eBPF Data Plane Deep Dive / Custom seccomp profiles with Inspektor Gadget
Hosted by WIP The New Cloud Berlin
Details
THIS IS A FREE EVENT - PLEASE FINISH YOUR RSVP IN THE LINK BELOW
TALK DETAILS -
"eBPF Data Plane Deep Dive", Chris Tomkins
Abstract: Are you always curious? Then let’s take the lid off a cluster running the Calico eBPF data plane and see what’s going on in there.
You will learn:
-
The theory of a packet walk through a cluster running the Calico eBPF data plane
-
How to see the real thing on a cluster running Calico eBPF
-
How to use available tools for diagnostics or to gain visibility of Calico’s eBPF data plane
__________________
“Generating custom seccomp profiles with Inspektor Gadget”, Jose Blanquicet
Abstract: Using a custom seccomp profile is one of the most recommended ways to increase the security of our Kubernetes workload. However, to be able to do that, we need to know all the system calls that our application uses during its whole life cycle, which is not a simple task.
By default, Kubernetes asks the container runtime to create a container using the `Unconfined` seccomp profile, meaning that seccomp is disabled. Such default behavior ensures that our application will run without problems, but it leaves the containers exposed to remote code execution vulnerabilities.
During this talk, we are going to show how to use Inspektor Gadget to identify all the system calls used by an application and how to generate a custom seccomp profile that ensures it will continue working as intended and with the exact privileges it requires.
Agenda
6:00 PM: Event Host
Introduction
6:05 PM: Chris Tomkins
eBPF Data Plane Deep Dive
6:55 PM: Jose Blanquicet
Generating custom seccomp profiles with Inspektor Gadget
---
Speakers
Chris Tomkins - Tigera (Developer Advocate)
Chris Tomkins is a Developer Advocate at Tigera, where he champions user needs to support Project Calico’s users and contributor community. He has worked in networking since 2000. After realising that a per-device CLI is not a scalable solution for a large environment, he took an early interest in infrastructure-as-code approaches and large-scale automation and continues to have a special inter...
Jose Blanquicet - Microsoft (Software Engineer)
Jose works as a Software Engineer at Microsoft with a focus on Kubernetes and eBPF technologies. He works to maintain and develop Inspektor Gadget that implies working with many other open-source projects within the Kubernetes and Linux communities.
Hosted By
Ashish Mishra, Organizer
Lexi Nadolski, Organizer
---
THIS IS A FREE EVENT - PLEASE FINISH YOUR RSVP IN THE LINK BELOW