Upgrade to Pro — share decks privately, control downloads, hide ads and more …

eBPF入門 /eBPF-getting-started

Avatar for Takuma Kume Takuma Kume
December 16, 2017
Technology
6
6.6k

eBPF入門 /eBPF-getting-started

KIXS vol.006 LT 10 min
https://kixs.connpass.com/event/69643/

ブログ
https://takumakume.tech/blog/2017-12-18-ebpf-getting-started/
Avatar for Takuma Kume

Takuma Kume

December 16, 2017
Tweet

More Decks by Takuma Kume

See All by Takuma Kume
SRE/インフラエンジニアの市場価値とキャリアパス/Market value and career path for SRE-infrastructure engineers
Avatar for Takuma Kume takumakume
2
720
【新卒研修】共通言語としてのSRE/SRE as a common language
Avatar for Takuma Kume takumakume
0
160
DDoSとの終わりなき戦い2025/endless_battle_with_ddos_attack_2025
Avatar for Takuma Kume takumakume
2
100
事業部CTOの現在地(パネルディスカッション)/Current-location-of-Division-CTO
Avatar for Takuma Kume takumakume
0
110
ロリポップ! for Gamersを支えるインフラ/lolipop for gamers infrastructure
Avatar for Takuma Kume takumakume
0
800
ロリポップ! for Gamersの立ち上げ/lolipop for gamers launch
Avatar for Takuma Kume takumakume
0
2.3k
ホモグラフドメインを検出してみた/detect homograph domain
Avatar for Takuma Kume takumakume
0
590
ソフトウェアの継続的アップデートをコンテナ化によって加速させる/Accelerate continuous software updates with containerization
Avatar for Takuma Kume takumakume
0
5.1k
KubernetesにおけるSBOMを利用した脆弱性管理/Vulnerability_Management_with_SBOM_in_Kubernetes
Avatar for Takuma Kume takumakume
1
2.5k

Other Decks in Technology

See All in Technology
AI時代にも変わらぬ価値を発揮したい: インフラ・クラウドを切り口にユーザー価値と非機能要件に向き合ってエンジニアとしての地力を培う
Avatar for Toshiaki Baba netmarkjp
0
140
Introduction to Bill One Development Engineer
Avatar for Sansan, Inc. sansan33
PRO
0
260
アクセスピークを制するオートスケール再設計: 障害を乗り越えKEDAで実現したリソース管理の最適化
Avatar for M-Yamashita myamashii
1
710
MCP とマネージド PaaS で実現する大規模 AI アプリケーションの高速開発
Avatar for Nahoko Ushirokawa nahokoxxx
1
390
QuickSight SPICE の効果的な運用戦略~S3 + Athena 構成での実践ノウハウ~/quicksight-spice-s3-athena-best-practices
Avatar for emi emiki
0
290
Copilot coding agentにベットしたいCTOが開発組織で取り組んだこと / GitHub Copilot coding agent in Team
Avatar for tnir tnir
0
200
公開初日に Gemini CLI を試した話や FFmpeg と組み合わせてみた話など / Gemini CLI 初学者勉強会(#AI道場)
Avatar for you(@youtoy) you
PRO
0
1.4k
VS CodeとGitHub Copilotで爆速開発!アップデートの波に乗るおさらい会 / Rapid Development with VS Code and GitHub Copilot: Catch the Latest Wave
Avatar for Yusuke Yamada yamachu
3
480
データ戦略部門 紹介資料
Avatar for Sansan, Inc. sansan33
PRO
1
3.3k
PHPからはじめるコンピュータアーキテクチャ / From Scripts to Silicon: A Journey Through the Layers of Computing
Avatar for HASEGAWA Tomoki tomzoh
2
160
ゼロから始めるSREの事業貢献 - 生成AI時代のSRE成長戦略と実践 / Starting SRE from Day One
Avatar for Shinichi Nakagawa shinyorke
PRO
0
130
How to Quickly Call American Airlines®️ U.S. Customer Care : Full Guide
Avatar for goldfinch3710 flyaahelpguide
0
240

