Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Documentation of Velero traffic #8670

Open
rk9qn3j opened this issue Feb 7, 2025 · 4 comments
Open

Documentation of Velero traffic #8670

rk9qn3j opened this issue Feb 7, 2025 · 4 comments
Assignees
@kaovilai
Labels
Area/Documentation

Comments

@rk9qn3j
Copy link

rk9qn3j commented Feb 7, 2025

Describe the problem/challenge you have
We are currently setting up network policies in our Kubernetes clusters and without fancy tools like Cilium's Hubble, this becomes fairly challenging, if we don't know exactly how the traffic flows for certain apps such as Velero. 😉

Describe the solution you'd like
So basically, what I'm asking for is documentation of how the traffic flows when using different setups e.g. Velero with remote S3 storage, Velero with remote S3 storage and CSI Snapshot Data Movement enabled.

Anything else you would like to add:
I'm happy to contribute if we have something to start with. 🙂

Vote on this issue!

This is an invitation to the Velero community to vote on issues, you can see the project's top voted issues listed here.
Use the "reaction smiley face" up to the right of this comment to vote.

  • 👍 for "The project would be better with this feature added"
  • 👎 for "This feature will not enhance the project in a meaningful way"
@kaovilai
Copy link
Member

kaovilai commented Feb 7, 2025

if we don't know exactly how the traffic flows for certain apps such as Velero

Can you give an example of what you'd like to see?

@rk9qn3j
Copy link
Author

rk9qn3j commented Feb 12, 2025

Yeah, of course! I'm thinking something like this:

# Scenario 1 - Velero with AWS plugin + S3 for storage
The velero pod talks to the Kubernetes API and S3 storage.

- velero pod -> Kube API (:6443)
- velero pod -> S3 (:9000)

# Scenario 2 - Velero with AWS plugin + S3 for storage + Data movement enabled
Similiar setup as scenario 1, but with node agents running on each node in the cluster. velero pod talks to the S3 storage and both velero and node-agent pod talks to the Kubernetes API.

- velero AND node-agent pod -> Kube API (:6443)
- velero pod -> S3 (:9000)

These were just examples, but did I get the details right? Are there any connections between velero and node-agents pods in scenario 2? Maybe add more details about why the connection is initiated in the first place?

@kaovilai
Copy link
Member

I believe each node agent is also individually talking to S3 as well. I get the idea now. Thanks for the request!.

So you want a comment for each connection why it's needed?

@rk9qn3j
Copy link
Author

rk9qn3j commented Feb 13, 2025

Yeah, that would be nice and also the direction of the traffic (what component initiated the request).

@kaovilai kaovilai removed the Needs info Waiting for information label Feb 13, 2025
@kaovilai kaovilai self-assigned this Feb 13, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@kaovilai kaovilai

Labels
Area/Documentation
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@kaovilai @rk9qn3j @blackpiglet