We’re excited to announce our beta launch of Kentik Kube, an industry-first solution that reveals how K8s traffic routes through an organization’s data center, cloud(s), and the internet.

With this launch, Kentik can observe the entire network — on prem, in the cloud, on physical hardware or virtual machines, and anywhere in between. Kentik Kube enables network, infrastructure, platform, and DevOps engineers to gain full visibility of network traffic within the context of their Kubernetes deployments — so they can quickly detect & solve network problems, and surface traffic volumes from pods to external services.

Kubernetes cluster running on AKS, displaying traffic and latency to the front end of an online shopping site.

Why we built Kentik Kube

Kubernetes has become the de facto standard for cloud-based applications. As companies migrate their workloads, ensuring the reliability, connectivity and performance from user applications and their clusters, to the entire infrastructure and internet is critical.

Very often, pods and services experience network delays that degrade a user’s experience. It is difficult to identify which Kubernetes services and pods are experiencing network delays. The complexity of microservices leaves engineers wondering if the network reality matches their design, who are the top requesters consuming Kubernetes services or which microservices are oversubscribed, and how the infrastructure is communicating both within itself or across the internet.

Kentik Kube use cases

We built Kentik Kube to provide visibility for cloud-managed Kubernetes clusters (AKS, EKS, and GKE) as well as on-prem, self-managed clusters using the most widely implemented network models. Teams responsible for complex networks can:

Improve network performance

• Discover which services and pods are experiencing network latency
• Identify service misconfigurations without capturing packets
• Configure alert policies to proactively find high latency impacting nodes, pods, workloads or services.

Gain end-to-end K8s visibility

• Identify all clients and requesters consuming your Kubernetes services
• Know exactly who was talking to which pod, and when.

Validate policies and security measures

• See which pods, namespaces, and services are speaking with each other to ensure configured policy is working as expected.
• Identify pods and services that are communicating with non-Kubernetes infrastructure or the internet — when they should not be.

How Kentik Kube works

Kentik Kube relies on data generated from a lightweight eBPF agent that is installed onto your Kubernetes cluster. It sends data back to the Kentik SaaS platform, allowing you to query, graph and alert on conditions in your data. This data coupled with our analytics engine, enables users to gain complete visibility and context for traffic performance inside and among Kubernetes clusters.

Mapping your network with Kentik Kube

Kentik Kube provides east-west and north-south traffic analytics inside and among Kubernetes clusters. 

Network map showing EKS clusters communicating between AWS regions.

Kentik Kube can display details so you can see if your route tables, NACLs, etc. are all configured correctly. You can drill down into a cluster to see if there are latency or other issues. Our eBPF telemetry agent deployed into these clusters lets you see the traffic between nodes and pods as well as any latency.

How to get started with Kentik Kube

Kentik Kube is now in beta. You can apply to trial the beta by clicking on the Kentik Kube section of the menu. Please share your feedback with us. We’d love to hear what you think.

We continue developing new features for the connectivity checker in order to ensure better user experience for our customers

• It’s now possible to run an ad-hoc test without creating a report first. This test can be saved as a report for later use.
• New source and destination types. You can run a test between subnets, network interfaces and instances. All of the source and destination types are searchable using their names.

• You can start a connectivity test directly from the object on the topology, with the source being automatically pre-filled.

• Direct link to the AWS console is added on under details of impacted objects for easier failed connectivity test troubleshooting.

Data Explorer allows you to drill into your traffic flows for better understanding of what is going on in your network. Data Explorer uses different dimensions and filtering to show you the flows of interest. 

ENI Entity name and ENI Entity type were added to the list of supported dimensions on AWS. This allows users to see and filter traffic to and from AWS services such as Load Balancers and VPC endpoints. 

Observation Deck is our vision for a new focal point of the Kentik platform. It brings together all of our products & modules (current and future), in one place, so customers can get a complete and tailored view of their network and infrastructure. Every new customer will get a curated, default Observation Deck at the end of their initial onboarding. Observation Deck can then be configured to meet their exact needs.

Now customers with Azure Cloud infrastructures can add widgets to their Observation Deck and the Kentik Cloud landing page has been extended to show Azure views as well.

Note the addition of “Cloud Provider Filters” at the top right. This allows to visualize either a multi-cloud environment (“All”), or a specific Cloud. Traffic/flow widgets will filter data by cloud provider if selected.

Azure regions are now shown on the Weathermap.

For a multi-cloud environment, here is how this looks, including the Cloud backbone traffic.

Setting up monitoring of Cloud environments with Kentik can be difficult, especially when users run large multi-account environments. Ensuring that each account has the proper roles with the necessary permissions for Kentik to retrieve metadata and flow logs can be challenging to maintain at scale. That’s where our Cloud Config status comes in. It quickly analyses complex environments to ensure that all accounts are configured as required for Kentik to monitor Cloud networks. This capability is now available for Azure in addition to AWS.

March 2022 marks another important milestone milestone in Kentik's Hybrid Cloud observability product offering by not only releasing Azure Maps, but also  adding AWS VPC endpoint support.

