Kubeshark

Active
GitHub Go Apache-2.0

Description

eBPF-powered network observability for Kubernetes. Indexes L4/L7 traffic with full K8s context, queryable by AI agents via MCP and humans via dashboard.

Key Features

  • eBPF-based kernel-level network traffic indexing across Kubernetes clusters
  • Automatic TLS/mTLS decryption without key management or sidecars
  • KFL query language combining Kubernetes, API, and network semantics
  • MCP server exposing traffic data to AI agents for natural language queries
  • Retrospective PCAP capture and export for Wireshark analysis
  • AI skills for network root cause analysis and traffic filtering

Use Cases

πŸ’‘ Kubernetes network troubleshooting with AI-assisted root cause analysis
πŸ’‘ API debugging by tracing requests across all microservices in a cluster
πŸ’‘ Security auditing of encrypted traffic without certificate management
πŸ’‘ Performance monitoring of inter-service communication in production
πŸ’‘ Incident response automation using AI agents with network context

Quick Start

helm repo add kubeshark https://helm.kubeshark.com && helm install kubeshark kubeshark/kubeshark && kubectl port-forward svc/kubeshark-front 8899:80. Open http://localhost:8899. For AI: brew install kubeshark && claude mcp add kubeshark -- kubeshark mcp

Related Projects