Cloud Native eBPF Instrumentation
11-17, 09:45–10:15 (UTC), The Theater

In this talk we are going to see how in Cloud Native environments we have the common issue of having tools to instrument and comprehend the application behaviour at kernel level. To try to solve this problem I'll try to illustrate my opinions on how I used eBPF and eBPF based tools that are both the kernel and Kubernetes aware. In other words, Cloud Native.

Leonardo is an Open Source Software Engineer at Sysdig in the Office of the CTO. He is in charge of the Open Source methodologies and projects of Sysdig. At the same time he mainly takes care of Falco, a CNCF Container Native Runtime Security project. He is also involved in the Linux Foundation's eBPF project (IO Visor) as a maintainer of kubectl-trace project. He's also the creator of go-syslog, a blazingly fast Golang parser for syslog messages and transports, and of kubectl-dig, a tool to have deep visibility into Kubernetes directly from the kubectl. In the meantime he's also involved from the early days into the new CNCF SIG-Security.