dolphin

Introduction

dolphin is an add-on for monitoring and managing container network traffic. dolphin of the current version can collect traffic statistics of Kata and common containers in CCE Turbo clusters.

This add-on collects how many IPv4 packets and bytes are received and sent (including those sent to the public network). PodSelectors can be used to select monitoring backends to support multiple monitoring tasks and optional monitoring metrics. You can also obtain label information of pods. The monitoring information has been adapted to the Prometheus format. You can call the Prometheus API to view monitoring data.

Constraints

This add-on can be installed only in CCE Turbo clusters of version 1.19 or later. Its pods can be deployed only on nodes running EulerOS and cannot be deployed on Arm nodes.
This add-on can be installed on nodes that use the containerd or Docker container engine. In containerd nodes, it can trace pod updates in real time. In Docker nodes, it can query pod updates in polling mode.
Only traffic statistics of secure containers (Kata as the container runtime) and common containers (runC as the container runtime) in a CCE Turbo cluster can be collected.
After the add-on is installed, traffic is not monitored by default. Create a CR to configure a monitoring task for traffic monitoring.
Ensure that there are sufficient resources on a node for installing the add-on.
The source of monitoring labels and user labels must be already available before a pod is created.

Installing the Add-on

Log in to the CCE console and access the CCE Turbo cluster console. Choose Add-ons in the navigation pane, locate dolphin on the right, and click Install.
On the displayed page, view the add-on configuration.
No parameter can be configured for the current add-on.
Click Install.
After the add-on is installed, select the cluster and click Add-ons in the navigation pane. On the displayed page, view the add-on in the Add-ons Installed area.

Components

**Table 1** dolphin component
Container Component	Description	Resource Type
dolphin	Used to monitor the container network traffic of CCE Turbo clusters	DaemonSet

Delivering a Monitoring Task

You can deliver a monitoring task by creating a CR. Currently, a CR can be created by calling an API or using the kubectl apply command after logging in to a worker node. In later versions, a CR can be created on the console. A CR represents a monitoring task and provides optional parameters such as selector, podLabel, and ip4Tx. For details, see the CR creation template below.

apiVersion: crd.dolphin.io/v1
kind: MonitorPolicy
metadata:
    name: example-task            # Monitoring task name.
    namespace: kube-system        # The value must be kube-system. This field is mandatory.
spec:
    selector:                     # (Optional) Backend monitored by the dolphin add-on, for example, labelSelector. By default, all containers on the node are monitored.
    matchLabels:
      app: nginx
    matchExpressions:
      - key: app
        operator: In
        values:
          - nginx
  podLabel: [app]               # (Optional) Pod label.
  ip4Tx:                        # (Optional) Indicates whether to collect statistics about the number of sent IPv4 packets and the number of sent IPv4 bytes. This function is disabled by default.
    enable: true
    ip4Rx:                        # (Optional) Indicates whether to collect statistics about the number of received IPv4 packets and the number of received IPv4 bytes. This function is disabled by default.
    enable: true
    ip4TxInternet:                # (Optional) Indicates whether to collect statistics about the number of sent IPv4 packets and the number of sent IPv4  bytes. This function is disabled by default.
    enable: true

PodLable: You can enter the labels of multiple pods and separate them with commas (,), for example, [app, version].

Labels must comply with the following rules. The corresponding regular expression is (^[a-zA-Z_]$)|(^([a-zA-Z][a-zA-Z0-9_]|_[a-zA-Z0-9])([a-zA-Z0-9_]){0,254}$).

A maximum of five labels can be entered. Each label contains a maximum of 256 characters.
The value cannot start with a digit or double underscores (_).
The format of a single label must comply with A-Za-z_0-9.

Example 1

apiVersion: crd.dolphin.io/v1
kind: MonitorPolicy
metadata:
  name: example-task  
  namespace: kube-system        
spec:
  podLabel: [app]
  ip4Tx:
    enable: true

In the preceding example, the monitoring task name is example-task, which monitors all pods on a node and generates the number of sent IPv4 packets and the number of sent bytes. If the monitored container contains the app label, the key-value information of the corresponding label is carried in the monitoring metrics. Otherwise, the value of the corresponding label is not found.

