Questions tagged [cilium]
Cilium is an open source software for transparently securing the network connectivity between application services deployed using Linux container management platforms like Docker and Kubernetes. Community support mostly takes place on the Cilium Slack channel (https://cilium.herokuapp.com), you may want to consider asking there.
cilium
58
questions
-1
votes
0
answers
22
views
AWS EKS Multi cluster/Multi Environment access common services [closed]
Wanted to understand what is the best approach to access common services/pods from different EKS clusters. Assuming separate cluster per environment is good approach compared to having 1 cluster with ...
1
vote
1
answer
59
views
libbpf: Error loading .BTF into kernel: -22. Error: failed to open object file, vlen != 0
I am now trying to insert some bpf code into kernel based on cilium. Through this tutorial I step by step follow the instructions to compile using its provided Makefile and then using bpftool to try ...
- 13
0
votes
0
answers
23
views
Install K3s + Cilium + Alpine
i'm trying to install k3s with cilium on an alpine 3.20 virtual machine (https://dl-cdn.alpinelinux.org/alpine/v3.20/releases/x86_64/alpine-extended-3.20.0-x86_64.iso), following the steps below, but ...
- 483
0
votes
1
answer
186
views
Why is Google Kubernetes Engine cilium for anetd reporting errors? [closed]
I've created a cluster with dataplane 2 on Google Kubernetes Engine.
Looking through the logs of the various kube-system pods, I find a fair amount of noise from the metrics reporter container of the ...
- 6,918
0
votes
1
answer
51
views
ebpf-tracepoint/syscalls/sys_enter_execve,has error:invalid variable-offset indirect access to stack R1 var_off=(0x0; 0x7f) size=9 (106 line(s)
the bpf code:
//go:build ignore
#include <linux/bpf.h>
#include <bpf/bpf_helpers.h>
char _license[] SEC("license") = "GPL";
struct execve {
__u64 unused;
...
- 19
-1
votes
1
answer
55
views
bpf_ktime_get_ns Indicates a negative value of the obtained time
I use perf to sample the ebpf function, but I use bpf_ktime_get_ns to get the current second of the system found to be negative, I don't know why
SEC("perf_event")
int do_perf_event(struct ...
0
votes
1
answer
44
views
Using a program of type raw_tracepoint to trace sched_wakeup,bpf verifies that task_struct *p is empty
I used the program type tracepoint, tracepoint /sched/sched_wakeup, and the function parameter tracepoint format。But I changed the raw_tracepoint type, it is not useful, error:loading objects: field ...
0
votes
0
answers
29
views
Cilium Control Plane BGP advertises /32 mask for service
I'm using BGP Control Plane. It's working well.
But our network engineers restrict receiving routes below mask /24.
And Cilium announces the addresses of services with /32 mask. Is it possible to ...
- 35
0
votes
1
answer
82
views
cilium cluster mesh mTLS support
I am new to cilium and cluster mesh, I wanted to know if cilium cluster mesh supports mTLS or if it is by default implemented when we connect two clusters ?
while going through official docs I came ...
0
votes
0
answers
74
views
Cilium Ingress Controller gRPC Web Stream Kubernetes
I want to create a web application, which streams a gRPC backend. To make gRPC web work i need an envoy proxy which translate HTTP/1 to HTTP/2 and back. Can i achieve that with the cilium ingress ...
- 11
3
votes
0
answers
288
views
Envoy retry_policy is not working even though the request is routed correctly
I am using following envoy config:
static_resources:
listeners:
- name: listener_0
address:
socket_address:
address: 0.0.0.0
port_value: 8080
...
- 2,813
-1
votes
1
answer
22
views
Build Tetragon without docker
Is it possible to build Tetragon without docker? I am trying to build non image target "make tetragon" but still it is trying to access docker. I can't use docker due to some limitation.
- 968
0
votes
1
answer
144
views
Implications of Different Cilium Configurations on Istio Integration in Kubernetes
I'm integrating Cilium with Istio in a Kubernetes environment and need clarity on how specific configurations will impact this integration. Based on Cilium's official doc, the two key configurations ...
- 41
0
votes
1
answer
184
views
eBPF uprobe Go function argument wrong output
I wrote a Go code that I want to trace function argument values in eBPF code.
My host machine is M1 MacOS and I running an Ubuntu machine with Lima. I compiled Go program with the following arguments:
...
- 3,050
0
votes
0
answers
36
views
How does Cilium get Pod info when creating a new Pod for setting up labels for endpoints?
I am trying to understand endpoint creation for pods.
In func (d *Daemon) createEndpoint(), d.fetchK8sMetadataForEndpoint() will fetch pod and its labels:
`
func (d *Daemon) ...
- 1