Requirements

    Kernel Requirements (per gadget)

    Inspektor Gadget uses eBPF to obtain the insights it provides. The different gadgets provided use different eBPF capabilities. The capabilities available depend on the version of the kernel running in the node, as well as whether or not the kernel has BTF enabled (via CONFIG_DEBUG_INFO_BTF=y).

    The gadgets implementation relies on Compile Once - Run Everywhere (CO-RE) approach. These tools need to have BTF information. This information is collected from three different sources, a fallback mechanism is implemented to try another source if the previous one was not available.

    1. The kernel already exposes it through /sys/kernel/btf/vmlinux: the kernel was compiled with CONFIG_DEBUG_INFO_BTF).
    2. It’s available in the gadget container image: we ship the BTF information for some well known kernel versions using BTFGen .
    3. It’s downloaded from BTFHub .

    In case your kernel does not support CO-RE, we advise you to use an older version of Inspektor Gadget which provides BCC gadget like v0.21.0-bcc

    Required Kernel Versions and CONFIG_*

    This section summarizes the kernel versions and features that are required to run the gadgets. This has been generated by testing different Ubuntu versions and their shipped kernels, hence it’s possible that some gadgets work in older kernels than the one mentioned here.

    All gadgets require the following:

    1. CONFIG_BPF=y
    2. CONFIG_BPF_SYSCALL=y.
    3. CONFIG_DEBUG_INFO_BTF=y if the host kernel is not supported by BTFHub.

    For all gadgets, the minimum kernel version and additional needed CONFIG_* are listed in the following table:

    Gadget Minimum Kernel Additional CONFIG_*
    advise network-policy U.U
    advise seccomp-profile U.U
    audit seccomp 5.4 KPROBES
    profile block-io U.U
    profile cpu U.U
    profile tcprtt U.U KPROBES
    snapshot process 5.10
    snapshot socket 5.10
    top block-io U.U KPROBES
    top file 5.4 KPROBES
    top tcp U.U KPROBES
    trace bind 5.4 KPROBES, KRETPROBES
    trace capabilities U.U KPROBES
    trace dns 5.4
    trace exec 5.4 FTRACE_SYSCALLS
    trace fsslower 5.4 KPROBES, KRETPROBES
    trace mount U.U FTRACE_SYSCALLS
    trace oomkill 5.4 KPROBES
    trace open 5.4 FTRACE_SYSCALLS
    trace signal 5.4 FTRACE_SYSCALLS
    trace sni U.U
    trace tcp U.U
    trace tcpconnect 5.8 KPROBES, KRETPROBES
    trace tcpdrop 5.17
    trace tcpretrans 4.15
    script 4.9
    traceloop 4.15 KPROBES

    If the kernel version is U.U, it means we do not have this information at the moment.

    Kubernetes Platform Requirements

    Kubernetes platforms Support
    Minikube ✔️
    AKS, EKS, GKS ✔️
    AWS Fargate, Azure Containers instances, GKE Autopilot ❌ (see #1320 )
    OpenShift ✔️
    Talos ❌ (see #1934 )

    Container Runtime Requirements

    Orchestrator Container manager Container runtime Support
    docker containerd runc ✔️
    nerdctl containerd runc ✔️
    Kubernetes containerd runc ✔️
    Kubernetes containerd wasm ❌ (see #1899 )
    Kubernetes containerd katacontainers
    Kubernetes CRI-O runc / crun Kubernetes v1.20+ (see below )
    Podman (root) podman runc / crun ✔️
    Podman (rootless) podman runc / crun Only with Podman API enabled (see below )

    CRI-O

    We only support CRI v1 meaning that only CRI-O v1.20+ (compatible with Kubernetes v1.20+) is supported.

    Podman (rootless)

    We use Podman API to trace containers. In case we want trace rootless containers, we need to ensure that the Podman API is available via socket as:

    $ systemctl start --user podman.socket
# use rootless Podman API socket i.e /run/user/USERID#/podman/podman.sock
$ sudo ig -r podman --podman-socketpath /run/user/$UID/podman/podman.sock list-containers
$ sudo ig -r podman --podman-socketpath /run/user/$UID/podman/podman.sock snapshot process
    Edit this page File documentation issue