TrayceAgent is a binary executable, packaged in a Docker container, which uses EBPF to monitor network requests between Docker containers and to external hosts. It can be used along with the TrayceGUI to inspect traffic.
Read the docs for implementation details.
- Build an image for local-use (only) with:
docker build -t trayce_agent:local .
- Run the built container, replacing
-swith the address of your GRPC server for receiving network flows (i.e. from TraceGUI).
docker run --pid=host --privileged -v /var/run/docker.sock:/var/run/docker.sock -it trayce_agent:local -s 192.168.0.1:50052
Run the bash on the build container with a volume so you can make changes, rebuild and run trayce_agent easily. First comment out the final build stage of the Dockerfile, and change the entrypoint to bash then build it to trayce_agent:local and run:
make dev
Then from within the container run:
make
./trayce_agent -s 192.168.0.20:50052
(You must have a GRPC server running at 192.168.0.20:50052, you can do that by starting the GUI).
First ensure the megaserver is running:
docker compose up megaserver
Run tests from within the build container (from the "Develop" step):
START_AGENT=true make test
Run load tests:
START_AGENT=true make testload
Run unit tests:
make testunit
Generate mocks with mockery (go install github.com/vektra/mockery/[email protected]).