| ▲ | robinhoodexe 3 days ago | |
It’d be neat to use subtrace in an ephemeral pod for debugging purposes, that just runs alongside the regular pod. For monitoring the network traffic for the whole cluster, the CNI and/or whatever ebpf-based runtime security stuff you’re using (falco, tetragon, tracee) is usually enough, but I can definitely see the usefulness of subtract for more specific debugging purposes. If run as a DaemonSet make sure to add some pod filtering such as namespace and label selectors (but I’m sure you’ve already thought about that). | ||
| ▲ | adtac 2 days ago | parent [-] | |
> use subtrace in an ephemeral pod for debugging purposes That's a great suggestion. It'd be like kubectl exec-ing into a shell inside the pod, but for network activity. I think I'm going to prototype this tonight :) > pod filtering such as namespace and label selectors Yep, Subtrace already tags each request with a bunch of metadata about the place where it originated so that you can filter on those in the dashboard :) Things like the hostname, pod, cluster, AWS/GCP location are automatically populated, but you can also set custom tags in the config [1]. | ||