eBPF 201: Supercharging Your eBPF Dev Process for Cloud Native Apps

The presentation provides guidelines for dev and ops teams to build and deploy production-ready cloud-native applications that use eBPF technology.

• eBPF technologies are rapidly gaining use within the cloud-native technology stack
• The presentation focuses on providing guidelines for building production-ready cloud-native eBPF software projects
• The presentation covers available programming models, tool chains, understanding portability and maintainability, and designing for operational requirements
• The presentation provides demos and code walkthroughs of sample eBPF programs that illustrate the use of best practice recommendations
• The presentation also discusses challenges and solutions for using BPF programs in a Kubernetes environment

The presenter mentions that BPF programs can only be installed if you have cat BPF and sometimes need several other elevated privileges as well. Giving too many containers full privileged access defeats security goals in a Kubernetes cluster. To tackle these problems, a tool called bpfd is being developed by the Emerging Tech Team at Red Hat, which aims to be a system-level demon that installs BPF programs into the kernel on your behalf and has a grpc API so that you can provide visibility and debugging related problems.

eBPF technologies are rapidly gaining use within the cloud native technology stack. These technologies are relevant across diverse cloud native projects and parts of the technology stack ranging from networking to application monitoring and from security to storage. Yet this space is still evolving and knowledge about good development practices is highly scattered and uncommon. Most educational content in this space focusses on the "What is eBPF" question and very little if any goes to the next step of documenting best practices and guidelines for an entire team to build production ready cloud native eBPF software projects. In this talk we provide some guidelines for dev and ops teams to build and deploy production ready cloud native applications that use eBPF technology. We cover available programming models, tool chains and their pros and cons, understanding portability and maintainability across multiple kernel versions and execution environments and designing for operational requirements. We will then provide demos and code walkthrough of sample eBPF programs that illustrate the use of some of these best practice recommendations. The audience will leave with a good understanding of best practices for teams building the many cloud native projects that use eBPF technology.