科技回声

Hey HN, we built Subtrace (<a href="https://subtrace.dev">https://subtrace.dev</a>) to let you see all incoming and outgoing requests in your backend server—like Wireshark, but for Docker containers. It comes with a Chrome DevTools-like interface. Check out this video: <a href="https://www.youtube.com/watch?v=OsGa6ZwVxdA" rel="nofollow">https://www.youtube.com/watch?v=OsGa6ZwVxdA</a>, and see our docs for examples: <a href="https://docs.subtrace.dev">https://docs.subtrace.dev</a>.Subtrace lets you see every request with full payload, headers, status code, and latency details. Tools like Sentry and OpenTelemetry often leave out these crucial details, making prod debugging slow and annoying. Most of the time, all I want to see are the headers and JSON payload of real backend requests, but it's impossible to do that in today's tools without excessive logging, which just makes everything slower and more annoying.Subtrace shows you every backend request flowing through your system. You can use simple filters to search for the requests you care about and inspect their details.Internally, Subtrace intercepts all network-related Linux syscalls using Seccomp BPF so that it can act as a proxy for all incoming and outgoing TCP connections. It then parses HTTP requests out of the proxied TCP stream and sends them to the browser over WebSocket. The Chrome DevTools Network tab is already ubiquitous for viewing HTTP requests in the frontend, so we repurposed it to work in the browser like any other app (we were surprised that it's just a bunch of TypeScript).Setup is just one command for any Linux program written in any language.You can use Subtrace by adding a `subtrace run` prefix to your backend server startup command. No signup required. Try for yourself: <a href="https://docs.subtrace.dev">https://docs.subtrace.dev</a>

23 条评论

gerwim3 个月前

Looks great! Reading through the docs it seems the subtrace process sends all data to your server. I'm reluctant to do that on a production environment, where API keys and personal data are being handled.Is there any way to run it completely self hosted? If not, are there plans? And how will you monitize self hosted options (if it's possible)?

评论 #43115396 未加载

评论 #43118227 未加载

qwertox3 个月前

Wireshark seems a bit misleading. More like a "network inspector" if one leans towards the browser's network tab in the inspector?But it really looks useful and I'll definitely play with it to see if I put it into my toolbox.

评论 #43108688 未加载

评论 #43111633 未加载

jgauth3 个月前

Looks like it is for http requests only? If so, wireshark is not an apt comparison.

评论 #43106370 未加载

smw3 个月前

Can it decrypt tls? Perhaps by hooking the calls to common libraries?

评论 #43105380 未加载

johannes12343213 个月前

From the video it seems the dashboard is hosted on sibtrace.dev. Is my data being sent there? That's an absolute no-go for me.

评论 #43110029 未加载

choilive3 个月前

Always wanted a tool like this. Will try it out next time I need to inspect traffic of a docker container.

ksdme93 个月前

Have not played around with it, but, curious, how does debugging on production work for a specific request/session? Can I filter by some sort if request trace id or something?

评论 #43108147 未加载

IggleSniggle3 个月前

My most painful debugging scenarios with Docker networking (for me) has always been dealing with non-TCP traffic. But still, this seems useful. One thing I don't understand is why this requires an account token? Does this require a network connection to subtrace? It seems like this should all be running locally, and these kinds of connection details are _exactly_ the kind I would not want to leave the host, let alone go to a third party.

评论 #43118274 未加载

mhils3 个月前

Congrats on the seccomp-based interception, that's a really neat way to solve this problem! We did some BPF_PROG_TYPE_CGROUP_SOCK eBPF shenanigans in mitmproxy for redirection, but that doesn't work with containers at all. Cool to see that intercepting all relevant syscalls works that well.

arguflow3 个月前

Very happy subtrace user here. Especially useful to possess the Server-Timing headers.

评论 #43107346 未加载

评论 #43105849 未加载

29athrowaway3 个月前

You can use mitmproxy and mitmweb to achieve the same. It is in Docker hub and you can pass environment variables to your other containers to make it work.The TLS certificate setup is more tricky but that is always going to be a pain.Burp Proxy is another great tool that is even more powerful but harder to set up.

parliament323 个月前

So "tcpdump as a service"? Why wouldn't I just generate my own pcap and stick it into wireshark or whatever I like for looking at packet captures? I'm having trouble seeing the value prop here.

