Kubeshark AddOn¶
kubeshark is an API Traffic Analyzer for Kubernetes providing real-time, protocol-level visibility into Kubernetes’ internal network, capturing and monitoring all traffic and payloads going in, out and across containers, pods, nodes and clusters.
Kubeshark provide Real-time monitoring for all traffic going in, out and across containers, pods, namespaces, nodes and clusters, which allow you to pinpoint and resolve issues efficiently, ensuring stable network performance and enhancing application success in Kubernetes environments and identifying complex networking issue.
Usage¶
- import kubeshark
npm i kubeshark -
import it in your
blueprint.tsimport { KubesharkAddOn } from 'kubeshark'; -
include the addon
new KubesharkAddOn({}) // Provide an empty object if no specific properties are needed
Full example index.ts¶
import * as cdk from 'aws-cdk-lib';
import * as blueprints from '@aws-quickstart/eks-blueprints';
import { KubesharkAddOn } from 'kubeshark';
const app = new cdk.App();
const account = '1234123412341';
const region = 'us-east-1';
const version = 'auto';
blueprints.HelmAddOn.validateHelmVersions = true; // optional if you would like to check for newer versions
const addOns: Array<blueprints.ClusterAddOn> = [
new blueprints.addons.MetricsServerAddOn(),
new blueprints.addons.ClusterAutoScalerAddOn(),
new blueprints.addons.AwsLoadBalancerControllerAddOn(),
new blueprints.addons.VpcCniAddOn(),
new blueprints.addons.CoreDnsAddOn(),
new blueprints.addons.KubeProxyAddOn(),
new KubesharkAddOn({}) // Provide an empty object if no specific properties are needed
];
const stack = blueprints.EksBlueprint.builder()
.account(account)
.region(region)
.version(version)
.addOns(...addOns)
.useDefaultSecretEncryption(true) // set to false to turn secret encryption off (non-production/demo cases)
.build(app, 'eks-blueprint');```
validate the deployment¶
Once deployed, you can see kubeshark pod in the kube-system namespace.
$ kubectl get deployments -n kube-system
NAME READY UP-TO-DATE AVAILABLE AGE
blueprints-addon-kubeshark 1/1 1 1 20m
Functionality¶
- Deploys the kubeshark helm chart in
kube-systemnamespace by default. - Supports standard helm configuration options.
- Supports
createNamespaceconfiguration to deploy the addon to a customized namespace.
Access Kubeshark¶
Apply the kubernetes dashboard manifest.
$ kubectl -n kube-system port-forward svc/kubeshark-front 3000:80
Open the dashboard
Then you should be able to see view like this
Example¶
1.) deploy nginx pod using the below command.
kubectl apply -f - <<EOF
apiVersion: v1
kind: Pod
metadata:
name: nginx
spec:
containers:
- name: nginx
image: nginx
EOF
2.) Try to access "aws.com" to generate traffic flow using the below command.
kubectl exec nginx curl https://aws.com
3.) Access kubeshark using the below command.
kubectl -n kube-system port-forward svc/kubeshark-front 3000:80
4.) Run Kubeshark query to identify the traffic flow.
(src.pod.metadata.name == "nginx" or dst.pod.metadata name == "nginx") and request.questions[0].name == "aws.com" or (src.name == "nginx" and src.namespace == "default" and dst.name == "kube-dns" and dst.namespace == "kube-system")
As shown below, the Kubeshark query used to identify the traffic flowing from the pod "nginx" in the "default" namespace to "aws.com" and "coredns". The query is writen by Kubeshark Filter Language (KFL) is the language implemented inside kubeshark/worker that enables the user to filter the traffic efficiently and precisely.
Also you can visualize the traffic flow and bandwidth using service map feature as shown below.
