Upgrade to Pro — share decks privately, control downloads, hide ads and more …

eBPF入門 /eBPF-getting-started

Avatar for Takuma Kume Takuma Kume
December 16, 2017
Technology
6
6.6k

eBPF入門 /eBPF-getting-started

KIXS vol.006 LT 10 min
https://kixs.connpass.com/event/69643/

ブログ
https://takumakume.tech/blog/2017-12-18-ebpf-getting-started/
Avatar for Takuma Kume

Takuma Kume

December 16, 2017
Tweet

More Decks by Takuma Kume

See All by Takuma Kume
SRE/インフラエンジニアの市場価値とキャリアパス/Market value and career path for SRE-infrastructure engineers
Avatar for Takuma Kume takumakume
2
640
【新卒研修】共通言語としてのSRE/SRE as a common language
Avatar for Takuma Kume takumakume
0
150
DDoSとの終わりなき戦い2025/endless_battle_with_ddos_attack_2025
Avatar for Takuma Kume takumakume
2
100
事業部CTOの現在地(パネルディスカッション)/Current-location-of-Division-CTO
Avatar for Takuma Kume takumakume
0
100
ロリポップ! for Gamersを支えるインフラ/lolipop for gamers infrastructure
Avatar for Takuma Kume takumakume
0
790
ロリポップ! for Gamersの立ち上げ/lolipop for gamers launch
Avatar for Takuma Kume takumakume
0
2.3k
ホモグラフドメインを検出してみた/detect homograph domain
Avatar for Takuma Kume takumakume
0
580
ソフトウェアの継続的アップデートをコンテナ化によって加速させる/Accelerate continuous software updates with containerization
Avatar for Takuma Kume takumakume
0
5.1k
KubernetesにおけるSBOMを利用した脆弱性管理/Vulnerability_Management_with_SBOM_in_Kubernetes
Avatar for Takuma Kume takumakume
1
2.4k

Other Decks in Technology

See All in Technology
AWS テクニカルサポートとエンドカスタマーの中間地点から見えるより良いサポートの活用方法
Avatar for kazzpapa3 kazzpapa3
2
540
GeminiとNotebookLMによる金融実務の業務革新
Avatar for abenben abenben
0
230
~宇宙最速~ 2025年AWS Summit レポート
Avatar for sleepingsato satodesu
1
1.8k
BigQuery Remote FunctionでLooker Studioをインタラクティブ化
Avatar for CUEBiC Inc. cuebic9bic
3
300
Microsoft Build 2025 技術/製品動向 for Microsoft Startup Tech Community
Avatar for Toru Makabe torumakabe
2
270
標準技術と独自システムで作る「つらくない」SaaS アカウント管理 / Effortless SaaS Account Management with Standard Technologies & Custom Systems
Avatar for Yuya Takeyama yuyatakeyama
3
1.2k
2025-06-26_Lightning_Talk_for_Lightning_Talks
Avatar for hashimo2 _hashimo2
2
100
生成AIでwebアプリケーションを作ってみた
Avatar for tajimon tajimon
2
150
Prox Industries株式会社 会社紹介資料
Avatar for Prox proxindustries
0
290
Amazon Bedrockで実現する 新たな学習体験
Avatar for Kazuki Maeda kzkmaeda
2
540
Observability в PHP без боли. Олег Мифле, тимлид Altenar
Avatar for Lamoda Tech lamodatech
0
350
MySQL5.6から8.4へ 戦いの記録
Avatar for Koji Yoshida kyoshidaxx
1
210

Featured

See All Featured
個人開発の失敗を避けるイケてる考え方 / tips for indie hackers
Avatar for panda_program panda_program
107
19k
GraphQLの誤解/rethinking-graphql
Avatar for sonatard sonatard
71
11k
The Straight Up "How To Draw Better" Workshop
Avatar for Dennis Kardys denniskardys
234
140k
Let's Do A Bunch of Simple Stuff to Make Websites Faster
Avatar for Chris Coyier chriscoyier
507
140k
The Art of Programming - Codeland 2020
Avatar for Erika Heidi erikaheidi
54
13k
Optimising Largest Contentful Paint
Avatar for Harry Roberts csswizardry
37
3.3k
Six Lessons from altMBA
Avatar for Skipper Chong Warson skipperchong
28
3.8k
Designing Experiences People Love
Avatar for Jonathan Moore moore
142
24k
The Pragmatic Product Professional
Avatar for Laura Van Doore lauravandoore
35
6.7k
The Cost Of JavaScript in 2023
Avatar for Addy Osmani addyosmani
51
8.5k
The Myth of the Modular Monolith - Day 2 Keynote - Rails World 2024
Avatar for Eileen M. Uchitelle eileencodes
26
2.9k
The Language of Interfaces
Avatar for Des Traynor destraynor
158
25k