Featured

See All Featured
How to train your dragon (web standard)
Avatar for Monica Dinculescu notwaldorf
96
6.1k
Agile that works and the tools we love
Avatar for Rasmus Luckow-Nielsen rasmusluckow
329
21k
The Web Performance Landscape in 2024 [PerfNow 2024]
Avatar for Tammy Everts tammyeverts
8
700
The Power of CSS Pseudo Elements
Avatar for Geoffrey Crofte geoffreycrofte
77
5.9k
Testing 201, or: Great Expectations
Avatar for Joseph Mastey jmmastey
43
7.6k
Six Lessons from altMBA
Avatar for Skipper Chong Warson skipperchong
28
3.9k
Designing for humans not robots
Avatar for Tammie Lister tammielis
253
25k
Embracing the Ebb and Flow
Avatar for Simon Collison colly
86
4.8k
Building Better People: How to give real-time feedback that sticks.
Avatar for Will Jessup wjessup
367
19k
Designing for Performance
Avatar for Lara Hogan lara
610
69k
Faster Mobile Websites
Avatar for Dean Hume deanohume
308
31k
No one is an island. Learnings from fostering a developers community.
Avatar for Antonio thoeni
21
3.4k

Transcript

  1. ٱถ୓അ(.01FQBCP *OD  ,JYTWPM-5NJO F#1'ೖ໳

  2. (.0ϖύϘΠϯϑϥΤϯδχΞ ٱถ୓അ!UBLVNBLVNF ϗεςΟϯάࣄۀ෦ IUUQTUBLVNBLVNFUFDI 

  3. None

  4. Έͳ͞Μ͸#1'ͯ͠·͔͢ʁ 

  5. #1'JT #FSLFMFZ1BDLFU'JMUFS -JOVYLFSOFMʹ࣮૷͞Ε͍ͯΔ ύέοτͷΩϟϓνϟ΍ϑΟϧλΛߦ͏ͨΊͷ ΠϯλʔϑΣΠε 

  6. UDQEVNQ  

  7. UDQEVNQ  ~$ sudo tcpdump port 80 tcpdump: verbose output

    suppressed, use -v or -vv for full protocol decode listening on eth0, link-type EN10MB (Ethernet), capture size 262144 bytes 00:27:12.580101 IP 192.168.0.18.61285 > archlinux.vagrant.vm.http: Flags [S], seq 1854919014, win 65535, options [mss 1460,nop,wscale 5,nop,nop,TS val 844367687 ecr 0,sackOK,eol], length 0 : : ຖ೔ୟ͍͍ͯΔ͍ͭ΋ͷ΍ͭͰ͢Ͷ 

  8. UDQEVNQ #1' 

  9. #1' /*$ 5$14UBDL UDQEVNQ VTFS LFSOFM LFSOFM OFUXPSL 

  10. #1' /*$ 5$14UBDL UDQEVNQ tcpdump port 80 VTFS LFSOFM LFSOFM

    OFUXPSL 

  11. #1' /*$ 5$14UBDL UDQEVNQ tcpdump port 80 VTFS LFSOFM LFSOFM

    OFUXPSL #1' CZUFDPEF UDQEVNQ͸ #1'༻ʹϓϩάϥϜΛ ίϯύΠϧͯ͠LFSOFM Ͱ࣮ߦ͢Δ 

  12. #1' /*$ 5$14UBDL UDQEVNQ tcpdump port 80 OHJOY VTFS LFSOFM

    LFSOFM OFUXPSL #1' 130( UDQEVNQ͸ #1'༻ʹϓϩάϥϜΛ ίϯύΠϧͯ͠LFSOFM Ͱ࣮ߦ͢Δ $ sudo tcpdump -d 'port 80' (000) ldh [12] (001) jeq #0x86dd jt 2 jf 10 (002) ldb [20] (003) jeq #0x84 jt 6 jf 4 (004) jeq #0x6 jt 6 jf 5 (005) jeq #0x11 jt 6 jf 23 (006) ldh [54] : BPF Assembler 

  13. #1' /*$ 5$14UBDL UDQEVNQ tcpdump port 80 OHJOY VTFS LFSOFM

    LFSOFM OFUXPSL #1' 130( UDQEVNQ͸ #1'༻ʹϓϩάϥϜΛ ίϯύΠϧͯ͠LFSOFM Ͱ࣮ߦ͢Δ ~$ sudo tcpdump -dd 'port 80' { 0x28, 0, 0, 0x0000000c }, { 0x15, 0, 8, 0x000086dd }, { 0x30, 0, 0, 0x00000014 }, { 0x15, 2, 0, 0x00000084 }, { 0x15, 1, 0, 0x00000006 }, { 0x15, 0, 17, 0x00000011 }, { 0x28, 0, 0, 0x00000036 }, { 0x15, 14, 0, 0x00000050 }, : BPF Bytecode 

