eBPF-based Networking, Security, and Observability
-
Updated
Jun 10, 2024 - Go
A kernel is the heart of almost every operating system. It is always loaded in memory at any time and deals with the hardware to provide an interface for the software. It also manages peripherals, memory, interrupts, and processes. Examples of widely used kernels include Windows NT and Linux.
eBPF-based Networking, Security, and Observability
Application Kernel for Containers
syzkaller is an unsupervised coverage-guided kernel fuzzer
Runtime Security Enforcement System. Workload hardening/sandboxing and implementing least-permissive policies made easy leveraging LSMs (BPF-LSM, AppArmor).
eBPF-based Security Observability and Runtime Enforcement
procfs provides functions to retrieve system, kernel and process metrics from the pseudo-filesystem proc.
The Go kernel for Jupyter notebooks and nteract.
The hypervisor-based container runtime for Kubernetes.
BTFhub, in collaboration with the BTFhub Archive repository, supplies BTF files for all published kernels that lack native support for embedded BTF. This joint effort ensures that even kernels without built-in BTF support can effectively leverage the benefits of eBPF programs, promoting compatibility across various kernel versions.
A tool for gathering and visualizing kernel scheduling traces on Linux machines
Operating Systems & Cloud Native Theory, Workshops, Guides, Cool Cloud Native Projects and students contribution area
Tools to let a u-root instance boot signed live distro images over the web
The kernel module management operator builds, signs and loads kernel modules in Kubernetes clusters.
c-binding free API for golang to communicate with the log subsystem of netfilter