Mauricio Vásquez-Bernal

Metrics are a fundamental piece of any modern cloud observability solution. eBPF is a powerful and efficient technology that allows us to get deep visibility into the operating system. This presentation covers fundamental concepts around metrics, eBPF and how they are related.

Una tecnología que permite a los desarrolladores escribir programas que se ejecutan en el kernel del sistema operativo, lo que permite una mayor visibilidad y control sobre el rendimiento del sistema.

La arquitectura distribuida intrínseca de las aplicaciones nativas de nube las hace difíciles para depurar. Muchas de las herramientas de diagnóstico tradicionales están diseñadas para ser usadas al nivel del nodo y proceso.

Kubernetes has several security mechanisms that can be used to secure your applications. Defining those policies is difficult. This talk shows how eBPF can help generate these policies.

The intrinsic distributed architecture of applications running in Kubernetes makes them difficult to debug. When there is a problem, it is not clear where to start looking at or even which tools to use.

eBPF is now a well-known technology used for networking, observability and security purposes in the cloud native landscape. There are a lot of different projects like BCC, Cilium, Falco, Pixie and Inspektor Gadget that use eBPF as its core technology.

Running eBPF programs in a wide variety of target machines is a big challenge as eBPF programs depend heavily on the kernel version. The CO-RE technology provides a mechanism to ship compiled eBPF programs that are patched according to the target kernel.

Many cloud native projects started using eBPF to provide OS and application observability, networking and security. Kubernetes deployments run on many different kernel versions and currently there is a big challenge on portability.

systemd uses eBPF to implement certain functionality like IP filtering and accounting. In this lightning talk we'll explain how two new security features we implemented in systemd work.

OpenTelemetry nace de la fusión de OpenTracing y OpenCensus, dos proyectos similares que brindan un conjunto de APIs para tracing distribuido y métricas.

Systemd recently got support for libbpf, which opens the door to adding new features much more easily. This talk explains how two new security features were implemented: RestrictFileSystems and RestrictNetworkInterfaces.

Running a process as root inside containers is a security risk. User namespaces isolate user and group IDs, so a process running as root in a container runs as non-root in the host. This talk covers the KEP-127 proposal to bring this support to Kubernetes.

User namespaces are a solution for security as they isolate user and group IDs. The OCI specification and projects like runc, containerd and cri-o support them, but Kubernetes doesn't.

User namespaces provide user IDs and group IDs isolation. A process can have different user and group IDs inside and outside of a user namespace. This talk covers the Kubernetes Enhancement Proposal to bring this support to Kubernetes.

Introduction to Kubernetes networking and eBPF technology for the Cloud Native Bogotá community.

OpenTelemetry is a CNCF sandbox project composed of a set of libraries, agents and other components that enable the generation and collection of telemetry data.

BPF is a virtual machine inside the Linux kernel that allows to load user defined programs. This talk gives an introduction to BPF and the BCC project, showing how to create custom tracing tools.

Introduction to distributed tracing using OpenTelemetry for the DevOps community in Bogotá.