SlideShare a Scribd company logo

Kubernetes Debugging with Mirrord and Kubernetes

‱
‱
Konrad Ferdinand Heimel
Konrad Ferdinand Heimel

Presentation about two tools: - mirrord Transfer your IDE into the - inspector gadget Cloud-native debugging using eBPF

Technology
1 of 18
Download to read offline
Kubernetes Debugging Tools mirrord and Inspector Gadget Konrad F. Heimel, 2023-08-17 1
Agenda mirrord Transfer your IDE into the Kubernetes cluster inspector gadget Cloud-native debugging using eBPF Konrad F. Heimel, 2023-08-17 2
What is mirrord? Connects a local process to your Kubernetes cluster. Comes with CLI & plugins for IntelliJ and VS Code. Debug in the cloud, without deploying. Test locally in cloud conditions: Without local deployment Without CI/CD Without deploying untested code Konrad F. Heimel, 2023-08-17 3
đŸŽ„Live Demo Konrad F. Heimel, 2023-08-17 4
How does it work? 1. Creates a mirrord-agent in the cluster: Clones/steals & forwards traffic 2. Overrides local process' syscalls to: Listen to agent's incoming traffic. Send out traffic from remote pod. Access remote file system. Merge pod's environment with local. Konrad F. Heimel, 2023-08-17 5
Language/Framework Support Hooks libc , supporting: Rust Node Python Java Kotlin Ruby ... and others! Also supports Go, not using libc . Konrad F. Heimel, 2023-08-17 6
Installation on Cluster? Nothing persistent. Short-lived pod/container for proxy. Only needs kubectl configured. Incompatible with Pod Security Standards. apiVersion: v1 kind: Pod metadata: name: mirrord-agent-lgfcl4ujer-mxbgp spec: containers: - image: ghcr.io/metalbear-co/mirrord:3.56.1 name: mirrord-agent securityContext: capabilities: add: - SYS_ADMIN - SYS_PTRACE - NET_RAW - NET_ADMIN runAsGroup: 7318 volumeMounts: - mountPath: /host/run name: hostrun - mountPath: /host/var name: hostvar hostPID: true volumes: - hostPath: path: /run name: hostrun - hostPath: path: /var name: hostvar Konrad F. Heimel, 2023-08-17 7
Configuration target : Pod/group you connect to. env : Merge pod's and local's environment. networking.mode : steal : Capture incoming mirror : Sniff & forward a copy fs.mode : localwithoverrides : Read Kubelet- generated files. { "kube_context": "my-cluster", "accept_invalid_certificates": false, "target": { "path": "deploy/spring-demo-chart", "namespace": "mirrord-demo" }, "feature": { "network": { "incoming": { "mode": "mirror", "outgoing": true }, "dns": true }, "fs": { "mode": "localwithoverrides" }, "env": true }, "telemetry": false } Konrad F. Heimel, 2023-08-17 8
Advantages of mirrord Mirrors traffic ensuring safety. Flexibly manage traffic and file operations. Superior to local clusters: Handles complex environments. No installation of infrastructure on cluster required. No cluster deployments: Stable code remains. Connects specific services to the cloud. Konrad F. Heimel, 2023-08-17 9
mirrord vs. Telepresence Process-level operation (no daemons). Run multiple services concurrently. No cluster installation needed. Duplicates traffic by default. IDE extensions available! vs Konrad F. Heimel, 2023-08-17 10
Collection of eBPF-based tools for Kubernetes apps. Collects low-level kernel data. Enriches with Kubernetes metadata. Mechanism to deploy eBPF tools to Kubernetes clusters. CLI tool ig for tracing containers. Prometheus metrics endpoint. Konrad F. Heimel, 2023-08-17 11
Linux kernel technology. Restricted C subset programs. Compiled to special bytecode. Validated before kernel execution. from __future__ import print_function from bcc import BPF from bcc.utils import printb # load BPF program b = BPF(text=""" TRACEPOINT_PROBE(random, urandom_read) { // args is from /sys/kernel/debug/tracing/events/random/urandom_read/format bpf_trace_printk("%dn", args->got_bits); return 0; } """) # header print("%-18s %-16s %-6s %s" % ("TIME(s)", "COMM", "PID", "GOTBITS")) # format output while 1: try: (task, pid, cpu, flags, ts, msg) = b.trace_fields() except ValueError: continue except KeyboardInterrupt: exit() printb(b"%-18.9f %-16s %-6d %s" % (ts, task, pid, msg)) Konrad F. Heimel, 2023-08-17 12
eBPF Overview Source: https://www.brendangregg.com/ebpf.html 13
Inspektor Gadget Overview Provides a trace Custom Resource Definition (CRD) for control. Interaction through kubectl gadget CLI. Gadget pod has a Kubernetes controller to perform CR actions. eBPF program installation via tracers from trace CRD. eBPF: Inbuilt kernel VM allowing userspace scripts in kernel space. Konrad F. Heimel, 2023-08-17 14
đŸŽ„Live Demo Konrad F. Heimel, 2023-08-17 15
The Gadgets Konrad F. Heimel, 2023-08-17 16
Installing Inspector Gadget Install Inspector Gadget using Krew kubectl plugin manager: $ kubectl krew install gadget Deploy Inspector Gadget on Kubernetes: $ kubectl gadget deploy Creating Namespace/gadget... ... Creating DaemonSet/gadget... ... Inspektor Gadget successfully deployed Konrad F. Heimel, 2023-08-17 17
Further Resources mirrord inspector gadget eBPF Basics Related Tools Krew kubectl Plugin Manager BPF Compiler Collection (BCC) Konrad F. Heimel, 2023-08-17 18

