KubeShark: Wireshark for Kubernetes
Wireshark is a well known tool for Packet Capture, analysis and troubleshooting. It can capture live network traffic and analyze it in real-time at a microscopic level, or read and process saved capture files. Wireshark can dissect and display many different protocols, and has a powerful filtering system for narrowing down traffic of interest. https://www.wireshark.org/
TCPDump/Wireshark gives us the power to visualize and understand whats happening in our network at a microscopic level. Imagine if something like this is possible in K8s, if you can see what exactly happens when you deploy a workload, get pods, create service account and how different workloads are interacting with each other etc..
To see what exactly happens when you fire a kubectl command, you can simply use verbose flag with your kubectl command with some verbosity level like — kubectl get pods -v=6. Verbosity level starts from 0 and ends at 9, 0 being the min and 9 being max verbose. This is already present, but clear visualization of the same flow is not present.
Kubectl with -v flag allows you to see L7 API Calls, it won’t let you monitor any of the network traffic as such. Kubeshark does capture L3 & L7, in fact it will have access to the whole L2 frame. It will create a dashboard/view to visualize the same, just like Wireshark.
