plugin/trace-dns: Trace DNS requests using Inspektor Gadget (#2986)

Signed-off-by: Qasim Sarfraz <qasimsarfraz@microsoft.com>
2024-11-28 18:40:58 +01:00 · 2024-11-28 18:40:58 +01:00 · 1c388066c0
parent f716bf466e
commit 1c388066c0
2 changed files with 69 additions and 3 deletions
--- a/plugins/README.md
+++ b/plugins/README.md
@ -5,7 +5,7 @@ K9s plugins extend the tool to provide additional functionality via actions to f
 Following is an example of some of plugin files in this directory. Other files are not listed in this table.

 | Plugin-Name                    | Description                                                                  | Available on Views                  | Shortcut  | Kubectl plugin, external dependencies                                                 |
-| ------------------------------ | ---------------------------------------------------------------------------- | ----------------------------------- | --------- | ------------------------------------------------------------------------------------- |
+| ------------------------------ | ---------------------------------------------------------------------------- | ----------------------------------- |-----------| ------------------------------------------------------------------------------------- |
 | debug-container.yml            | Add [ephemeral debug container](1)<br>([nicolaka/netshoot](2))               | containers                          | Shift-d   |                                                                                       |
 | dive.yml                       | Dive image layers                                                            | containers                          | d         | [Dive](https://github.com/wagoodman/dive)                                             |
 | get-all.yml                    | get all resources in a namespace                                             | all                                 | g         | [Krew](https://krew.sigs.k8s.io/), [ketall](https://github.com/corneliusweig/ketall/) |
@ -17,8 +17,9 @@ Following is an example of some of plugin files in this directory. Other files a
 | log_full.yml                   | get full logs from pod/container                                             | pods/containers                     | Ctrl-l    |                                                                                       |
 | ai-incident-investigation.yaml | Run AI investigation on application issues to find the root cause in seconds | all                                 | Shift-h/o | [HolmesGPT](https://github.com/robusta-dev/holmesgpt)                                 |
 | toggle-keda                    | Enable/disable [keda](3) ScaledObject autoscaler                             | scaledobjects                       | Ctrl-N    |                                                                                       |
-
+| trace-dns                      | Trace DNS resolution using Inspektor Gadget (4)                              | containers/pods/nodes               | Shift-d   |                                                                                       |

 [1]: https://kubernetes.io/docs/tasks/debug/debug-application/debug-running-pod/#ephemeral-container
 [2]: https://github.com/nicolaka/netshoot
 [3]: https://keda.sh/
+[4]: https://inspektor-gadget.io/
--- a/plugins/trace-dns.yaml
+++ b/plugins/trace-dns.yaml
@ -0,0 +1,65 @@
+# Author: Qasim Sarfraz
+# Trace DNS requests for containers, pods, and nodes
+# Requires kubectl version 1.30 or later
+# https://github.com/inspektor-gadget/inspektor-gadget
+# https://www.inspektor-gadget.io/docs/latest/gadgets/trace_dns
+plugins:
+  trace-dns:
+    shortCut: Shift-D
+    description: Trace DNS requests
+    scopes:
+      - containers
+      - pods
+      - nodes
+    command: bash
+    confirm: false
+    background: false
+    args:
+      - -c
+      - |
+        IG_VERSION=v0.34.0
+        IG_IMAGE=ghcr.io/inspektor-gadget/ig:$IG_VERSION
+        IG_FIELD=k8s.podName,src,dst,qr,qtype,name,rcode,latency_ns
+        
+        GREEN='\033[0;32m'
+        RED='\033[0;31m'
+        BLUE='\033[0;34m'
+        NC='\033[0m' # No Color
+        
+        # Ensure kubectl version is 1.30 or later
+        KUBECTL_VERSION=$(kubectl version --client | awk '/Client Version:/{print $3}')
+        if [[ "$(echo "$KUBECTL_VERSION" | cut -d. -f2)" -lt 30 ]]; then
+          echo -e "${RED}kubectl version 1.30 or later is required${NC}"
+          sleep 3
+          exit
+        fi
+        
+        clear
+
+        # Handle containers
+        if [[ -n "$POD" ]]; then
+          echo -e "${GREEN}Tracing DNS requests for container ${BLUE}${NAME}${GREEN} in pod ${BLUE}${POD}${GREEN} in namespace ${BLUE}${NAMESPACE}${NC}"
+          IG_NODE=$(kubectl get pod "$POD" -n "$NAMESPACE" -o jsonpath='{.spec.nodeName}')
+          kubectl debug --kubeconfig=$KUBECONFIG  --context=$CONTEXT -q \
+            --profile=sysadmin "node/$IG_NODE" -it --image="$IG_IMAGE" -- \
+            ig run trace_dns:$IG_VERSION -F "k8s.podName==$POD" -F "k8s.containerName=$NAME" \
+            --fields "$IG_FIELD"
+            exit
+        fi
+        
+        # Handle pods
+        if [[ -n "$NAMESPACE" ]]; then
+          echo -e "${GREEN}Tracing DNS requests for pod ${BLUE}${NAME}${GREEN} in namespace ${BLUE}${NAMESPACE}${NC}"
+          IG_NODE=$(kubectl get pod "$NAME" -n "$NAMESPACE" -o jsonpath='{.spec.nodeName}')
+          kubectl debug --kubeconfig=$KUBECONFIG  --context=$CONTEXT -q \
+            --profile=sysadmin  -it --image="$IG_IMAGE" "node/$IG_NODE" -- \
+            ig run trace_dns:$IG_VERSION -F "k8s.podName==$NAME" \
+            --fields "$IG_FIELD"
+            exit
+        fi
+        
+        # Handle nodes
+        echo -e "${GREEN}Tracing DNS requests for node ${BLUE}${NAME}${NC}"
+        kubectl debug --kubeconfig=$KUBECONFIG  --context=$CONTEXT -q \
+          --profile=sysadmin -it --image="$IG_IMAGE" "node/$NAME" -- \
+          ig run trace_dns:$IG_VERSION --fields "$IG_FIELD"