Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Correct no eBPF-code is directly involved. As post explores eBPF-based tools for understanding user-space connection with container-runtime and enrichment of event once received from kernel-space.


Hi, this is a nonsensical reply, as the sentence is lacking a few words to be complete. Are you using some kind of AI to answer? If so, which one?


No A.I, just H.I (Human Intelligence) :).


> As post explores eBPF-based tool

What ebpf-based tool(s)? It looks like it's just sample code to open a socket to a CRI.


The snippets are taken from cilium/tetragon, aquasecurity/tracee and crictl as mentioned in the post.

The post doesn't covers these projects in depth, instead act as a quick reference to the parts, where connection with CRI is being made and used for enrichment.

I understand there are more better ways to do the thing.

P.S: Post is a collection of my memories, when I was implementing the functionality. So just wanted to share, in hope that, maybe it will help others as well. Thanks !




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: