How to perform a network trace on a VMware Aria Automation 8.x appliance
search cancel

How to perform a network trace on a VMware Aria Automation 8.x appliance

book

Article ID: 325834

calendar_today

Updated On:

Products

VMware Aria Suite

Issue/Introduction

This article provides steps to performing a network trace to capture packets from VMware Aria Automation services running as containers in a Kubernetes pod.

Environment

VMware Aria Automation 8.x

Resolution

Procedure

  1. Identify the application name you wish to capture packets from: 
    kubectl get deployments.apps -n prelude | awk {'print $1'}
Example: vco-app
  1. Identify the container ID of the app: 
    docker ps | grep -v POD | grep <app name from step 1>
Note: Some services such as vco-app or abx-service have more than 1 container.
  1. Using the container ID identify its unique network interface: 
    docker exec <container ID from step 2> /bin/bash -c 'cat /sys/class/net/eth0/iflink'
  2. Using the result above, identify the virtual interface: 
    ip link |grep ^##
Note: where ## is the result of step 3.
  1. From the above output, identify the virtual interface of the container:
Example: 
100: veth09f34def@if3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1423 qdisc noqueue master cni0 state UP mode DEFAULT group default
  1. To capture packets on this virtual interface, run command: 
    tcpdump -i <virtual interface> -w <file_name>.pcap
Example: 
tcpdump -i veth09f34def -w vco-app-capture.pcap


Powered by Wolken Software