https://brainbit.uk/tags/eks/Recent content in EKS on BrainBit Latest ArticlesHugo -- gohugo.ioen-usTue, 02 Nov 2021 00:00:00 +0000https://brainbit.uk/posts/pwru/Tue, 02 Nov 2021 00:00:00 +0000https://brainbit.uk/posts/pwru/PWRU (Packet Where Are you) Taken from the their github repo https://github.com/cilium/pwru : “pwru is an eBPF-based tool for tracing network packets in the Linux kernel with advanced filtering capabilities. It allows fine-grained introspection of kernel state to facilitate debugging network connectivity issues.” So it is a tool that attach a bunch of kprobes to specific kernel functions or interfaces I’m not so sure and it shows places in the kernel data path that a given packet traverseshttps://brainbit.uk/posts/cilium-tls-inspection/Sat, 11 Sep 2021 00:00:00 +0100https://brainbit.uk/posts/cilium-tls-inspection/TLS in simple terms When your browser verifies a TLS certificate , it checks for expiration , domains , sans etc… but the most important thing it does is it verifies that the certificate has been signed by a CA (Certificate Authority ) it (the browser) trusts. These CAs are a bunch of arbitrary organisations that are allowed to sign certificate requests etc. A self-signed certificate , in general terms , is as valid as a certificate singed by a CA , the main difference is that is not signed by a CA that is trusted by the browser.