Registrations have closed.
Unlock the power of eBPF for advanced observability
3878 3878 people viewed this event.
From the event portal:
Hi, DevOps Enthusiasts,
We are excited to host the next session on Unlock the power of eBPF for advanced observability on 08-Feb-2023 @ 8 PM
The sessions will be conducted on Google meet
- Pre-requisite :- Basic knowledge of Observability
(The session will be in Malayalam) .
## The advantages of eBPF
eBPF is typically used to trace user-space processes, and its advantages shine here. It’s a safe and useful method to ensure:
- Speed and performance. eBPF can move packet processing from the kernel-space and into the user-space. Likewise, eBPF is a just-in-time (JIT) compiler. After the bytecode is compiled, eBPF is invoked rather than a new interpretation of the bytecode for every method.
- Low intrusiveness. When leveraged as a debugger, eBPF doesn’t need to stop a program to observe its state.
- Security. Programs are effectively sandboxed, meaning kernel source code remains protected and unchanged. The verification step ensures that resources don’t get choked up with programs that run infinite loops.
- Convenience. It’s less work to create code that hooks kernel functions than it is to build and maintain kernel modules.
- Unified tracing. eBPF gives you a single, powerful, and accessible framework for tracing processes. This increases visibility and security.
- Programmability. Using eBPF helps increase the feature-richness of an environment without adding additional layers. Likewise, since code is run directly in the kernel, it’s possible to store data between eBPF events instead of dumping it like other tracers do.
- Expressiveness. eBPF is expressive, capable of performing functions usually only found in high-level languages.