Linux kernel version 5.8+
First, download BumbleBee:
curl -sL https://run.solo.io/bee/install | BUMBLEBEE_VERSION=v0.0.12 sh
mv $HOME/.bumblebee/bin/bee /usr/local/binPackage capable as an OCI image:
bee build capable.c capable:v1Now, you can list the images that you built:
bee listThis should give you an output similar to this:
Name | OS | OS Version | Arch
capable:v1 | Linux | 5.11.0-1026-gcp | x86_64Finally, you can run it:
bee run capable:v1And check the results in a TUI interface:
__
/\ \ Program location: capable:v1
\ \ \____ __ __
\ \ '__'\ /'__'\ /'__'\ // \
\ \ \L\ \/\ __//\ __/ \\_/ //
\ \_,__/\ \____\ \____\ ''-.._.-''-.._.. -(||)(') <ctrl-n> Select next table
\/___/ \/____/\/____/ ''' <ctrl-p> Select previous table
<ctrl-c> Quit
(powered by solo.io)
╔═══════════════════════════════════════════════════events════════════════════════════════════════════════════╗
║cap pid task tgid uid ║
║2 2150 k3s-server 2336 0 ║
║2 2150 k3s-server 2336 0 ║
║2 2150 k3s-server 2336 0 ║
║2 2150 k3s-server 2336 0 ║
║19 2150 k3s-server 2336 0 ║
...
...
...Note: an OCI compliant registry is recommended for this step. This example expects a local registry to be running on localhost:5000, but feel free to use other solutions, e.g. GitHub Container Registry (ghcr.io), or similar.
Let's push the image to a registry:
bee push localhost:5000/solo/capable:v1Now, let's deploy it as a Daemonset:
cat << EOF | kubectl apply -f -
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: bumblebee
spec:
selector:
matchLabels:
app: bumblebee
template:
metadata:
labels:
app: bumblebee
spec:
containers:
- name: bumblebee
image: ghcr.io/solo-io/bumblebee/bee:0.0.12
imagePullPolicy: Always
command: ["./bee-linux-amd64"]
args: ["run", "--insecure", "--plain-http", "--no-tty", "master:5000/solo/capable:v1"]
tty: true
ports:
- name: http-monitoring
containerPort: 9091
securityContext:
privileged: true
EOFNote: The Operator distribution will be soon available, making it easier to deploy various eBPF scripts into your Kubernetes cluster.
helm repo add prometheus-community https://prometheus-community.github.io/helm-charts
helm repo update
helm upgrade --install kube-prometheus-stack \
prometheus-community/kube-prometheus-stack \
--version 41.5.1 \
--namespace monitoring \
--create-namespaceDeploy a podMonitor to scrape our BumbleBee pods:
cat << EOF | kubectl apply -f -
apiVersion: monitoring.coreos.com/v1
kind: PodMonitor
metadata:
name: bumblebee-podmonitor
labels:
monitoring: bumblebee
release: kube-prometheus-stack
spec:
selector:
matchLabels:
app: bumblebee
jobLabel: bumblebee-stats
podMetricsEndpoints:
- port: http-monitoring
path: /metrics
interval: 15s
EOFYou can find a dashboard in the dashboards/ folder, named cap.json.
Once you imported it into Grafana, you should be able to monitor all the capabilities invoked by your processes.
