Tuesday, February 28, 2017

Skydive (real-time network topology and protocols analyzer) on Fedora

Skydive Installation on Fedora 25

Dependencies

  • Go >= 1.5
  • Elasticsearch >= 2.0
  • libpcap
  • libxml2
  • protoc >= 3.0

On Fedora, Install steps are -

  • Install GO
    • wget -c https://storage.googleapis.com/golang/go1.8.linux-amd64.tar.gz
    • tar -C /usr/local -xzf go$VERSION.$OS-$ARCH.tar.gz
    • add the following in /etc/profile or ~/.profile
      export PATH=$PATH:/usr/local/go/bin
  • Install Elasticsearch
    • Elasticsearch requires JDK, hence we will install openjdk, as it works with it
      • sudo dnf install java-1.8.0-openjdk icedtea-web
    • Download RPM from https://www.elastic.co/downloads/elasticsearch
    • Install and start the services - 
      • sudo systemctl enable elasticsearch.service
      sudo systemctl start elasticsearch.service
  • Install libpcap, libxml2
    • dnf install gcc gcc-c++ glibc unzip libpcap libpcap-devel libxml2 libxml2-devel
  • Install protoc (via building from source)
    • wget -c https://github.com/google/protobuf/releases/download/v3.2.0/protoc-3.2.0-linux-x86_64.zip
    • unzip protoc-3.2.0-linux-x86_64.zip
    • cd protoc-3.2.0
    • ./configure 
    • make install
  • Build skydive
    • export GOPATH=`pwd1`
    • mkdir -p $GOPATH/src/github.com/skydive-project
    • git clone https://github.com/skydive-project/skydive.git $GOPATH/src/github.com/skydive-project/skydive
    • cd $GOPATH/src/github.com/skydive-project/skydive
    • make install

Running Skydive

  • Now that skydive installed, check via running - skydive allinone. If this works, we are ok, we can configure skydive to run with our tripleo setup
  • Create skydive.yml with the following content -
https://gist.github.com/adc0ded6c4d648cb9d1b531d51b90c1f
  • start the analyzer via - skydive agent --conf /etc/skydive.yml
  • start the agent  - skydive agent --conf /etc/skydive.yml
  • Fire up browser and watch the url http://hostname:8082/

Running some test scenarios

  • Download https://github.com/skydive-project/skydive/blob/master/scripts/simple.sh
  • run it, sudo bin/simple.sh start 172.16.99.1/24 172.16.100.1/24 to create two VM over a bridge br-int. Look at the flows in UI, enjoy!

Final Results

UI screenshot -
at
Labels: , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

VIM issues with powerline

What to do if you get this annoying issue - vi requirements.txt ...