7. Troubleshooting
Where...
packets are dropped ?
packets are fragmented ?
choke point occurs ?
What…
packet layers path ?
kind of traffic for this virtual network ?
number of flows on this link ?
number of TCP Sessions ?
bandwidth for this tenant ?
9. What we need
● Flow centric
● Easy to deploy
● SDN Agnostic solution
● Non-intrusive / Lightweight
● Open, API
● Connectors to SDN
10. What we need
● Topology capture
a. interfaces, bond, mtu, vlan
b. bridges
c. Network namespaces
d. etc..
● Flow capture
a. on-demand traffic capture
b. on-demand counter capture
c. filtering
d. underlay/overlay informations
● Topology/flow aggregation
a. mapping topology/flow
b. analysis
11. Skydive Use-cases
● Detection of common configuration errors
● Detection of live network issues
○ bad performances, helping to find the root cause
○ DDOS and any unattended traffic
● Possibility to capture traffic at any point
○ History of all the captured metrics
○ Post mortem analysis thanks to the versioning
● Detection of bad application performance, bad RTT, wrong security groups
● Capacity planning
12. Topology capture
● Graph engine, event based
● Gremlin like query language
● Populated from :
○ netlink
○ netns
○ ovsdb
○ ethtool
● External connectors :
○ Docker
○ Neutron
13. Topology capture
$ ip netns add vm1
$ ip link add vm1-eth0 type veth peer
name eth0 netns vm1
$ ip link set vm1-eth0 up
$ ip netns exec vm1 ip link set eth0
up
$ ip netns exec vm1 ip address add
10.0.0.1/24 dev eth0
$ ovs-vsctl add-port br-int vm1-eth0
23. Openstack integration
● Devstack plugin
● Keystone authentication backend
● Neutron OpenvSwitch and Linuxbridge based deployment
● Retrieves informations about networks and tenants
○ Tenant ID
○ VNI
○ Network ID
○ Port ID
27. Skydive Roadmap
● Topology/Flow capture
○ OpenFlow, nDPI, eBPF
○ L3 informations and tunneling inspection
● Live distributed capture
○ Filtering
● Analysis
○ More protocols
○ Alerting
● Security
○ SSL
○ IP anonymization
28. How to start
Devstack
enable_plugin skydive https://github.com/skydive-project/skydive.git
enable_service skydive-agent skydive-analyzer
Docker compose
cd contrib/docker; docker-compose up
Kubernetes
cd contrib/kubernetes; kubectl create -f ./skydive.yaml
29. ● Open source (Apache License)
● Written in Go
● Contributions are welcome