{"id":22366152,"url":"https://github.com/microsoft/wcnspect","last_synced_at":"2025-07-30T16:32:41.090Z","repository":{"id":65195918,"uuid":"498918422","full_name":"microsoft/wcnspect","owner":"microsoft","description":"Windows Container Networking Stack Inspector","archived":false,"fork":false,"pushed_at":"2023-07-05T21:21:36.000Z","size":290,"stargazers_count":27,"open_issues_count":5,"forks_count":2,"subscribers_count":30,"default_branch":"main","last_synced_at":"2024-12-04T17:49:47.048Z","etag":null,"topics":["containers","kubernetes","networking","windows"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/microsoft.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":"SUPPORT.md","governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2022-06-01T22:38:02.000Z","updated_at":"2024-11-15T00:54:18.000Z","dependencies_parsed_at":"2024-06-20T06:27:07.879Z","dependency_job_id":"e13aaf0d-a465-4df0-a355-4d6511d9369d","html_url":"https://github.com/microsoft/wcnspect","commit_stats":null,"previous_names":[],"tags_count":1,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/microsoft%2Fwcnspect","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/microsoft%2Fwcnspect/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/microsoft%2Fwcnspect/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/microsoft%2Fwcnspect/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/microsoft","download_url":"https://codeload.github.com/microsoft/wcnspect/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":228164525,"owners_count":17879084,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["containers","kubernetes","networking","windows"],"created_at":"2024-12-04T18:07:53.822Z","updated_at":"2024-12-04T18:07:54.885Z","avatar_url":"https://github.com/microsoft.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Wcnspect\n\n\u003e **W**indows **c**ontainer **n**etworking **s**tack in**spect**or\n\n## Features\n\nWcnspect features four commands:\n\n* `Capture`: runs a packet capture on Windows nodes, Has the capability to filter on pods, IPs, MACs, ports, protocols, and packet type (all, flow, or drop).\n* `Counter`: will retrieve packet counter tables from windows nodes. It only outputs a table on nodes currently running a capture.\n* `Vfp-counter`: will retrieve packet counter tables from the specified pod's VFP port. If specified, the counters from the Host vNIC VFP port and External Adapter VFP port.\n* `Hns`: will print HNS resources in Windows nodes. Can specify `all`, `endpoints`, `loadbalancers`, `namespaces`, or `networks`. Can request json output.\n\n### Building\n\nThis project requires `Go 1.18`. After cloning this repo and installing its dependencies with Go, refer to the following:\n\nAll executables will be placed in `./out/bin`. Upon making the client, two executables will be built: one for Windows and one for Linux.\n\n\u003e to build the client and server\n\n```shell\nmake all\n```\n\n\u003e to clean your repo of executables\n\n```shell\nmake clean\n```\n\n\u003e the server and client can also be built individually\n\n```shell\nmake client\nmake server\n```\n\nIt should be noted that while the client is cross-platform, the server can only run on Windows.\n\n## Wcnspect Server\n\n### Deploying the Wcnspect Server as a DaemonSet (Recommended)\n\nYou can apply the [wcnspectserv-daemon.yml](manifest/wcnspectserv-daemon.yml) to deploy the server as a host process container on all Windows nodes. \n\nThe container image is published under `ghcr.io/microsoft/wcnspect:latest`. The [Dockerfile](manifest/Dockerfile) used for the image can be found [here](./manifest/Dockerfile). \n\nNote that the [manifest](./manifest) directory also contains sample web server deployments for Windows Server 2019 and Windows Server 2022.\n\n## Wcnspect Client\nThe client needs to be executed as a standalone binary from either a Windows or a Linux VM in the same network (jumpbox).\n\nThe Wcnspect client requires access to the [Kubernetes cluster config](https://kubernetes.io/docs/concepts/configuration/organize-cluster-access-kubeconfig/). \n\nBy default, Wcnspect client will search for a file named `config` in the `$HOME/.kube` directory. Otherwise, it will use the $KUBECONFIG environment variable.\n\nBy default, most commands pull information from *all* Windows nodes.\nConsequently, when using commands, the user should reference node names and pod names for better filtering of results.\n\n\u003e in-depth documentation and examples are available with the -h flag on any command\n\n```shell\nwcnspect -h\nwcnspect capture -h\nwcnspect hns all -h\n```\n\nFor commands that accept lists, input should be comma-separated and without spaces. For example, if we want to capture for 10 seconds on nodes named `win1`, `win2`, and `win3`, while also filtering only for TCP packets, we could do the following:\n\n\u003e sample capture command\n\n```shell\nwcnspect capture nodes win1,win2,win3 -t TCP -d 10\n```\n\nThe command will be routed to each node's internal IP on the cluster. It should be noted that if we don't pass a duration, the command will run indefinitely. Additionally, we can terminate the process on the referenced nodes at any time with `Ctrl+C`.\n\nNote that if we pass the `--counters-only` flag to the `capture` command, then packet output won't be displayed and the counter table will only be displayed once the command is finished running.\n\n\u003e sample capture command using --counters-only\n\n```shell\nwcnspect capture nodes win1 --counters-only\n```\n\nImportantly, while the `vfp-counter` command runs on its own (given a pod), the `counter` command is tied to running instances of the `capture` command. Consequently, in order for it to output a table on any given node, a capture must be run on that node at the same time. The table will output packet counts tied to that capture.\n\n```shell\nwcnspect capture nodes win1,win3 -t TCP\nwcnspect counter\n```\n\n## Assumptions\n\nCurrently, this project's code makes the following assumptions:\n\n* The port that Wcnspect server uses is 50051 (this is currently required on the client-side).\n\n## TODO\n  * Support for other ports on the Wcnspect client.\n\n\n## Contributing\n\nThis project welcomes contributions and suggestions.  Most contributions require you to agree to a\nContributor License Agreement (CLA) declaring that you have the right to, and actually do, grant us\nthe rights to use your contribution. For details, visit https://cla.opensource.microsoft.com.\n\nWhen you submit a pull request, a CLA bot will automatically determine whether you need to provide\na CLA and decorate the PR appropriately (e.g., status check, comment). Simply follow the instructions\nprovided by the bot. You will only need to do this once across all repos using our CLA.\n\nThis project has adopted the [Microsoft Open Source Code of Conduct](https://opensource.microsoft.com/codeofconduct/).\nFor more information see the [Code of Conduct FAQ](https://opensource.microsoft.com/codeofconduct/faq/) or\ncontact [opencode@microsoft.com](mailto:opencode@microsoft.com) with any additional questions or comments.\n\n## Trademarks\n\nThis project may contain trademarks or logos for projects, products, or services. Authorized use of Microsoft \ntrademarks or logos is subject to and must follow \n[Microsoft's Trademark \u0026 Brand Guidelines](https://www.microsoft.com/en-us/legal/intellectualproperty/trademarks/usage/general).\nUse of Microsoft trademarks or logos in modified versions of this project must not cause confusion or imply Microsoft sponsorship.\nAny use of third-party trademarks or logos are subject to those third-party's policies.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmicrosoft%2Fwcnspect","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmicrosoft%2Fwcnspect","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmicrosoft%2Fwcnspect/lists"}