In this blog post, we’ll review how to run Linux profilers such as perf and produce flame graphs on Kubernetes environments.
Flame graphs are a graphical representation of function calls. It shows which code paths are more busy on the CPU in given samples. They can be generated with any OS profiler that contains stack traces such as perf, eBPF, and SystemTap.
An example of a flame graph can be found below:
Each box is a function in the stack, and wider boxes mean more time the system was busy on CPU on these functions.
In Linux, by default, performance system events can’t be collected by unprivileged users. In regular environments, this can be easily worked around by running the profiler with a sudo privilege.
On the other hand, in Kubernetes environments, pods are the smallest deployable unit that consists of one or more containers. Exploits are generally targeted to …[Read more]