NextGen GvTAP Agents to Gain Deep Observability in Azure Cloud (6.2)
Introduction
Enterprises wanted to have visibility on every VNIC adapter level and also with minimal performance. Next Generation GvTap was introduced to address it. It would acquire traffic from VMs and also it is a lightweight kernel based solution. This solution also would have pre-filtering capability at the tap level which will reduce the traffic flow from agent to Vseries node. By this approach it will reduce the V Series load as well as reduce the traffic cost in case when Vseries is in another VPC/Vnet.
In this GVD, we explain how FM manages both Next Generation (NG) and Classic (Old) GvTAP agents for obtaining visibility on the cloud.
Refer to Gigamon Validated Designs in the Gigamon community's knowledge base for more such designs. Please contact your Gigamon Sales contact for more information about the Gigamon solutions.
Design Topology
Design Overview
This design illustrates deploying Gigamon Cloud Suite in an enterprise to monitor the target VMs located across two tenants viz., Production tenant and Sales tenant. The visibility tenant illustrates deployment of Gigamon fabric nodes and visibility traffic processing. The tool tenant illustrates Wireshark tool which receives the processed monitored traffic from V-Series. VNET peering was enabled between the tenants so that the monitored traffic could be forwarded across application and visibility tenants.
The target VMs located across two tenants has both type of GvTAP Agents. One set of VMs installed with lesser Kernel versions of 5.4 to support Classic GvTAP agents and other set of VMs are installed with Kernel versions 5.4 and above to support NG GvTAP agents. Please refer below compatibility matrix for more.
This design presumes monitoring all the target VMs. Hence, the V Series node(s) would be configured to pass all IPv4 traffic. However, you can choose to monitor specific target VMs either by configuring filtering rules to match the IP address of specific hosts/interfaces or by configuring the inclusion/exclusion maps (refer to the Deployment Steps section).
GvTAP Agents Commonality
This GVD primarily focuses on deployment of NG GvTAP agents on Azure cloud. The same installation or management is applicable across cloud platforms like AWS, OpenStack, and so on, where GvTAP agents are used for traffic acquisition.
GvTAP Compatibility Matrix
| Supported OS | Pre-Filtering | eBPF |
|---|---|---|
| Windows | X |
|
| Linux less than 5.4 Kernel |
|
|
| Linux above 5.4 Kernel Version | X | X |
To learn more about this solution, read complete details on the Gigamon Community: NextGen-GvTAP-Agents-to-Gain-Deep-Observability-in-Azure-Cloud-6-2
