NETWORK TRAFFIC MONITORING SYSTEM IN A KUBERNETES CLUSTER
DOI:
https://doi.org/10.31891/2307-5732-2025-357-88Keywords:
network traffic, traffic monitoring, Kubernetes, traffic analysisAbstract
The efficient operation of modern cloud infrastructures relies on effective network traffic monitoring and management. Kubernetes, the leading platform for orchestrating containerized applications, automates deployment and scaling but lacks built-in tools for detailed network traffic analysis. This paper presents methods and tools for capturing and monitoring network traffic within Kubernetes clusters, using Berkeley Packet Filtering (BPF) technology. As part of the study, a system was designed and implemented to capture network packets based on BPF and store the processed data in a Prometheus database for analysis.
The system was developed in the Rust programming language, chosen for its high performance and memory safety. Packet capture was implemented using the pcap library, which enables efficient interaction with network traffic at the kernel level. The monitoring solution focuses on traffic between Kubernetes nodes, traffic between pods located on different nodes, and external traffic entering or leaving the cluster, while internal traffic within a single node is excluded to optimize system performance. Traffic classification is based on the source and destination IP addresses of captured packets. Traffic is categorized as internal if associated with node or pod IP ranges, and external otherwise. Metrics such as packet counts and total traffic volume are collected and structured for Prometheus, allowing further visualization and analysis using standard tools like Grafana. The monitoring system is deployed using Kubernetes DaemonSets, ensuring the capture application runs on each node automatically. This approach enables full coverage without manual intervention when scaling the cluster. Thanks to the use of Rust’s asynchronous programming model with Tokio, the system can efficiently handle dynamic cluster changes while maintaining low resource consumption.
The result is a scalable, lightweight traffic monitoring solution that provides valuable insights into Kubernetes network behavior.
Downloads
Published
Issue
Section
License
Copyright (c) 2025 ГЕРМАНН ЯВОРСЬКИЙ, ЛЮБОМИР ФЛУД (Автор)
This work is licensed under a Creative Commons Attribution 4.0 International License.