Onkar-Hanchate3 个月前

Interesting! How does this handle latency? Does it introduce any noticeable delay?

评论 #43105415 未加载

kylegalbraith3 个月前

Do you envision going beyond just network calls from bpf?

评论 #43118366 未加载

Vordimous3 个月前

This will help those developers who don't want to navigate Wireshark's setup and just want the familiar Chrom DevTools. Very cool project!

kristopolous3 个月前

stratoshark, the docker container part of wireshark, may be a better match for that description.I'd probably use a postman related pitch instead. This is much closer to that and looks like a nice complement to that workflow

评论 #43110919 未加载

评论 #43106100 未加载

thebabayaga293 个月前

Cool product, I can imagine my engineers using it. Out of curiosity, how would you monitize that?

评论 #43118422 未加载

withinboredom3 个月前

We use <a href="https://treblle.com/" rel="nofollow">https://treblle.com/</a> at work for this in production. Very handy to see what requests are being made and by whom.

sirjaz3 个月前

Any Windows Server support coming?

评论 #43118476 未加载

rob_c3 个月前

or, there's you know... wireshark...

polithrow223 个月前

anything similar for k8s?

评论 #43108519 未加载

评论 #43106954 未加载

评论 #43109330 未加载

codegeek3 个月前

Side question. Why not do a Launch HN instead of Show HN since you are backed by YC ? I thought YC companies can do a launch HN?

评论 #43111524 未加载

vednig3 个月前

please add YC to the title

23 条评论

gerwim3 个月前

评论 #43115396 未加载

评论 #43118227 未加载

qwertox3 个月前

评论 #43108688 未加载

评论 #43111633 未加载

jgauth3 个月前

Looks like it is for http requests only? If so, wireshark is not an apt comparison.

评论 #43106370 未加载

smw3 个月前

Can it decrypt tls? Perhaps by hooking the calls to common libraries?

评论 #43105380 未加载

johannes12343213 个月前

From the video it seems the dashboard is hosted on sibtrace.dev. Is my data being sent there? That's an absolute no-go for me.

评论 #43110029 未加载

choilive3 个月前

Always wanted a tool like this. Will try it out next time I need to inspect traffic of a docker container.

ksdme93 个月前

Have not played around with it, but, curious, how does debugging on production work for a specific request/session? Can I filter by some sort if request trace id or something?

评论 #43108147 未加载

IggleSniggle3 个月前

评论 #43118274 未加载

mhils3 个月前

arguflow3 个月前

Very happy subtrace user here. Especially useful to possess the Server-Timing headers.

评论 #43107346 未加载

评论 #43105849 未加载

29athrowaway3 个月前

parliament323 个月前

So "tcpdump as a service"? Why wouldn't I just generate my own pcap and stick it into wireshark or whatever I like for looking at packet captures? I'm having trouble seeing the value prop here.

Onkar-Hanchate3 个月前

Interesting! How does this handle latency? Does it introduce any noticeable delay?

评论 #43105415 未加载

kylegalbraith3 个月前

Do you envision going beyond just network calls from bpf?

评论 #43118366 未加载

Vordimous3 个月前

This will help those developers who don't want to navigate Wireshark's setup and just want the familiar Chrom DevTools. Very cool project!

kristopolous3 个月前

评论 #43110919 未加载

评论 #43106100 未加载

thebabayaga293 个月前

Cool product, I can imagine my engineers using it. Out of curiosity, how would you monitize that?

评论 #43118422 未加载

withinboredom3 个月前

We use <a href="https://treblle.com/" rel="nofollow">https://treblle.com/</a> at work for this in production. Very handy to see what requests are being made and by whom.

sirjaz3 个月前

Any Windows Server support coming?

评论 #43118476 未加载

rob_c3 个月前

or, there's you know... wireshark...

polithrow223 个月前

anything similar for k8s?

评论 #43108519 未加载

评论 #43106954 未加载

评论 #43109330 未加载

codegeek3 个月前

Side question. Why not do a Launch HN instead of Show HN since you are backed by YC ? I thought YC companies can do a launch HN?

评论 #43111524 未加载

vednig3 个月前

please add YC to the title

Show HN: Subtrace – Wireshark for Docker Containers

23 条评论

Show HN: Subtrace – Wireshark for Docker Containers

23 条评论