Recommended

Tools for kubernetes network debugging
Tools for kubernetes network debuggingTools for kubernetes network debugging
Tools for kubernetes network debuggingKonrad Ferdinand Heimel
 
Red Hat and kubernetes: awesome stuff coming your way
Red Hat and kubernetes: awesome stuff coming your wayRed Hat and kubernetes: awesome stuff coming your way
Red Hat and kubernetes: awesome stuff coming your wayJohannes BrÀnnström
 
Modern IoT and Embedded Linux Deployment - Berlin
Modern IoT and Embedded Linux Deployment - BerlinModern IoT and Embedded Linux Deployment - Berlin
Modern IoT and Embedded Linux Deployment - BerlinDjalal Harouni
 
Hybrid CI/CD with Kubernetes & Codefresh
Hybrid CI/CD with Kubernetes & Codefresh Hybrid CI/CD with Kubernetes & Codefresh
Hybrid CI/CD with Kubernetes & CodefreshCodefresh
 
Road to Cloud Native Orchestration
Road to Cloud Native Orchestration Road to Cloud Native Orchestration
Road to Cloud Native Orchestration Open Source Technology Center MeetUps
 
Developer Experience Cloud Native - From Code Gen to Git Commit without a CI/...
Developer Experience Cloud Native - From Code Gen to Git Commit without a CI/...Developer Experience Cloud Native - From Code Gen to Git Commit without a CI/...
Developer Experience Cloud Native - From Code Gen to Git Commit without a CI/...Michael Hofmann
 
From dev to prod: Kubernetes on AWS (short ver.)
From dev to prod: Kubernetes on AWS (short ver.)From dev to prod: Kubernetes on AWS (short ver.)
From dev to prod: Kubernetes on AWS (short ver.)䜑介 äčćČĄ
 
Join Our Party: The Cloud Native Adventure Brigade (TCSW 2019)
Join Our Party: The Cloud Native Adventure Brigade (TCSW 2019)Join Our Party: The Cloud Native Adventure Brigade (TCSW 2019)
Join Our Party: The Cloud Native Adventure Brigade (TCSW 2019)bridgetkromhout
 

Recommended

Tools for kubernetes network debugging
Tools for kubernetes network debuggingTools for kubernetes network debugging
Tools for kubernetes network debuggingKonrad Ferdinand Heimel
 
Red Hat and kubernetes: awesome stuff coming your way
Red Hat and kubernetes: awesome stuff coming your wayRed Hat and kubernetes: awesome stuff coming your way
Red Hat and kubernetes: awesome stuff coming your wayJohannes BrÀnnström
 
