October 24, 2022 | Detroit, Michigan
View More DetailsRegistration Information

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for KubeCon + CloudNativeCon North America 2022 - Detroit, MI + Virtual and add this Co-Located event to your registration to participate in these sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

Please note: This schedule is automatically displayed in Eastern Daylight Time (EDT), UTC -4. To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date."

The schedule is subject to change.
Back To Schedule
Monday, October 24 • 11:15am - 11:45am
Tracing SSL/TLS Encrypted Microservices with eBPF - Dom Del Nano , Twitter

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
SSL/TLS adoption in the Cloud Native environments is growing rapidly. While great for security, the encryption in such environments pose a unique challenge for observability tools. Many traffic sniffing tools can only collect the encrypted data, which is of limited value to the application developer. Important attributes like the operation, the endpoint and the payload are undecipherable. To truly help in the troubleshooting process, application developers need to be able to see these messages and their contents. In this talk, we present how eBPF can be used to tracing SSL/TLS connections. The method we present is used by tools like BCC’s sslsniff and Pixie’s protocol tracer. Specifically, we cover how eBPF uprobes can be attached to popular SSL/TLS libraries, including OpenSSL, BoringSSL and goTLS. We show how eBPF enables us to collect clear text data directly from the TLS library, while discussing the challenges of tracing dynamically vs statically linked TLS libraries. Finally, we also present how this feature could help with improving application observability at some of the largest engineering organizations without disrupting their production environment.

avatar for Dom Del Nano

Dom Del Nano

Staff Site Reliability Engineer, Twitter
Dom is a Staff SRE and tech lead at Twitter working across Observability in the logging and metric spaces. He has helped to scale Twitter's internally developed time series database to 30B active time series. Prior to Twitter, Dom worked as a Production Engineer at Yelp where he discovered... Read More →

Monday October 24, 2022 11:15am - 11:45am EDT
Room 250 ABC Huntington Place: 1 Washington Blvd, Detroit, MI 48226