Correct implementation non-trivial, as it involves traffic routing management,
potentially modifying the security context to allow capture, and exporting data
to the client.
Data export implementation still undecided, options under consideration:
There's already a kubectl plugin
for this, but the implementation by uploading binaries into running Pods is not ideal:
ksniff use kubectl to upload a statically compiled tcpdump binary to your pod
and redirecting it's output to your local Wireshark for smooth network debugging
experience.
That's pretty gross. Because you share the network namespace, it's much cleaner to just run the tap as a sidecar. I'd bet ksniff has some fun process-management code that I wouldn't want to write.
Feature Description
TCP/UDP capture to pcap.
Potential Solutions
Correct implementation non-trivial, as it involves traffic routing management, potentially modifying the security context to allow capture, and exporting data to the client.
Context
There's already a kubectl plugin for this, but the implementation by uploading binaries into running Pods is not ideal:
That's pretty gross. Because you share the network namespace, it's much cleaner to just run the tap as a sidecar. I'd bet ksniff has some fun process-management code that I wouldn't want to write.