  14. #1' /*$ 5$14UBDL UDQEVNQ tcpdump port 80 VTFS LFSOFM LFSOFM

    OFUXPSL 5$1QPSU #1' CZUFDPEF 

  15. #1' /*$ 5$14UBDL UDQEVNQ tcpdump port 80 VTFS LFSOFM LFSOFM

    OFUXPSL UFSNJOBM දࣔ 5$1QPSU #1' CZUFDPEF 

  16. #1'JT #FSLFMFZ1BDLFU'JMUFS -JOVYLFSOFMʹ࣮૷͞Ε͍ͯΔ ύέοτͷΩϟϓνϟ΍ϑΟϧλΛߦ͏ͨΊͷ ΠϯλʔϑΣΠε 6TFSMBOEͰ࡞੒ͨ͠#1'#ZUFDPEFΛ ,FSOFMMBOEͰ࣮ߦ͢Δ ύέοτΩϟϓνϟҎ֎ͷ༻్ʹ΋࢖ΘΕ͍ͯΔ 

  17. TFDDPNQ  

  18. TFDDPNQ ࢦఆͨ͠TZTUFNDBMMΛ࣮ߦͰ͖ͳ͍Α͏ʹ͢Δ -JOVYLFSOFMͷػೳ ͜͜Ͱ͍͏TFDDPNQ͸-JOVYLFSOFMҎ߱ͷ TFDDPNQNPEFΛࢦ͢ TFDDPNQNPEF͸ɺϑΟϧλϦϯάʹ#1'͕ ࢖ΘΕ͓ͯΒͣɺॊೈੑ͕ͳ͍ػೳͩͬͨ 

  19. #1' ϓϩάϥϜ VTFS LFSOFM LFSOFM 

  20. #1' ϓϩάϥϜ VTFS LFSOFM LFSOFM ࣮ߦ 

  21. #1' ϓϩάϥϜ VTFS LFSOFM TFDDPNQ  ࣮ߦ LFSOFM ࣮ߦ ྫͱͯ͠XSJUF

     Λ੍ݶ͢Δ 

  22. #1' ϓϩάϥϜ VTFS LFSOFM TFDDPNQ  ࣮ߦ LFSOFM ࣮ߦ ͜ͷϓϩηεͰ͸XSJUF

      ͕࣮ߦͰ͖ͳ͘ͳΔ #1'༻ʹϓϩάϥϜΛ ίϯύΠϧͯ͠ LFSOFMͰ࣮ߦ͢Δ #1' CZUFDPEF  ྫͱͯ͠XSJUF  Λ੍ݶ͢Δ

  23. #1' ϓϩάϥϜ VTFS LFSOFM TFDDPNQ  ࣮ߦ LFSOFM ࣮ߦ PQFO

     ࣮ߦ ڐՄ #1' CZUFDPEF  ྫͱͯ͠XSJUF  Λ੍ݶ͢Δ

  24. #1' ϓϩάϥϜ VTFS LFSOFM TFDDPNQ  ࣮ߦ LFSOFM ࣮ߦ PQFO

     ࣮ߦ XSJUF  ࣮ߦ #1' CZUFDPEF ڋ൱ 

  25. Έͳ͞Μ#1'ָ͍͠Ͱ͔͢ʁ 

  26. ָ͍͠Ͱ͢Ͷʁ 

  27. F#1'ೖ໳

  28. F#1' &YUFOEFE#1' 

  29. F#1' -JOVYLFSOFMҎ߱Ͱ࣮૷͞Ε͍ͯΔ #1'ͷ֦ு࣮૷ VQSPCFTVTFSMFWFMEZOBNJDUSBDJOH LQSPCFTLFSOFMEZOBNJDUSBDJOH 9%1F9QSFTT%BUB1BUI ύέοτΛ,FSOFMͷ/FUXPSL4UBDLʹ ౉͞ΕΔલͷυϥΠόϨϕϧͰ੍ޚͰ͖Δ FUD 

