feat: add Google Gemini AI provider + enhanced error handling + new correlation patterns

[sivaangayarkanni]

Problem statement

Currently, Kerno only supports a limited set of AI providers and has basic error handling when eBPF programs fail to load. Users who prefer Google Gemini cannot use it natively. Additionally, when eBPF loading fails, users get generic errors without clear guidance on how to fix them. The AI analysis also lacks several important correlation patterns that can help identify root causes faster.

Proposed solution

1. Add Google Gemini as a new AI provider (pure HTTP implementation, no SDK dependency)
2. Improve error handling by introducing a structured LoadError type with actionable hints and helper functions like IsPermissionError(), IsBTFError(), and IsVerifierError()
3. Add 3 new correlation patterns in AI analysis:
   • Memory + cgroup memory → container pressure
   • Scheduler + syscall → CPU contention
   • TCP + memory → network buffer exhaustion

All changes include proper tests and follow existing project conventions.

Alternatives considered

• Using the official Gemini SDK (rejected to keep consistency with current pure HTTP approach and avoid extra dependencies)
• Keeping generic error messages (rejected because it leads to poor user experience)
• Adding correlations only in deterministic rules (rejected because AI layer is better suited for cross-signal correlation)

Scope

Other

Affects Kubernetes deployment?

Yes — K8s-specific feature

Are you willing to contribute?

• I can implement this if guidance is provided
• I can test this once it's built
• I'm just suggesting the idea

[github-actions]

Welcome to Kerno, and thanks for opening your first issue! 🎉

A maintainer will triage this within 48 hours. While you wait:

• 📖 Read CONTRIBUTING.md if you'd like to send a fix
• 🩺 Try kerno doctor on your own host (the README quickstart takes < 60 s)
• 💬 Discussions for questions and design talk

Tip: if you can paste output of sudo ./bin/bpf-verify (or kerno preflight when it ships) we'll diagnose 90% faster.