Skip to content

Instantly share code, notes, and snippets.

@Voxelot

Voxelot/tcp_dump_wireshark.md

Last active September 20, 2023 17:30
Show Gist options
  • Save Voxelot/d45b3e484da88b550940c585a112628b to your computer and use it in GitHub Desktop.
Save Voxelot/d45b3e484da88b550940c585a112628b to your computer and use it in GitHub Desktop.
Download ZIP
How to use wireshark with K8S
Raw
tcp_dump_wireshark.md

How to use Wireshark to troubleshoot remote K8S containers

Open a shell into your container

local:~$ kubectl exec -it <pod> -n <namespace> -c <container> sh

Install tcpdump

root@container:/# apt install tcpdump -y

Monitor traffic with tcpdump. Complete capture with ctrl-c when done.

root@container:/# tcpdump -i any -w /tmp/capture_data.pcap -A

Export captured traffic from container

# leave the container
root@container:/# exit
# copy the capture data locally
local:~$ kubectl cp <pod>:/tmp/capture_data.pcap ~/capture_data.pcap

Load captured data into Wireshark

wireshark example

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment