Last week I came across a really interesting OSS project called net-glimpse which allows you to easily visualize your network traffic in real-time and making that available using any standard web browser. I thought it would be neat to see what this might look like running on the vCenter Server Appliance (VCSA). I got it up in running in just a couple of minutes and even shared the results on Twitter as you can see from the tweet below:
Thought it be interesting to see the network traffic visualization on VCSA by running net-glimpse https://t.co/xyznnHnmkx #NotSupported pic.twitter.com/IjeoCV2QTx
— William Lam (@lamw.bsky.social | @*protected email*) (@lamw) July 14, 2017
I had couple of folks ask about the setup and I figure I would post a quick write up. While looking at the project, I found that net-glimpse includes quite a bit of customizations in the colors, data collection and how data is displayed. Specifically, rather than relying on the well-known ports that have already been pre-defined, you can also add additional custom ports and specify the label that it should automatically used. This gave me an idea, instead of a generic visualization of the VCSA, we could get specific service information and have those label automatically get displayed.
The reason this would not be too difficult is that the VMware Validated Design (VVD) Team has been putting together a ports and protocols spreadsheet for all products within the VVD, one of which is the VCSA. I simply had to update the glimpse.conf to include the VCSA specific port information and label information.
Here is a demo of my modified net-glimpse configuration file for vCenter Server and if you look carefully, you can see some of the familiar vCenter Server services:
Disclaimer: This is not officially supported by VMware, please use at your own risk.
Below are the instructions on how to get this running on a VCSA.
Step 1 - Download the net-glimpse zip file which can be found here (1.2 is the latest as of writing this) and upload it to your VCSA using SCP.
Step 2 - Download my modified vCenter Server glimpse.conf which can be found here and upload it to your VCSA using SCP.
Step 3 - SSH to VCSA and then unzip the net-glimpse by running the following command:
unzip net-glimpse-1.2.zip
Step 4 - Replace the default glimpse.conf with my modified version by running the following two commands:
mv net-glimpse-1.2/conf/glimpse.conf net-glimpse-1.2/conf/glimpse.conf.bak
mv glimpse.conf net-glimpse-1.2/conf/
Step 5 - We need to open up the VCSA's firewall to allow incoming port 9000 which will allow us to connect to net-glimpse's web interface using our browser. Using "vi", edit /etc/vmware/appliance/firewall/vami.conf and ensure it looks like the following (basically adding an additional inbound rule for port 9000):
{
"firewall": {
"enable": true,
"rules": [
{
"direction": "inbound",
"name": "vamiport",
"port": "5480",
"portoffset": 0,
"porttype": "dst",
"protocol": "tcp"
},
{
"direction": "inbound",
"name": "net-glimpse",
"port": "9000",
"portoffset": 0,
"porttype": "dst",
"protocol": "tcp"
}
]
}
}
Step 6 - Once the changes have been saved, you will need to reload the firewall for the change to go into effect. To do so, run the following command:
/usr/lib/applmgmt/networking/bin/firewall-reload
Step 6 - Finally, we just need to start net-glimpse and tell it which address and port to listen on. To do so, run the following command below and replace it with the IP Address of your VCSA and the port that you had opened up in the firewall above which by default will be 9000:
net-glimpse-1.2/bin/net-glimpse -Dhttp.address=172.30.0.60 -Dhttp.port=9000
If there are no errors, you can now access the four different visual endpoints provided by net-glimpse. Simply open a web browser to one of the following URLs depending on the information you are looking for:
- http://[VC-HOSTNAME-OR-IP]:9000/glimpse?nif=eth0 - Shows both, Ethernet and Internet
- http://[VC-HOSTNAME-OR-IP]:9000/ipglimpse?nif=eth0 - Shows only Internet
- http://[VC-HOSTNAME-OR-IP]9000/etherglimpse?nif=eth0 - Shows only Ethernet
- http://[VC-HOSTNAME-OR-IP]:9000/?nif=eth0 - Shows raw packet header data in JSON
To stop net-glimpse, you simply hit CRTL+C.
This is really cool stuff if you ask me and its pretty fun to see just sit and watch in real-time the network connectivity within your vSphere infrastructure!
It looks amazing, it is very similar to how we work with a team of specialists on the types of traffic on our site, when we mark each audience with a color, distinguish the type of traffic, interest, warmth of his actions on the site. Looks cool:)
Great post! Could you check your second gif is working tho please? Not found apparently 👍