Modern IoT and Embedded Linux Deployment - Berlin
Modern IoT and Embedded Linux Deployment - BerlinModern IoT and Embedded Linux Deployment - Berlin
Modern IoT and Embedded Linux Deployment - BerlinDjalal Harouni
 
Hybrid CI/CD with Kubernetes & Codefresh
Hybrid CI/CD with Kubernetes & Codefresh Hybrid CI/CD with Kubernetes & Codefresh
Hybrid CI/CD with Kubernetes & CodefreshCodefresh
 
Road to Cloud Native Orchestration
Road to Cloud Native Orchestration Road to Cloud Native Orchestration
Road to Cloud Native Orchestration Open Source Technology Center MeetUps
 
Developer Experience Cloud Native - From Code Gen to Git Commit without a CI/...
Developer Experience Cloud Native - From Code Gen to Git Commit without a CI/...Developer Experience Cloud Native - From Code Gen to Git Commit without a CI/...
Developer Experience Cloud Native - From Code Gen to Git Commit without a CI/...Michael Hofmann
 
From dev to prod: Kubernetes on AWS (short ver.)
From dev to prod: Kubernetes on AWS (short ver.)From dev to prod: Kubernetes on AWS (short ver.)
From dev to prod: Kubernetes on AWS (short ver.)䜑介 äčćČĄ
 
Join Our Party: The Cloud Native Adventure Brigade (TCSW 2019)
Join Our Party: The Cloud Native Adventure Brigade (TCSW 2019)Join Our Party: The Cloud Native Adventure Brigade (TCSW 2019)
Join Our Party: The Cloud Native Adventure Brigade (TCSW 2019)bridgetkromhout
 
DockerべKubernetesをかけめぐる
DockerべKubernetesをかけめぐるDockerべKubernetesをかけめぐる
DockerべKubernetesをかけめぐるKohei Tokunaga
 
Microservices and containers networking: Contiv, an industry leading open sou...
Microservices and containers networking: Contiv, an industry leading open sou...Microservices and containers networking: Contiv, an industry leading open sou...
Microservices and containers networking: Contiv, an industry leading open sou...Codemotion
 
Code Factory avec GitLab CI et Rancher
Code Factory avec GitLab CI et RancherCode Factory avec GitLab CI et Rancher
Code Factory avec GitLab CI et RancherSUSE
 
Continuous Integration using Docker & Jenkins
Continuous Integration using Docker & JenkinsContinuous Integration using Docker & Jenkins
Continuous Integration using Docker & JenkinsB1 Systems GmbH
 
Code Factory avec GitLab CI et Rancher
Code Factory avec GitLab CI et RancherCode Factory avec GitLab CI et Rancher
Code Factory avec GitLab CI et RancherSUSE
 
BCON22: oneAPI backend - Blender Cycles on Intel GPUs
BCON22: oneAPI backend - Blender Cycles on Intel GPUsBCON22: oneAPI backend - Blender Cycles on Intel GPUs
BCON22: oneAPI backend - Blender Cycles on Intel GPUsXavier Hallade
 
Using eBPF to Measure the k8s Cluster Health
Using eBPF to Measure the k8s Cluster HealthUsing eBPF to Measure the k8s Cluster Health
Using eBPF to Measure the k8s Cluster HealthScyllaDB
 
Kubernetes fĂŒr Workstations Edge und IoT Devices
Kubernetes fĂŒr Workstations Edge und IoT DevicesKubernetes fĂŒr Workstations Edge und IoT Devices
Kubernetes fĂŒr Workstations Edge und IoT DevicesQAware GmbH
 
Hybrid CI/CD with Kubernetes and Codefresh
Hybrid CI/CD with Kubernetes and CodefreshHybrid CI/CD with Kubernetes and Codefresh
Hybrid CI/CD with Kubernetes and CodefreshDevOps.com
 
