Upgrade to Pro — share decks privately, control downloads, hide ads and more …

eBPF in Microservices Observability

JBD
August 18, 2021
Programming
1
1.7k

eBPF in Microservices Observability

JBD

August 18, 2021
Tweet

More Decks by JBD

See All by JBD
eBPF in Microservices Observability at eBPF Day
rakyll
1
2.1k
OpenTelemetry at AWS
rakyll
1
1.8k
Debugging Code Generation in Go
rakyll
5
1.5k
Are you ready for production?
rakyll
8
2.8k
Servers are doomed to fail
rakyll
3
1.5k
Serverless Containers
rakyll
1
240
Critical Path Analysis
rakyll
0
560
Monitoring and Debugging Containers
rakyll
2
1.1k
CPDD
rakyll
0
4.1k

Other Decks in Programming

See All in Programming
.NET Frameworkでも汎用ホストが使いたい!
tomokusaba
0
190
PHPのバージョンアップ時にも役立ったAST
matsuo_atsushi
0
220
『GO』アプリ バックエンドサーバのコスト削減
mot_techtalk
0
160
Rubyで始める関数型ドメインモデリング
shogo_tksk
0
140
仕様変更に耐えるための"今の"DRY原則を考える
mkmk884
9
3.1k
AIの力でお手軽Chrome拡張機能作り
taiseiue
0
190
Rubyと自由とAIと
yotii23
6
1.4k
Grafana Loki によるサーバログのコスト削減
mot_techtalk
1
140
How mixi2 Uses TiDB for SNS Scalability and Performance
kanmo
40
16k
コミュニティ駆動 AWS CDK ライブラリ「Open Constructs Library」 / community-cdk-library
gotok365
2
230
新宿駅構内を三人称視点で探索してみる
satoshi7190
2
120
PRレビューのお供にDanger
stoticdev
1
230

Featured

See All Featured
RailsConf & Balkan Ruby 2019: The Past, Present, and Future of Rails at GitHub
eileencodes
133
33k
Fireside Chat
paigeccino
34
3.2k
Put a Button on it: Removing Barriers to Going Fast.
kastner
60
3.7k
Unsuck your backbone
ammeep
669
57k
Building Better People: How to give real-time feedback that sticks.
wjessup
367
19k
Adopting Sorbet at Scale
ufuk
74
9.2k
Agile that works and the tools we love
rasmusluckow
328
21k
Responsive Adventures: Dirty Tricks From The Dark Corners of Front-End
smashingmag
251
21k
The Cult of Friendly URLs
andyhume
78
6.2k
Visualizing Your Data: Incorporating Mongo into Loggly Infrastructure
mongodb
45
9.4k
What’s in a name? Adding method to the madness
productmarketing
PRO
22
3.3k
The MySQL Ecosystem @ GitHub 2015
samlambert
250
12k

Transcript

  1. @rakyll eBPF in Microservices Observability Jaana Dogan Principal Engineer, AWS

    [email protected]

  2. @rakyll About me • Not a Linux developer. • Working

    on monitoring, observability and performance. • Multi-tenancy and microservices focus.

  3. @rakyll

  4. @rakyll How does eBPF work? process JIT compiler Verifier Sockets

    TCP/IP BPF Maps code (accessible from the user space)

  5. @rakyll Where can eBPF hook into? - Kernel and user

    functions - System calls - Network events - Kernel tracepoints

  6. @rakyll Challenges in microservices

  7. @rakyll Challenges in microservices We don’t just monitor VMs or

    processes. We monitor critical paths.

  8. @rakyll What’s next? service service database storage service

  9. @rakyll What’s next? service service database storage service

  10. @rakyll Challenges in microservices Context matters. Downstream stack don’t have

    context.

  11. @rakyll What’s next? process Linux kernel process process M:N Problem

  12. @rakyll What’s next? process Linux kernel process process RPCs M:N

    Problem

  13. @rakyll What’s next? process Linux kernel process process RPCs container

    container M:N Problem

  14. @rakyll What’s next? process Linux kernel process process RPCs container

    container Kubernetes pod, ECS task M:N Problem

  15. @rakyll Challenges in microservices We initially debug RPCs. We debug

    functions or syscalls secondarily.

  16. @rakyll Challenges in microservices Too much data. Need runtime controls

    to modify the collection.

  17. @rakyll Challenges in microservices Instrumentation is a two-year roadmap. Data

    is not consistent.

  18. @rakyll Networking observability is core. Out of the box instrumentation

    is essential. Extensibility in runtime is critical. Decoration and enrichment is needed.

  19. @rakyll How does eBPF help?

  20. @rakyll Network Diagnostics TCP, UDP, HTTP, gRPC metrics Inspect protocols

    (MySQL, Postgres, ...)

  21. @rakyll Service Maps

  22. @rakyll Distributed Traces Automatically create request span if a trace

    header is present. GET /users HTTP/1.1 Host: users.service Accept-Encoding: gzip, deflate Connection: Keep-Alive Traceparent: 00-4bf92f3577b34da6a3ce929d0e0e4736-00f067aa0ba902b7-01

  23. @rakyll Fleet-wide Profiling context kernel

  24. @rakyll Decorating with Context eBPF agent process JIT compiler Verifier

    Sockets TCP/IP BPF Maps API Server

  25. @rakyll Runtime Extensibility eBPF agent process JIT compiler Verifier Sockets

    TCP/IP BPF Maps code

  26. @rakyll Examples - Cillium/Hubble - Pixie - Flowmill

  27. @rakyll What’s next? - High level language to write probes.

    - Make eBPF agents widely available. - More platforms supporting eBPF. - Reusable eBPF event processing.

  28. @rakyll Thank you Jaana Dogan [email protected]