Using tcpdump for k8s pods
You need wireshark to be installed on your local machine — download (more on this below).
If you don’t have tcpdump installed inside the pod, you can install it with
# get pod name
kubectl get po -Lversion,cfg,infra-cfg -lapp=<pod-tag>
kubectl exec -it <pod-name> sh
# inside the pod, alpine
apk add tcpdump
Then, on your local machine:
kubectl exec <pod-name> -- tcpdump -i eth0 -w - | wireshark -k -i -
If you want to see packets in grpc/http2, you can add a rule in Wireshark. For this, click “Analyze” → “Decode As…”. Then, add TCP port X with HTTP2 protocol, where X is port of gRPC server (e.g. 3001).
You can also tell Wireshark where to find .proto files by setting the Protobuf Search Paths: Preferences → Protocols → Protobuf.
Then you can investigate locally. To filter by port, you can add this —
tcp.port eq 3001.
https://josephhall.org/nqb2/index.php/wrshrkinstll — how to install on Mac properly.