K8sfor dev parisoss-summit-microsoft-5-decembre-short
K8sfor dev parisoss-summit-microsoft-5-decembre-shortK8sfor dev parisoss-summit-microsoft-5-decembre-short
K8sfor dev parisoss-summit-microsoft-5-decembre-shortGabriel Bechara
 
Shifter singularity - june 7, 2018 - bw symposium
Shifter singularity - june 7, 2018 - bw symposiumShifter singularity - june 7, 2018 - bw symposium
Shifter singularity - june 7, 2018 - bw symposiuminside-BigData.com
 
Deep Learning Edge
Deep Learning Edge Deep Learning Edge
Deep Learning Edge Ganesan Narayanasamy
 
Deploying .NET applications with the Nix package manager
Deploying .NET applications with the Nix package managerDeploying .NET applications with the Nix package manager
Deploying .NET applications with the Nix package managerSander van der Burg
 
Coscup2018 itri android-in-cloud
Coscup2018 itri android-in-cloudCoscup2018 itri android-in-cloud
Coscup2018 itri android-in-cloudTian-Jian Wu
 
introduction to .net
introduction to .netintroduction to .net
introduction to .netbantamlak dejene
 
GCP - Continuous Integration and Delivery into Kubernetes with GitHub, Travis...
GCP - Continuous Integration and Delivery into Kubernetes with GitHub, Travis...GCP - Continuous Integration and Delivery into Kubernetes with GitHub, Travis...
GCP - Continuous Integration and Delivery into Kubernetes with GitHub, Travis...Oleg Shalygin
 
WIndows Embedded Compact 2013 – What’s news
WIndows Embedded Compact 2013 – What’s newsWIndows Embedded Compact 2013 – What’s news
WIndows Embedded Compact 2013 – What’s newsMirco Vanini
 
Deploying Windows Apps to Kubernetes with Draft and Helm
Deploying Windows Apps to Kubernetes with Draft and HelmDeploying Windows Apps to Kubernetes with Draft and Helm
Deploying Windows Apps to Kubernetes with Draft and HelmJessica Deen
 
AWS Summit Singapore 2019 | Latest Trends for Cloud-Native Application Develo...
AWS Summit Singapore 2019 | Latest Trends for Cloud-Native Application Develo...AWS Summit Singapore 2019 | Latest Trends for Cloud-Native Application Develo...
AWS Summit Singapore 2019 | Latest Trends for Cloud-Native Application Develo...AWS Summits
 
ArgoCD and Tekton: Match made in Kubernetes heaven | DevNation Tech Talk
ArgoCD and Tekton: Match made in Kubernetes heaven | DevNation Tech TalkArgoCD and Tekton: Match made in Kubernetes heaven | DevNation Tech Talk
ArgoCD and Tekton: Match made in Kubernetes heaven | DevNation Tech TalkRed Hat Developers
 
developer-experience.pdf
developer-experience.pdfdeveloper-experience.pdf
developer-experience.pdfKonrad Ferdinand Heimel
 
Das Pfadfinderprinzip in DevOps
Das Pfadfinderprinzip in DevOpsDas Pfadfinderprinzip in DevOps
Das Pfadfinderprinzip in DevOpsKonrad Ferdinand Heimel
 

More Related Content

Similar to Kubernetes Debugging with Mirrord and Kubernetes

DockerべKubernetesをかけめぐる
DockerべKubernetesをかけめぐるDockerべKubernetesをかけめぐる
DockerべKubernetesをかけめぐるKohei Tokunaga
 
Microservices and containers networking: Contiv, an industry leading open sou...
Microservices and containers networking: Contiv, an industry leading open sou...Microservices and containers networking: Contiv, an industry leading open sou...
Microservices and containers networking: Contiv, an industry leading open sou...Codemotion
 
Code Factory avec GitLab CI et Rancher
Code Factory avec GitLab CI et RancherCode Factory avec GitLab CI et Rancher
Code Factory avec GitLab CI et RancherSUSE
 
Continuous Integration using Docker & Jenkins
Continuous Integration using Docker & JenkinsContinuous Integration using Docker & Jenkins
Continuous Integration using Docker & JenkinsB1 Systems GmbH
 
