client code which represents the problem. I can try to help.
I have several RabbitMQ exchanges and queues and I know messages are being read/written to/from RabbitMQ. But kubeshark is not seeing any amqp messages. I am seeing http, dns, redis. Are there some troubleshooting steps or perhaps configuration? I'm doing a
kubeshark tap -A --proxy-host 0.0.0.0.0