johanels/akvorado
1
0
Fork 0
mirror of https://github.com/akvorado/akvorado.git synced 2025-12-11 22:14:02 +01:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity
Files
8ac89407fd493a8973c5ee4d5ed8ed8e551d2ecc
akvorado/console/data/docs/00-intro.md
Vincent Bernat 8ac89407fd console: add admonitions to documentation markdown
2025-07-27 21:44:28 +02:00

4.2 KiB
Raw Blame History

Introduction

Akvorado1 receives network flows (currently Netflow/IPFIX and sFlow), enriches them with interface names (using SNMP), geographic information (using IPinfo or MaxMind), and exports them to ClickHouse via Kafka. It also provides a web interface to browse the results.

Quick start

The easiest way to get started is with Docker and Docker Compose V2. On Ubuntu systems, you can install the docker-compose-v2 package. On macOS, you can use the docker-compose formula from Homebrew.

# mkdir akvorado
# cd akvorado
# curl -sL https://github.com/akvorado/akvorado/releases/latest/download/docker-compose-quickstart.tar.gz | tar zxvf -
# docker compose up

Monitor the output of docker compose ps. Once akvorado-console service is present "healthy", Akvorado web interface should be running on port 8081. It can take a few minutes. The demo includes synthetic flow data to help you explore the features.

Next steps

To connect your own network devices:

  1. Disable demo data:

    • Remove the reference to docker-compose-demo.yml from .env
    • Comment out the last line in akvorado.yaml

  2. Customize the configuration in akvorado.yaml:

    • Set SNMP communities for your devices in outletmetadataprovidercommunities
    • Configure interface classification rules in outletcoreinterface-classifiers

  3. Configure your routers/switches to send flows to Akvorado:

    • NetFlow/IPFIX: port 2055
    • sFlow: port 6343

  4. Restart all containers:

    • docker compose down --volumes
    • docker compose up -d

Tip

Interface classification is essential for the web interface to work properly. Without it, you won't see data in the dashboard widgets or visualization tab. See the configuration guide for details.

Need help?

You can get all the expanded configuration (with default values) with docker compose exec akvorado-orchestrator akvorado orchestrator --check --dump /etc/akvorado/akvorado.yaml.

Important

Please, do not open an issue or start a discussion unless you have read the various chapters of the documentation, notably the troubleshooting guide.

Big picture

General design

Akvorado is split into four components:

  • The inlet service receives flows from exporters and forwards them unparsed to Kafka.

  • The outlet service consumes flows from Kafka, parses them, and enriches them with metadata. It polls each exporter using SNMP to get the system name, the interface names, descriptions and speeds. It applies rules to add attributes to exporters. Interface rules attach to each interface a boundary (external or internal), a network provider and a connectivity type (PNI, IX, transit). Optionally, it may also receive BGP routes through the BMP protocol to get the AS number, the AS path, and the communities. The enriched flows are then exported to ClickHouse.

  • The orchestrator service configures the internal and external components. It creates the Kafka topic and configures ClickHouse to receive the flows from the outlet service. It exposes configuration settings for the other services to use. It provides to ClickHouse additional data, notably GeoIP data.

  • The console service provides a web interface to view and manipulate the flows stored in the ClickHouse database.

ClickHouse database schemas

Flows are stored in a ClickHouse database using a table flows (and a few consolidated versions). The orchestrator service keeps the table schema up-to-date. You can check the schema using SHOW CREATE TABLE flows.

  1. Akvorado means "water wheel" in Esperanto. ↩︎