Code Factory avec GitLab CI et Rancher
Code Factory avec GitLab CI et RancherCode Factory avec GitLab CI et Rancher
Code Factory avec GitLab CI et RancherSUSE
 
BCON22: oneAPI backend - Blender Cycles on Intel GPUs
BCON22: oneAPI backend - Blender Cycles on Intel GPUsBCON22: oneAPI backend - Blender Cycles on Intel GPUs
BCON22: oneAPI backend - Blender Cycles on Intel GPUsXavier Hallade
 
Using eBPF to Measure the k8s Cluster Health
Using eBPF to Measure the k8s Cluster HealthUsing eBPF to Measure the k8s Cluster Health
Using eBPF to Measure the k8s Cluster HealthScyllaDB
 
Kubernetes fĂŒr Workstations Edge und IoT Devices
Kubernetes fĂŒr Workstations Edge und IoT DevicesKubernetes fĂŒr Workstations Edge und IoT Devices
Kubernetes fĂŒr Workstations Edge und IoT DevicesQAware GmbH
 
Hybrid CI/CD with Kubernetes and Codefresh
Hybrid CI/CD with Kubernetes and CodefreshHybrid CI/CD with Kubernetes and Codefresh
Hybrid CI/CD with Kubernetes and CodefreshDevOps.com
 
K8sfor dev parisoss-summit-microsoft-5-decembre-short
K8sfor dev parisoss-summit-microsoft-5-decembre-shortK8sfor dev parisoss-summit-microsoft-5-decembre-short
K8sfor dev parisoss-summit-microsoft-5-decembre-shortGabriel Bechara
 
Shifter singularity - june 7, 2018 - bw symposium
Shifter singularity - june 7, 2018 - bw symposiumShifter singularity - june 7, 2018 - bw symposium
Shifter singularity - june 7, 2018 - bw symposiuminside-BigData.com
 
Deploying .NET applications with the Nix package manager
Deploying .NET applications with the Nix package managerDeploying .NET applications with the Nix package manager
Deploying .NET applications with the Nix package managerSander van der Burg
 
Coscup2018 itri android-in-cloud
Coscup2018 itri android-in-cloudCoscup2018 itri android-in-cloud
Coscup2018 itri android-in-cloudTian-Jian Wu
 
introduction to .net
introduction to .netintroduction to .net
introduction to .netbantamlak dejene
 
GCP - Continuous Integration and Delivery into Kubernetes with GitHub, Travis...
GCP - Continuous Integration and Delivery into Kubernetes with GitHub, Travis...GCP - Continuous Integration and Delivery into Kubernetes with GitHub, Travis...
GCP - Continuous Integration and Delivery into Kubernetes with GitHub, Travis...Oleg Shalygin
 
WIndows Embedded Compact 2013 – What’s news
WIndows Embedded Compact 2013 – What’s newsWIndows Embedded Compact 2013 – What’s news
WIndows Embedded Compact 2013 – What’s newsMirco Vanini
 
Deploying Windows Apps to Kubernetes with Draft and Helm
Deploying Windows Apps to Kubernetes with Draft and HelmDeploying Windows Apps to Kubernetes with Draft and Helm
Deploying Windows Apps to Kubernetes with Draft and HelmJessica Deen
 
AWS Summit Singapore 2019 | Latest Trends for Cloud-Native Application Develo...
AWS Summit Singapore 2019 | Latest Trends for Cloud-Native Application Develo...AWS Summit Singapore 2019 | Latest Trends for Cloud-Native Application Develo...
AWS Summit Singapore 2019 | Latest Trends for Cloud-Native Application Develo...AWS Summits
 
ArgoCD and Tekton: Match made in Kubernetes heaven | DevNation Tech Talk
ArgoCD and Tekton: Match made in Kubernetes heaven | DevNation Tech TalkArgoCD and Tekton: Match made in Kubernetes heaven | DevNation Tech Talk
ArgoCD and Tekton: Match made in Kubernetes heaven | DevNation Tech TalkRed Hat Developers
 

Similar to Kubernetes Debugging with Mirrord and Kubernetes (20)

DockerべKubernetesをかけめぐる
DockerべKubernetesをかけめぐるDockerべKubernetesをかけめぐる
DockerべKubernetesをかけめぐる
 
Microservices and containers networking: Contiv, an industry leading open sou...
Microservices and containers networking: Contiv, an industry leading open sou...Microservices and containers networking: Contiv, an industry leading open sou...
Microservices and containers networking: Contiv, an industry leading open sou...
 
