Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Not able to grab pod-to-Internet traffic #250

Open
dotdc opened this issue Nov 4, 2024 · 3 comments
Open

Not able to grab pod-to-Internet traffic #250

dotdc opened this issue Nov 4, 2024 · 3 comments

Comments

@dotdc
Copy link

dotdc commented Nov 4, 2024

Hi 👋

Just tested network-mapper and while it seems to have worked for pod-to-pod traffic, I didn't manage to grab pod-to-Internet traffic.

According to the project' README.md:

Maps pod-to-pod traffic, pod-to-Internet traffic, and even AWS IAM traffic, with zero-config.

I've installed the helm chart and used:

otterize mapper list -n mynamespace

Is there anything I could have missed in order to grab pod-to-Internet traffic?
Is there any limitations that I should be aware of?
Is there keywords that I could use to better search the project? (tried several things including this)
Do you have any other recommendations?

Thank you in advance!

@orishoshan
Copy link
Contributor

Hey @dotdc!

Unfortunately, you're right - you can't export Internet intents using otterize mapper commands, which don't interact with Otterize Cloud (they are designed to function offline). Internet intents were designed to combine with other features which are only possible on the Cloud, for example - cross-cluster traffic by matching Ingress resources in one cluster to Internet intents in another.

So far, most of our users and customers were happy to use the Cloud for Internet intents, but it's possible for us to invest some time into making some of the capabilities of Internet intents available without the Cloud - it's just not been a popular request so far.

If you are looking to automatically alert on or update Internet intents using otterize mapper export, some users are achieving that using Otterize Cloud's Slack integration or GitHub & GitLab integrations. Can you tell me a bit more about what you're trying to achieve - are you trying to do a one-time listing of traffic, or implement some workflow with Internet intents?

@dotdc
Copy link
Author

dotdc commented Nov 5, 2024

Hi @orishoshan,

Thank you for the quick response! I'm currently exploring different approaches to map pod traffic and generate Kubernetes network policies for existing services. We've tried to do so with manifest analysis, DNS queries, and Istio, but the process is not amazing...

I am looking for a tool that can assist in generating these policies or, at the very least, help us develop our own tool by building upon it.

If you have any recommendations or insights, that would be greatly appreciated!

@Karl-koder
Copy link

I am looking for exactly this as well. Just to add to the amount of requests for this feature.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

3 participants