mirror of
https://github.com/kubeshark/kubeshark.git
synced 2025-06-21 13:58:49 +00:00
The API traffic analyzer for Kubernetes providing real-time K8s protocol-level visibility, capturing and monitoring all traffic and payloads going in, out and across containers, pods, nodes and clusters. Inspired by Wireshark, purposely built for Kubernetes
amqpcloud-nativedevopsdevops-toolsdockerforensicsgogolanggrpcincident-responsekafkakubernetesmicroservicemicroservicesmicroservices-applicationobservabilityredisrestsnifferwireshark
6dd2bf705b
* WIP * WIP * WIP * Update socket_server_handlers.go and socket_routes.go * Fix stuck sockets * Update go.mod, go.sum, and 5 more files... * Update socket_routes.go * Update Dockerfile, go.sum, and fiber_middleware.go * fix analyze Co-authored-by: RamiBerm <rami.berman@up9.com> |
||
|---|---|---|
| .github/workflows | ||
| agent | ||
| cli | ||
| examples/roles | ||
| shared | ||
| tap | ||
| ui | ||
| .dockerignore | ||
| .gitignore | ||
| build-push-featurebranch.sh | ||
| debug.Dockerfile | ||
| Dockerfile | ||
| LICENSE | ||
| Makefile | ||
| README.md | ||
水 mizu
A simple-yet-powerful API traffic viewer for Kubernetes to help you troubleshoot and debug your microservices. Think TCPDump and Chrome Dev Tools combined.
Download
Download mizu for your platform and operating system
Latest stable release
- for MacOS - Intel
curl -Lo mizu \
https://github.com/up9inc/mizu/releases/latest/download/mizu_darwin_amd64 \
&& chmod 755 mizu
- for Linux - Intel 64bit
curl -Lo mizu \
https://github.com/up9inc/mizu/releases/latest/download/mizu_linux_amd64 \
&& chmod 755 mizu
SHA256 checksums are available on the Releases page.
Development (unstable) build
Pick one from the Releases page.
Prerequisites
- Set
KUBECONFIGenvironment variable to your kubernetes configuration. If this is not set, mizu assumes that configuration is at${HOME}/.kube/config - mizu needs following permissions on your kubernetes cluster to run
- apiGroups:
- ""
resources:
- pods
verbs:
- list
- watch
- create
- apiGroups:
- ""
resources:
- services
verbs:
- create
- apiGroups:
- apps
resources:
- daemonsets
verbs:
- create
- patch
- apiGroups:
- ""
resources:
- namespaces
verbs:
- list
- watch
- create
- delete
- apiGroups:
- ""
resources:
- services/proxy
verbs:
- get
- Optionally, for resolving traffic ip to kubernetes service name, mizu needs below permissions
- apiGroups:
- ""
resources:
- pods
verbs:
- get
- apiGroups:
- ""
resources:
- services
verbs:
- get
- list
- watch
- apiGroups:
- apps
- extensions
resources:
- pods
verbs:
- get
- list
- watch
- apiGroups:
- apps
- extensions
resources:
- services
verbs:
- get
- list
- watch
- apiGroups:
- ""
- apps
- extensions
resources:
- endpoints
verbs:
- get
- list
- watch
- apiGroups:
- ""
resources:
- serviceaccounts
verbs:
- get
- create
- apiGroups:
- rbac.authorization.k8s.io
resources:
- clusterroles
verbs:
- list
- create
- delete
- apiGroups:
- rbac.authorization.k8s.io
resources:
- clusterrolebindings
verbs:
- list
- create
- delete
See examples/roles for example clusterroles.
How to run
- Find pod you'd like to tap to in your Kubernetes cluster
- Run
mizu tap PODNAMEormizu tap REGEX - Open browser on
http://localhost:8899as instructed .. - Watch the WebAPI traffic flowing ..
- Type ^C to stop
Examples
Run mizu help for usage options
To tap specific pod -
$ kubectl get pods
NAME READY STATUS RESTARTS AGE
front-end-649fc5fd6-kqbtn 2/2 Running 0 7m
..
$ mizu tap front-end-649fc5fd6-kqbtn
+front-end-649fc5fd6-kqbtn
Web interface is now available at http://localhost:8899
^C
To tap multiple pods using regex -
$ kubectl get pods
NAME READY STATUS RESTARTS AGE
carts-66c77f5fbb-fq65r 2/2 Running 0 20m
catalogue-5f4cb7cf5-7zrmn 2/2 Running 0 20m
front-end-649fc5fd6-kqbtn 2/2 Running 0 20m
..
$ mizu tap "^ca.*"
+carts-66c77f5fbb-fq65r
+catalogue-5f4cb7cf5-7zrmn
Web interface is now available at http://localhost:8899
^C