mhristache / cniguru Goto Github PK
View Code? Open in Web Editor NEWTroubleshooting tool for docker and kubernetes networking
License: Apache License 2.0
cniguru's People
Contributors
Stargazers
Watchers
Forkers
zerocamuscniguru's Issues
Failed to extract the bridge name
[root@kh1 ~]# cniguru pod bla-0 -n bla
CONTAINER_ID NODE INTERFACE MTU MAC_ADDRESS BRIDGE
fc56f17eeb9f kh1 veth143bb162 1460 46:70:df:56:43:a6 cni0
fc56f17eeb9f kh1 veth987c7292 1500 46:ed:60:c6:e9:73 -
[root@kh1 ~]# ip link show veth987c7292
610: veth987c7292@if5: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master bla-bla-int0 state UP mode DEFAULT group default
link/ether 46:ed:60:c6:e9:73 brd ff:ff:ff:ff:ff:ff link-netnsid 6
Add the container routing table
It would be helpful to include the container routing table in the output of cniguru
[root@kh1 ~]# ip netns exec aa41e96576b ip r
default via 21.23.96.126 dev net1
10.96.0.0/12 via 10.244.0.1 dev eth0
10.244.0.0/24 dev eth0 proto kernel scope link src 10.244.0.216
21.23.80.128/25 via 10.244.0.1 dev eth0
21.23.81.128/25 via 10.244.0.1 dev eth0
21.23.82.128/25 via 10.244.0.1 dev eth0
21.23.84.128/25 via 10.244.0.1 dev eth0
blackhole 21.23.90.200
21.23.92.129 via 10.244.0.1 dev eth0
21.23.95.0/25 dev net0 proto kernel scope link src 21.23.95.1
21.23.96.0/25 dev net1 proto kernel scope link src 21.23.96.1
21.23.97.0/25 dev net2 proto kernel scope link src 21.23.97.1
blackhole 22.8.0.0/16
172.19.0.0/27 via 21.23.95.126 dev net0
Note: a container might use more routing tables (e.g. policy based routing) so it might be nice to detect other non-default tables and print routes in those as well.
# cat /etc/iproute2/rt_tables
#
# reserved values
#
255 local
254 main
253 default
0 unspec
#
# local
#
#1 inr.ruhep
512 Custom
...
Fails when containers are not using bridge based plugins
sudo cniguru pod bla-957685c7b-brbpc -n bla
error: failed to generate the output interface pairs for container id fe8fd17c752b44ebff0120d27a641e7367d24e502a9a3b2d9ed254a199ea5fa1
caused by: failed to find a node veth interface with ifindex 11
In this case macvlan plugin was used.
This is how the container interfaces look like:
# ip -d link
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 promiscuity 0 addrgenmode eui64
3: eth0@if23: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc noqueue state UP mode DEFAULT group default
link/ether 0a:58:0a:f4:00:65 brd ff:ff:ff:ff:ff:ff link-netnsid 0 promiscuity 0
veth addrgenmode eui64
4: payload@if11: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP mode DEFAULT group default
link/ether e2:67:7c:69:2a:85 brd ff:ff:ff:ff:ff:ff link-netnsid 0 promiscuity 0
macvlan mode bridge addrgenmode eui64
The master interface looks like this:
11: enp129s0f1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP mode DEFAULT group default qlen 1000
link/ether a0:36:9f:b2:84:ea brd ff:ff:ff:ff:ff:ff
Fails when the containers are using `hostNetwork: true`
[mx@sentinel cniguru]$ kubectl get pod -o wide
NAME READY STATUS RESTARTS AGE IP NODE
kbird-67cff5476b-zcch8 1/1 Running 0 8m 192.168.0.113 sentinel
serve-hostname-86bc9d96dc-9b8xn 1/1 Running 0 13d 10.244.0.5 sentinel
[mx@sentinel cniguru]$
[mx@sentinel cniguru]$ sudo cniguru pod serve-hostname-86bc9d96dc-9b8xn
CONTAINER_ID PID NODE INTF(C) MAC_ADDRESS(C) IP_ADDRESS(C) INTF(N) BRIDGE(N)
994ae42819bb 23256 sentinel eth0 3e:f0:1f:0f:27:ae 10.244.0.5/24 veth20ac475f cni0
[mx@sentinel cniguru]$ sudo cniguru pod kbird-67cff5476b-zcch8
error: failed to generate the output interface pairs for container id d97050d98f6906825516521bd2aebd3e43205a1021f44928aa71f10984cab0a3
caused by: failed to find a node veth interface with ifindex 3
Include container IP and MAC addresses in the output
Current cniguru version only includes the MAC address of the veth pair side residing on the physical node.
It would be helpful to include the IP and MAC addresses of all interfaces inside the containers (e.g. the container side of a veth pair) which can be retrieved from the linux netns:
[root@kh1 ~]# ip netns exec c249290d4af6 ip addr show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
3: eth0@if126: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 0a:58:0a:f4:00:07 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 10.244.0.7/24 scope global eth0
valid_lft forever preferred_lft forever
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.