Details
-
Story
-
Resolution: Done
-
Normal
-
netobserv-1.4-candidate
-
False
-
None
-
False
-
OCPSTRAT-965 - DNS tracking improvements
-
Modified DNS tracking ebpf logic from release 1.4 to be able to support DNS over TCP, the new approach doesn't need to set privileged however to get an accurate latency its recommended to configure ebpf sampling with value of 1
-
NetObserv - Sprint 240, NetObserv - Sprint 241, NetObserv - Sprint 242, NetObserv - Sprint 243, NetObserv - Sprint 244
Description
.Configure a pod with following spec, notice dnsConfig option to enable openshift-dns server to use TCP:
apiVersion: v1
kind: Pod
metadata:
name: dnsutils
namespace: dns-traffic
spec:
securityContext:
runAsNonRoot: true
seccompProfile:
type: RuntimeDefault
dnsConfig:
options:
- name: "use-vc"
containers:
- name: utils
image: tutum/dnsutils
command: ["/bin/sh", "-ec", "while :; do dig www.google.com +tcp ; sleep 5 ; done"]
restartPolicy: Never
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop: ["ALL"]
DNS flows generated out of this Pod is not enriched by DNS Info by agent.
on UI, make sure you select "Show Duplicates" and NS as destination where above pod is running
Attachments
Issue Links
- links to
- mentioned on
(1 links to, 1 mentioned on)