Code Factory avec GitLab CI et Rancher
Code Factory avec GitLab CI et RancherCode Factory avec GitLab CI et Rancher
Code Factory avec GitLab CI et Rancher
 
Continuous Integration using Docker & Jenkins
Continuous Integration using Docker & JenkinsContinuous Integration using Docker & Jenkins
Continuous Integration using Docker & Jenkins
 
Code Factory avec GitLab CI et Rancher
Code Factory avec GitLab CI et RancherCode Factory avec GitLab CI et Rancher
Code Factory avec GitLab CI et Rancher
 
BCON22: oneAPI backend - Blender Cycles on Intel GPUs
BCON22: oneAPI backend - Blender Cycles on Intel GPUsBCON22: oneAPI backend - Blender Cycles on Intel GPUs
BCON22: oneAPI backend - Blender Cycles on Intel GPUs
 
Using eBPF to Measure the k8s Cluster Health
Using eBPF to Measure the k8s Cluster HealthUsing eBPF to Measure the k8s Cluster Health
Using eBPF to Measure the k8s Cluster Health
 
Kubernetes fĂŒr Workstations Edge und IoT Devices
Kubernetes fĂŒr Workstations Edge und IoT DevicesKubernetes fĂŒr Workstations Edge und IoT Devices
Kubernetes fĂŒr Workstations Edge und IoT Devices
 
Hybrid CI/CD with Kubernetes and Codefresh
Hybrid CI/CD with Kubernetes and CodefreshHybrid CI/CD with Kubernetes and Codefresh
Hybrid CI/CD with Kubernetes and Codefresh
 
K8sfor dev parisoss-summit-microsoft-5-decembre-short
K8sfor dev parisoss-summit-microsoft-5-decembre-shortK8sfor dev parisoss-summit-microsoft-5-decembre-short
K8sfor dev parisoss-summit-microsoft-5-decembre-short
 
Shifter singularity - june 7, 2018 - bw symposium
Shifter singularity - june 7, 2018 - bw symposiumShifter singularity - june 7, 2018 - bw symposium
Shifter singularity - june 7, 2018 - bw symposium
 
Deep Learning Edge
Deep Learning Edge Deep Learning Edge
Deep Learning Edge
 
Deploying .NET applications with the Nix package manager
Deploying .NET applications with the Nix package managerDeploying .NET applications with the Nix package manager
Deploying .NET applications with the Nix package manager
 
Coscup2018 itri android-in-cloud
Coscup2018 itri android-in-cloudCoscup2018 itri android-in-cloud
Coscup2018 itri android-in-cloud
 
introduction to .net
introduction to .netintroduction to .net
introduction to .net
 
GCP - Continuous Integration and Delivery into Kubernetes with GitHub, Travis...
GCP - Continuous Integration and Delivery into Kubernetes with GitHub, Travis...GCP - Continuous Integration and Delivery into Kubernetes with GitHub, Travis...
GCP - Continuous Integration and Delivery into Kubernetes with GitHub, Travis...
 
WIndows Embedded Compact 2013 – What’s news
WIndows Embedded Compact 2013 – What’s newsWIndows Embedded Compact 2013 – What’s news
WIndows Embedded Compact 2013 – What’s news
 
Deploying Windows Apps to Kubernetes with Draft and Helm
Deploying Windows Apps to Kubernetes with Draft and HelmDeploying Windows Apps to Kubernetes with Draft and Helm
Deploying Windows Apps to Kubernetes with Draft and Helm
 
AWS Summit Singapore 2019 | Latest Trends for Cloud-Native Application Develo...
AWS Summit Singapore 2019 | Latest Trends for Cloud-Native Application Develo...AWS Summit Singapore 2019 | Latest Trends for Cloud-Native Application Develo...
AWS Summit Singapore 2019 | Latest Trends for Cloud-Native Application Develo...
 
