eBPF Data Plane Deep Dive / Custom seccomp profiles with Inspektor Gadget

Cloud Native Berlin

Dec 14, 2021, 5:00 – 6:30 PM

Virtual event

Cloud Native Computing Berlin Meetup is happy to host Tigera's developer advocate, Chris Tomkins, and Microsoft's software engineer, Jose Blanquicet.

About this event


"eBPF Data Plane Deep Dive", Chris Tomkins

Abstract: Are you always curious? Then let’s take the lid off a cluster running the Calico eBPF data plane and see what’s going on in there.

You will learn:

* The theory of a packet walk through a cluster running the Calico eBPF data plane

* How to see the real thing on a cluster running Calico eBPF

* How to use available tools for diagnostics or to gain visibility of Calico’s eBPF data plane


“Generating custom seccomp profiles with Inspektor Gadget”, Jose Blanquicet

Abstract: Using a custom seccomp profile is one of the most recommended ways to increase the security of our Kubernetes workload. However, to be able to do that, we need to know all the system calls that our application uses during its whole life cycle, which is not a simple task.

By default, Kubernetes asks the container runtime to create a container using the `Unconfined` seccomp profile, meaning that seccomp is disabled. Such default behavior ensures that our application will run without problems, but it leaves the containers exposed to remote code execution vulnerabilities.

During this talk, we are going to show how to use Inspektor Gadget to identify all the system calls used by an application and how to generate a custom seccomp profile that ensures it will continue working as intended and with the exact privileges it requires.


  • Chris Tomkins


    Developer Advocate

  • Jose Blanquicet


    Software Engineer



Tuesday, December 14, 2021
5:00 PM – 6:30 PM UTC


Event Host
Chris Tomkins
Jose Blanquicet


  • Aleksandra Nadolski



  • Benazir Khan


    Event and Community Coordinator