Groundcover launched Caretta, an open-source tool that enables teams to create a visual network map of services running in their cluster.
The technology uses eBPF (extended Berkeley Packet Filter), which is used for tracing and monitoring activities within the Linux kernel. EBPF is a virtual machine that can be used to execute kernel-level programs, and it provides a powerful way of instrumenting the kernel and user-level programs. It can be used for a variety of tasks such as monitoring and tracing system calls, networking performance monitoring, security auditing, and more.
Caretta uses eBPF to collect data and is equipped with a Grafana Node Graph dashboard to quickly display the dynamic map of the cluster.
Caretta maps service interactions and their traffic rates and leverages Kubernetes APIs to create a map of K8 clusters, which can be used for on-demand granular observability, cost optimization, and security optimization.
“From the sea to the cloud, it’s all too easy to get lost in a typical Kubernetes cluster. Gaining a decent understanding of the inter-dependencies between the different workloads running in the cluster is a complicated task, leaving teams to work hard for impactful, actionable insights such as identifying central points of failure or pinpointing security anomalies,” Udi Rot, founding engineer at groundcover wrote in a blog post.
The difficulties can be overcome with visualization and whereas a K8s cluster can be seen as a geographic area with paths and trails through communications between different workloads, a map can help one get around the K8s cluster, Rot explained.