Ever wished you could monitor your AWS load balancer logs in real-time? AWS ELB access logs are packed with security gold, but they're usually just sitting in S3 as static files. Let's fix that with a falco-plugin-aws-elb! What is Falco 🦅?What are Falco Plugins?The ProblemSolutionExample RuleQuick StartWhy Rust 🦀?Available FieldsConclusion What is Falco 🦅? Falco… Continue reading Built a Falco Plugin for AWS ELB Access Logs
On June 16, 2025, I gave a Lightning Talk at KubeCon + CloudNativeCon Japan 2025. The title of my talk was: “From Kernel To Kubernetes: Mapping eBPF-Detected Processes To Pods!” In this session, I explored how Tetragon connects the Linux kernel to Kubernetes by enriching eBPF-detected process data with Kubernetes metadata. You can check out… Continue reading From Kernel to Kubernetes: KubeCon + CloudNativeCon Japan 2025
TL;DR; I created eBPF-based software in Rust that can monitor the Process lifecycle.🦀🐝 🚀 process 101708: root: /usr/sbin/iptables 💥 exit 101708: root: /usr/sbin/iptables 🚀 process 101705: yukinakamura: /usr/bin/cat 💥 exit 101705: yukinakamura: /usr/bin/cat 🚀 process 101758: yukinakamura: /usr/bin/sed 💥 exit 101758: yukinakamura: /usr/bin/sed MotivationScopeArchitecture OverviewHow to RunPrerequisitesClone the RepositoryGenerate Struct codesBuild and Run eBPF Programs… Continue reading Tetragon-mini by Rust: eBPF-based process monitoring
In my previous post, I described setting up my Tetragon development environment on macOS. Following that, I dove into the Tetragon documentation to start learning the ropes! However, I encountered issues with certain commands not working due to differences in Docker image versions and the ARM CPU. To resolve this, I submitted a few pull… Continue reading First Contribution to the Tetragon Project
TL;DR In this post, I will share how to set the Tetragon Develop environment on MacOS with lima. Also, this environment can be used not only to develop but also to try Tetragon directly, in docker, and Kubernetes on MacOS 🐝. Tetragon Develom environment Set up a Virtual MachineInstall limaPrepare a VM templateCreate a VMCheck… Continue reading Set up Tetragon Develop environment on MacOS with lima
As I sit down to write my 20th blog post on this December night, I find myself marveling at the journey I've embarked upon since May 24, when I started this blog. Surprisingly, the pace has been faster than I initially anticipated. What used to take me several hours per post in the beginning has… Continue reading Reflecting on My 2023 Journey
TL;DR In this article, I will explain how to get kube-proxy's metrics via a curl command from a pod via the following command. curl -s \ http://192.168.64.7:10249/metrics Monitoring a Kubernetes cluster with Prometheus Monitoring a Kubernetes cluster with Prometheus is useful for building dashboards and alerts. However, not many DevOps engineers may understand how Prometheus… Continue reading Get kube-proxy’s metrics manually
TL;DR In this article, I will explain how to get kube-controller-manager's metrics via a curl command from a pod via the following command. curl -s -k -H "Authorization: Bearer $(cat /var/run/secrets/kubernetes.io/serviceaccount/token)" https://192.168.64.7:10259/metrics Monitoring a Kubernetes cluster with Prometheus Monitoring a Kubernetes cluster with Prometheus is useful for building dashboards and alerts. However, not many DevOps… Continue reading Get kube-controller-manager’s metrics manually
TL;DR In this article, I will explain how to get kube-scheduler's metrics via a curl command from a pod via the following command. curl -s -k \ -H "Authorization: Bearer $(cat /var/run/secrets/kubernetes.io/serviceaccount/token)" \ https://192.168.64.7:10259/metrics Monitoring a Kubernetes cluster with PrometheusPreparationKubernetes clusterkube-schedulerbind-address and portIP addressGet kube-scheduler's metricsCreate a ClusterRole and a ServiceAccountCreate a Pod from which… Continue reading Get kube-scheduler’s metrics manually
TL;DR kubelet is a service that runs on each worker node in a Kubernetes cluster and is resposible for managing the Pods and containers on a machine. In this article, I will explain how to get kubelet's metrics via a curl command from a pod via the following command. curl -k \ -H "Authorization: Bearer… Continue reading Get kubelet’s metrics manually
Yuki Nakamura's Blog 