Chapter 11. Using the Service Interconnect Console


The Service Interconnect Console provides data and visualizations of the traffic flow between Skupper sites.

11.1. Enabling the Service Interconnect Console

By default, when you create a Skupper site, a Service Interconnect Console is not available.

When enabled, the Service Interconnect Console URL is displayed whenever you check site status using skupper status.

Prerequisites

  • A Kubernetes namespace where you plan to create a site

Procedure

  1. Determine which site in your service network is best to enable the console.

    Enabling the console also requires that you enable the flow-collector component, which requires resources to process traffic data from all sites. You might locate the console using the following criteria:

    • Does the service network cross a firewall? For example, if you want the console to be available only inside the firewall, you need to locate the flow-collector and console on a site inside the firewall.
    • Is there a site that processes more traffic than other sites? For example, if you have a frontend component that calls a set of services from other sites, it might make sense to locate the flow collector and console on that site to minimize data traffic.
    • Is there a site with more or cheaper resources that you want to use? For example, if you have two sites, A and B, and resources are more expensive on site A, you might want to locate the flow collector and console on site B.
  2. Create a site with the flow collector and console enabled:

    $ skupper init --enable-console --enable-flow-collector

11.2. Accessing the Service Interconnect Console

By default, the Service Interconnect Console is protected by credentials available in the skupper-console-users secret.

Procedure

  1. Determine the Service Interconnect Console URL using the skupper CLI, for example:

    $ skupper status
    
    Skupper is enabled for namespace "west" in interior mode. It is not connected to any other sites. It has no exposed services.
    The site console url is:  https://skupper-west.apps-crc.testing
  2. Browse to the Service Interconnect Console URL. The credential prompt depends on how the site was created using skupper init:

    • Using the --console-auth unsecured option, you are not prompted for credentials.
    • Using the --console-auth openshift option, you are prompted to enter OpenShift cluster credentials.
    • Using the default or --console-user <user> --console-password <password> options, you are prompted to enter those credentials.
  3. If you created the site using default settings, that is skupper init, a random password is generated for the admin user.

    To retrieve the password the admin user for a Kubernetes site:

    +

    $ kubectl get secret skupper-console-users -o jsonpath={.data.admin} | base64 -d
    
    JNZWzMHtyg

    To retrieve the password the admin user for a Podman site:

    +

    $ cat ~/.local/share/containers/storage/volumes/skupper-console-users/_data/admin
    
    JNZWzMHtyg

11.3. Exploring the Service Interconnect Console

After exposing a service on the service network, you create an address, that is, a service name and port number associated with a site. There might be many replicas associated with an address. These replicas are shown in the Service Interconnect Console as processes. Not all participants on a service network are services. For example, a frontend deployment might call an exposed service named backend, but that frontend is not part of the service network. In the console, both are shown so that you can view the traffic and these are called components.

The Service Interconnect Console provides an overview of the following:

  • Topology
  • Addresses
  • Sites
  • Components
  • Processes

The Service Interconnect Console also provides useful networking information about the service network, for example, traffic levels.

skupper adservice
  1. Check the Sites tab. All your sites should be listed. See the Topology tab to view how the sites are linked.
  2. Check that all the services you exposed are visible in the Components tab.
  3. Click a component to show the component details and associated processes.
  4. Click on a process to display the process traffic.

    Note

    The process detail displays the associated image, host, and addresses. You can also view the clients that are calling the process.

  5. Click Addresses and choose an address to show the details for that address. This shows the set of servers that are exposed across the service network.
Tip

To view information about each window, click the ? icon.

Red Hat logoGithubRedditYoutubeTwitter

Learn

Try, buy, & sell

Communities

About Red Hat Documentation

We help Red Hat users innovate and achieve their goals with our products and services with content they can trust.

Making open source more inclusive

Red Hat is committed to replacing problematic language in our code, documentation, and web properties. For more details, see the Red Hat Blog.

About Red Hat

We deliver hardened solutions that make it easier for enterprises to work across platforms and environments, from the core datacenter to the network edge.

© 2024 Red Hat, Inc.