Explore the revolutionary Linux kernel technology eBPF and its potential to transform SRE practices in this 32-minute conference talk from SREcon22 Americas. Discover how eBPF can enhance infrastructure observation, service, and protection capabilities. Learn about eBPF program types, map types, and helpers, and gain insights into getting started with practical examples in observability, networking, and security. Understand the future implications of eBPF for SREs and access valuable resources to further your knowledge in this emerging field.
Overview
Syllabus
Intro
Introduction: Michael Kehoe
What is eBPF?
bpf() system call
eBPF Program Types
eBPF Map Types
eBPF Helpers
How to get started with eBPF
Where to get started with eBPF: Hello World
eBPF Observability
Observability: disksnoop.py
eBPF Networking
eBPF Security
Security: LSM example
The future of eBPF & SRE: Words of caution
Resources
Taught by
USENIX
