►
From YouTube: 52. #EveryoneCanContribute Cafe: Learned at KubeCon EU, feat. Cilium Tetragon first try
Description
Blog post: https://everyonecancontribute.com/post/2022-06-16-cafe-52-learned-at-kubecon-eu-coffee-chat/ (including all playlists, blog posts, CLI commands and more context to learn)
Tetragon: https://github.com/cilium/tetragon
A
Yeah
and
we're
kind
of
back,
it's
it's
getting
a
little
more
warm,
at
least
in
germany,
and
this
is
the
coffee
jet
after
kubecon,
which
I
attended
in
person.
I
don't
know
of
you,
but
I
heard
at
least
that
you
haven't
been
attending
or
you
don't
know
anything.
So
it
might
be
me
talking
all
the
time
during
this
next
hour,
but
yeah
where
to
start
with
kubecon.
I
think
I
quite
have
quite
a
lot
of
things.
A
Let
me
quickly
share
my
screen
this
one
and
like
what
I
what
I
started
of
the
thing
is.
I
didn't
watch
any
talks
myself
because
I
kept
talking
with
everyone
and
to
get
that
booth
and
basically
everywhere
else
and
decided
that
the
that
cncf
might
be
uploading
the
videos
in
a
bit
which
actually
happened
like
two
weeks
after
the.
B
A
It's
like
two
weeks
and
it
was
there,
and
since
I
was
a
little
away
with
kobit
I
I
could
like
catch
up
now.
The
thing
is:
I
have
no
idea
why
this
is
not
loading.
The
good.
The
other
good
thing
is
that
everyone
else
was
like
writing
the
summaries.
So
I
was
like
that's
super
interesting
and
to
follow
up
and
for
my
own
newsletter,
which
is
over
here,
I've
also
linked
some
resources,
which
could
be
interesting
to
read
so
the
cloud
native
nordics
created
the
video
edit
young
wrote
a
blog
post.
A
A
So
I
attended
the
the
zero
day
event
on
monday,
at
least
in
the
morning,
and
got
an
introduction
into
psyllium,
evpf
and
and
how
this
like
continues
to
grow
in
the
ecosystem,
and
there
was
quite
some
interest
in
the
in
the
room
and
I
haven't
yet
checked.
I
haven't
really
checked
out
cilium,
I
don't
know
if
nicholas
or
marketing,
maybe
you
have.
A
Okay
yeah,
so
I
think
he
kind
of
teased
it
in
the
keynote
a
little
bit,
but
then
stayed
for
like
10
minutes
at
the
slide,
and
it
sounded
like
super
interesting
to
really
try
it
out.
I
think
it
it
should
also
combine
hubble,
which
is
there
for
observability
and
and
some
other
methods
in
a
more
combined
way.
I
would
say.
B
We
can
spontaneously
probably
can
also
switch
because
if
it's
a
test
cluster,
if
you
want
to
where
we
have
like
serium
up
and
running,
and
that
can
also
show
how
hubble
is
looks
like,
but
tess
cardone,
I
was
also
checking
that
this
is
more
like
for
really
like
a
velcro
alternative.
Where
you
want
to
check
when
you
go
down
a
little
bit,
I
think
they're
explaining
it
also
somewhere
demo.
A
A
A
A
A
B
B
B
A
B
A
A
A
B
A
B
B
B
B
B
B
B
B
A
Yeah,
I
was
about
to
do
that.
Actually
I
just
kept
thinking.
I
know
some
companies
who
kind
of
want
to
have
this
kind
of
shell
syslogging,
but
only
logging,
the
commands
and
the
exit
code,
and
previously
we
have
been
doing
that
with
logs
and
some
collectors
and
agents,
and
things
like
that.
So
when
you
have
been
like
a
bad
actor,
you
just
enabled
the
debug
log
on
the
server
and
then
everything
else
was
broken.
A
A
But
we
can,
we
can
like
figure
that
out.
The
thing
is,
I'm
I'm
thinking
of
like
using
that
as
a
demo
or
using
that,
like
as
a
as
a
way
to
kind
of
yeah,
it's
observability
in
that
specific
sense.
But
you
really
need
to
know
what
to
do
with
the
data,
but
I
also
wanted
to
deploy
the
this
is
kind
of
an
c
plus
plus
application
which
leaks
memory,
but
only
when
dns
is
broken.
