如何在Kubernetes中获取Pod之间的流量
[英]How to get the traffic between pods in Kubernetes
问题描述
There are already tools out there which visualize the traffic between pods.
已经有一些工具可以可视化 pod 之间的流量。 In detail the state the following:详细说明如下:
Linkerd tap listens to a traffic stream for a resource.
Linkerd tap侦听资源的流量流。In Weave Scope , edges indicate TCP connections between nodes.
在Weave Scope 中,边表示节点之间的TCP 连接。
I am now wondering how these tools get the data because the Kubernetes API itself does not provide this information.我现在想知道这些工具如何获取数据,因为 Kubernetes API 本身不提供这些信息。 I know that Linkered installs a proxy next to each service but is this the only option?我知道 Linkered 会在每个服务旁边安装一个代理,但这是唯一的选择吗?
3 个解决方案
解决方案1
1 已采纳 2019-09-04 10:50:52
The component that monitors the traffic must be either a sidecar container in each pod or a daemon on each node. 监视流量的组件必须是每个pod中的sidecar容器或每个节点上的守护程序。 For example: 例如:
- Linkerd uses a sidecar container Linkerd使用边柜
- Weave Scope uses a DaemonSet to install an agent on each node of the cluster Weave Scope使用DaemonSet在集群的每个节点上安装代理
A sidecar container observes traffic to/from its pod. 边车集装箱观察到/从其吊舱的交通。 A node daemon observes traffic to/from all the pods on the node. 节点守护程序观察到/来自节点上所有Pod的流量。
In Kubernetes, each pod has its own unique IP address, so these components basically check the source and destination IP addresses of the network traffic. 在Kubernetes中,每个Pod都有自己的唯一IP地址,因此这些组件基本上检查网络流量的源IP地址和目标IP地址。
In general, any traffic from/to/between pods has nothing to do with the Kubernetes API and to monitor it, basically the same principles as in non-Kubernetes environments apply. 通常,从Pod /往Pod /往Pod之间的任何流量都与Kubernetes API没有关系并对其进行监视,基本上适用于非Kubernetes环境中的相同原理。
解决方案2
0 2019-09-04 10:24:36
You can use SideCar Proxy for it or use prometheus-operator which internally uses grafana dashboards. 您可以使用SideCar Proxy或使用内部使用grafana仪表板的prometheus-operator。 in there you can monitor each and everything. 在这里,您可以监视每件事。
解决方案3
0 2019-09-04 10:35:43
我的建议是使用istio.io ,它在每个Pod上注入一个特使代理作为边车容器,然后可以使用Prometheus从这些代理中刮取指标,并使用Grafana进行可视化。
解决方案4
0 2019-09-04 10:59:17
Conduit's telemetry system was moved to a completely pull-based (rather than push-based) model for metrics collection. Conduit的遥测系统已移至完全基于拉(而不是基于推)的模型以进行度量收集。 As part of this, Conduit's Rust proxy was modified to expose granular metrics describing the source, destination, and health of all requests. 在此过程中,对Conduit的Rust代理进行了修改,以公开描述所有请求的源,目标和运行状况的细化指标。 A pull-based approach reduces complexity in the proxy, and fits better into the model of the world that Prometheus expects. 基于拉的方法降低了代理的复杂性,并且更适合Prometheus期望的世界模型。 I recommend you to watch this video and also read document , where everything is described. 我建议您观看此视频并阅读文档 ,其中描述了所有内容。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.