April 2022
Intermediate to advanced
54 pages
1h 7m
English
Content preview from What Is eBPF?
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.
Chapter 6. eBPF Tools
Now that you’ve learned about what eBPF is, and something of how eBPF programs work, let’s turn to exploring some of the tools, built on this technology, that you might make use of in a production deployment today. We’ll consider some examples of eBPF-based open source projects that provide capabilities in three important areas: networking, observability, and security.
Networking
eBPF programs can be attached to network interfaces and to various points in the kernel’s network stack. At each point, they can drop packets, send them to different destinations, or even modify the contents. This enables some very powerful capabilities. Let’s look at a few networking features that are now commonly implemented with eBPF.
Load Balancing
If you have any doubts about the scalability of eBPF for networking, know that it is being used at massive scale at Facebook. They were an early adopter of BPF and introduced Katran in 2018, an open source, layer 4 load balancer.
Another example of a highly scaled load balancer comes from Cloudflare’s Unimog edge load balancer. By running within the kernel, eBPF programs can manipulate network packets and forward them to an appropriate destination, without each packet having to pass through the networking stack and on to user space.
The Cilium project is better known as an eBPF Kubernetes networking plug-in (as I’ll discuss in a moment) but it’s also in use in large telecommunication and on-premises deployments as a standalone ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access
More than 5,000 organizations count on O’Reilly
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.Julian F.
I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.Addison B.
I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.Amir M.
I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.