Transcript

  1. ٱถ୓അ(.01FQBCP *OD  ,JYTWPM-5NJO F#1'ೖ໳

  2. (.0ϖύϘΠϯϑϥΤϯδχΞ ٱถ୓അ!UBLVNBLVNF ϗεςΟϯάࣄۀ෦ IUUQTUBLVNBLVNFUFDI 

  3. None

  4. Έͳ͞Μ͸#1'ͯ͠·͔͢ʁ 

  5. #1'JT #FSLFMFZ1BDLFU'JMUFS -JOVYLFSOFMʹ࣮૷͞Ε͍ͯΔ ύέοτͷΩϟϓνϟ΍ϑΟϧλΛߦ͏ͨΊͷ ΠϯλʔϑΣΠε 

  6. UDQEVNQ  

  7. UDQEVNQ  ~$ sudo tcpdump port 80 tcpdump: verbose output

    suppressed, use -v or -vv for full protocol decode listening on eth0, link-type EN10MB (Ethernet), capture size 262144 bytes 00:27:12.580101 IP 192.168.0.18.61285 > archlinux.vagrant.vm.http: Flags [S], seq 1854919014, win 65535, options [mss 1460,nop,wscale 5,nop,nop,TS val 844367687 ecr 0,sackOK,eol], length 0 : : ຖ೔ୟ͍͍ͯΔ͍ͭ΋ͷ΍ͭͰ͢Ͷ 

  8. UDQEVNQ #1' 

  9. #1' /*$ 5$14UBDL UDQEVNQ VTFS LFSOFM LFSOFM OFUXPSL 

  10. #1' /*$ 5$14UBDL UDQEVNQ tcpdump port 80 VTFS LFSOFM LFSOFM

    OFUXPSL 

  11. #1' /*$ 5$14UBDL UDQEVNQ tcpdump port 80 VTFS LFSOFM LFSOFM

    OFUXPSL #1' CZUFDPEF UDQEVNQ͸ #1'༻ʹϓϩάϥϜΛ ίϯύΠϧͯ͠LFSOFM Ͱ࣮ߦ͢Δ 

  12. #1' /*$ 5$14UBDL UDQEVNQ tcpdump port 80 OHJOY VTFS LFSOFM

    LFSOFM OFUXPSL #1' 130( UDQEVNQ͸ #1'༻ʹϓϩάϥϜΛ ίϯύΠϧͯ͠LFSOFM Ͱ࣮ߦ͢Δ $ sudo tcpdump -d 'port 80' (000) ldh [12] (001) jeq #0x86dd jt 2 jf 10 (002) ldb [20] (003) jeq #0x84 jt 6 jf 4 (004) jeq #0x6 jt 6 jf 5 (005) jeq #0x11 jt 6 jf 23 (006) ldh [54] : BPF Assembler 

  13. #1' /*$ 5$14UBDL UDQEVNQ tcpdump port 80 OHJOY VTFS LFSOFM

    LFSOFM OFUXPSL #1' 130( UDQEVNQ͸ #1'༻ʹϓϩάϥϜΛ ίϯύΠϧͯ͠LFSOFM Ͱ࣮ߦ͢Δ ~$ sudo tcpdump -dd 'port 80' { 0x28, 0, 0, 0x0000000c }, { 0x15, 0, 8, 0x000086dd }, { 0x30, 0, 0, 0x00000014 }, { 0x15, 2, 0, 0x00000084 }, { 0x15, 1, 0, 0x00000006 }, { 0x15, 0, 17, 0x00000011 }, { 0x28, 0, 0, 0x00000036 }, { 0x15, 14, 0, 0x00000050 }, : BPF Bytecode 

