Uploaded image for project: 'OpenShift SDN'
  1. OpenShift SDN
  2. SDN-1760

Add ad-hoc must-gather command for tcpdump packet captures

    XMLWordPrintable

Details

    • Story
    • Resolution: Done
    • Minor
    • None
    • None
    • None
    • 5
    • False
    • False
    • Hide
      Doing `oc adm must-gather --image network-tools -- tcpdump -i any -vvnne -w /root/must-gather/my_tcpdump.pcap` should start a packet trace on all cluster nodes which will run for X amount of time (to be defined) and then download all pcaps locally. You should also be able to specify a dedicated node to target as done with all must-gathers.
      Show
      Doing `oc adm must-gather --image network-tools -- tcpdump -i any -vvnne -w /root/must-gather/my_tcpdump.pcap` should start a packet trace on all cluster nodes which will run for X amount of time (to be defined) and then download all pcaps locally. You should also be able to specify a dedicated node to target as done with all must-gathers.
    • OCPPLAN-6007 - OpenShift Core Networking Improvements
    • Undefined
    • 0
    • 0.0

    Description

      As an OpenShift engineer I would like a tool that can take a packet capture and look for known "red flags" so that I can quickly rule in, or rule out classes of errors.

      For instance, we could show statistics on:

      • Retries
      • Excessive SYNs
      • Bad packets
      • Unexpected ICMP types

      We should also provide some kind of script to run tcpdump, but that asks questions about what the context is (what is the node it is on, what ip addresses are of concern, what time was the error seen, etc.).  And we should provide some sample queries (and some pre-filtering command lines) that help reduce the search space in tcpdump, along with tips about how to use it (e.g. change the timestamp format so you can correlate two traces).

      This should be done somewhere alongside a release so you can run the latest tooling against an older release.

       

      Doing: SDN-1838 we could have tcpdump included in the network-tools image and have either a dedicated CRD for launching tcpdump at a given moment (or even a label on a node) that a dedicated controller in the network-tools that would watch for either the CRD or the label. 

      Attachments

        Issue Links

          is blocked by

          Story - Created by Jira Software - do not edit or delete. Issue type for a user story. SDN-1838 Split out network-diagnostics from the CNO

          • Undefined - Priority not specified.
          • Closed
          is cloned by

          Story - Created by Jira Software - do not edit or delete. Issue type for a user story. SDN-3229 [Tools] backport options for multi-node, host-network must-gather

          • Normal - To be worked after urgent and high priorities are resolved. This term is chosen when the severity of an issue is relatively close to the level of effort to fix it. The existence of an easily implemented workaround can also lead to this priority level instead of a higher priority.
          • Closed

          Activity

            People

              aconstan1@redhat.com Alexander Constantinescu Birhala (Inactive)
              bbennett@redhat.com Ben Bennett
              Votes:
              0 Vote for this issue
              Watchers:
              7 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: