logo
allArticlesConferencesPresentations

eBPF on the Rise - Getting Started

Conference:  KubeCon + CloudNativeCon Europe 2021

Authors:   Quentin Monnet

Summary

EBPF is a versatile, safe, and efficient programmability tool that can be used to solve real-world production problems in cloud-native environments. It is being used by big companies like Facebook, Netflix, and Google for tracing, monitoring, network processing, and security purposes. EBPF is a thriving ecosystem with a buzzing community behind it, and it is on the rise as more and more parts of the kernel might rely on it in the future.
  • EBPF is safe, efficient, and versatile
  • EBPF is being used by big companies for tracing, monitoring, network processing, and security purposes
  • EBPF is a thriving ecosystem with a buzzing community behind it
  • EBPF is on the rise as more and more parts of the kernel might rely on it in the future
One example of how EBPF can be leveraged to implement advanced features in cloud-native environments is Selium's optimized data path and network policies. By using EBPF, Selium was able to gain flexibility and avoid security issues while processing packets, leading to significant gains in performance.

Abstract

eBPF is rising as an essential component for observability and networking programmability on Linux and in containers. Due to its performance, flexibility, and scalability, Liz Rice listed it as one of the five CNCF technologies to watch for 2021! In an opportunity to fully comprehend its potential, this introduction will help you get started with eBPF. First, the core architecture. What is an eBPF program? How to attach and run it safely in the kernel, and most importantly, what for? And what are the other components of the eBPF subsystem? Come and learn the basics. Then, augment your toolbox with utilities to manipulate eBPF objects. Inspect, debug or trace with bpftool, bcc tools, bpftrace, or libbpf and its Golang equivalent. Equipped with knowledge and tools, here you come, now prepared to instrument clusters with eBPF! Before you go load-balancing traffic and chasing metrics, the last part focuses on eBPF's benefits for cloud-native environments. Ready to surf the eBPF wave?
Materials:
Slides
Tags:

Post a comment

Related work

Cloud Native Superpowers with eBPF

Conference:  KubeCon + CloudNativeCon North America 2021
Authors: Liz Rice
2021-10-14

Securing the Superpowers: Who Loaded That EBPF Program?

Conference:  Cloud Native SecurityCon North America 2023
Authors: John Fastabend, Natalia Reka Ivanko

eBPF, I thought we were friends !

Conference:  Defcon 29
Authors:
2021-08-01

"My CNI Plugin Did… What?!": Debugging CNI with Style and Aplomb

Conference:  KubeCon + CloudNativeCon Europe 2022
Authors: Daniel Mellado, Doug Smith
2022-05-20

With Friends Like eBPF, Who Needs Enemies?

Conference:  BlackHat USA 2021
Authors:
2021-08-05

🚨 ContribFest: Prometheus - Hands-on Development and Contribution Workshop (Limited Availability; First-Come, First

Conference:  KubeCon + CloudNativeCon Europe 2023
Authors: Bartłomiej Płotka, Gouthan Veeramachaneni
2023-04-21