WilliamLam.com

  • About
    • About
    • Privacy
  • VMware Cloud Foundation
  • VKS
  • Homelab
    • Resources
    • Nested Virtualization
  • VMware Nostalgia
  • Apple
You are here: Home / Automation / Visualizing live network traffic on the vCenter Server Appliance using net-glimpse

Visualizing live network traffic on the vCenter Server Appliance using net-glimpse

07.17.2017 by William Lam // 2 Comments

Last week I came across a really interesting OSS project called net-glimpse which allows you to easily visualize your network traffic in real-time and making that available using any standard web browser. I thought it would be neat to see what this might look like running on the vCenter Server Appliance (VCSA). I got it up in running in just a couple of minutes and even shared the results on Twitter as you can see from the tweet below:

Thought it be interesting to see the network traffic visualization on VCSA by running net-glimpse https://t.co/xyznnHnmkx #NotSupported pic.twitter.com/IjeoCV2QTx

— William Lam (@lamw.bsky.social | @*protected email*) (@lamw) July 14, 2017


I had couple of folks ask about the setup and I figure I would post a quick write up. While looking at the project, I found that net-glimpse includes quite a bit of customizations in the colors, data collection and how data is displayed. Specifically, rather than relying on the well-known ports that have already been pre-defined, you can also add additional custom ports and specify the label that it should automatically used. This gave me an idea, instead of a generic visualization of the VCSA, we could get specific service information and have those label automatically get displayed.

The reason this would not be too difficult is that the VMware Validated Design (VVD) Team has been putting together a ports and protocols spreadsheet for all products within the VVD, one of which is the VCSA. I simply had to update the glimpse.conf to include the VCSA specific port information and label information.

Here is a demo of my modified net-glimpse configuration file for vCenter Server and if you look carefully, you can see some of the familiar vCenter Server services:

Disclaimer: This is not officially supported by VMware, please use at your own risk.

Below are the instructions on how to get this running on a VCSA.

Step 1 - Download the net-glimpse zip file which can be found here (1.2 is the latest as of writing this) and upload it to your VCSA using SCP.

Step 2 - Download my modified vCenter Server glimpse.conf which can be found here and upload it to your VCSA using SCP.

Step 3 - SSH to VCSA and then unzip the net-glimpse by running the following command:

unzip net-glimpse-1.2.zip

Step 4 - Replace the default glimpse.conf with my modified version by running the following two commands:

mv net-glimpse-1.2/conf/glimpse.conf net-glimpse-1.2/conf/glimpse.conf.bak
mv glimpse.conf net-glimpse-1.2/conf/

Step 5 - We need to open up the VCSA's firewall to allow incoming port 9000 which will allow us to connect to net-glimpse's web interface using our browser. Using "vi", edit /etc/vmware/appliance/firewall/vami.conf and ensure it looks like the following (basically adding an additional inbound rule for port 9000):

{
  "firewall": {
    "enable": true,
    "rules": [
      {
        "direction": "inbound",
        "name": "vamiport",
        "port": "5480",
        "portoffset": 0,
        "porttype": "dst",
        "protocol": "tcp"
      },
      {
        "direction": "inbound",
        "name": "net-glimpse",
        "port": "9000",
        "portoffset": 0,
        "porttype": "dst",
        "protocol": "tcp"
      }
    ]
  }
}

Step 6 - Once the changes have been saved, you will need to reload the firewall for the change to go into effect. To do so, run the following command:

/usr/lib/applmgmt/networking/bin/firewall-reload

Step 6 - Finally, we just need to start net-glimpse and tell it which address and port to listen on. To do so, run the following command below and replace it with the IP Address of your VCSA and the port that you had opened up in the firewall above which by default will be 9000:

net-glimpse-1.2/bin/net-glimpse -Dhttp.address=172.30.0.60 -Dhttp.port=9000

If there are no errors, you can now access the four different visual endpoints provided by net-glimpse. Simply open a web browser to one of the following URLs depending on the information you are looking for:

  1. http://[VC-HOSTNAME-OR-IP]:9000/glimpse?nif=eth0 - Shows both, Ethernet and Internet
  2. http://[VC-HOSTNAME-OR-IP]:9000/ipglimpse?nif=eth0 - Shows only Internet
  3. http://[VC-HOSTNAME-OR-IP]9000/etherglimpse?nif=eth0 - Shows only Ethernet
  4. http://[VC-HOSTNAME-OR-IP]:9000/?nif=eth0 - Shows raw packet header data in JSON

To stop net-glimpse, you simply hit CRTL+C.

This is really cool stuff if you ask me and its pretty fun to see just sit and watch in real-time the network connectivity within your vSphere infrastructure!

More from my site

  • Can you really deploy the vCenter Server Appliance (VCSA) without DNS and NTP?
  • Using PowerCLI to automate the retrieval of VCSA Identity Sources
  • How to deploy the vCenter Server Appliance (VCSA) with a custom MAC Address?
  • How to exclude VCSA UI/CLI Installer from MacOS Catalina Security Gatekeeper?
  • Using PowerCLI to automate the retrieval of VCSA Password Policies

Categories // Automation, Not Supported, VCSA Tags // net-glimpse, network traffic, vami.conf, vcenter server appliance, VCSA, VMware Validated Design

Comments

  1. *protectedCallgear says

    11/04/2019 at 11:16 pm

    It looks amazing, it is very similar to how we work with a team of specialists on the types of traffic on our site, when we mark each audience with a color, distinguish the type of traffic, interest, warmth of his actions on the site. Looks cool:)

    Reply
  2. *protectedOwen says

    04/27/2020 at 12:37 am

    Great post! Could you check your second gif is working tho please? Not found apparently 👍

    Reply

Thanks for the comment!Cancel reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Search

Thank Author

Author

William is Distinguished Platform Engineering Architect in the VMware Cloud Foundation (VCF) Division at Broadcom. His primary focus is helping customers and partners build, run and operate a modern Private Cloud using the VMware Cloud Foundation (VCF) platform.

Connect

  • Bluesky
  • Email
  • GitHub
  • LinkedIn
  • Mastodon
  • Reddit
  • RSS
  • Twitter
  • Vimeo

Recent

  • VMware Flings is now available in Free Downloads of Broadcom Support Portal (BSP) 05/19/2025
  • VMUG Connect 2025 - Minimal VMware Cloud Foundation (VCF) 5.x in a Box  05/15/2025
  • Programmatically accessing the Broadcom Compatibility Guide (BCG) 05/06/2025
  • Quick Tip - Validating Broadcom Download Token  05/01/2025
  • Supported chipsets for the USB Network Native Driver for ESXi Fling 04/23/2025

Advertisment

Privacy & Cookies: This site uses cookies. By continuing to use this website, you agree to their use.
To find out more, including how to control cookies, see here: Cookie Policy

Copyright WilliamLam.com © 2025