  30. IUUQTHJUIVCDPNUPSWBMETMJOVYCMPCWJODMVEFUSBDFFWFOUTCQGI 

  31. IUUQTHJUIVCDPNUPSWBMETMJOVYCMPCWJODMVEFUSBDFFWFOUTCQGI 

  32. F#1'ͷͬ͘͟Γͱͨ͠࢓૊Έ 

  33. LQSPCFT F#1' ,FSOFMEZOBNJDUSBDJOH 

  34. LQSPCFT LFSOFM ໋ྩ ໋ྩ ໋ྩ ໋ྩ ϒϨʔΫϙΠϯτ LQSPCFT NPEVMF ஫ೖ

    TBWFDPOUFYU SFTUPSFDPOUFYU ࣮ߦ͍ͨ͠ॲཧ KNQ LFSOFMʹϒϨʔΫϙΠϯτΛઃఆ͠ϓϩάϥϜΛ࣮ߦͰ͖Δػೳ 

  35. VTFS LFSOFM ϓϩάϥϜ F#1' LQSPCFT LQSPCFT F#1' 

  36. VTFS LFSOFM ϓϩάϥϜ #1'CZUFDPEF F#1' ੜ੒ LQSPCFT LQSPCFT F#1' 

  37. VTFS LFSOFM ϓϩάϥϜ #1'CZUFDPEF F#1' WFSJpFS ੜ੒ MPBE LQSPCFT LQSPCFT

    F#1' 

  38. VTFS LFSOFM ϓϩάϥϜ #1'CZUFDPEF F#1' WFSJpFS ੜ੒ MPBE LQSPCFT ϓϩάϥϜͷ҆શੑ

    ΛνΣοΫ LQSPCFT F#1' 

  39. VTFS LFSOFM ϓϩάϥϜ #1'CZUFDPEF F#1' WFSJpFS ੜ੒ MPBE #1'CZUFDPEF LQSPCFT

    LQSPCFT F#1' 

  40. VTFS LFSOFM ϓϩάϥϜ #1'CZUFDPEF F#1' WFSJpFS ੜ੒ MPBE #1'CZUFDPEF NBQ

    ੜ੒ 6TFS,FSOFMؒͰσʔλͷ΍ΓऔΓΛ͢Δ )BTI "SSBZ FUDʜ LQSPCFT LQSPCFT F#1' 

  41. LQSPCFT F#1' VTFS LFSOFM ϓϩάϥϜ #1'CZUFDPEF F#1' WFSJpFS ੜ੒ MPBE

    #1'CZUFDPEF NBQ USBDJOH ॻ͖ࠐΈ ࢀর LQSPCFT 

  42. LQSPCFT F#1' VTFS LFSOFM ϓϩάϥϜ #1'CZUFDPEF F#1' WFSJpFS ੜ੒ MPBE

    #1'CZUFDPEF NBQ USBDJOH ॻ͖ࠐΈ ࢀর LQSPCFT F#1'WFSJpFSʹΑͬͯ ҆શʹίʔυΛ࣮ߦͰ͖Δʂ 

  43. LQSPCFT F#1' VTFS LFSOFM ϓϩάϥϜ #1'CZUFDPEF F#1' WFSJpFS ੜ੒ MPBE

    #1'CZUFDPEF NBQ USBDJOH ॻ͖ࠐΈ ࢀর LQSPCFT F#1'NBQʹΑͬͯ 6TFSTQBDFͱ,FSOFMͰಈత ʹσʔλΛڞ༗Ͱ͖Δʂ 

  44. LQSPCFT F#1' VTFS LFSOFM ϓϩάϥϜ #1'CZUFDPEF F#1' WFSJpFS ੜ੒ MPBE

    #1'CZUFDPEF NBQ USBDJOH ॻ͖ࠐΈ ࢀর LQSPCFT Կͷ໾ཱͪ·͔͢ʁ 

  45. LQSPCFT F#1' VTFS LFSOFM ϓϩάϥϜ #1'CZUFDPEF F#1' WFSJpFS ੜ੒ MPBE

    #1'CZUFDPEF NBQ USBDJOH ॻ͖ࠐΈ ࢀর LQSPCFT .FNPSZBMMPDBUJPOΛτϨʔε ͯ͠ɺ.FNPSZMFBLΛ୳͢ 

  46. LQSPCFT F#1' VTFS LFSOFM ϓϩάϥϜ #1'CZUFDPEF F#1' WFSJpFS ੜ੒ MPBE

    #1'CZUFDPEF NBQ USBDJOH ॻ͖ࠐΈ ࢀর LQSPCFT 'JMFTZTUFNΛτϨʔεͯ͠ ϑΝΠϧͷPQFO SFBE XSJUF ͳͲʹ͔͔Δ࣌ؒΛܭଌͯ͠ ϘτϧωοΫΛ୳͢ 

