Edge Delta Kubernetes Service Map Source
4 minute read
k8s Service Map Source
Overview
You can use the Kubernetes Service Map source node (formerly known as the Kubernetes Traffic source node) to ingest Kubernetes metrics via eBPF.
Note: This node is required to enable the service map.
- outgoing_data_types: metric
Resource Considerations
This source uses eBPF (Extended Berkeley Packet Filter) to capture service-to-service network traffic metrics, which is a resource-intensive operation. Consider the following when using this source:
Resource Impact:
- Significant CPU usage: eBPF monitoring captures and analyzes network packets continuously at the kernel level
- High memory consumption: Traffic metrics buffering, aggregation, and service map data structures require substantial memory
- Volume dependent: Resource usage scales with the number of services, pods, and network traffic volume
When to Use:
- You need the Service Map visualization for understanding service dependencies
- Network traffic patterns and latency monitoring are critical
- You have sufficient cluster resources to support eBPF operations
- Troubleshooting inter-service communication issues
When to Disable:
- Using alternative service mesh observability tools (Istio, Linkerd, etc.)
- Resource constraints are critical in your environment
- Service-to-service visibility is provided by other means
- Cluster has limited resources or high pod density
To disable eBPF-based sources globally (including both k8s_traffic and k8s_trace), set tracerProps.enabled=false when deploying via Helm:
helm upgrade edgedelta edgedelta/edgedelta \
--set tracerProps.enabled=false \
-n edgedelta
For comprehensive optimization strategies, see Reducing Agent Resource Consumption.
Prerequisites
See Ingest Kubernetes Metrics.
Example Configuration
nodes:
- name: ed_k8s_traffic
type: k8s_traffic_input
include:
- "k8s.namespace.name=default"
exclude:
- "k8s.namespace.name=^kube-system$"
other_peer_name_exclude_pattern:
- ".*"
pod_network_cidrs:
- "10.244.0.0/16"
report_unresolved_ssl_connections: false
Example Output Logs
{
"_timestamp": 1681481446835,
"_type": "metric",
"_name": "ed_k8s_traffic_latency.value",
"_value": 60.5,
"_stat_type": "value",
"client_pod": "unknown",
"client_namespace": "unknown",
"client_controller": "unknown",
"server_pod": "test-pod-0",
"server_namespace": "default",
"server_controller": "StatefulSet/test-pod",
"method": "GET",
"URI": "/",
"response_code": "200",
"_ed": {
"src_type": "K8sTraffic",
"tag": "site-env",
"config_id": "12345678-abcd-abcd-abcd-0123456789ab",
"host": "site-agent",
"ip": "10.0.0.0",
"__group_name": "site-env|stat|site-agent|K8sTraffic|-",
"__logical_source": "K8sTraffic,-",
"__short_src_name": "-",
"__src_name": "site-env|stat|site-agent|K8sTraffic|-"
}
}
Required Parameters
name
A descriptive name for the node. This is the name that will appear in pipeline builder and you can reference this node in the YAML using the name. It must be unique across all nodes. It is a YAML list element so it begins with a - and a space followed by the string. It is a required parameter for all nodes.
nodes:
- name: <node name>
type: <node type>
type: k8s_traffic_input
The type parameter specifies the type of node being configured. It is specified as a string from a closed list of node types. It is a required parameter.
nodes:
- name: <node name>
type: <node type>
Optional Parameters
exclude and include
The include and exclude parameters are used to filter ingestion of telemetry data from Kubernetes objects. They are specified with Golang regex or full text.
- If
excludeis specified it drops telemetry data from all objects in that namespace that match its Golang regex rules. - If neither
includenorexcludeare specified, then everything from the input is passed. - If
includeis specified as well asexclude, then telemetry data from the namespace matching inincludeis passed unless it is dropped byexclude.
nodes:
- name: <node name>
type: k8s_traffic_input
exclude:
- k8s.namespace.name=kube-system
NOTE: Kubernetes metrics data ingested via the
k8s_traffic_inputnode can only be filtered by namespace usingk8s.namespace.name. Filtering by any other object is not supported.
other_peer_name_exclude_pattern
The other_peer_name_exclude_pattern parameter is used to resolve the identity of unknown peers in the service map by specifying their domain. It is specified as a string list and is optional.
nodes:
- name: <node name>
type: k8s_traffic_input
other_peer_name_exclude_pattern:
- "amazonaws.com"
In this example, servers or clients ending in amazonaws.com will have their Fully Qualified Domain Names (FQDN) resolved in the service map, rather than being listed as an Unknown Service. See Service Map for more information.
pod_network_cidrs
The pod_network_cidrs parameter is used to define a range of IP addresses to trace. It is specified as a CIDR and is optional.
nodes:
- name: ed_k8s_traffic
type: k8s_traffic_input
pod_network_cidrs:
- "10.244.0.0/16"
report_unresolved_ssl_connections
The report_unresolved_ssl_connections parameter configure whether to report unresolved SSL connections. It is specified as a Boolean and the default is false.
nodes:
- name: ed_k8s_traffic
type: k8s_traffic_input
report_unresolved_ssl_connections: false
source_metadata
This option is used to define which detected resources and attributes to add to each data item as it is ingested by Edge Delta. You can select:
- Required Only: This option includes the minimum required resources and attributes for Edge Delta to operate.
- Default: This option includes the required resources and attributes plus those selected by Edge Delta
- High: This option includes the required resources and attributes along with a larger selection of common optional fields.
- Custom: With this option selected, you can choose which attributes and resources to include. The required fields are selected by default and can’t be unchecked.
Based on your selection in the GUI, the source_metadata YAML is populated as two dictionaries (resource_attributes and attributes) with Boolean values.
See Choose Data Item Metadata for more information on selecting metadata.