Inspektor Gadget is a framework that leverages eBPF to collect data and inspect Kubernetes clusters and Linux hosts for enhanced security and observability.
Inspektor Gadget is a set of tools and framework for data collection and system inspection on Kubernetes clusters and Linux hosts using eBPF
This tool is primarily used by security and operations teams to perform intrusion detection, automate security tasks, and monitor network activity within Kubernetes environments and Linux hosts. It enables deep system inspection through eBPF programs packaged as Gadgets, facilitating real-time observability and security enforcement.
Ensure your Kubernetes cluster or Linux host supports eBPF and has the necessary kernel version for optimal functionality. Use security features to restrict which Gadgets are allowed to run to maintain cluster security. The tool supports WebAssembly for flexible data processing, enabling customization with any WASM-supported language.
Install kubectl plugin manager krew (https://krew.sigs.k8s.io/docs/user-guide/setup/install/)
Install Inspektor Gadget CLI via krew: kubectl krew install gadget
Deploy Gadgets to Kubernetes clusters using kubectl gadget commands
Alternatively, use provided OCI images to run Gadgets on Linux hosts
Refer to official documentation for advanced deployment and configurationkubectl gadget trace_open
Triggers a Gadget that monitors file open events on the system.
kubectl gadget
Main CLI command to interact with Inspektor Gadget, managing Gadgets lifecycle and data collection.