2024-03-19 15:53:59 +00:00
|
|
|
---
|
|
|
|
|
title: What Is Going on Within My Network? a Subtle Introduction to Cilium Hubble
|
2024-03-25 12:45:10 +00:00
|
|
|
tags:
|
|
|
|
|
- platform
|
|
|
|
|
- monitoring
|
|
|
|
|
- network
|
2024-03-19 15:53:59 +00:00
|
|
|
---
|
|
|
|
|
|
|
|
|
|
Held by Cilium regarding ebpf and hubble
|
|
|
|
|
|
|
|
|
|
## eBPF
|
|
|
|
|
|
|
|
|
|
> Extend the capabilities of the kernel without requiring to change the kernel source code or load modules
|
|
|
|
|
|
|
|
|
|
* Benefits: Reduce performance overhead, gain deep visibility while being widely available
|
|
|
|
|
* Example Tools: Parca (Profiling), Cilium (Networking), Hubble (Opservability), Tetragon (Security)
|
|
|
|
|
|
|
|
|
|
## Cilium
|
|
|
|
|
|
|
|
|
|
> Opensource Solution for network connectivity between workloads
|
|
|
|
|
|
|
|
|
|
## Hubble
|
|
|
|
|
|
|
|
|
|
> Observability-Layer for cilium
|
|
|
|
|
|
|
|
|
|
### Featureset
|
|
|
|
|
|
|
|
|
|
* CLI: TCP-Dump on steroids + API Client
|
|
|
|
|
* UI: Graphical dependency and connectivity map
|
|
|
|
|
* Prometheus + Grafana + Opentelemetry compatible
|
|
|
|
|
* Metrics up to L7
|
|
|
|
|
|
|
|
|
|
### Where can it be used
|
|
|
|
|
|
|
|
|
|
* Service dependency with frequency
|
|
|
|
|
* Kinds of http calls
|
|
|
|
|
* Network Problems between L4 and L7 (including DNS)
|
|
|
|
|
* Application Monitoring through status codes and latency
|
|
|
|
|
* Security-Related Network Blocks
|
|
|
|
|
* Services accessed from outside the cluser
|
|
|
|
|
|
|
|
|
|
### Architecture
|
|
|
|
|
|
|
|
|
|
* Cilium Agent: Runs as the CNI für all Pods
|
|
|
|
|
* Server: Runs on each node and retrieves the ebpf from cilium
|
|
|
|
|
* Relay: Provide visibility throughout all nodes
|
|
|
|
|
|
|
|
|
|
## TL;DR
|
|
|
|
|
|
|
|
|
|
Hubble looks pretty nice
|