ArgoCD and Tekton: Match made in Kubernetes heaven | DevNation Tech Talk
ArgoCD and Tekton: Match made in Kubernetes heaven | DevNation Tech TalkArgoCD and Tekton: Match made in Kubernetes heaven | DevNation Tech Talk
ArgoCD and Tekton: Match made in Kubernetes heaven | DevNation Tech Talk
 

More from Konrad Ferdinand Heimel

Konfigurationsmanagement mit Opscode Chef
Konfigurationsmanagement mit Opscode ChefKonfigurationsmanagement mit Opscode Chef
Konfigurationsmanagement mit Opscode ChefKonrad Ferdinand Heimel
 
Konfigurationsmanagement bei Netzwerkhardware - Eine Evaluation
Konfigurationsmanagement bei Netzwerkhardware - Eine EvaluationKonfigurationsmanagement bei Netzwerkhardware - Eine Evaluation
Konfigurationsmanagement bei Netzwerkhardware - Eine EvaluationKonrad Ferdinand Heimel
 

More from Konrad Ferdinand Heimel (6)

developer-experience.pdf
developer-experience.pdfdeveloper-experience.pdf
developer-experience.pdf
 
Das Pfadfinderprinzip in DevOps
Das Pfadfinderprinzip in DevOpsDas Pfadfinderprinzip in DevOps
Das Pfadfinderprinzip in DevOps
 
Konfigurationsmanagement mit Opscode Chef
Konfigurationsmanagement mit Opscode ChefKonfigurationsmanagement mit Opscode Chef
Konfigurationsmanagement mit Opscode Chef
 
NETCONF & YANG
NETCONF & YANGNETCONF & YANG
NETCONF & YANG
 
SNMP - Eine kurze EinfĂŒhrung
SNMP - Eine kurze EinfĂŒhrung SNMP - Eine kurze EinfĂŒhrung
SNMP - Eine kurze EinfĂŒhrung
 
Konfigurationsmanagement bei Netzwerkhardware - Eine Evaluation
Konfigurationsmanagement bei Netzwerkhardware - Eine EvaluationKonfigurationsmanagement bei Netzwerkhardware - Eine Evaluation
Konfigurationsmanagement bei Netzwerkhardware - Eine Evaluation
 

Recently uploaded

Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxLBM Solutions
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?XfilesPro
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphNeo4j
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2Hyundai Motor Group
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 

Recently uploaded (20)

Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptx
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 

