Calico Enterprise visualizes your microservices network and enables interactive exploration and troubleshooting. You may have deployed a network policy that is not behaving as expected (e.g. a label selector was typed incorrectly, or the pods intended to control are missing the label). The Calico Enterprise Flow Visualizer helps you quickly find and fix connectivity issues in your cluster.
Calico Enterprise logs all network connection attempts and packs the Kubernetes context into those logs (namespace, pod, label, etc). Each security policy that evaluates the traffic is also logged along with whether it accepted or denied the traffic. Calico Enterprise flow logs can be evaluated using the built-in Kibana dashboard.
The Calico Enterprise Flow Visualizer is used to visualize your cluster traffic and enable interactive exploration to identify and resolve connectivity issues.
The outer ring of the flow visualizer represents the namespaces in your cluster. The middle ring are the pods, and the inner ring is the connections from one pod to another. You can select any ring and zoom in to refine the view to those namespaces or services that you would like to investigate.
The thickness of the network flow indicates the volume of connections, and the color indicates whether the connections are being accepted or denied. When you select a specific flow (from one service to another), Calico Enterprise shows you which policies evaluated the traffic and whether the connection was allowed or denied.
The Flow Visualizer is fully RBAC controlled, enabling you to define which users are allowed to view which namespaces.
Interested in trying Calico Enterprise Flow Visualizer?
Sign up for our free trial – we’ll even provide sample workloads to test with.