  14. #1' /*$ 5$14UBDL UDQEVNQ tcpdump port 80 VTFS LFSOFM LFSOFM

    OFUXPSL 5$1QPSU #1' CZUFDPEF 

  15. #1' /*$ 5$14UBDL UDQEVNQ tcpdump port 80 VTFS LFSOFM LFSOFM

    OFUXPSL UFSNJOBM දࣔ 5$1QPSU #1' CZUFDPEF 

  16. #1'JT #FSLFMFZ1BDLFU'JMUFS -JOVYLFSOFMʹ࣮૷͞Ε͍ͯΔ ύέοτͷΩϟϓνϟ΍ϑΟϧλΛߦ͏ͨΊͷ ΠϯλʔϑΣΠε 6TFSMBOEͰ࡞੒ͨ͠#1'#ZUFDPEFΛ ,FSOFMMBOEͰ࣮ߦ͢Δ ύέοτΩϟϓνϟҎ֎ͷ༻్ʹ΋࢖ΘΕ͍ͯΔ 

  17. TFDDPNQ  

  18. TFDDPNQ ࢦఆͨ͠TZTUFNDBMMΛ࣮ߦͰ͖ͳ͍Α͏ʹ͢Δ -JOVYLFSOFMͷػೳ ͜͜Ͱ͍͏TFDDPNQ͸-JOVYLFSOFMҎ߱ͷ TFDDPNQNPEFΛࢦ͢ TFDDPNQNPEF͸ɺϑΟϧλϦϯάʹ#1'͕ ࢖ΘΕ͓ͯΒͣɺॊೈੑ͕ͳ͍ػೳͩͬͨ 

  19. #1' ϓϩάϥϜ VTFS LFSOFM LFSOFM 

  20. #1' ϓϩάϥϜ VTFS LFSOFM LFSOFM ࣮ߦ 

  21. #1' ϓϩάϥϜ VTFS LFSOFM TFDDPNQ  ࣮ߦ LFSOFM ࣮ߦ ྫͱͯ͠XSJUF

     Λ੍ݶ͢Δ 

  22. #1' ϓϩάϥϜ VTFS LFSOFM TFDDPNQ  ࣮ߦ LFSOFM ࣮ߦ ͜ͷϓϩηεͰ͸XSJUF

      ͕࣮ߦͰ͖ͳ͘ͳΔ #1'༻ʹϓϩάϥϜΛ ίϯύΠϧͯ͠ LFSOFMͰ࣮ߦ͢Δ #1' CZUFDPEF  ྫͱͯ͠XSJUF  Λ੍ݶ͢Δ

  23. #1' ϓϩάϥϜ VTFS LFSOFM TFDDPNQ  ࣮ߦ LFSOFM ࣮ߦ PQFO

     ࣮ߦ ڐՄ #1' CZUFDPEF  ྫͱͯ͠XSJUF  Λ੍ݶ͢Δ

  24. #1' ϓϩάϥϜ VTFS LFSOFM TFDDPNQ  ࣮ߦ LFSOFM ࣮ߦ PQFO

     ࣮ߦ XSJUF  ࣮ߦ #1' CZUFDPEF ڋ൱ 

  25. Έͳ͞Μ#1'ָ͍͠Ͱ͔͢ʁ 

  26. ָ͍͠Ͱ͢Ͷʁ 

  27. F#1'ೖ໳

  28. F#1' &YUFOEFE#1' 

  29. F#1' -JOVYLFSOFMҎ߱Ͱ࣮૷͞Ε͍ͯΔ #1'ͷ֦ு࣮૷ VQSPCFTVTFSMFWFMEZOBNJDUSBDJOH LQSPCFTLFSOFMEZOBNJDUSBDJOH 9%1F9QSFTT%BUB1BUI ύέοτΛ,FSOFMͷ/FUXPSL4UBDLʹ ౉͞ΕΔલͷυϥΠόϨϕϧͰ੍ޚͰ͖Δ FUD 