A
It
basically
logs
that
it
got
some
answers
and
which
I
didn't
install
it
yet,
but
if
you're
using
chaos
mesh
for
for
chaos,
engineering,
you
can
you
can
inject
dns
errors,
so
this
kind
of
errors
out
and
then
the
application
is
leaking
memory,
and
this
was
my
cube.
Contour
timor
as
well,
which
brought
me
to
let
me
see
I
didn't
the
cluster
is
not
fully
installed.
Yet
we
need
to
kind
of
cheat
with
the
slides
now,
but.
A
A
B
A
A
A
A
The
code
itself
is
rather
it's
not
easy,
but
it's
it's
kind
of
an
endless
loop
which
tries
dns
resolving
in
c
plus
plus,
because
I
was
quite
fast
doing
so,
and
it
also
reminded
me
of
a
performance
problem.
I
had
in
the
past
myself
which
burned
me
out,
but
in
the
end
it's
like
it
tries
to
resolve
the
host
name.
You
can
pass
it
via
environment
variables
variables,
so
it's
either.
A
You
can
specify
different
domains
as
environment
variables
in
the
cube
in
the
deployment
itself,
and
the
idea
is
that
when
there
is
an
error,
you
cont
you
handle
the
error
somewhere
and
then
continue
and
if
it
works,
you
print
something
and
in
order
to
provoke
the
memory
leak,
I'm
creating
a
one
megabyte
buffer
which
is
freed
or
deleted
in
here.
But
since
it's
not
handled
in
here,
this
is
a
programming
mistake
and
just
leaks
memory,
and
this
worked
pretty
nicely.
B
A
Yeah,
the
fix
would
be
to
just
copy
the
delete
before
they
continue
over
here.
It's
like
sometimes
sometimes
you're
returning
earlier
or
you're,
just
continuing
a
breaking
out
of
a
loop
or
something
else,
and
this
has
the
potential
to
leak
memory.
I
think
you
might
be
detecting
that
with
dynamic
application,
security,
testing
and
other
things,
but
I
found
it
like
an
interesting
demo
to
fail,
dns
and
see
what
happens
and
in
this
case,
memory
is
just
going
up
and
can
be.
B
A
The
thing
is,
it's
relatively
self-contained,
it's
open
source,
so
everyone
can
just
use
it
if
you
don't
want
to
like
copy
the
source
code.
The
the
docker
file
pub
is
already
like
has
already
created
a
container
in
the
git
repository,
so
the
the
actual
deployment
for
the
demo
is
just
copying
the
yammer
and
adjusting
it
for
your
likings.
So
I
added
two
for
o11
right
out
love
one
for
cncf.io
and
one
for
gitlab.com.
A
I
would
love
for
more
folks
to
just
try
it
out
or
maybe
adopt
it
for
for
own
tests,
because
it's
it
shows
what
is
like
possible
with
observability
tooling,
with
also
how
chaos
engineering
works
and
where
it
does
not
work,
for
example,
and
I
might
be
using
it
actually
for
my
second
talk,
which
I
created
like
the
niklas.
You
inspired
me
for
that
confidence
with
chaos
for
your
kubernetes
observability.
A
B
B
B
A
Yeah,
I've
seen
that
and
I've
also
I've
been
watching
the
the
gpn
20,
which
is
the
goulash
goulash
program
in
germany.
There
were
some
awesome
talks
that
went
germany
in
german.
So
it's
it's
rough
to
translate,
but
I
found
some:
where
is
my
newsletter
to
this
one?
No,
no
this
this
is
this.
Is
copyright
mike
lightner,
the
devops
twins?
A
A
A
Do
all
team
members
in
darfrel
have
the
same
shoes,
and
I
was
like:
where
is
that
matching
shoes,
and
I
was
like
yeah?
Actually
every
one
of
us
brought
the
gitlab
shoes
with
us.
They
were
a
gift
for
for
last
year's
ipo
for
team
members,
and
my
colleagues
also
have
made
a
challenge
for
everyone
who
finds
someone
who's
taller
than
me,
but
yeah
in
the
end.
A
Yeah
and
brandon
posted
like
the
movie
and
our
try
to
to
do
the
movie,
and
then
I
got
a
whatsapp
dm
from
mr
michael
eichner
I
was
like.
Can
I
do
that?
