f85c7dfb4b
* 🔧 Create dex config-map * 🔧 Create dex deployment * 🔧 Create dex service * 🔧 Create dex network policy * 🔧 Create dex network policy * 🔧 Add dex node selector terms * 🔧 Add a kubeshark-hub static client to dex config * 🐛 Use correct redirect URI for `kubeshark-hub` client * 🎨 Remove unused/commented dex config options * 🔨 Create a helper template to pick Kubeshark client secret * 🔧 Adjust front deployment env to allow `dex` auth type * 🔧 Adjust configmap to allow `dex` auth type * 🔧 Create k8s secret to store dex yaml config * 🔧 Mount dex-yaml-conf secret into `dex-config.yaml` * 🔥 Remove sample env var * 🔧 Create k8s config keys for Dex expiry settings * 🔧 Create k8s secret key for Dex client secret * 🔧 Deploy Dex resources if Dex auth is enabled * 🔧 Move `oauth2StateParamExpiry` under `customSettings` * 📝 Add basic helm-values docs to set up Dex auth * ✨ Separate Dex OIDC app settings from configuration * 📝 Update Dex documentation * 📝 Update Dex IdP documentation * 🦺 Add fallback value for OIDC issuer config * 🦺 Add fallback values for OIDC client ID/secret * 📝 Update Dex IdP documentation * 📝 Update Dex IdP documentation * 📝 Add reference to OIDC docs at `docs.kubeshark.co` --------- Co-authored-by: Alon Girmonsky <1990761+alongir@users.noreply.github.com> |
||
|---|---|---|
| .github | ||
| cmd | ||
| config | ||
| debounce | ||
| errormessage | ||
| helm-chart | ||
| internal/connect | ||
| kubernetes | ||
| manifests | ||
| misc | ||
| semver | ||
| utils | ||
| .gitignore | ||
| .goreleaser.yml | ||
| CODE_OF_CONDUCT.md | ||
| codecov.yml | ||
| CONTRIBUTING.md | ||
| go.mod | ||
| go.sum | ||
| install.sh | ||
| kubectl.sh | ||
| kubeshark.go | ||
| LICENSE | ||
| Makefile | ||
| README.md | ||
| RELEASE.md.TEMPLATE | ||
Want to see Kubeshark in action right now? Visit this live demo deployment of Kubeshark.
Kubeshark is a network observability platform for Kubernetes, providing real-time, protocol-level visibility into Kubernetes’ network. It enables users to inspect all internal and external cluster connections, API calls, and data in transit. Additionally, Kubeshark detects suspicious network behaviors, triggers automated actions, and provides deep insights into the network.
Think TCPDump and Wireshark reimagined for Kubernetes.
Getting Started
Download Kubeshark's binary distribution latest release or use one of the following methods to deploy Kubeshark. The web-based dashboard should open in your browser, showing a real-time view of your cluster's traffic.
Homebrew
Homebrew 🍺 users can install the Kubeshark CLI with:
brew install kubeshark
kubeshark tap
To clean up:
kubeshark clean
Helm
Add the Helm repository and install the chart:
helm repo add kubeshark https://helm.kubeshark.co
helm install kubeshark kubeshark/kubeshark
Follow the on-screen instructions how to connect to the dashboard.
To clean up:
helm uninstall kubeshark
Building From Source
Clone this repository and run the make command to build it. After the build is complete, the executable can be found at ./bin/kubeshark.
Documentation
To learn more, read the documentation.
Additional Use Cases
Dump All Cluster-wide Traffic into a Single PCAP File
Record all cluster traffic and consolidate it into a single PCAP file (tcpdump-style).
Run Kubeshark to start capturing traffic:
kubeshark tap --set headless=true
You can press
^Cto stop the command. Kubeshark will continue running in the background.
Take a snapshot of traffic (e.g., from the past 5 minutes):
kubeshark pcapdump --time 5m
Read more here.
Contributing
We ❤️ pull requests! See CONTRIBUTING.md for the contribution guide.