Rootconf 2019

On infrastructure security, DevOps and distributed systems.

Participate

eBPF: BPF kernel Infrastructure

Submitted by tk sourabh (@sourabhtk37) on Monday, 1 April 2019


Preview video

Section: Full talk of 40 mins duration Technical level: Intermediate

View proposal in schedule

Abstract

eBPF is an upcoming in-kernel mechanism that provides ability inject arbitrary user space code into the kernel in a safe manner.

With ability to program any userspace code into the kernel, it open up a lot of possibilities for end-user to easily interact with kernel components.
This lets users to develop various hooks into the kernel and use existing infrastructure to improve various parts of it.

One such major use case is High performance networking. With the advent of XDP(Express Data Path), it is allowing people to do packet filtering at an early point in the software stack in an extensible manner, which enables very fast packet processing compared to nftables, iptables etc.

Other such usecase is Kernel tracing, which is possible due to bcc(https://github.com/iovisor/bcc) and Bpftrace(DTrace for Linux, https://github.com/iovisor/bpftrace). It enables you to use kprobes, uprobes and tracepoints to deep dive into the intricacies in kernelspace/userspace and make sense of it.

Outline

  • Introduction to eBPF
    • Tracing applications
    • tcpdump: Beginning of BPF
  • What is eBPF?
    • Features
    • Use-cases
  • How does eBPF works?
    • BPF syscall, maps, prog types
    • How is BPF safe?
    • Overview of eBPF verfier
  • How to use eBPF?
    • System requirements
    • Writing eBPF program in python using BCC(BPF compiler collection)
    • frontends, DSL etc
  • XDP
    • Overview
    • XDP real life-scenario
    • Test setup
    • Benchmark comparison between iptables and XDP
  • Takeaways
  • Q&A

Speaker bio

Performance engineer at Redhat. Currently working on improving kernel networking performance. Open source enthusiast. Co-organizer/Volunteer of India Linux User group Delhi.

Previous talks:
How command line params are parsed(ILUG-D): http://slides.com/tksourabh/how-command#/
Basics: Logging in python(PyDelhi): https://slides.com/tksourabh/basics-logging-in-python#/
Github: https://github.com/sourabhtk37/

Slides

https://docs.google.com/presentation/d/1tWXuNlu6E1uT9aSJZm6m7JnmcG4uNssBZ2-q9WeGxCU/

Preview video

https://www.youtube.com/watch?v=E4qjOfW9-5M

Comments

  • Zainab Bawa (@zainabbawa) Reviewer 2 months ago

    Thanks Sourabh. Share your draft slides and preview video by 8 April, latest, to make a full evaluation of your proposal.

  • tk sourabh (@sourabhtk37) Proposer 2 months ago

    Hey Zainab, It might take a bit more time than expected due to some pre-occupation. Let me know, if that’s okay. I am working on it as I get time.

    • Zainab Bawa (@zainabbawa) Reviewer 2 months ago

      Ok Sourabh. Our hard stop is 15 April. You need to upload your draft slides and preview video by this date.

      • Zainab Bawa (@zainabbawa) Reviewer a month ago

        Hello Sourabh, any update on this?

        • tk sourabh (@sourabhtk37) Proposer a month ago

          Hey,
          I have updated the draft slides and preview video. Sorry for the delay.

Login with Twitter or Google to leave a comment