Op werkdagen voor 23:00 besteld, morgen in huis Gratis verzending vanaf €20
,

Linux Observability with BPF

Advanced Programming for Perfomance Analysis and Networking

Paperback Engels 2019
Verkooppositie 4860
Verwachte levertijd ongeveer 8 werkdagen

Samenvatting

Build your expertise in the BPF virtual machine in the Linux kernel with this practical guide for systems engineers. You’ll not only dive into the BPF program lifecycle but also learn to write applications that observe and modify the kernel’s behavior; inject code to monitor, trace, and securely observe events in the kernel; and more.

Authors David Calavera and Lorenzo Fontana help you harness the power of BPF to make any computing system more observable. Familiarize yourself with the essential concepts you’ll use on a day-to-day basis and augment your knowledge about performance optimization, networking, and security. Then see how it all comes together with code examples in C, Go, and Python.

- Write applications that use BPF to observe and modify the Linux kernel’s behavior on demand
- Inject code to monitor, trace, and observe events in the kernel in a secure way—no need to recompile the kernel or reboot the system
- Explore code examples in C, Go, and Python
- Gain a more thorough understanding of the BPF program lifecycle

Specificaties

ISBN13:9781492050209
Trefwoorden:systeembeheer, Linux, BPF
Taal:Engels
Bindwijze:paperback
Aantal pagina's:150
Uitgever:O'Reilly
Druk:1
Verschijningsdatum:22-11-2019

Lezersrecensies

Wees de eerste die een lezersrecensie schrijft!

Geef uw waardering

Zeer goed Goed Voldoende Matig Slecht

Inhoudsopgave

Foreword
Preface
Conventions Used in This Book
Using Code Examples
O’Reilly Online Learning
How to Contact Us
Acknowledgments

1. Introduction
BPF’s History
Architecture
Conclusion

2. Running Your First BPF Programs
Writing BPF Programs
BPF Program Types
Socket Filter Programs
Kprobe Programs
Tracepoint Programs
XDP Programs
Perf Event Programs
Cgroup Socket Programs
Cgroup Open Socket Programs
Socket Option Programs
Socket Map Programs
Cgroup Device Programs
Socket Message Delivery Programs
Raw Tracepoint Programs
Cgroup Socket Address Programs
Socket Reuseport Programs
Flow Dissection Programs
Other BPF Programs
The BPF Verifier
BPF Type Format
BPF Tail Calls
Conclusion

3. BPF Maps
Creating BPF Maps
ELF Conventions to Create BPF Maps
Working with BFP Maps
Updating Elements in a BPF Map
Reading Elements from a BPF Map
Removing an Element from a BPF Map
Iterating Over Elements in a BPF Map
Looking Up and Deleting Elements
Concurrent Access to Map Elements
Types of BPF Maps
Hash-Table Maps
Array Maps
Program Array Maps
Perf Events Array Maps
Per-CPU Hash Maps
Per-CPU Array Maps
Stack Trace Maps
Cgroup Array Maps
LRU Hash and Per-CPU Hash Maps
LPM Trie Maps
Array of Maps and Hash of Maps
Device Map Maps
CPU Map Maps
Open Socket Maps
Socket Array and Hash Maps
Cgroup Storage and Per-CPU Storage Maps
Reuseport Socket Maps
Queue Maps
Stack Maps
The BPF Virtual Filesystem
Conclusion

4. Tracing with BPF
Probes
Kernel Probes
Tracepoints
User-Space Probes
User Statically Defined Tracepoints
Visualizing Tracing Data
Flame Graphs
Histograms
Perf Events
Conclusion

5. BPF Utilities
BPFTool
Installation
Feature Display
Inspecting BPF Programs
Inspecting BPF Maps
Inspecting Programs Attached to Specific Interfaces
Loading Commands in Batch Mode
Displaying BTF Information
BPFTrace
Installation
Language Reference
Filtering
Dynamic Mapping
kubectl-trace
Installation
Inspecting Kubernetes Nodes
eBPF Exporter
Installation
Exporting Metrics from BPF
Conclusion

6. Linux Networking and BPF
BPF and Packet Filtering
tcpdump and BPF Expressions
Packet Filtering for Raw Sockets
BPF-Based Traffic Control Classifier
Terminology
Traffic Control Classifier Program Using cls_bpf
Differences Between Traffic Control and XDP
Conclusion

7. Express Data Path
XDP Programs Overview
Operation Modes
The Packet Processor
XDP and iproute2 as a Loader
XDP and BCC
Testing XDP Programs
XDP Testing Using the Python Unit Testing Framework
XDP Use Cases
Monitoring
DDoS Mitigation
Load Balancing
Firewalling
Conclusion

8. Linux Kernel Security, Capabilities, and Seccomp
Capabilities
Seccomp
Seccomp Errors
Seccomp BPF Filter Example
BPF LSM Hooks
Conclusion

9. Real-World Use Cases
Sysdig eBPF God Mode
Flowmill

Index

Managementboek TOP 5

Rubrieken

Populaire producten

    Personen

      Trefwoorden

        Linux Observability with BPF