| ▲ | smw 2 days ago | |
kubeshark [0] is using ebpf to catch calls to openssl/go's tls lib and thus no need to juggle certs. Has pros and cons compared to your method, but an interesting comparison. | ||
| ▲ | ddelnano 2 days ago | parent [-] | |
The approach you describe above is common for similar projects: - Pixie (https://px.dev) -- which I contribute to - Beyla (https://github.com/grafana/beyla) - Coroot (https://github.com/coroot/coroot) If you are interested in the details and how the strategy for this tracing has evolved, you can learn more in this blog (https://blog.px.dev/ebpf-tls-tracing-past-present-future/). | ||