Example 2

apiVersion: crd.dolphin.io/v1
kind: MonitorPolicy
metadata:
  name: example-task
  namespace: kube-system
spec:
  selector:
    matchLabels:
      app: nginx
  podLabel: [test, app]
  ip4Tx:
    enable: true
  ip4Rx:
    enable: true
  ip4TxInternet:      
    enable: true

In the preceding example, the monitoring task name is example-task, which monitors all pods that meet the labelselector with app=nginx on a node and generates the six metrics. If the monitored container contains test and app labels, the key-value information of the corresponding label is carried in the monitoring metrics. Otherwise, the value of the corresponding label is not found.

You can create, modify, and delete monitoring tasks in the preceding format. Currently, a maximum of 10 monitoring tasks can be created. When multiple monitoring tasks match the same monitoring backend, each monitoring backend generates the monitoring metric specific to the number of monitoring tasks.

If you modify or delete a monitoring task, monitoring data collected by the monitoring task will be lost. Therefore, exercise caution when performing this operation.
After the add-on is uninstalled, the CR of the monitoring task is removed together with the add-on.

Checking Traffic Statistics

The monitoring data collected by this add-on is exported in Prometheus exporter format, which can be obtained in either of the following ways:

Install the prometheus add-on, which automatically interconnects with the dolphin add-on and periodically collects monitoring information.
Directly access service port 10001 provided by dolphin, for example, http://{POD_IP}:10001/metrics.

Note that if you access the dolphin service port on a node, allow access from the security group of the node and pod.

You can install the prometheus add-on to view monitoring information. For details about how to use the prometheus add-on, seeMonitoring Custom Metrics Using Prometheus.

**Table 2** Supported monitoring metrics
Metric	Parameter
Number of IPv4 packets sent to the public network	ip4_send_pkt_internet
Number of IPv4 bytes sent to the public network	ip4_send_byte_internet
Number of received IPv4 packets	ip4_rcv_pkt
Number of received IPv4 bytes	ip4_rcv_byte
Number of sent IPv4 packets	ip4_send_pkt
Number of sent IPv4 bytes	ip4_send_byte

Example 1 (number of IPv4 packets sent to the public network):
```
dolphin_ip4_send_pkt_internet{app="nginx",pod="default/nginx-66c9c65dbf-zjg24",task="kube-system/example-task "} 241
```
In the preceding example, the namespace of the pod is default, the pod name is nginx-66c9c65dbf-zjg24, the label is app, and the value is nginx. This metric is created by monitoring task example-task, and the number of IPv4 packets sent by the pod to the public network is 241.
Example 2 (number of IPv4 bytes sent to the public network):
```
dolphin_ip4_send_byte_internet{app="nginx",pod="default/nginx-66c9c65dbf-zjg24",task="kube-system/example-task" } 23618
```
In the preceding example, the namespace of the pod is default, the pod name is nginx-66c9c65dbf-zjg24, the label is app, and the value is nginx. This metric is created by monitoring task example-task, and the number of IPv4 bytes sent by the pod to the public network is 23618.
Example 3 (number of sent IPv4 packets):
```
dolphin_ip4_send_pkt{app="nginx",pod="default/nginx-66c9c65dbf-zjg24",task="kube-system/example-task "} 379
```
In the preceding example, the namespace of the pod is default, the pod name is nginx-66c9c65dbf-zjg24, the label is app, and the value is nginx. This metric is created by monitoring task example-task, and the number of IPv4 packets sent by the pod is 379.
Example 4 (number of sent IPv4 bytes):
```
dolphin_ip4_send_byte{app="nginx",pod="default/nginx-66c9c65dbf-zjg24",task="kube-system/example-task "} 33129
```
In the preceding example, the namespace of the pod is default, the pod name is nginx-66c9c65dbf-zjg24, the label is app, and the value is nginx. This metric is created by monitoring task example-task, and the number of IPv4 bytes sent by the pod is 33129.

Example 5 (number of received IPv4 packets):
```
dolphin_ip4_rcv_pkt{app="nginx",pod="default/nginx-66c9c65dbf-zjg24",task="kube-system/example-task "} 464
```
In the preceding example, the namespace of the pod is default, the pod name is nginx-66c9c65dbf-zjg24, the label is app, and the value is nginx. This metric is created by monitoring task example-task, and the number of IPv4 packets received by the pod is 464.
Example 6 (number of received IPv4 bytes):
```
dolphin_ip4_rcv_byte{app="nginx",pod="default/nginx-66c9c65dbf-zjg24",task="kube-system/example-task "} 34654
```
In the preceding example, the namespace of the pod is default, the pod name is nginx-66c9c65dbf-zjg24, the label is app, and the value is nginx. This metric is created by monitoring task example-task, and the number of IPv4 bytes received by the pod is 34654.