Introducing local agents
Spider now facilitate local development with the introduction of local agents.
Any user may be given local agents (Controller, Whisperer, Gocipher) to observe the communications of his developments running locally.
Design
- Controller & Gocipher are deployed in same namespace
- Controller watches Kubernetes state with its API
- Gocipher captures TLS secrets from your Kernel
- Controller spawns Whisperer instances on your workloads on demand
- Whisperers capture Network packets from your PODs network interfaces from your kernel
- All agents send captured information to Spider backend
- All agents are managed remotely from Spider UI
Creation
Local agents are created by administrators on request for a single user from its profile:
Local agents are created under your name, and accessible directly (without team selection).
By default they are accessible only by their owner user.
You can access them from the Whisperer / Controller / Gocipher access drop-downs in the menu.
Deployment
Agents may be spawned inside a local Kubernetes setup, or as simple executables outside containers.
On your local Kubernetes with Helm
When deploying on a local Kubernetes, you may generate Helm values or single line installation commands.
The process is simple:
- Install the Controller with Helm from the Controller
Installation
tab - Install the Gocipher with Helm from the Gocipher
Installation
tab
Then, both will show as Connected
on the UI.
You'll then be able to spawn you own Whisperer, attached to any Workload of your cluster using these steps: Whisperers as ephemeral containers
On your localhost outside Kubernetes
When deploying outside Kubernetes, it requires a manual installation:
Limitations for safety
Local Controller
Local Controller agents are limited in one-node-Kubernetes-cluster.
When detecting on a multi node cluster, they switch to a STOPPED
status and stop any running attachment.
Local Whisperer
Local Whisperers are limited in capture throughput of 5 MB/min.
When threshold is reached, packets are discarded straight before any parsing.
The throughput limit may only be changed by an administrator.
Local Gocipher
There is no Local Gocipher limitation for now.