Skip to content

Commit

Permalink
Update the network flow visibility doc (#1535)
Browse files Browse the repository at this point in the history 
* Update the network flow visibility doc

As Flow Exporter supports adding network policy information,
we need to update the user doc.

* Minor rephrase

Co-authored-by: Antonin Bas <abas@vmware.com>
  • Loading branch information
@srikartati @antoninbas
srikartati and antoninbas authored Nov 12, 2020
1 parent 8a3ee6b commit 8a35f38
Showing 1 changed file with 12 additions and 10 deletions.
22 changes: 12 additions & 10 deletions docs/network-flow-visibility.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -140,18 +140,20 @@ statistics such as data throughput (bits per second), packet throughput (packets
per second), cumulative byte count, cumulative packet count etc. Pod-To-Service
flow visibility is supported only [when Antrea Proxy enabled](feature-gates.md).

Kubernetes information such as Node name, Pod name, Pod Namespace, Service name
etc. is added to the flow records. For flow records that are exported from any given
Antrea Agent, we only provide the information of Kubernetes entities that are local
to the Antrea Agent. In the future, we plan to extend this feature to provide
information about remote Kubernetes entities such as remote Node name, remote Pod
name etc.
Kubernetes information such as Node name, Pod name, Pod Namespace, Service name,
NetworkPolicy name and NetworkPolicy Namespace, is added to the flow records. For
flow records that are exported from any given Antrea Agent, we only provide the
information of Kubernetes entities that are local to the Antrea Agent. In the future,
we plan to extend this feature to provide information about remote Kubernetes entities
such as remote Node name, remote Pod name etc.

Please note that in the case of inter-Node flows, we are exporting only one copy
of the flow record from the source Node, where the flow is originated from, and
ignore the flow record from the destination Node, where the destination Pod resides.
In the future, this behavior will be changed when the support for Network Policy
is added as both hosts may apply different Network Policies and Rules.
of the flow record from the source Node, where the flow originates from, and ignore
the flow record from the destination Node, where the destination Pod resides. Due
to this we miss key information such as destination Pod info, ingress NetworkPolicy
info, stats from the destination Node, etc. In the future, this behavior will be
changed when we add support for correlating the different flow records (from source
and destination Nodes) that belong to the same flow.

#### Connection Metrics

Expand Down

0 comments on commit 8a35f38

Please sign in to comment.