mirror of
https://github.com/openshift/openshift-docs.git
synced 2026-02-05 12:46:18 +01:00
49 lines
1.5 KiB
Plaintext
49 lines
1.5 KiB
Plaintext
// Module included in the following assemblies:
|
|
//
|
|
// * installing/install_config/configuring-firewall.adoc
|
|
|
|
:_mod-docs-content-type: PROCEDURE
|
|
[id="network-commatrix-plugin-generate_{context}"]
|
|
= Generating ingress network flow data using the `commatrix` plugin
|
|
|
|
Use the `commatrix` plugin for the `oc` command to generate ingress network flow data from your cluster and identify any differences between open ports on the host and expected ingress flows for your environment.
|
|
|
|
.Prerequisites
|
|
* You installed the OpenShift CLI (`oc`).
|
|
* You logged in as a user with `cluster-admin` privileges.
|
|
* You installed Podman.
|
|
* You installed the `commatrix` plugin.
|
|
|
|
.Procedure
|
|
|
|
. Generate network flow data by running the following command:
|
|
+
|
|
[source,bash]
|
|
----
|
|
$ oc commatrix generate
|
|
----
|
|
+
|
|
[NOTE]
|
|
====
|
|
By default, the plugin generates the network flow data in CSV format in a `communication-matrix` directory in your current working directory.
|
|
====
|
|
|
|
.Verification
|
|
|
|
* View the generated network flow data in the `communication-matrix` directory by running the following command:
|
|
+
|
|
[source,bash]
|
|
----
|
|
$ cat communication-matrix/communication-matrix.csv
|
|
----
|
|
+
|
|
[source,bash]
|
|
----
|
|
Direction,Protocol,Port,Namespace,Service,Pod,Container,Node Role,Optional
|
|
Ingress,TCP,4194,kube-system,kubelet,konnectivity-agent,,,false
|
|
Ingress,TCP,9100,openshift-monitoring,node-exporter,node-exporter,kube-rbac-proxy,,false
|
|
Ingress,TCP,9103,openshift-ovn-kubernetes,ovn-kubernetes-node,ovnkube-node,kube-rbac-proxy-node,,false
|
|
|
|
...
|
|
----
|