A simple and scalable iptables visualization tool which can be used across Kubernetes and Linux.
- Kubernetes
- Linux
jc
(https://github.com/kellyjonbrazil/jc)serve
(https://www.npmjs.com/package/serve)systemd
(https://systemd.io/)
The kubernetes-deploy.yaml manifest creates the following Kubernetes resources as part of the installation:
- Namespace
iptables-viz
. - Deployments
iptables-viz-backend
andiptables-viz-frontend
for backend and frontend respectively. - RBAC for both backend and frontend Deployments for providing appropriate permissions to access
kube-proxy
pods in thekube-system
namespace and accessing the backend service respectively. - Services for both backend and frontend of type
ClusterIP
andNodePort
respectively.
Execute the following command to deploy the application:
kubectl apply -f https://raw.githubusercontent.com/iptables-viz/iptables-viz/main/manifests/kubernetes-deploy.yaml
The install.sh script performs the following steps as part of the installation:
- Downloads the appropriate backend server binary and the frontend web app.
- Copies the downloaded artifacts to their executable paths in the users' system.
- Creates Systemd unit files for both frontend and backend.
- Executes the unit files as Linux service.
curl https://raw.githubusercontent.com/iptables-viz/iptables-viz/main/scripts/install.sh | sudo bash
Upon the execution of the deployment manifest, check if all the pods in the namespace iptables-viz
are in a Running
status:
❯ kubectl get pods -n iptables-viz
NAME READY STATUS RESTARTS AGE
iptables-viz-backend-98bd5fcfb-mxwvh 1/1 Running 2 (2m33s ago) 22h
iptables-viz-frontend-7fff54cb4d-nj9zl 1/1 Running 7 (2m ago) 22h
After this, list the services in the iptables-viz
namespace:
❯ kubectl get services -n iptables-viz
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
iptables-viz-backend-svc ClusterIP 10.102.34.226 <none> 8080/TCP 22h
iptables-viz-frontend-svc NodePort 10.109.72.229 <none> 80:30025/TCP 22h
To access the frontend web app in your browser, you can use the iptables-viz-frontend-svc
services' NodePort (For example, 30025
in the above output) at the following URL:
http://<node-external-ip>:<node-port>
Upon the execution of the installation script, check the status of the iptables-viz
service:
❯ systemctl status iptables-viz.service
● iptables-viz.service - Oneshot service for iptables-viz
Loaded: loaded (/etc/systemd/system/iptables-viz.service; enabled; vendor preset: enabled)
Active: active (exited) since Sun 2023-04-16 20:47:51 IST; 23s ago
Process: 34848 ExecStart=/bin/true (code=exited, status=0/SUCCESS)
Main PID: 34848 (code=exited, status=0/SUCCESS)
CPU: 822us
Apr 16 20:47:51 ubuntu systemd[1]: Starting Oneshot service for iptables-viz...
Apr 16 20:47:51 ubuntu systemd[1]: Finished Oneshot service for iptables-viz.
Upon ensuring its status is active
, you can access the frontend web app in your browser at the following URL:
http://localhost:3000
kubectl delete -f https://raw.githubusercontent.com/iptables-viz/iptables-viz/main/manifests/kubernetes-deploy.yaml
curl https://raw.githubusercontent.com/iptables-viz/iptables-viz/main/scripts/uninstall.sh | sudo bash