  30. IUUQTHJUIVCDPNUPSWBMETMJOVYCMPCWJODMVEFUSBDFFWFOUTCQGI 

  31. IUUQTHJUIVCDPNUPSWBMETMJOVYCMPCWJODMVEFUSBDFFWFOUTCQGI 

  32. F#1'ͷͬ͘͟Γͱͨ͠࢓૊Έ 

  33. LQSPCFT F#1' ,FSOFMEZOBNJDUSBDJOH 

  34. LQSPCFT LFSOFM ໋ྩ ໋ྩ ໋ྩ ໋ྩ ϒϨʔΫϙΠϯτ LQSPCFT NPEVMF ஫ೖ

    TBWFDPOUFYU SFTUPSFDPOUFYU ࣮ߦ͍ͨ͠ॲཧ KNQ LFSOFMʹϒϨʔΫϙΠϯτΛઃఆ͠ϓϩάϥϜΛ࣮ߦͰ͖Δػೳ 

  35. VTFS LFSOFM ϓϩάϥϜ F#1' LQSPCFT LQSPCFT F#1' 

  36. VTFS LFSOFM ϓϩάϥϜ #1'CZUFDPEF F#1' ੜ੒ LQSPCFT LQSPCFT F#1' 

  37. VTFS LFSOFM ϓϩάϥϜ #1'CZUFDPEF F#1' WFSJpFS ੜ੒ MPBE LQSPCFT LQSPCFT

    F#1' 

  38. VTFS LFSOFM ϓϩάϥϜ #1'CZUFDPEF F#1' WFSJpFS ੜ੒ MPBE LQSPCFT ϓϩάϥϜͷ҆શੑ

    ΛνΣοΫ LQSPCFT F#1' 

  39. VTFS LFSOFM ϓϩάϥϜ #1'CZUFDPEF F#1' WFSJpFS ੜ੒ MPBE #1'CZUFDPEF LQSPCFT

    LQSPCFT F#1' 

  40. VTFS LFSOFM ϓϩάϥϜ #1'CZUFDPEF F#1' WFSJpFS ੜ੒ MPBE #1'CZUFDPEF NBQ

    ੜ੒ 6TFS,FSOFMؒͰσʔλͷ΍ΓऔΓΛ͢Δ )BTI "SSBZ FUDʜ LQSPCFT LQSPCFT F#1' 

  41. LQSPCFT F#1' VTFS LFSOFM ϓϩάϥϜ #1'CZUFDPEF F#1' WFSJpFS ੜ੒ MPBE

    #1'CZUFDPEF NBQ USBDJOH ॻ͖ࠐΈ ࢀর LQSPCFT 

  42. LQSPCFT F#1' VTFS LFSOFM ϓϩάϥϜ #1'CZUFDPEF F#1' WFSJpFS ੜ੒ MPBE

    #1'CZUFDPEF NBQ USBDJOH ॻ͖ࠐΈ ࢀর LQSPCFT F#1'WFSJpFSʹΑͬͯ ҆શʹίʔυΛ࣮ߦͰ͖Δʂ 

  43. LQSPCFT F#1' VTFS LFSOFM ϓϩάϥϜ #1'CZUFDPEF F#1' WFSJpFS ੜ੒ MPBE

    #1'CZUFDPEF NBQ USBDJOH ॻ͖ࠐΈ ࢀর LQSPCFT F#1'NBQʹΑͬͯ 6TFSTQBDFͱ,FSOFMͰಈత ʹσʔλΛڞ༗Ͱ͖Δʂ 

  44. LQSPCFT F#1' VTFS LFSOFM ϓϩάϥϜ #1'CZUFDPEF F#1' WFSJpFS ੜ੒ MPBE

    #1'CZUFDPEF NBQ USBDJOH ॻ͖ࠐΈ ࢀর LQSPCFT Կͷ໾ཱͪ·͔͢ʁ 

  45. LQSPCFT F#1' VTFS LFSOFM ϓϩάϥϜ #1'CZUFDPEF F#1' WFSJpFS ੜ੒ MPBE

    #1'CZUFDPEF NBQ USBDJOH ॻ͖ࠐΈ ࢀর LQSPCFT .FNPSZBMMPDBUJPOΛτϨʔε ͯ͠ɺ.FNPSZMFBLΛ୳͢ 

  46. LQSPCFT F#1' VTFS LFSOFM ϓϩάϥϜ #1'CZUFDPEF F#1' WFSJpFS ੜ੒ MPBE

    #1'CZUFDPEF NBQ USBDJOH ॻ͖ࠐΈ ࢀর LQSPCFT 'JMFTZTUFNΛτϨʔεͯ͠ ϑΝΠϧͷPQFO SFBE XSJUF ͳͲʹ͔͔Δ࣌ؒΛܭଌͯ͠ ϘτϧωοΫΛ୳͢ 

