Published on May 7th, 2016 📆 | 4888 Views ⚑0
Skydive – An Open Source Real-Time Network Topology and Protocols Analyzer
- Go >= 1.5
- Elasticsearch >= 2.0
$ go get github.com/redhat-cip/skydive/cmd/skydive
Skydive relies on two main components:
- skydive agent, has to be started on each node where the topology and flows informations will be captured
- skydive analyzer, the node collecting data captured by the agents
For a single node setup, the configuration file is optional. For a multiple node setup, the analyzer IP/PORT need to be adapted.
Processes are bound to 127.0.0.1 by default, you can explicitly change binding address with "listen: 0.0.0.0:port" in the proper configuration sections.
See the full list of configuration parameters in the sample configuration file etc/skydive.yml.default .
$ skydive agent [--conf etc/skydive.yml]
$ skydive analyzer [--conf etc/skydive.yml]
To access to the WebUI of agents or analyzer:
Skydive client can be used to interact with Skydive Analyzer and Agents. Running it without any command will return all the commands available.
$ skydive client Usage: skydive client [command] Available Commands: alert Manage alerts capture Manage captures Flags: -h, --help[=false]: help for client --password="": password auth parameter --username="": username auth parameter
Specifying the subcommand will give the usage of the subcommand.
$ skydive client capture
If an authentication mechanism is defined in the configuration file the username and password parameter have to be used for each command. Environment variables SKYDIVE_USERNAME and SKYDIVE_PASSWORD can be used as default value for the username/password command line parameters.
Start Flow captures
Skydive client allows you to start flow captures on topology Nodes/Interfaces
$ skydive client capture create -p <probe path>
The probe path parameter references the interfaces where the flow probe will be started, so where the capture will be done.
The format of a probe path follows the links between topology nodes from a host node to a target node :
The node name can be the name of :
- a host
- an interface
- a namespace
The node types can be :
Currently target node types supported are :
To start a capture on the OVS bridge br1 on the host host1 the following probe path is used :
$ skydive client capture create -p "host1[Type=host]/br1[Type=ovsbridge]""
A wilcard for the host node can be used in order to start a capture on all hosts.
$ skydive client capture create -p "*/br1[Type=ovsbridge]"
A capture can be defined in advance and will start when a topology node will match.
To delete a capture :
$ skydive client capture delete <probe path>
Topology informations are accessible through HTTP or a WebSocket API
Skydive provides a DevStack plugin that can be used in order to have Skydive Agents/Analyzer configured and started with the proper probes by DevStack.
For a single node setup adding the following lines to your local.conf file should be enough.
enable_plugin skydive https://github.com/redhat-cip/skydive.git enable_service skydive-agent skydive-analyzer
The plugin accepts the following parameters:
# Address on which skydive analyzer process listens for connections. # Must be in ip:port format #SKYDIVE_ANALYZER_LISTEN= # Inform the agent about the address on which analyzers are listening # Must be in ip:port format #SKYDIVE_AGENT_ANALYZERS= # ip:port address on which skydive agent listens for connections. #SKYDIVE_AGENT_LISTEN= # Configure the skydive agent with the etcd server address # https://IP_ADDRESS:2379 #SKYDIVE_AGENT_ETCD= # The path for the generated skydive configuration file #SKYDIVE_CONFIG_FILE= # List of agent probes to be used by the agent # Ex: netns netlink ovsdb #SKYDIVE_AGENT_PROBES= # Remote port for ovsdb server. #SKYDIVE_OVSDB_REMOTE_PORT=6640 # Set the default log level, default: INFO #SKYDIVE_LOGLEVEL=DEBUG