Kubernetes Debugging with Mirrord and Kubernetes

  • 1. Kubernetes Debugging Tools mirrord and Inspector Gadget Konrad F. Heimel, 2023-08-17 1
  • 2. Agenda mirrord Transfer your IDE into the Kubernetes cluster inspector gadget Cloud-native debugging using eBPF Konrad F. Heimel, 2023-08-17 2
  • 3. What is mirrord? Connects a local process to your Kubernetes cluster. Comes with CLI & plugins for IntelliJ and VS Code. Debug in the cloud, without deploying. Test locally in cloud conditions: Without local deployment Without CI/CD Without deploying untested code Konrad F. Heimel, 2023-08-17 3
  • 4. đŸŽ„Live Demo Konrad F. Heimel, 2023-08-17 4
  • 5. How does it work? 1. Creates a mirrord-agent in the cluster: Clones/steals & forwards traffic 2. Overrides local process' syscalls to: Listen to agent's incoming traffic. Send out traffic from remote pod. Access remote file system. Merge pod's environment with local. Konrad F. Heimel, 2023-08-17 5
  • 6. Language/Framework Support Hooks libc , supporting: Rust Node Python Java Kotlin Ruby ... and others! Also supports Go, not using libc . Konrad F. Heimel, 2023-08-17 6
  • 7. Installation on Cluster? Nothing persistent. Short-lived pod/container for proxy. Only needs kubectl configured. Incompatible with Pod Security Standards. apiVersion: v1 kind: Pod metadata: name: mirrord-agent-lgfcl4ujer-mxbgp spec: containers: - image: ghcr.io/metalbear-co/mirrord:3.56.1 name: mirrord-agent securityContext: capabilities: add: - SYS_ADMIN - SYS_PTRACE - NET_RAW - NET_ADMIN runAsGroup: 7318 volumeMounts: - mountPath: /host/run name: hostrun - mountPath: /host/var name: hostvar hostPID: true volumes: - hostPath: path: /run name: hostrun - hostPath: path: /var name: hostvar Konrad F. Heimel, 2023-08-17 7
  • 8. Configuration target : Pod/group you connect to. env : Merge pod's and local's environment. networking.mode : steal : Capture incoming mirror : Sniff & forward a copy fs.mode : localwithoverrides : Read Kubelet- generated files. { "kube_context": "my-cluster", "accept_invalid_certificates": false, "target": { "path": "deploy/spring-demo-chart", "namespace": "mirrord-demo" }, "feature": { "network": { "incoming": { "mode": "mirror", "outgoing": true }, "dns": true }, "fs": { "mode": "localwithoverrides" }, "env": true }, "telemetry": false } Konrad F. Heimel, 2023-08-17 8
  • 9. Advantages of mirrord Mirrors traffic ensuring safety. Flexibly manage traffic and file operations. Superior to local clusters: Handles complex environments. No installation of infrastructure on cluster required. No cluster deployments: Stable code remains. Connects specific services to the cloud. Konrad F. Heimel, 2023-08-17 9
  • 10. mirrord vs. Telepresence Process-level operation (no daemons). Run multiple services concurrently. No cluster installation needed. Duplicates traffic by default. IDE extensions available! vs Konrad F. Heimel, 2023-08-17 10
  • 11. Collection of eBPF-based tools for Kubernetes apps. Collects low-level kernel data. Enriches with Kubernetes metadata. Mechanism to deploy eBPF tools to Kubernetes clusters. CLI tool ig for tracing containers. Prometheus metrics endpoint. Konrad F. Heimel, 2023-08-17 11
  • 12. Linux kernel technology. Restricted C subset programs. Compiled to special bytecode. Validated before kernel execution. from __future__ import print_function from bcc import BPF from bcc.utils import printb # load BPF program b = BPF(text=""" TRACEPOINT_PROBE(random, urandom_read) { // args is from /sys/kernel/debug/tracing/events/random/urandom_read/format bpf_trace_printk("%dn", args->got_bits); return 0; } """) # header print("%-18s %-16s %-6s %s" % ("TIME(s)", "COMM", "PID", "GOTBITS")) # format output while 1: try: (task, pid, cpu, flags, ts, msg) = b.trace_fields() except ValueError: continue except KeyboardInterrupt: exit() printb(b"%-18.9f %-16s %-6d %s" % (ts, task, pid, msg)) Konrad F. Heimel, 2023-08-17 12
  • 14. Inspektor Gadget Overview Provides a trace Custom Resource Definition (CRD) for control. Interaction through kubectl gadget CLI. Gadget pod has a Kubernetes controller to perform CR actions. eBPF program installation via tracers from trace CRD. eBPF: Inbuilt kernel VM allowing userspace scripts in kernel space. Konrad F. Heimel, 2023-08-17 14
  • 15. đŸŽ„Live Demo Konrad F. Heimel, 2023-08-17 15
  • 16. The Gadgets Konrad F. Heimel, 2023-08-17 16
  • 17. Installing Inspector Gadget Install Inspector Gadget using Krew kubectl plugin manager: $ kubectl krew install gadget Deploy Inspector Gadget on Kubernetes: $ kubectl gadget deploy Creating Namespace/gadget... ... Creating DaemonSet/gadget... ... Inspektor Gadget successfully deployed Konrad F. Heimel, 2023-08-17 17
  • 18. Further Resources mirrord inspector gadget eBPF Basics Related Tools Krew kubectl Plugin Manager BPF Compiler Collection (BCC) Konrad F. Heimel, 2023-08-17 18