Andrés Felipe Piñeros AndresPineros
AndresPineros
/ tcpdump-kubernetes
Created
August 29, 2022 23:01
— forked from dcasati/tcpdump-kubernetes
visualize a tcpdump capture from a Kubernetes POD on Wireshark in real time
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| run tcpdump on a POD and then (live) see that information through wireshark locally on my machine. the magic of ssh and fifo | |
| Topology | |
| -------- | |
| [laptop with wireshark] ------> [AKS Node] ----> [POD (tcpdump is here)]. | |
| 1. create the fifo on your local machine (where wireshark will run) | |
| mkfifo /tmp/remote-capture.fifo | |
| 2. execute the following command to send traffic from within a POD to the stdout. This will then be redirected to the fifo locally |