Dynamic Packet Capture
Dynamic Packet Capture is a valuable technique for debugging microservices and application interaction in day-to-day operations and incident response. But generating pcap files to diagnose connectivity issues in Kubernetes clusters can be a frustrating exercise in a dynamic environment where hundreds, possibly thousands of pods are continually being created and destroyed.
The Dynamic Packet Capture feature in Calico Enterprise and Calico Cloud automates and simplifies this cumbersome process by providing a Kubernetes-native way to capture packets from your deployments, and significantly reduces the time and effort it takes for operators to get the network diagnostics they need to rapidly and effectively troubleshoot a connectivity issue.
Dynamic Packet Capture generates pcap files on the nodes associated with pods targeted for packet capture, and automatically manages the data retention and collection of generated files in a secure way. Utilizing the same label-based selectors that are used for network policies, Dynamic Packet Capture can identify a single or multiple workload endpoints for capturing live traffic. In addition, RBAC can be enabled with Dynamic Packet Capture and user permissions are enforced using the standard Kubernetes RBAC, based on Role and RoleBindings within a namespace.
Dynamic Packet Capture is an ideal solution for self-service environments where DevOps and service owners desire greater autonomy, but require some guardrails.