Monitor Outbound Traffic In Deployment

Deployment process may explicitly or implicitly run commands like apt-get, wget, etc. It’s quite natural and common. However if you want a smooth and stable deployment, you have to watch out all these outbound traffic. Why? And How?

Outbound Traffic


Original Article: https://dennyzhang.com/monitor_outbound_traffic

Connect with Denny In linkedin.png Or MailList


Every outbound traffic is a potential failure point for deployment process.

  1. When the target external servers are slow or down, deployment will stuck or fail.
  2. Download may run into HTTP 404 ERROR, since the site maintainer may have moved the files or upgraded the version.
  3. The most unpleasant thing is that you may result in installing packages with version you don’t expect. e.g. apt-get install package from 3rd repo server. You will run into a dilemma. If you don’t specify the version, it will always fetch latest version, which means surprise or incompatible issue. If you use fixed version, the given version may have been obsoleted and removed.

So it is better that we get a list of all outgoing traffic of deployment. This is especially true, if you’re demanded to do an on-premise deployment with limited or no internet.

Justniffer[1] is a useful CLI tool, to track all http requests.

# Install justniffer
sudo add-apt-repository ppa:oreste-notelli/ppa
sudo apt-get update
sudo apt-get install justniffer

# Record http requests
nohup /usr/bin/justniffer -i eth0 \
-l "%request.timestamp(%T %D) - \
%request.header.host - %response.code \
- %response.time" >> \
 /root/justniffer.log &

# Check process
ps -ef | grep justniffer

# Launch sample test
for((i=0; i< 10; i++)); do
  curl -I https://www.dennyzhang.com ;
done

# Check output
tail /root/justniffer.log
# root@8da56a3dfeb4:/# tail /tmp/test.log
# 14:50:00 06/28/16 - www.dennyzhang.com - 200 - 0.303702
# 14:50:00 06/28/16 - www.dennyzhang.com - 200 - 0.194938
# 14:50:01 06/28/16 - www.dennyzhang.com - 200 - 0.218942
# 14:50:01 06/28/16 - www.dennyzhang.com - 200 - 0.196959
# 14:50:01 06/28/16 - www.dennyzhang.com - 200 - 0.196293
# 14:50:02 06/28/16 - www.dennyzhang.com - 200 - 0.200633
# 14:50:02 06/28/16 - www.dennyzhang.com - 200 - 0.199476
# 14:50:03 06/28/16 - www.dennyzhang.com - 200 - 0.192262
# 14:50:03 06/28/16 - www.dennyzhang.com - 200 - 0.193594

  • How to figure out all requests for a fresh deployment?

If you’re using Chef for your deployment, you are in luck. I’ve released a Chef Cookbook: justniffer for this.

For other automation tools, should be easy to wrap up this logic in a similar way.

# install package
inclue_recipe 'justniffer::default'
# start process
inclue_recipe 'justniffer::start'

After the deployment, find request list in /root/justniffer.log

  • How to figure out requests for running servers

We can wrap up it as a Jenkins job: ListHTTPTraffic.

Jenkins Job ListHTTPTraffic

Jenkins Job ListHTTPTraffic

Leave a Reply

Your email address will not be published. Required fields are marked *