Skydive is an open source real-time network topology and protocols analyzer. It aims to provide a comprehensive way of understanding what is happening in the network infrastructure. Skydive agents collect topology informations and flows and forward them to a central agent for further analysis. All the informations a stored in an Elasticsearch database. Skydive is SDN-agnostic but provides SDN drivers in order to enhance the topology and flows informations. Currently only the Neutron driver is provided but more drivers will come soon.
Topology probes currently implemented:
Flow probes currently implemented:
Make sure you have a working Go environment. Then make sure you have Godep installed.
$ go get github.com/redhat-cip/skydive/cmd/skydive
Skydive relies on two main components:
For a single node setup, the configuration file is optional. For a multiple node setup, the analyzer IP/PORT need to be adapted. Processes are bound to 127.0.0.1 by default, you can explicitly change binding address with “listen: 0.0.0.0:port” in the proper configuration sections. See the full list of configuration parameters in the sample configuration file etc/skydive.yml.default .
$ skydive agent [--conf etc/skydive.yml] $ skydive analyzer [--conf etc/skydive.yml]
To access to the WebUI of agents or analyzer:
Skydive client can be used to interact with Skydive Analyzer and Agents. Running it without any command will return all the commands available.
$ skydive client Usage: skydive client [command] Available Commands: alert Manage alerts capture Manage captures Flags: -h, --help[=false]: help for client --password="": password auth parameter --username="": username auth parameter
Specifying the subcommand will give the usage of the subcommand.
$ skydive client capture
If an authentication mechanism is defined in the configuration file the username and password parameter have to be used for each command. Environment variables SKYDIVE_USERNAME and SKYDIVE_PASSWORD can be used as default value for the username/password command line parameters.
Skydive client allows you to start flow captures on topology Nodes/Interfaces
$ skydive client capture create -p <probe path>
The probe path parameter references the interfaces where the flow probe will be started, so where the capture will be done. The format of a probe path follows the links between topology nodes from a host node to a target node :
The node name can be the name of :
The node types can be :
Currently target node types supported are :
To start a capture on the OVS bridge br1 on the host host1 the following probe path is used :
$ skydive client capture create -p "host1[Type=host]/br1[Type=ovsbridge]""
A wilcard for the host node can be used in order to start a capture on all hosts.
$ skydive client capture create -p "*/br1[Type=ovsbridge]"
A capture can be defined in advance and will start when a topology node will match.
To delete a capture :
$ skydive client capture delete <probe path>
Topology informations are accessible through HTTP or a WebSocket API