Skip to content

更新 macvlan cni 使用的 agent-group-config 格式 #759

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
1473371932 wants to merge 3 commits into
base: main
Choose a base branch
from
Open

更新 macvlan cni 使用的 agent-group-config 格式 #759

Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
a0e6634
v6.5 LTS 版本维护周期结束
1473371932 Nov 19, 2025
053fd86
更新 macvlan cni 使用的 agent-group-config 格式
1473371932 Nov 20, 2025
5499fbc
Merge branch 'deepflowio:main' into main
1473371932 Nov 20, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
79 changes: 8 additions & 71 deletions docs/zh/04-best-practice/03-special-environment-deployment.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -41,80 +41,17 @@ permalink: /best-practice/special-environment-deployment/

### 仅采集 RootNS 中的网卡流量

K8s 使用 macvlan CNI 时,在 rootns 下只能看到所有 POD 共用的一个虚拟网卡,此时需要对 deepflow-agent 进行额外的配置:
在 Kubernetes 环境中使用 macvlan CNI 时,由于所有 Pod 在 rootns 下共享同一个虚拟网卡,所以需要对 deepflow-agent 进行相应配置以适配该网络模式。

1. 创建 agent-group 和 agent-group-config:

```bash
deepflow-ctl agent-group create macvlan
deepflow-ctl agent-group-config create macvlan
```

2. 获取 macvlan agent-group ID:

```bash
deepflow-ctl agent-group list | grep macvlan
```

3. 新建 agent-group-config 配置文件 `macvlan-agent-group-config.yaml`:
1. 通过 [deepflow-ctl](./agent-advanced-config) 创建 macvlan 模式下使用的 [agent-group-config](../configuration/agent/):

```yaml
vtap_group_id: g-xxxxxx
## Regular Expression for TAP (Traffic Access Point)
## Length: [0, 65535]
## Default:
## Localhost: lo
## Common NIC: eth.*|en[osipx].*
## QEMU VM NIC: tap.*
## Flannel: veth.*
## Calico: cali.*
## Cilium: lxc.*
## Kube-OVN: [0-9a-f]+_h$
## Note: Regular expression of NIC name for collecting traffic
tap_interface_regex: eth0
## Traffic Tap Mode
## Default: 0, means local.
## Options: 0, 1 (virtual mirror), 2 (physical mirror, aka. analyzer mode)
## Note: Mirror mode is used when deepflow-agent cannot directly capture the
## traffic from the source. For example:
## - in the K8s macvlan environment, capture the Pod traffic through the Node NIC
## - in the Hyper-V environment, capture the VM traffic through the Hypervisor NIC
## - in the ESXi environment, capture traffic through VDS/VSS local SPAN
## - in the DPDK environment, capture traffic through DPDK ring buffer
## Use Analyzer mode when deepflow-agent captures traffic through physical switch
## mirroring.
tap_mode: 1
```

4. 创建 agent-group-config:

```bash
deepflow-ctl agent-group-config create -f macvlan-agent-group-config.yaml
```

5. 修改 deepflow-agent 的 agent-group:
```bash
kubectl edit cm -n deepflow deepflow-agent
```
添加配置:
```yaml
vtap-group-id-request: g-xxxxx
```
停止 deepflow-agent:
```bash
kubectl -n deepflow patch daemonset deepflow-agent -p '{"spec": {"template": {"spec": {"nodeSelector": {"non-existing": "true"}}}}}'
```
通过 deepflow-ctl 删除 macvlan 的 agent:
```bash
deepflow-ctl agent delete <agent name>
```
启动 deepflow-agent:
```bash
kubectl -n deepflow patch daemonset deepflow-agent --type json -p='[{"op": "remove", "path": "/spec/template/spec/nodeSelector/non-existing"}]'
```
查看 deepflow agent list, 确保 agent 加入了 macvlan group:
```bash
deepflow-ctl agent list
inputs:
cbpf:
af_packet:
interface_regex: eth0
common:
capture_mode: 1
```

### 同时采集 RootNS 和 PodNS 中的网卡流量
Expand Down