Mizu (water in Japanese) is a relatively new tool that is making some waves in the Kubernetes universe. It was open sourced by UP9 and it claims the following:
Think of TCPDump and Wireshark reinvented for Kubernetes with multi-protocol and TLS support.
Which is a very bold claim!
Lets deep dive a little into the tool and see if it stacks up to all it promises.
Mizu — the new wireshark?
Let’s start by fetching the tool.
The CLI is completely standalone, easily downloadable and is compiled for all major OS & arquitectures (Linux, Windows, Apple Intel & Apple M1).
For Linux its a simple as:
curl -Lo mizu github.com/up9inc/mizu/releases/latest/download/mizu_linux_amd64 && chmod 755 mizu
For others enviornments please check
Mizu is essentially composed of two components that communicate between each other using websockets.
This is the component that is essentially exposed to the end user. It is where the user can view & query live traffic, see the services interdependencies, along with performing all configurations. All data is streamed from the Mizu Agents.
This piece runs as a Daemon Set and, depending on the configuration, can run only in specific Kubernetes Nodes or in all of them. This component captures the network packets flowing through that particular node, or against a specific network interface, and analyzes it.
Mizu has support (at the time of writing) for the following protocols: