You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Part of #4521 (Phase 1 β mirror-only). Next increment after #5702/#5703 (capture spec) and the capture session + workload mirror command landing.
Problem
ksail workload mirror <deployment> today resolves the target, injects the NET_RAW tap, streams the pcap over the exec channel, writes it to a file, and summarizes it. But mirror-only mode's headline promise β the locally-running service receives the mirrored traffic β is still unfulfilled: nothing delivers the captured requests to the developer's local port. The pcap file is forensics, not a dev bridge.
Proposed direction
Add a live replay sink to the capture session:
Parse the pcap stream as it arrives (gopacket/pcapgo are already embedded β pkg/svc/mirror/pcap.go, dep gopacket v1.6.1).
Reassemble inbound TCP payload streams addressed to the tap target's port (per-flow ordering; evaluate gopacket/reassembly vs a minimal per-flow sequencer β decide in the PR, smallest correct option wins).
Write each reconstructed inbound byte stream to a configurable local address via a new --to localhost:<port> flag, one local connection per mirrored flow, live (replay while capture runs, not post-hoc).
ksail workload mirror <deployment> --to localhost:8080 replays mirrored inbound TCP payloads to the local address while the capture session runs; file output + summary keep working unchanged (--to is additive).
Pure in-process Go (client-go + gopacket) β no new external binary, per the package's native house rule.
Unit-tested with the existing CaptureExecutor stub feeding a synthetic pcap stream and a local net.Listener asserting the exact replayed bytes; error paths (unreachable local addr, malformed pcap) covered.
docs/src/content/docs/cli-flags/workload/workload-mirror.mdx regenerated + the mirror docs updated in the same PR.
Rough size: M β one focused PR (new replay.go + flag wiring + tests + docs).
Part of #4521 (Phase 1 β mirror-only). Next increment after #5702/#5703 (capture spec) and the capture session +
workload mirrorcommand landing.Problem
ksail workload mirror <deployment>today resolves the target, injects the NET_RAW tap, streams the pcap over the exec channel, writes it to a file, and summarizes it. But mirror-only mode's headline promise β the locally-running service receives the mirrored traffic β is still unfulfilled: nothing delivers the captured requests to the developer's local port. The pcap file is forensics, not a dev bridge.Proposed direction
Add a live replay sink to the capture session:
gopacket/pcapgoare already embedded βpkg/svc/mirror/pcap.go, depgopacket v1.6.1).gopacket/reassemblyvs a minimal per-flow sequencer β decide in the PR, smallest correct option wins).--to localhost:<port>flag, one local connection per mirrored flow, live (replay while capture runs, not post-hoc).Acceptance criteria
ksail workload mirror <deployment> --to localhost:8080replays mirrored inbound TCP payloads to the local address while the capture session runs; file output + summary keep working unchanged (--tois additive).CaptureExecutorstub feeding a synthetic pcap stream and a localnet.Listenerasserting the exact replayed bytes; error paths (unreachable local addr, malformed pcap) covered.docs/src/content/docs/cli-flags/workload/workload-mirror.mdxregenerated + the mirror docs updated in the same PR.Rough size: M β one focused PR (new
replay.go+ flag wiring + tests + docs).