ntop / nProbe

Open source components and extensions for nProbe
http://ntop.org
GNU General Public License v2.0
1.66k stars 44 forks source link

BGP Perl module question #622

Open jmessenger51 opened 3 months ago

jmessenger51 commented 3 months ago

Question / potential feature request:

I want to add BGP data to the sflow data to improve troubleshooting capabilities. However, when nProbe is running inside a kubernetes infrastructure, if I attempt to run the perl script from inside the container, the container is not able to attach an interface because the IP is from the CNI overlay and is dynamically allocated and is not from the baremetal / host level network. So the perl script configuration doesn't align with the configured IP address.

The questions I have are: 1.) Are there plans to improve the usability of the bgp perl script such that it can run natively in nProbe inside a container? 2.) Should I just run the perl script outside of the container and feed the data to nProbe similar to how sflow ingresses through the K8s infrastructure to the container? Essentially bypassing the K8s complexity where the perl script is concerned.

For additional context, when I attempt to run the script from inside the nprobe containt, I'm instructing the container to:

K8s commands run at container start: sudo apt update && sudo apt --assume-yes install cpanminus sleep 10 yes | sudo perl -MCPAN -e 'install Net::BGP' /etc/ntopbgp/bgp_probe_client.pl

The last step fails and throws the error: bind() failed at /usr/local/share/perl/5.34.0/Net/BGP/Process.pm line 237. at /etc/ntopbgp/bgp_probe_client.pl line 134.

line 134 = $bgp->event_loop();

from the perl script.

jmessenger51 commented 3 months ago

I did try to add the perl module:

use Net::Address::IP::Local;

and redefined the variable: my $local_ip = Net::Address::IP::Local->public_ipv4;

My thought was that our CNI will NAT the private K8s network to the bare metal network, and I can NAT the bare metal traffic as needed so the BGP peers think they are peering with the correct destination. That simple method didn't work sadly, I think I'll try passing the pod IP as an enviornment variable.

jmessenger51 commented 3 months ago

Enabled the pod_ip as an enviornment variable within the helm chart:

    spec:
      containers:
        - name: nprobe
          image: docker.io/ntop/nprobe.dev:latest
          imagePullPolicy: Always
          command: [ "sh", "/etc/nprobe/startup.sh" ]
          ports:
            - name: nprobe
              containerPort: 3000
              protocol: TCP
          env:
            - name: POD_IP
              valueFrom:
                fieldRef:
                  fieldPath: status.podIP

and modified the startup script:

    sudo apt update && sudo apt --assume-yes install cpanminus
    sleep 10
    yes | sudo perl -MCPAN -e 'install Net::BGP'
    sleep 5
    echo $POD_IP
    sleep 5
    /etc/ntopbgp/bgp_probe_client.pl
    sleep 5

and although the pod is seeing the IP by the enviornment variable, the perl script is still failing. I exec into the pod and:

root@nprobe-7f94d8c77d-zqd5v:/#  echo $POD_IP
172.22.1.207
root@nprobe-7f94d8c77d-zqd5v:/#
root@nprobe-7f94d8c77d-zqd5v:/# /etc/ntopbgp/bgp_probe_client.pl
bind() failed at /usr/local/share/perl/5.34.0/Net/BGP/Process.pm line 237.
 at /etc/ntopbgp/bgp_probe_client.pl line 136.
root@nprobe-7f94d8c77d-zqd5v:/#

so something is still failing even though the IP is properly passed in as the local IP.

jmessenger51 commented 3 months ago

I used a VM to test the BGP perl script to remove the K8s and it still throws the bind() error.

Its an ubuntu VM, I install cpanminus sudo apt update && sudo apt --assume-yes install cpanminus yes | sudo perl -MCPAN -e 'install Net::BGP'

and configured the script but it fails to bind.

jmessenger51 commented 3 months ago

I'm reviewing the BGP Perl Script vs a Python BMP script, Are there specific formats that nprobe needs in order to get AS path?

Example Python BGP Monitoring Protocol (BMP) script https://github.com/smartbgp/yabmp, thinking it would function and scale better than doing a BGP peering.

lucaderi commented 1 month ago

The format nprobe expects is very simple and there is nothing special to know. I will loo at the Python tool you have listed above