UPDATE: November 24 2020, Splunk acquires FlowMill… Geez… how will this be integrated ? adding to Frankenstein’s monster, reference to my previous post, link here.
I started following FlowMill with the following obersvations:
- Instruments existing process as exposed by eBPF
- agent based that exposes eBPF, from Linux kernel
- CentOS, Red Hat: 7.6+ Ubuntu: 16.04+
- Linux kernels: 4.4+
What does FLowMill :
- Fire fighting
- Automate and semi-automate and mitigate system issue
– Automate live architecture flow, aka real-time architecture mapping
– Service Degradation
– No development technology impediments, e.g. platform independent leveraging what the operating system support. Thus has a small overhead to deploy, and does not require code implementation changes…
– Can get service metric from API’s and externals services.
– CON – no application level error codes, e.g. non 200 error codes as typically noticed in app services. However they claim using user probes augments this gap.
– Flow Collection, and Flow Analysis
– CONN: OS verses container correlation, k8s UID is mapped similar kernal
Want to learn more?
Please book time with me, directly, or via these advisory networks:
AlphaSights, GLG, Taconic