We dive into the Linux kernel this week with guest Leonardo Di Donato, Open Source engineer at Sysdig. Leonardo works full-time on the Falco project, a runtime security engine that listens to the Linux kernel using eBPF - the extended Berkeley Packet Filter. Leonardo tells the hosts about the architecture of eBPF, how he has used it before and now, and what’s coming up for Falco.
Do you have something cool to share? Some questions? Let us know:

web: kubernetespodcast.com
mail: kubernetespodcast@google.com
twitter: @kubernetespod

Chatter of the week

University Challenge: can you guess the computer?
Golf Peaks (Google Play, App Store)

Desert Golfing



News of the week

Apache Flink v1.10
Linkerd v2.7
Azure Container Registry to require TLS 1.2
CPU limits and aggressive throttling in Kubernetes - Omio Engineering by Fayiz Musthafa from Omio
Kiosk

Reddit thread with Lukas Gentele


Docker donates the cnab-to-oci library to cnab.io
How-to Guide: Debugging a Kubernetes Application
Nutanix Karbon 2.0
Childcare and COVID-19 at KubeCon EU

That discount code again again: KCEUGKP15


Red Hat OpenShift is now available for IBM Z and LinuxONE
Why Kubernetes on VMs? by Chip Zoller
Securely Access AWS Services from Google Kubernetes Engine (GKE)
Carbon Relay raises $63 million

Links from the interview

Traditional Linux tracing tools: perf and strace
BPF and eBPF

BPF paper by Steven McCanne and Van Jacobson
eBPF: Alexei Starovoitov added the ’e’
Express Data Path (XDP)


bpftrace
InfluxDB Cloud
kubectl-trace
The IO Visor project
Sysdig

Loris Degioanni, co-founder, CTO, and author of Wireshark


Falco

Sysdig and Falco now powered by eBPF
Falco joins CNCF Sandbox and moves to incubation


Upcoming KubeCon EU talks by Leonardo:

Going beyond CI/CD with Prow
Designing a gRPC interface for kernel tracing with eBPF


Falco community:

GitHub
Docs
Mailing list
Notes about community calls
Community call recordings
Slack


Leonardo Di Donato on Twitter