  47. LQSPCFT F#1' VTFS LFSOFM ϓϩάϥϜ #1'CZUFDPEF F#1' WFSJpFS ੜ੒ MPBE

    #1'CZUFDPEF NBQ USBDJOH ॻ͖ࠐΈ ࢀর LQSPCFT 00.LJMMFSΛτϨʔε͠ ͦͷॠؒͷͱ͋ΔϓϩάϥϜͷ UBTL@TUSVDUߏ଄ମͷத਎Λ μϯϓͯ͠ݪҼΛ୳͢ 

  48. 9%1 F9QSFTT%BUB1BUI  ύέοτΛ,FSOFMͷ/FUXPSL4UBDL ʹ౉͞ΕΔલͷυϥΠόϨϕϧͰ੍ޚͰ͖Δ

  49. JQUBCMFT /*$ %SJWFS "QQMJDBUJPO OFUpMUFS %301 "$$&15 VTFS LFSOFM 

    JQUBCMFT /FUXPSL4UBDL

  50. JQUBCMFTXJUI#1' /*$ %SJWFS /FUXPSL4UBDL "QQMJDBUJPO "$$&15 VTFS LFSOFM  JQUBCMFT

    D#1' %301 CZUFDPEF

  51. 9%1 /*$ %SJWFS /FUXPSL4UBDL "QQMJDBUJPO "$$&15 VTFS LFSOFM  9%11SPH

    %301 F#1' CZUFDPEF

  52. 9%1 /*$ %SJWFS /FUXPSL4UBDL "QQMJDBUJPO VTFS LFSOFM 9%1 %301 "$$&15

    ωοτϫʔΫυϥΠόϨϕϧͰ ύέοτͷૢ࡞͕Ͱ͖Δʂ ରԠ͍ͯ͠ΔωοτϫʔΫυϥΠό͸ҎԼΛࢀর IUUQTHJUIVCDPNJPWJTPSCDDCMPCNBTUFSEPDTLFSOFMWFSTJPOTNEYEQ 

  53. 9%1 /*$ %SJWFS /FUXPSL4UBDL "QQMJDBUJPO VTFS LFSOFM 9%1 %301 "$$&15

    ଎ 

  54. 9%1 /*$ %SJWFS /FUXPSL4UBDL "QQMJDBUJPO VTFS LFSOFM 9%1 %301 "$$&15

    %%P4ରࡦ ηΩϡϦςΟରࡦ -# ೔ຊͰ΋ࣄྫ͋Γ 

  55. ເ͕޿͕Γ·͢Ͷʁ 

  56. ·ͱΊ #1'͸6TFSTQBDFͰ࡞੒ͨ͠#ZUFDPEFΛ ,FSOFMͰ࣮ߦ͢Δࣄ͕Ͱ͖Δɻ D#1'͸ύέοτ΍γεςϜίʔϧΛϑΟϧλ Ϧϯά͢Δ͜ͱ͕Ͱ͖Δɻ F#1'͸LQSPCF΍VQSPCFΛར༻ͨ͠τϨʔε ΍9%1ͷΑ͏ͳ%SJWFSϨϕϧͷߴ଎ͳύέο τૢ࡞͕Ͱ͖Δɻଞʹ΋ػೳ͕͋Δɻ 7FSJpFSʹΑΓ҆શʹίʔυΛ࣮ߦͰ͖Δɻ .BQʹΑΓಈతʹσʔλͷ΍ΓऔΓ͕Ͱ͖Δɻ

  57. དྷ೥΋΍͍͖ͬͯ·͠ΐ͏ʂ 

  58. ͝ਗ਼ௌ͋Γ͕ͱ͏͍͟͝·ͨ͠ʂ