Yuki Nakamura

Tetragon Process Lifecycle Observation: Tetragon Agent Part

May 23, 2024May 24, 2024 Yuki NakamuraLeave a comment

TL;DR In this post, I explain how the Tetragon Agent reads process lifecycle data from the eBPF Map and sends it to clients.🐝 Process lifecycle data flow IntroductionObserver Reading Process Lifecycle Data from eBPF MapRead data from eBPF MapDeserialization of Process Lifecycle DataEvent type (operation types)DeserializationNotify Events to ListenersProcessManager Passes Data to server.ListenersProcess Lifecycle Data… Continue reading Tetragon Process Lifecycle Observation: Tetragon Agent Part

Tetragon Process Lifecycle Observation: eBPF Part

May 17, 2024May 24, 2024 Yuki NakamuraLeave a comment

TL;DR In this post, I explain how Tetragon detects process creation and termination using eBPF.🐝 IntroductionOverviewkprobes and tracepointseBPF ProgramseBPF MapsTetragon AgentProcess creationeBPF program attached to tracepointWrite data to eBPF MapProcess terminationeBPF program attached to tracepointWrite data to eBPF MapWrap upNext stepRelated posts Introduction I was really impressed when I used Tetragon for the first time.… Continue reading Tetragon Process Lifecycle Observation: eBPF Part

First Contribution to the Tetragon Project

April 30, 2024May 9, 2024 Yuki NakamuraLeave a comment

In my previous post, I described setting up my Tetragon development environment on macOS. Following that, I dove into the Tetragon documentation to start learning the ropes! However, I encountered issues with certain commands not working due to differences in Docker image versions and the ARM CPU. To resolve this, I submitted a few pull… Continue reading First Contribution to the Tetragon Project

Set up Tetragon Develop environment on MacOS with lima

April 15, 2024April 15, 2024 Yuki Nakamura

TL;DR In this post, I will share how to set the Tetragon Develop environment on MacOS with lima. Also, this environment can be used not only to develop but also to try Tetragon directly, in docker, and Kubernetes on MacOS 🐝. Tetragon Develom environment Set up a Virtual MachineInstall limaPrepare a VM templateCreate a VMCheck… Continue reading Set up Tetragon Develop environment on MacOS with lima

Started my eBPF journey

March 29, 2024May 23, 2024 Yuki Nakamura

In KubeCon 2023 @Chiccago, I was so excited about eBPF + Cilium. Then, I finally started learning them. For the first step, I did almost all of labs provided by Isovalent. They were really good! I was able to learn eBPF + Cilium + Tetragon so quickly. Below are the badges I got through labs!… Continue reading Started my eBPF journey

Use a private RUN cache between builds in BuildKit

March 10, 2024May 23, 2024 Yuki Nakamura

TL;DR This post provides hands-on tutorial on how to use a private RUN cache that is defined by RUN --mount=type=cache, sharing=private in Dockerfile. Here is a snippet of Dockerfile. RUN --mount=type=cache,id=private-cache,target=/root/.cache,sharing=private \ echo $(date):" private1 is writing..." && \ echo $(date)": Hello from private1" >> /root/.cache/private.log && \ sleep 10 && \ echo "--- private.log ---------"… Continue reading Use a private RUN cache between builds in BuildKit

Use a locked RUN cache between builds in BuildKit

March 8, 2024May 23, 2024 Yuki Nakamura

TL;DR This post provides hands-on tutorial on how to use a locked RUN cache that is defined by RUN --mount=type=cache, sharing=locked in Dockerfile. Here is a snippet of Dockerfile. RUN --mount=type=cache,id=locked-cache,target=/root/.cache,sharing=locked \ echo $(date):" locked1 Locked" && \ echo $(date)": Hello from locked1" >> /root/.cache/locked.log && \ sleep 10 && \ echo "--- locked.log ---------" &&… Continue reading Use a locked RUN cache between builds in BuildKit

Welcoming Our Daughter to the World

March 7, 2024May 23, 2024 Yuki Nakamura

I'm so happy and excited now, because our daughter was born last month, Feb 2024👼. I am very grateful to my wife. I will try my best to be a good father!

Use a RUN cache between builds in BuildKit

February 4, 2024May 23, 2024 Yuki Nakamura

TL;DR This post provides hands-on tutorial on how to use RUN cache that is defined by RUN --mount=type=cache,sharing=shared in Dockerfile. Here is a snippet of Dockerfile. RUN --mount=type=cache,id=shared-cache,target=/root/.cache,sharing=shared \ echo $(date)": Hello from shared1" >> /root/.cache/shared.log && \ cat /root/.cache/shared.log Sharing cache between builds There are several kinds of cache in docker build, such as the… Continue reading Use a RUN cache between builds in BuildKit

Use BuildKit from Docker Compose

January 20, 2024May 23, 2024 Yuki Nakamura

TL;DR This post provides hands-on tutorial on how to use BuildKit from Docker Compose! Below is a sample command. docker compose build --builder=container BuildKit and DockerBuild driversBuildKit and Docker ComposeHands-on: Use BuildKit from Docker ComposePreparationSet up docker-container driverClone the repository from GitHubWalk through the contentsdocker compose buildExported local cacheBuildKit LogFYI: Cache export is not supported for… Continue reading Use BuildKit from Docker Compose