Traffic Capturing Mechanism

GigaVUE Cloud Suite for OpenStack captures traffic in OpenStack cloud using G-vTAP agents, as described in this section.

G-vTAP Agent

A G-vTAP agent is a tiny footprint user-space agent (G-vTAP) that is deployed in a project instance. This agent mirrors the traffic from a source interface to a destination mirror interface. The mirrored traffic is then sent to the GigaVUE® V Series node. The following figure shows a high level architecture of Gigamon GigaVUE Cloud Suite for OpenStack using G-vTAP agents as the source for acquiring the traffic.

A G-vTAP agent is deployed by installing the agent in the virtual instances. When a G-vTAP agent is installed, a G-vTAP Controller must be configured in your environment. A G-vTAP Controller orchestrates the flow of mirrored traffic from G-vTAP agents to the GigaVUE V Series nodes. A single G-vTAP Controller can manage up to 100 G-vTAP agents deployed in the cloud.

By using G-vTAP agents for mirroring traffic, the monitoring infrastructure is fully contained within the virtual machine being monitored. This agent is agnostic of the underlying virtual switch. Also, the cost of monitoring a virtual machine is borne by the same virtual machine.

OpenVSwitch (OVS) Mirroring

When deploying OpenVSwitch (OVS) Mirroring, a G-vTAP agent is installed on the hypervisor where the VMs you wish to monitor are located. When a G-vTAP agent is installed, a G-vTAP Controller must be configured in your environment. A G-vTAP Controller orchestrates the flow of mirrored traffic from G-vTAP agents to the GigaVUE V Series nodes. A single G-vTAP Controller can manage up to 100 G-vTAP agents deployed in the cloud. By using OVS Mirroring or OVS Mirroring + DPDK, the mirroring infrastructure is fully contained within the hypervisors. This G-vTAP agent must be on OpenVSwitch.

Note: OVS Mirroring also supports OpenVSwitch with DPDK as a preview. The configuration steps for OVS Mirroring and OVS Mirroring with DPDK are the same.

OVS Mirroring Prerequisites

The following items are required to deploy a G-vTAP OVS agent:

An existing OpenStack cloud environment should be available with admin login credentials
A user with OVS access is required to enable OVS-Mirror. The user can be an admin or can be a user with a custom role that has the permissions and the ability to list projects. Refer to OpenStack Role Privileges Required to Enable OVS Mirroring for the elevated privileges required.
A working GigaVUE-FM with latest build.
OpenStack Cloud Environment Requirements:
- OpenStack Version: Rocky and above.
- Ubuntu Version 16.04 and above or RedHat version 7.6 and above.
- ML2 mechanism driver: OpenVSwitch

If the OpenStack CLI does not return a reachable IP for the hypervisors that are being monitored, you must manually enter a reachable IP for each hypervisor in OpenStack using project properties. For each hypervisor you will need to add a key value pair property in the following format:

key: value
key: must be in the form gigamon-hv-<hypervisorID>
value: reachable IP for hypervisor

For example: gigamon-hv-1 : 10.120.10.2

OpenStack Role Privileges Required to Enable OVS Mirroring

OpenVSwitch (OVS) Mirroring + DPDK

Note: OVS Mirroring also supports OpenVSwitch with DPDK as a preview. The configuration steps for OVS Mirroring and OVS Mirroring with DPDK are the same. See instructions for OVS Mirroring throughout this guide when testing OVS Mirroring + DPDK.