Leveraging OCI Runtime Annotations for Kubernetes Tooling
In the Kubernetes ecosystem, several projects are tracing containers using low-level Linux primitives such as eBPF, fanotify, processes, cgroups to name some projects we have Inspektor Gadget , lockc , Falco , etc. Those tools might detect a new container that has been started on a node, but then they need to determine if the container is part of a Kubernetes cluster and identify the pod to which it belongs. One way to get this information is to use Kubernetes API server and filter based on pod.
Related Articles
Mar 15, 2024
Headlamp in KubeCon EU 2024
Feb 7, 2024