Skydive Versions Save

An open source real-time network topology and protocols analyzer

v0.19.1

5 years ago

Added

  • Add node/edge rules API to register nodes and edges
  • Add Ansible library to create nodes and edges

Changed

  • Bug fixes:
    • Fix WebSocket flow authentication
    • Fix deployment on RHEL using Ansible
    • Fix SElinux policy to connect to Keystone
    • Change Docker base image to Ubuntu
    • Add origin field in python api

v0.19.0

5 years ago

Added

  • Gremlin:
    • Add descendants to retrieve both parents and children
    • Add As and Select steps to get the union of a set of nodes
    • Allow queries on booleans
  • New JavaScript API
    • Support for browsers, NPM or the Skydive embedded JS engine
    • Convert command line shell to JavaScript
  • Add API to upload and execute workflows
  • Add support for Power architecture:
    • Build Docker images
    • Test architecture on our CI
  • Retrieve OpenContrail routing tables

Changed

  • Improved Elasticsearch backend:
    • Add support for rolling indices
    • Bump minimal version to 5.5
  • Retrieve more Kubernetes metadata and create dedicated section on the Web UI for it
  • Performance improvements using easyjson
  • Allow using different authentication backends for API and for internal communications
  • TripleO: move to config-download mechanism

v0.18.0

5 years ago

Added

  • Add RBAC mechanism
  • Provide development Vagrant boxes on Vagrantcloud, supporting VirtualBox and libvirt
  • Report more Kubernetes objects: deployment, services, daemonsets, jobs and more
  • Report interface features from netlink
  • New FOREVER and NOW Gremlin predicates
  • Add SELinux policy security module for RPM packages
  • Add authentication and etcd clustering to the Ansible playbooks

Changed

  • Flows:
    • Parsing code rework for correctness and performances
    • Fix metrics with multipath
    • Provide a way to define the layers used (L2/L3 or L3 only)
  • Split Keystone auth section : one for the probe and one for authentication
  • Support different elasticsearch connections per index
  • WebUI:
    • Nicer sidebar
    • Dedicated section for routing table
    • Allowing managing alerts
    • Group OpenFlow rules by priority and actions
  • OVS-DPDK fixes

v0.17.0

6 years ago

Added

  • Add Latency to WebUI topology links
  • Packet Injector now allows to increment ICMP id for each packet
  • New Light WebUI theme
  • Add Has Gremlin step to SocketInfo step allowing to filter socket information
  • New socketinfo probe to retrieve active sockets of a host. The new Sockets Gremlin step can be used to retrieve socket information corresponding to flows.
  • Add Bandwidth to WebUI Metric tables
  • Add clustering support for embedded Etcd
  • Aggregates Gremlin step now uses fixed time slices
  • Add LXD topology support
  • Python API now suports TLS and authentication

Changed

  • SocketInfo now supports kernel wihtout ePBF support
  • Fixed Flow metric issue on large packets
  • Add capture Name to node metadata
  • Fixed RTT display on WebUI

v0.16.0

6 years ago

Added

  • Add Kubernetes probe
  • Retrieve Open vSwitch port metrics
  • Allow traffic capture on Open vSwitch ports
  • Add host info, such as CPU, memory, OS, Open vSwitch options, to metadata
  • Add Preferences pane to the Web UI
  • Allow SSH to agents through the WebUI (thanks to Dede)
  • Allow cross compilation of Skydive

Changed

  • Long-running packet injections can now be stopped
  • Performance improvements:
    • Add gzip support for both API and WebSocket
    • JSON serialization optimizations
  • The skydive-client module now supports Python 2.7

v0.15.0

6 years ago

Added

  • Flow capture with eBPF probe
  • Add routing table to the node metadata
  • Python module skydive-client available through pypi
  • Allow dynamic peering between analyzers
  • Allow customizing the WebUI through external JS and CSS files

Changed

  • Use Dijkstra as graph shortest path algorithm
  • Fix use of domain name and IPV6 in service addresses
  • Scalability improvements:
    • Improve ping mechanism for better disconnection handling
    • Reduce graph lock pressure for Neutron and alerts.

v0.14.0

6 years ago

Added

  • New DPDK probe
  • Topology:
    • Allow filtering per client
    • Add ARP table to the node metadata
  • WebUI:
    • Add sliding panel for filtering, highlighting and time selection
    • Add legend to report filter and time
    • Allow selecting capture type
  • Allow deploying multi analyzers and elasticsearch with Vagrant
  • Add support for Snort alert messages
  • Handle network namespaces created by docker network

Changed

  • Bump minimal Go version to 1.8

v0.13.0

6 years ago

Added

  • New probe to retrieve and display for Openflow rules on OVS switch
  • Flows:
    • Enable SYN/FIN/RST capturing
    • Add RTT per layer
    • Map flows to process
    • Use WebSocket for flows from the agents to the analyzers
  • Gremlin:
    • Add BPF step to filter raw packets
    • Add BothV step
    • Add Subgraph step to provide a way to get a restricted view of the Graph. For ex: only the "layer2" topology.
    • Add Ipv4Range predicate which matches ipv4 in a range
    • Make HasKey work with complex metadata value, ex: list
  • Packet injector:
    • Add payload support for TCP packets
    • Add support for UDP packets
  • Ansible module to deploy Skydive
  • API:
    • Add and remove user metadata on nodes
    • Add a status API

Changed

  • Change etcd default listen port

v0.12.0

6 years ago

Added

  • Full HTTPS support
  • WebUI:
    • New implementation of the topology for better readability and performances
    • Make time slider easier to use
    • Add zoom fit button
  • Flows:
    • New 'sflow' probe to support capture on physical interfaces
    • Allow keeping raw packets for flows
    • Add ICMP layer to flow structure
  • Graph:
    • Make metadata a real JSON object
    • Add forwarding database to the node metadata
  • Gremlin:
    • Add CONTAINS predicate to test if a value is in an array
    • Add BothE step that returns the incoming and outcoming edges for a node
    • Add E() step to return all the edges of a graph
  • Packet injector:
    • Add icmpv6 support
    • Add TCP support
    • Make use of raw sockets
  • API:
    • Allow returning the graph as dot

Changed

  • Graph:
    • Ensure correctness of the nodes and edges timestamps on both agents and analyzers
  • Moved to Github and dedicated CI infrastructure
  • Trigger alert when a successful evaluation changes
  • Flows:
    • Enable all flow probes by default
    • Do not include payload in layer path
  • Agents do not use etcd any more
  • Use zap logger
  • Bug fixes:
    • Resync captures when becoming master
    • Fix orphaned VLAN interfaces thanks to Mark Goddard
    • Fix handling of Docker labels containing a dot

v0.11.0

7 years ago

Added

  • Elasticsearch:
    • Support Elasticsearch 5
    • Bulk indexing for graph and flows for improved performance
  • WebUI:
    • Display bandwidth on L2 edges
    • Restore discovery and conversation views
  • Allow loading multiple configuration files
  • Support for logging to file and syslog
  • Bash completion file

Changed

  • Keep all netlink events ordered
  • Websocket:
    • Introduced namespace subscription mechanism
    • Validate messages using JSON schemas
    • Use bulk to reduce graph messages number
  • Bug fixes:
    • Fix analyzer deadlock on agent stop
    • Return status error if capture registration failed