Mizu — Kubernetes Traffic Viewer

Bruno Teixeira
7 min readMay 2, 2022

Introduction

Mizu (water in Japanese) is a relatively new tool that is making some waves in the Kubernetes universe. It was open sourced by UP9 and it claims the following:

Think of TCPDump and Wireshark reinvented for Kubernetes with multi-protocol and TLS support.

Which is a very bold claim!

Lets deep dive a little into the tool and see if it stacks up to all it promises.

Mizu — the new wireshark?

CLI

Let’s start by fetching the tool.

The CLI is completely standalone, easily downloadable and is compiled for all major OS & arquitectures (Linux, Windows, Apple Intel & Apple M1).

For Linux its a simple as:

curl -Lo mizu github.com/up9inc/mizu/releases/latest/download/mizu_linux_amd64 && chmod 755 mizu

For others enviornments please check https://getmizu.io/docs/installing-mizu/downloading-mizu-cli

Architecture

https://github.com/up9inc/mizu/wiki/Introduction-to-Mizu

Mizu is essentially composed of two components that communicate between each other using websockets.

API Server

This is the component that is essentially exposed to the end user. It is where the user can view & query live traffic, see the services interdependencies, along with performing all configurations. All data is streamed from the Mizu Agents.

Mizu Agent

This piece runs as a Daemon Set and, depending on the configuration, can run only in specific Kubernetes Nodes or in all of them. This component captures the network packets flowing through that particular node, or against a specific network interface, and analyzes it.

Features

Mizu has support (at the time of writing) for the following protocols:

--

--

Bruno Teixeira

Principal Cloud Engineer with a distributed system’s background, a passion for working with the bleeding edge and an unhealthy obsession for automation.