  47. LQSPCFT F#1' VTFS LFSOFM ϓϩάϥϜ #1'CZUFDPEF F#1' WFSJpFS ੜ੒ MPBE

    #1'CZUFDPEF NBQ USBDJOH ॻ͖ࠐΈ ࢀর LQSPCFT 00.LJMMFSΛτϨʔε͠ ͦͷॠؒͷͱ͋ΔϓϩάϥϜͷ UBTL@TUSVDUߏ଄ମͷத਎Λ μϯϓͯ͠ݪҼΛ୳͢ 

  48. 9%1 F9QSFTT%BUB1BUI  ύέοτΛ,FSOFMͷ/FUXPSL4UBDL ʹ౉͞ΕΔલͷυϥΠόϨϕϧͰ੍ޚͰ͖Δ

  49. JQUBCMFT /*$ %SJWFS "QQMJDBUJPO OFUpMUFS %301 "$$&15 VTFS LFSOFM 

    JQUBCMFT /FUXPSL4UBDL

  50. JQUBCMFTXJUI#1' /*$ %SJWFS /FUXPSL4UBDL "QQMJDBUJPO "$$&15 VTFS LFSOFM  JQUBCMFT

    D#1' %301 CZUFDPEF

  51. 9%1 /*$ %SJWFS /FUXPSL4UBDL "QQMJDBUJPO "$$&15 VTFS LFSOFM  9%11SPH

    %301 F#1' CZUFDPEF

  52. 9%1 /*$ %SJWFS /FUXPSL4UBDL "QQMJDBUJPO VTFS LFSOFM 9%1 %301 "$$&15

    ωοτϫʔΫυϥΠόϨϕϧͰ ύέοτͷૢ࡞͕Ͱ͖Δʂ ରԠ͍ͯ͠ΔωοτϫʔΫυϥΠό͸ҎԼΛࢀর IUUQTHJUIVCDPNJPWJTPSCDDCMPCNBTUFSEPDTLFSOFMWFSTJPOTNEYEQ 

  53. 9%1 /*$ %SJWFS /FUXPSL4UBDL "QQMJDBUJPO VTFS LFSOFM 9%1 %301 "$$&15

    ଎ 

  54. 9%1 /*$ %SJWFS /FUXPSL4UBDL "QQMJDBUJPO VTFS LFSOFM 9%1 %301 "$$&15

    %%P4ରࡦ ηΩϡϦςΟରࡦ -# ೔ຊͰ΋ࣄྫ͋Γ 

  55. ເ͕޿͕Γ·͢Ͷʁ 

  56. ·ͱΊ #1'͸6TFSTQBDFͰ࡞੒ͨ͠#ZUFDPEFΛ ,FSOFMͰ࣮ߦ͢Δࣄ͕Ͱ͖Δɻ D#1'͸ύέοτ΍γεςϜίʔϧΛϑΟϧλ Ϧϯά͢Δ͜ͱ͕Ͱ͖Δɻ F#1'͸LQSPCF΍VQSPCFΛར༻ͨ͠τϨʔε ΍9%1ͷΑ͏ͳ%SJWFSϨϕϧͷߴ଎ͳύέο τૢ࡞͕Ͱ͖Δɻଞʹ΋ػೳ͕͋Δɻ 7FSJpFSʹΑΓ҆શʹίʔυΛ࣮ߦͰ͖Δɻ .BQʹΑΓಈతʹσʔλͷ΍ΓऔΓ͕Ͱ͖Δɻ

  57. དྷ೥΋΍͍͖ͬͯ·͠ΐ͏ʂ 

  58. ͝ਗ਼ௌ͋Γ͕ͱ͏͍͟͝·ͨ͠ʂ