github.com/inspektor-gadget/inspektor-gadget@v0.28.1/docs/getting-started/requirements.md (about) 1 --- 2 title: Requirements 3 weight: 110 4 description: > 5 Requirements for running Inspektor Gadget. 6 --- 7 8 ## Kernel Requirements (per gadget) 9 10 Inspektor Gadget uses eBPF to obtain the insights it provides. The 11 different gadgets provided use different eBPF capabilities. The 12 capabilities available depend on the version of the kernel running in the 13 node, as well as whether or not the kernel has 14 [BTF](https://www.kernel.org/doc/html/latest/bpf/btf.html) enabled (via 15 `CONFIG_DEBUG_INFO_BTF=y`). 16 17 The gadgets implementation relies on Compile Once - Run Everywhere (CO-RE) 18 approach. 19 These tools need to have BTF information. 20 This information is collected from three different sources, a fallback mechanism 21 is implemented to try another source if the previous one was not available. 22 23 1. The kernel already exposes it through `/sys/kernel/btf/vmlinux`: the 24 kernel was compiled with `CONFIG_DEBUG_INFO_BTF`). 25 2. It's available in the gadget container image: we ship the BTF 26 information for some well known kernel versions using 27 [BTFGen](https://github.com/kinvolk/btfgen). 28 3. It's downloaded from 29 [BTFHub](https://github.com/aquasecurity/btfhub/). 30 31 In case your kernel does not support CO-RE, we advise you to use an older 32 version of Inspektor Gadget which provides BCC gadget like 33 [`v0.21.0-bcc`](https://github.com/inspektor-gadget/inspektor-gadget/pkgs/container/inspektor-gadget/133259356?tag=v0.21.0-bcc) 34 35 ### Required Kernel Versions and `CONFIG_*` 36 37 This section summarizes the kernel versions and features that are required to 38 run the gadgets. This has been generated by testing different Ubuntu versions 39 and their shipped kernels, hence it's possible that some gadgets work in older 40 kernels than the one mentioned here. 41 42 All gadgets require the following: 43 44 1. `CONFIG_BPF=y` 45 2. `CONFIG_BPF_SYSCALL=y`. 46 3. `CONFIG_DEBUG_INFO_BTF=y` if the host kernel is not supported by BTFHub. 47 48 For all gadgets, the minimum kernel version and additional needed `CONFIG_*` are 49 listed in the following table: 50 51 | Gadget | Minimum Kernel | Additional `CONFIG_*` | 52 |--------------------------|-------------------------|-------------------------| 53 | `advise network-policy` | U.U | | 54 | `advise seccomp-profile` | U.U | | 55 | `audit seccomp` | 5.4 | `KPROBES` | 56 | `profile block-io` | U.U | | 57 | `profile cpu` | U.U | | 58 | `profile tcprtt` | U.U | `KPROBES` | 59 | `snapshot process` | 5.10 | | 60 | `snapshot socket` | 5.10 | | 61 | `top block-io` | U.U | `KPROBES` | 62 | `top file` | 5.4 | `KPROBES` | 63 | `top tcp` | U.U | `KPROBES` | 64 | `trace bind` | 5.4 | `KPROBES`, `KRETPROBES` | 65 | `trace capabilities` | U.U | `KPROBES` | 66 | `trace dns` | 5.4 | | 67 | `trace exec` | 5.4 | `FTRACE_SYSCALLS` | 68 | `trace fsslower` | 5.4 | `KPROBES`, `KRETPROBES` | 69 | `trace mount` | U.U | `FTRACE_SYSCALLS` | 70 | `trace oomkill` | 5.4 | `KPROBES` | 71 | `trace open` | 5.4 | `FTRACE_SYSCALLS` | 72 | `trace signal` | 5.4 | `FTRACE_SYSCALLS` | 73 | `trace sni` | U.U | | 74 | `trace tcp` | U.U | | 75 | `trace tcpconnect` | 5.8 | `KPROBES`, `KRETPROBES` | 76 | `trace tcpdrop` | 5.17 | | 77 | `trace tcpretrans` | 4.15 | | 78 | `script` | [4.9][1] | | 79 | `traceloop` | 4.15 | `KPROBES` | 80 81 If the kernel version is U.U, it means we do not have this information at the 82 moment. 83 84 [1]: https://github.com/iovisor/bpftrace/blob/master/INSTALL.md#linux-kernel-requirements 85 86 ## Kubernetes Platform Requirements 87 88 | Kubernetes platforms | Support | 89 |--------------------------------------------------------|-----------------------------------------------------------------------------------| 90 | Minikube | ✔️ | 91 | AKS, EKS, GKS | ✔️ | 92 | AWS Fargate, Azure Containers instances, GKE Autopilot | ❌ (see [#1320](https://github.com/inspektor-gadget/inspektor-gadget/issues/1320)) | 93 | OpenShift | ✔️ | 94 | Talos | ✔️ | 95 96 ## Container Runtime Requirements 97 98 | Orchestrator | Container manager | Container runtime | Support | 99 |-------------------|-------------------|-------------------|-----------------------------------------------------------------------------------| 100 | docker | containerd | runc | ✔️ | 101 | nerdctl | containerd | runc | ✔️ | 102 | Kubernetes | containerd | runc | ✔️ | 103 | Kubernetes | containerd | wasm | ❌ (see [#1899](https://github.com/inspektor-gadget/inspektor-gadget/issues/1899)) | 104 | Kubernetes | containerd | katacontainers | ❌ | 105 | Kubernetes | CRI-O | runc / crun | Kubernetes v1.20+ (see [below](#CRI-O)) | 106 | Podman (root) | podman | runc / crun | ✔️ | 107 | Podman (rootless) | podman | runc / crun | Only with Podman API enabled (see [below](#Podman-rootless)) | 108 109 ### CRI-O 110 111 We only support [CRI v1](https://github.com/kubernetes/cri-api/tree/master/pkg/apis/runtime/v1) meaning that 112 only [CRI-O](https://github.com/cri-o/cri-o) v1.20+ (compatible with Kubernetes v1.20+) is supported. 113 114 ### Podman (rootless) 115 116 We use [Podman API](https://docs.podman.io/en/latest/markdown/podman-system-service.1.html) to trace containers. In case 117 we want trace rootless containers, we need to ensure that the Podman API is available via socket as: 118 119 ```bash 120 $ systemctl start --user podman.socket 121 # use rootless Podman API socket i.e /run/user/USERID#/podman/podman.sock 122 $ sudo ig -r podman --podman-socketpath /run/user/$UID/podman/podman.sock list-containers 123 $ sudo ig -r podman --podman-socketpath /run/user/$UID/podman/podman.sock snapshot process 124 ```