英文:
How to collect all the igress and egress traffic of k8s cluster pods?
问题
我有一个包含三个节点的k8s集群(节点A、节点B、节点C),并部署了一个包含4个副本的简单nginx应用,通过k8s服务暴露出去。
现在,我的所有nginx都正常运行,它们有自己的Pod IP和服务IP。
现在,我需要监视我的nginx Pod的所有入口和出口流量。
我计划创建另一个Pod,其中包含简单的tcpdump工具来记录网络流量,但是如何将所有其他Pod的流量重定向到运行tcpdump的Pod中呢?
提前感谢您的建议。
英文:
I have k8s cluster with three nodes (Node A, Node B, Node C) and deployed simple nginx with replica 4 and exposed through k8s service.
Now All my nginx are up with thier own pod IP as well as service IP.
Now I need all the igress and egress traffic of my nginx pods to monitor.
I am planning to create a another pod with simple tcpdump utility to log the network traffic but how can i redirect all the other pods traffic into the pod where tcpdump is running.
Thanks in advance for suggestions.
答案1
得分: 1
我建议使用像Linkerd或Istio这样的服务网格来监控网络流量。
服务网格会将代理部署为Pod的旁车,由于所有网络流量都经过该代理,它可以捕获指标并将这些指标存储在Prometheus中,然后可以使用Grafana作为仪表板。
英文:
I would suggest using a service mesh such as Linkerd or Istio for monitoring network traffic.
A service mesh deploys a proxy as a sidecar along with your pod and since all network traffic goes through this proxy it can capture metrics and store those metrics in Prometheus and then Grafana can be used as a dashboard.
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论