Can
I
use
photoshop
whatever
and
I
was
like
yeah?
I
don't
care
just
do
it?
Can
I
post
it
yeah?
Of
course
you
can
post
that
yeah.
This
was.
This
was
really
funny.
This
is
amused
our
team
at
kubecon
and
I
think
many
folks
as
well-
and
there
was
a
discussion
going
on.
A
I
think
I've
quote
tweeted
that
already
and
when
the
layover
in
frankfurt
happened
on
saturday,
when
I
was
flying
back,
I
was
a
little
bored,
so
I
registered
a
domain
and
hacked
some
html
which
I'm
not
good
at
so
the
page
looks
looks
like
it
is
right
now,
but
yeah.
This
is
like
registered
and
let's
see
what
we
do
with
it.
Okay,
this
was
quite
some
extension
to
that
dragon.
A
Probably
lost
lustron,
the
thing
is,
there
have
been
more
talks
at
ebpf
day
as
well,
which
I
think
dive
more
into
usage
of
eppf.
I've
seen
a
presentation
with
from
ikea
using
using
that
for
their
private
cloud.
Their
creating
was
super
interesting
and
bliss
rice
also
published
a
book
or
a
report
book
around
what
is
ebpf
just
as
a
learning
resource,
and
I
think
there
is
much
more
going
on
and
much
more
coming.
A
A
A
A
A
A
A
A
A
A
A
For
example,
I
have
a
discovery
domain
somewhere
and
I'm
kind
of
depending
on
that
it
always
resolves
to
a
certain
subnet
or
to
a
certain
my
p
address
range
and
then
see
if
that's,
if
that
is
even
like
evaluated
or
it
just
takes
what
it
gets
and
then
connects
to
a
different
app
address.
Where
someone
may
it's
playing
man
in
the
middle,
for
example,
and
does
whatever.
B
A
A
B
A
B
A
B
B
B
B
B
A
B
A
A
B
A
B
A
A
A
Types
and
the
thing
is
hubble
is
as
far
as
I've
understood
like
read:
only
you
are
collecting
the
data
and
then
you
do
something
else
with
another
system
and
as
far
as
I
understood
tetragon,
you
can
enforce
the
policies
directly.
So
if
I
find
a
way
to
block
certain
traffic
now,
I
could
just
apply
that
so
like
observing
and
enforcing.
A
B
A
B
Thing
about
serium
is
that
you
can
also
say
layer.
Seven,
mostly
network
policies
are
only.
There
are
three.
Therefore,
so
tcp
is
true
and
you
can
say
on
with
celium,
you
turn
30.
I
want
to
block
that
the
application
cannot
go
to
slash
http.
So,
for
example,
we
did
a
crew
test
with
the
potato
head
and
we
said.
Okay,
we
want
to
block
the
left
arm
over
right
arm
to
see
how
the
blocking
is
working,
because
the
potato
head
is
slightly
a
multi
tier
deployment.
A
A
A
A
A
A
B
B
A
A
A
A
A
They
voted
for
the
next
event
type
next
to
something
like
network
monitoring
it.
It
will
become
or
should
become
profiling
so
like
when
you're
collecting
profiles
from
polar
signals,
parker
or
pyroscope
you
can,
or
you
should
be
able
to
treat
it
as
a
way
that
the
the
open,
telemetry,
collector
or
side
cars
can
process
that
data.
A
I
think
it's.
This
is
like
an
emerging
topic
as
well.
Next
to
what
has
been
discussed
at
the
security
con,
which
was
also
a
zero
day
event
for
two
days.
The
web
assembly
day,
which
I
haven't,
watched
yet
and
also
the
github's
con
talk,
see
where
they
went
where
other
or
where
many
interesting
two
topics
have
been
discussed.
A
A
Yeah
and
the
thing
is,
I
was
pretty
like
I
learned
a
lot.
I
did
really
attend
the
talks.
I
met
more
people
and
made
connections,
but
in
the
end,
it's
everything
is
like
online
available.
You
can
watch
the
recordings.
There
are
certain
resources
to
read
and
learn
and
to
try
out
I'm
happy
that
we
tried
out
tetragon
today,
because
this
was
kind
of
a
plan
as
well
and
let's
stop
sharing
so
that
we
can
see
each
other
actually.
