Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Cloud Native eBPF Superpowers

Liz Rice
June 02, 2021
Programming
0
220

Cloud Native eBPF Superpowers

Brendan Gregg called eBPF “Superpowers for Linux”, and in this talk Liz discusses why it’s a foundational technology for a new generation of cloud native operations tools, covering questions such as:
- What is eBPF?
- How is it unleashing a new wave of innovation?
- How does it enable detailed insights into application behaviour, without having to modify applications in any way?

Even if you’re not a Linux kernel aficionado you’ll leave this talk with an understanding of what eBPF is, and how it enables high-performance tools for connecting, managing and securing applications in the cloud.

Liz Rice

June 02, 2021
Tweet

More Decks by Liz Rice

See All by Liz Rice
Unleashing the kernel with eBPF
lizrice
0
11
eBPF's Abilities and Limitations: The Truth
lizrice
0
25
Simplifying multi-cloud and multi-cluster Kubernetes deployments with Cilium
lizrice
0
11
When is a Secure Connection not encrypted? And other stories
lizrice
1
17
Keeping it simple: Cilium Mesh - networking for multi-cloud Kubernetes and beyond
lizrice
1
460
How Many Proxies Do You Need
lizrice
1
100
eBPF for Security Observability
lizrice
0
1k
Beginner's Guide to eBPF Programming for Networking
lizrice
1
1.9k
Contributing to Open Source - what's in it for my business?
lizrice
0
35

Other Decks in Programming

See All in Programming
SwiftUI Performance 不要なViewの再描画と更新を抑える
bigamitiongit
1
160
CA.swift19 恋するAIアプリ開発の裏側
oskmr
0
350
コードレビューで学ぶ!Kotlinオブジェクト指向デザインパターン
akkie76
2
190
StoreKit2によるiOSのアプリ内課金のリニューアル
kangnux
0
110
Amazon SQSコンシューマー疎結合への旅 - 出張! #DevelopersIO IT技術ブログの中の人が語る勉強会 #3
quiver
0
210
冗長なエラーログを削減し、スタックトレースを手に入れる / Reducing Verbose Error Logs and Obtaining Stack Traces
upamune
0
110
1인 개발자로 행복하게 살기 - GDG 송도 헬로월드 2024
benjaminkim
1
5.6k
コーンフレークから始める モデリング会話入門
ogurotakayuki
0
340
Folding Cheat Sheet #3
philipschwarz
PRO
0
120
使ってみよう Azure AI Document Intelligence
kosmosebi
2
240
今、知っておきたい! 生成AIエージェントの世界
elith
3
350
What We Can Learn From OSS
inouehi
0
420

Featured

See All Featured
From Idea to $5000 a Month in 5 Months
shpigford
377
45k
Fight the Zombie Pattern Library - RWD Summit 2016
marcelosomers
226
16k
Clear Off the Table
cherdarchuk
83
310k
Six Lessons from altMBA
skipperchong
20
3k
We Have a Design System, Now What?
morganepeng
42
6.7k
Navigating Team Friction
lara
177
13k
The Straight Up "How To Draw Better" Workshop
denniskardys
227
130k
Principles of Awesome APIs and How to Build Them.
keavy
120
16k
A designer walks into a library…
pauljervisheath
199
23k
How GitHub Uses GitHub to Build GitHub
holman
468
290k
How GitHub (no longer) Works
holman
304
140k
Git: the NoSQL Database
bkeepers
PRO
422
63k

Transcript

  1. Liz Rice Chief Open Source Officer, Isovalent Chair, CNCF Technical

    Oversight Committee @lizrice eBPF  Superpowers for Networking, Observability & Security

  2. @lizrice extended Berkeley Packet Filter What is eBPF?

  3. @lizrice Makes the kernel programmable What is eBPF?

  4. @lizrice userspace kernel app eBPF program event Run custom code

    in the kernel

  5. @lizrice demo github.com/lizrice/ebpf-beginners

  6. @lizrice SEC("kprobe/sys_execve") int hello(void *ctx) { bpf_printk("I'm alive!"); return 0;

    } eBPF Hello World $ sudo ./hello bash-20241 [004] d... 84210.752785: 0: I'm alive! bash-20242 [004] d... 84216.321993: 0: I'm alive! bash-20243 [004] d... 84225.858880: 0: I'm alive! Info about process that called execve syscall + userspace code to load eBPF program

  7. @lizrice Programmable kernel in Kubernetes land

  8. @lizrice userspace kernel pod container pod container container One kernel

    per host

  9. @lizrice userspace kernel app app pods networking access files create

    containers One kernel per host

  10. @lizrice userspace kernel app app pods networking access files create

    containers Kernel aware of everything on the host

  11. @lizrice userspace app kernel app pods networking access files create

    containers eBPF programs can be aware of everything

  12. @lizrice demo Kubernetes-aware network flows

  13. @lizrice

  14. @lizrice eBPF apps have a view across the entire node

  15. @lizrice eBPF apps have a view across the entire node

    enabling network efficiency

  16. @lizrice host pod app socket veth veth eth0 iptables conntrack

    iptables INPUT Linux routing iptables PREROUTING mangle iptables conntrack iptables FORWARD Linux routing iptables PREROUTING nat iptables POSTROUTING mangle iptables PREROUTING mangle iptables POSTROUTING nat

  17. @lizrice host pod app socket veth veth eth0 iptables conntrack

    iptables INPUT Linux routing iptables PREROUTING mangle Linux routing

  18. @lizrice Cilium eBPF Receive path) https://cilium.io/blog/2021/05/11/cni-benchmark

  19. @lizrice TCP RR  higher is better https://cilium.io/blog/2021/05/11/cni-benchmark

  20. @lizrice eBPF apps have a view across the entire node

  21. @lizrice eBPF apps have a view across the entire node

    without any app or config changes

  22. @lizrice - Nathan LeClaire @dotpem

  23. @lizrice userspace pod container sidecar container A sidecar has a

    view across one pod

  24. @lizrice userspace pod container sidecar container my-app.yaml containers: - name:

    my-app ... - name: my-app-init … - name: my-sidecar ... Sidecars need YAML

  25. @lizrice userspace pod container container my-app.yaml containers: - name: my-app

    ... - name: my-app-init … eBPF does not need any app changes kernel

  26. @lizrice eBPF in cloud native

  27. @lizrice Process visibility

  28. @lizrice eBPF makes the Linux kernel programmable

  29. @lizrice Not just for Linux... Not just for Linux...

  30. ebpf.io | cilium.io | isovalent.com @lizrice Thank you