The TCP protocol, responsible for approximately 90% of internet traffic, remains a critical yet opaque component of the Linux kernel. Understanding its runtime behavior is essential for diagnosing performance bottlenecks and optimizing network applications. This research presents a comprehensive analysis of TCP kernel internals using eBPF (extended Berkeley Packet Filter) instrumentation across three distinct workload patterns: bulk transfer (iperf3), database operations (Redis), and simple connectivity (Netcat). We developed and deployed eBPF kprobes targeting five crucial TCP subsystems: packet receive path (tcp_v4_rcv), state machine transitions (tcp_state_process), connection establishment (tcp_v4_connect), congestion control management (tcp_congestion_control), and CUBIC algorithm internals (tcp_cubic). Using the KernMLOps framework, we collected and analyzed over 15,000 kernel events per workload, capturing fine-grained metrics including branch decisions, state transitions, congestion window dynamics, and RTT measurements with nanosecond precision. Our analysis revealed several significant findings. First, we discovered an unexpected congestion control anomaly where 100% of connections remained locked in the slow start phase with a fixed congestion window of 10 packets, never progressing to congestion avoidance—suggesting fundamental differences in how local loopback traffic exercises TCP algorithms compared to WAN scenarios. Second, we observed workload-specific behavioral patterns: Redis achieved 99.7% fast path efficiency with minimal packet drops (0.04%), while iperf3 showed higher slow path usage (3.5%) and connection establishment failures, resulting in health scores of 89.6 and 70.0 respectively. Third, we identified consistent kernel traversal patterns with approximately 4 events per packet across all workloads, demonstrating predictable code path execution despite varying application characteristics. These findings have important implications for TCP performance analysis and optimization. The congestion control limitations in local testing environments suggest that conventional benchmarking approaches may not fully exercise TCP mechanisms designed for wide-area networks. Our eBPF-based methodology successfully captured previously unobservable kernel behaviors, providing a reproducible framework for TCP introspection. This work contributes to the growing body of kernel observability research and offers practical insights for system administrators and kernel developers working to optimize TCP performance in containerized and cloud environments. Future work will extend this analysis to WAN traffic patterns and investigate the impact of kernel configuration parameters on congestion control progression.