A
No,
I
think
one
of
the
most
interesting
goals
will
be
to
see
how
open
telemetry
gets
adopted
by
both
developers.
Devops
engineers,
everyone
else
in
a
way
of
having
something
unified
for
metrics
logs
traces,
profiling,
whatever
data
type,
might
be
out
there
and
to
also
combine
it
between
vendors.
So
when
you
want
to
write
the
data
to
splunk
or
data.org
or
aws,
everyone
has
their
own
like
distribution
and
the
distribution
open.
A
Telemetry
is
just
the
base
binaries
or
the
base
things
enriched
with
plugins
and
metadata,
and
I
think
it
will
be
interesting
to
see
how
fast
the
adoption
is
going
on.
So
there
is
like
every
time
you
or
every
week
you
see
a
new
blog
post
popping
up
or
10
10
of
them,
so
it's
really
a
great
learning
opportunity,
as
well
as
like
making
your
life
easier
as
well
with
open
source
toolings
in
that
regard,
open
source
tools,
platforms.
B
A
Yeah,
it
was
kind
of,
and
I'm
not
saying
like
kobet
is
over
now,
but
it
was
kind
of
an
experiment
for
myself
as
well.
If
travel
works
out
and
if,
if
it's
like,
it
makes
sense
to
be
with
7
500
folks
in
in
a
big
location
but
yeah,
I
I
found
it
really
refreshing,
even
though,
even
so
with
a
mask,
you
can
still
see
people
smile
and
and
feel
engaged.
It
was
really
nice
and
I
every
time
I
thought
about
hey.
I
should
be
attending
this
session
somewhere
on
on
the
on
the
venue.
A
Someone
else
came
by
and
said:
hey
can
we
talk
about
gitlab
and
kubernetes,
and
things
like
that
or
even
asking
me
about
my
talk
and
so
I
kind
of
practiced.
My
my
key
messaging
as
well
and
here
time
was
time,
was
going
fast,
especially
because
the
gitlab
team
hasn't
met
before
as
well.
So
we
made
it
a
team
offside
somehow
and
had
team
dinner,
and
I
was
we
also
needed
to
adjust
to
spain
with
dinner
times,
which
is
like
8
9,
10,
11
p.m.
Something
like
that.
A
Sometimes
the
main
dish
came
at
11
pm,
which
was
kind
of
unusual
compared
to
germany,
where
you
have
like
6
p.m:
7
p.m,
sometimes,
but
when
you're
like
jumping
right
in
at
some
point,
you
don't
care
anymore.
So
I,
since
my
talk,
was
on
friday.
I
needed
to
force
myself
going
to
bed
on
thursday
evening.
A
B
B
A
Yeah
potentially
like
when
mikey
is
heading
heading
towards
us,
he
is
traveling
to
vienna
first
and
then
taking
the
flight
to
somewhere
else,
but
it's
not
like
efficient
in
in
a
way
of
like
thinking
economy.
Potentially,
therefore,
we
should
be
meeting
at
the
spot
where
trains
are
connecting,
which
is
either
vienna
to
berlin,
frankfurt
somewhere.
The
routing,
maybe
frank
mayor,
frank,
I
only
know
frankfurt
as
a
business
city,
but
actually
it
has
a
nice
old
city.
Maybe
maybe
we
should
try
that
or
we
just.
B
A
B
B
A
B
B
A
But
I
will
be
catching
up.
I
think,
on
on
the
specific
things,
and
sometimes
it
also
needs
some
spontaneous
hey
we're
just
talking
about
what
we
learned
at
event,
xyz,
which
is
also
quite
nice,
and
to
everyone
who's
lis,
who's
watching
the
recording
async.
Now
you
were
gladly
missed
next
time.
I
want
to
see
you
on
the
everyone.
Can
conti
good
cafe,
meetup
again.
A
Okay
yeah,
so
thanks
for
joining
is
there
anything
else
you
would
like
to
say.
No,
I
would
just
say,
keep
on
learning
and
if
there
is
anything
else
we
can
help
you
with
join
either
the
live
sessions
next
time
or
or
the
live
meetup
next
time
or
tag
us
on
twitter
or
join
discord,
yeah
and
hopefully
we
will
see
each
other
in
person
soon
again
or
for
the
first
time
with
that,
thanks
for
joining
in
and
see
you
next
time,
bye,
bye,.