We dive into the Linux kernel this week with guest Leonardo Di Donato, Open Source engineer at Sysdig. Leonardo works full-time on the Falco project, a runtime security engine that listens to the Linux kernel using eBPF - the extended Berkeley Packet Filter. Leonardo tells the hosts about the architecture of eBPF, how he has used it before and now, and what’s coming up for Falco.
Do you have something cool to share? Some questions? Let us know:
- web: kubernetespodcast.com
- mail: kubernetespodcast@google.com
- twitter: @kubernetespod
Chatter of the week
News of the week
- Apache Flink v1.10
- Linkerd v2.7
- Azure Container Registry to require TLS 1.2
- CPU limits and aggressive throttling in Kubernetes - Omio Engineering by Fayiz Musthafa from Omio
- Kiosk
- Docker donates the cnab-to-oci library to cnab.io
- How-to Guide: Debugging a Kubernetes Application
- Nutanix Karbon 2.0
-
Childcare and COVID-19 at KubeCon EU
- That discount code again again: KCEUGKP15
- Red Hat OpenShift is now available for IBM Z and LinuxONE
- Why Kubernetes on VMs? by Chip Zoller
- Securely Access AWS Services from Google Kubernetes Engine (GKE)
- Carbon Relay raises $63 million
Links from the interview
- Traditional Linux tracing tools: perf and strace
- BPF and eBPF
- bpftrace
- InfluxDB Cloud
- kubectl-trace
- The IO Visor project
-
Sysdig
- Loris Degioanni, co-founder, CTO, and author of Wireshark
- Falco
- Upcoming KubeCon EU talks by Leonardo:
- Falco community:
- Leonardo Di Donato on Twitter
Original Source: https://kubernetespodcast.com/episode/091-ebpf-and-falco/