Kubernetes Monitoring allows you to capture packets from container networks. This topic describes how to create a packet capture command and view the data of the packets that you capture.
Prerequisites
Background information
tcpdump is a commonly used network diagnostics and analysis tool. If a software application
encounters network errors , you can use tcpdump to capture packets and troubleshoot
errors. When you capture packets from a container network, you may need to handle
the following issues:
- You need to run the
exec
command to access your container. However, if a network error occurs, you may be unable to run theexec
command because the container may not be in the running state. - The container does not support shell commands because it is shell-less.
- tcpdump is not installed in the container.
Kubernetes Monitoring provides the tcpdump feature to dynamically send commands and access containers without logon. You do not need to install tcpdump in the container.
Create a packet capture command
View packet data
All packet capture tasks are displayed on the Packet Capture page.
View streaming data
- Find a packet capture task whose Type is Streaming and Status is Initialization, and click Run in the Actions column.
- View streaming data.
Note You can view streaming data only once.
View a PCAP file
- Find a packet capture task whose Type is PCAP File and click Download in the Actions column.
- Use Wireshark to open the PCAP file and analyze the packet data.