Sniff Kubernetes Pod requests and headers using tpcdump
Posted Updated  Yuki Sawa Guidea minute read (About 118 words)

Sniff Kubernetes Pod requests and headers using tpcdump

When your fancy observability tools have failed you there’s still trusty tpcdump

The was done on Ubuntu. YMMV on other distros.

Exec into a pod

1
kubectl exec -it my-pod-name sh

Run

1
2
cat /sys/class/net/eth0/iflink
> 588 # container eth id

It should return a number, the container eth id

Now run

1
kubectl describe po my-pod-name | grep Node

To find out the node it’s running on

SSH into the node then run below to find the eni id

1
2
ip link | grep 588
> eni89aabc12345

Now use tcpdump to sniff the requests coming in

1
tcpdump -A -i eni89aabc12345

To capture a specific header

1
tcpdump -A -i eni89aabc12345 | grep -i X-Real-IP -C 5

Recents

Categories

Tags

automation1
aws8
cicd2
cli1
envoy1
kubernetes3
networking1
performance-tests1
python3
serverless4
service-mesh2
spinnaker1

Archives

×
Posts
How we fixed a Node.js memory leak by using ShadowReader to replay production traffic into QA A problem Edmunds faced recently was a memory leak in our Node.js application. It confounded the eng Using AWS ElastiCache Redis with Spinnaker To productionalize a Spinnaker installation for high availability, one of the recommendations is to Hands Free Canary with ALB Advanced Routing Rules Canary deployments may seem like an advanced technique that requires a team of engineers to implemen AWSJar makes it easy to save data from AWS Lambda 🏺 AWSJar 🏺 AWSJar makes it easy to save data from AWS Lambda. The data (either a dict, list, float Replay log files stored locally with ShadowReader load testing ShadowReader can parse logs stored locally and push it to S3, so that it can be replayed by the load
Pages
About Talks EnvoyCon 2021 - Los Angeles, CA The Trials and Success of Adopting Envoy at Tinder EnvoyCon 20 Music Soundcloud clay · Tracks
Categories
Guide (Guide) Project (Project)
Tags
aws (aws) serverless (serverless) python (python) spinnaker (spinnaker) cicd (cicd)