Upgrade to PRO for Only $50/Year—Limited-Time Offer! 🔥

eBPF in Microservices Observability

Avatar for JBD JBD
August 18, 2021
Programming
1
1.7k

eBPF in Microservices Observability

Avatar for JBD

JBD

August 18, 2021
Tweet

More Decks by JBD

See All by JBD
eBPF in Microservices Observability at eBPF Day
Avatar for JBD rakyll
1
2.2k
OpenTelemetry at AWS
Avatar for JBD rakyll
1
1.9k
Debugging Code Generation in Go
Avatar for JBD rakyll
5
1.6k
Are you ready for production?
Avatar for JBD rakyll
8
2.9k
Servers are doomed to fail
Avatar for JBD rakyll
3
1.5k
Serverless Containers
Avatar for JBD rakyll
1
260
Critical Path Analysis
Avatar for JBD rakyll
0
650
Monitoring and Debugging Containers
Avatar for JBD rakyll
2
1.1k
CPDD
Avatar for JBD rakyll
0
4.2k

Other Decks in Programming

See All in Programming
MAP, Jigsaw, Code Golf 振り返り会 by 関東Kaggler会|Jigsaw 15th Solution
Avatar for s.konishi hasibirok0
0
210
[堅牢.py #1] テストを書かない研究者に送る、最初にテストを書く実験コード入門 / Let's start your ML project by writing tests
Avatar for Shunsuke KITADA shunk031
11
6.7k
AIと協働し、イベントソーシングとアクターモデルで作る後悔しないアーキテクチャ Regret-Free Architecture with AI, Event Sourcing, and Actors
Avatar for Tomohisa Takaoka tomohisa
5
18k
Reactive Thinking with Signals and the new Resource API
Avatar for Manfred Steyer manfredsteyer
PRO
0
160
All(?) About Point Sets
Avatar for hole hole
0
260
「文字列→日付」の落とし穴 〜Ruby Date.parseの意外な挙動〜
Avatar for sg4k0 sg4k0
0
360
Combinatorial Interview Problems with Backtracking Solutions - From Imperative Procedural Programming to Declarative Functional Programming - Part 1
Avatar for Philip Schwarz philipschwarz
PRO
0
120
Level up your Gemini CLI - D&D Style!
Avatar for Riccardo Carlesso palladius
1
160
Rediscover the Console - SymfonyCon Amsterdam 2025
Avatar for Robin Chalas chalasr
2
130
DSPy Meetup Tokyo #1 - はじめてのDSPy
Avatar for Masahiro Nishimi masahiro_nishimi
1
150
tparseでgo testの出力を見やすくする
Avatar for utagawa kiki utgwkk
1
120
ローターアクトEクラブ アメリカンナイト:川端 柚菜 氏(Japan O.K. ローターアクトEクラブ 会長):2720 Japan O.K. ロータリーEクラブ2025年12月1日卓話
Avatar for 2720 Japan O.K. ロータリーEクラブ 2720japanoke
0
400

Featured

See All Featured
The Language of Interfaces
Avatar for Des Traynor destraynor
162
25k
How To Stay Up To Date on Web Technology
Avatar for Chris Coyier chriscoyier
791
250k
Designing for humans not robots
Avatar for Tammie Lister tammielis
254
26k
Music & Morning Musume
Avatar for Bryan Veloso bryan
46
7k
YesSQL, Process and Tooling at Scale
Avatar for Rocio Delgado rocio
174
15k
Building Applications with DynamoDB
Avatar for Matt Wood mza
96
6.8k
A Modern Web Designer's Workflow
Avatar for Chris Coyier chriscoyier
697
190k
Dealing with People You Can't Stand - Big Design 2015
Avatar for Cassini Nazir cassininazir
367
27k
The Illustrated Children's Guide to Kubernetes
Avatar for Chris Short chrisshort
51
51k
GraphQLとの向き合い方2022年版
Avatar for Yosuke Kurami quramy
49
14k
Bash Introduction
Avatar for André Augusto Costa Santos 62gerente
615
210k
Practical Orchestrator
Avatar for Shlomi Noach shlominoach
190
11k

Transcript

  1. @rakyll eBPF in Microservices Observability Jaana Dogan Principal Engineer, AWS

    [email protected]

  2. @rakyll About me • Not a Linux developer. • Working

    on monitoring, observability and performance. • Multi-tenancy and microservices focus.

  3. @rakyll

  4. @rakyll How does eBPF work? process JIT compiler Verifier Sockets

    TCP/IP BPF Maps code (accessible from the user space)

  5. @rakyll Where can eBPF hook into? - Kernel and user

    functions - System calls - Network events - Kernel tracepoints

  6. @rakyll Challenges in microservices

  7. @rakyll Challenges in microservices We don’t just monitor VMs or

    processes. We monitor critical paths.

  8. @rakyll What’s next? service service database storage service

  9. @rakyll What’s next? service service database storage service

  10. @rakyll Challenges in microservices Context matters. Downstream stack don’t have

    context.

  11. @rakyll What’s next? process Linux kernel process process M:N Problem

  12. @rakyll What’s next? process Linux kernel process process RPCs M:N

    Problem

  13. @rakyll What’s next? process Linux kernel process process RPCs container

    container M:N Problem

  14. @rakyll What’s next? process Linux kernel process process RPCs container

    container Kubernetes pod, ECS task M:N Problem

  15. @rakyll Challenges in microservices We initially debug RPCs. We debug

    functions or syscalls secondarily.

  16. @rakyll Challenges in microservices Too much data. Need runtime controls

    to modify the collection.

  17. @rakyll Challenges in microservices Instrumentation is a two-year roadmap. Data

    is not consistent.

  18. @rakyll Networking observability is core. Out of the box instrumentation

    is essential. Extensibility in runtime is critical. Decoration and enrichment is needed.

  19. @rakyll How does eBPF help?

  20. @rakyll Network Diagnostics TCP, UDP, HTTP, gRPC metrics Inspect protocols

    (MySQL, Postgres, ...)

  21. @rakyll Service Maps

  22. @rakyll Distributed Traces Automatically create request span if a trace

    header is present. GET /users HTTP/1.1 Host: users.service Accept-Encoding: gzip, deflate Connection: Keep-Alive Traceparent: 00-4bf92f3577b34da6a3ce929d0e0e4736-00f067aa0ba902b7-01

  23. @rakyll Fleet-wide Profiling context kernel

  24. @rakyll Decorating with Context eBPF agent process JIT compiler Verifier

    Sockets TCP/IP BPF Maps API Server

  25. @rakyll Runtime Extensibility eBPF agent process JIT compiler Verifier Sockets

    TCP/IP BPF Maps code

  26. @rakyll Examples - Cillium/Hubble - Pixie - Flowmill

  27. @rakyll What’s next? - High level language to write probes.

    - Make eBPF agents widely available. - More platforms supporting eBPF. - Reusable eBPF event processing.

  28. @rakyll Thank you Jaana Dogan [email protected]