LFX mentorship and Me
Hii, Finally I Got Graduated from Both LFX mentorship and My Engineering. So 31 May was my last day for LFX mentorship and 30 May was my last paper of Engineering.
In this Blog Post, I’m going to share My Experience working as an LFX mentee at KubeArmor.For a bit of context, I already wrote one Blog where I shared my journey of getting selected as an LFX mentee. I will highly recommend giving it a read and then continuing with this Blog.
What is KubeArmor?
KubeArmor is a cloud-native runtime security enforcement system that restricts the behavior (such as process execution, file access, and networking operation) of containers and nodes (VMs) at the system level.
After reading the definition you might have got the gist of what exactly KubeArmor is as it provides Runtime security enforcement by stopping the actions that the malicious attacker is trying to perform. Under the Hood, KubeArmor uses LSM(Linux security modules) like AppArmor or SELinux and in the near future, BPF-LSM is going to be Implemented.
So to sum it up
Currently, KubeArmor uses eBPF for observing and SELinux and AppArmor for blocking.
KubeArmor Community is in the process to implement blocking i.e. security enforcement through eBPF using BPF LSM
If you want to know more about KubeArmor checkout the Readme page.
What did I work on?
Now when I got selected as the LFX mentee for KubeArmor Project my first task was to set up the KubeArmor project for Development which I completed earlier thanks to Rahul, Barun, and other folks.
One thing I did like to mention when I was trying to setup KubeArmor for the first time I was using windows 10 and thought I can set it up using VM but it didn’t work due to RAM constraints as I was having only 8 GB of RAM.So now another options for me was to Dual Boot and that’s what I did I was happy that I switch to Ubuntu because from the long time I was just procastining about switching to ubuntu.
My task was to work on KubeArmor-client which is a CLI for KubeArmor. I have to extend the filtering options that were already there. During my initial meeting with mentors, we discuss how we should go working on this issue whereas Rahul suggested I go with some easy filtering options as this will also help me understand the Codebase.
KubeArmor uses gRPC to send the data to the user. Telemetry looks like this.
I have to add the filtering options to karmor log command based on all the fields that we are getting from the telemetry so I added filtering options for the namespace, operations, logType,containerName,podsName, resource, source.
Regex can also be used for all these flags.
After that, I have to add the limit flag which will stop the gRPC client as the specified number of logs are shown.
The last filtering option that needs to be added was the selector flag to filter the logs based on the pod's Labels, so earlier Kubearmor logs were not having the label fields when I started working on this issue. So to filter the logs based on labels I used client-go. But after some time the label fields were added to protobuf and this made my task much easier to Implement the label filtering options.
I added all the filtering options that were required. You can check the issue here
My learnings
Working as an LFX mentee helped me learn a lot about many things. First was the Golang. Though I was already knowing Golang when I was selected as a mentee for this project working with limit flag helped me learn more about Go concurrency. I also got a chance to work with the client-go repo. For me, the most interesting and fun part was learning about security concepts like LSM and eBPF. This project introduced me to eBPF and cilium after that I started learning more about it and which eventually get me to learn more about Linux kernel network stack and many other things like BCC(BPF Compiler Collection), “cilium/ebpf”, hubble, tetragon, etc.
Conclusion
My overall experience was very good. I always dreamed of getting selected as an LFX mentee and finally when it was true I was very happy and excited to work on the OpenSource project now I’m looking to continue working on this awesome technology and keep contributing to OpenSource Projects.
A huge shout-out to my mentors Rahul and Barun who helped me during this journey.
I hope you like reading this Blog. If you are new to Opensource and looking to start your OpenSource Journey I will highly recommend you to apply for the LFX mentorship program even if you don’t have 100% required skills for that project just give it a try and you never know :)
If you have any queries. Feel free to reach out on Twitter , LinkedIn