Azure Map

In March we made a large leap forward in enhancing our multi-cloud observability solution. We are introducing the first version of our Kentik Map for Azure, providing a similar look and feel to the AWS map. While many concepts are the same, there are differences, for example a VPC in AWS is a VNET in Azure:

Similar to AWS, we are now showing the Azure regions including their VNETs, allowing users to click into the subnets, and display traffic and other details:

VPC Endpoint support for AWS

We now display VPC endpoints in the AWS Map as network gateways so that map users can easily view traffic to (or in some cases, from) these constructs.

February 2022 comes with a broad set of Kentik Cloud improvements. Google VPC Flow Logs now include GKE (Google Kubernetes Engine) dimensions, users can now post their own AWS metadata using a newly created ingest API (instead of allowing Kentik to retrieve it via AMI assumption), dissociate the accounts used to collect Flow Logs vs Cloud Metadata, and last but not least, the Kappa agent for Kubernetes celebrated its 1.0 version !

Google Kubernetes Engine dimensions

Kentik Data Explorer now supports Google’s extended flow logs for Google Kubernetes Engine (GKE) environments. Google extended their VPC Flow Logs to include annotations that describe network traffic inside the Google Kubernetes Engine environment – i.e, the pods, services, nodes, etc. After hearing from a customer who needed this capability inside Kentik, our engineering team added support for these new dimensions.

AWS Agentless Ingest

Kentik Cloud users can now choose how they want to send their cloud data (VPC flow logs and AWS metadata) to Kentik. This helps solve a problem for some who couldn’t allow Kentik to reach into their AWS accounts via an IAM role assumption. We have exposed a REST API to which you can manually post AWS metadata and we can provide a Kentik-hosted S3 bucket to which VPC flow logs can be written or replicated.

Improved Metadata-only onboarding/settings

It’s now easier to configure an AWS cloud export to collect only metadata from a given account/region. Now that we’ve made this simpler, anyone should be able to understand how to configure such environments.

Enhanced kappa agent for Kubernetes

Kentik has released version 1.0 of the eBPF-based kappa agent for Kubernetes network performance and telemetry. Improvements in this version include easier deployment, critical performance telemetry (% Retransmit and % Out of Order Packets), and host metadata reporting.

A lot of new additions have surfaced in February 2022 in the Kentik Map UI. Amongst others, users will find: a health digest reporting function, new layers for AWS Regions and cloud backbone, as well as improvements in the map legends.

Kentik Map Health Digest

An indicator in the toolbar gives a count of issues we’ve discovered on your network and opens a popover that provides a high-level rundown. Click the View Problems button to see a list detailing the issues, then drill down to the map to see an impacted component in the context of its surrounding infrastructure.

Kentik Map Layer Selector

A new layer selector for the Kentik Map lets you choose which categories of overlays to display, including link traffic types, traffic layer types, cloud regions and backbones, traffic utilization, health, and clustering.

Kentik Map legends

The legends that identify the value ranges represented by link colors are now persistent, so it’s always easy to see what the colors mean.

Kentik Map AWS Regions and Backbones

A layer for AWS regions and backbones has been added to the Kentik Map.

As usual, our Cloud Product team turned around a ton of great enhancements to the Kentik Cloud and Map products over the month of December 2021. More than ever, Kentik goes one step closer from being the only and most complete Hybrid Cloud observability solution out there. See for yourself.

Weather Map improvements

This month saw one of the largest updates to the Weather Map yet. In this release we’ve incorporated several new features worth discussing. We added layers that allow users to view utilization and/or health data into their map, along with a nifty layer selector:

Layer Selector

Utilization layer

A major use case for Weather Map in ISPs and large backbone networks is to assist users in performing capacity planning exercises. In order to accomplish this, we needed to color the map based on interface utilization rather than total bytes. This means that our new map breaks down the interface utilization of a single interface or an aggregated bundle and buckets these interfaces into 10 groups of increasing utilization.

We also needed to add in support for interface bundling as well as support visually aggregated interfaces when more than one link connects a site cluster to another site or another cluster. To support this, we use the backend attributes that we poll from our customer’s SNMP data to determine if an interface is configured as part of a bundle or is operating as a single interface.

If a link is drawn between two site clusters, we’ll aggregate the bandwidth over both links and calculate the total utilization on the fly:

When a user clicks on this link, the system allows them to choose which link they’d like to focus on:

Weather Map sidebar improvements

We’ve also added in sidebar improvements that make selections of Sites and Links easier. Consider the following example. A user has clicked on the 3 site cluster in the Chicago region on the Kentik map:

The sidebar now opens up with a running count of the sites and links interconnecting the sites.

Expanding these elements allows to interactively browse the map:

Health Layer

We have also started to resurface health on the Weather Map. We started by adding health into the cluster popovers as such:

Of course, we also show the site health on the canvas and sidebar as well. Here we see an unhealthy ORD1 site on the canvas:

And a list of all of the sites within a view color-coded by health in the sidebar:

You will notice that we also now color links by health. We currently have two link-health states — down and degraded:

Down indicates that the router that originates or terminates a link has reported an ifOperStatus of DOWN or administratively shut down, while Degraded state means that the system is reporting errors.

Mini-map site topology

A popular request we’ve heard is to show a user’s site topology without having to load the entire site view. We now show the site topology in the sidebar itself. This is useful for getting at-a-glance understandings of how sites are constructed and is a step closer to our next iteration which allows users to see the devices that connect to other sites directly on the Weather Map canvas.