开源软件名称(OpenSource Name):bpftools/linux-observability-with-bpf开源软件地址(OpenSource Url):https://github.com/bpftools/linux-observability-with-bpf开源编程语言(OpenSource Language):C 46.4%开源软件介绍(OpenSource Introduction):Important note for readers (Jan 30th 2022)This repository is now archived, this book was published in 2019 and written in 2018. We have been trying to keep the repository up-to-date until now but eBPF had a tremendous evolution in the past 3 years. This does not mean that reading the book is a complete waste of your time now, many concepts are always the same: like how the bpf syscall works, the instruction set and things like how tracepoints, kprobes, uprobes, xdp and traffic control works. However, at this point, just updating the examples here is not enough anymore and many areas of the book would need to be rewritten to fit the new concepts, tools, libraries and the ecosystem around eBPF. A second edition is not yet planned (will update here if it ever happens). We want to say thank you to all the readers and the amazing people who helped updating the examples with their findings. What should I do then?If you are new to eBPF and don't know where to start good news is that today there is an amazing community that didn't exist in 2018! Here you go! There are just two links you will really need.
What are you waiting for? Go meet your new friends! From now on, the original text of this readme. Linux Observability with BPF code examplesThis is the companion code repo for the book Linux Observability with BPF. We believe that even if the examples included in the book were all tested and working when we wrote them, human error is possible and technology changes. For that reason, the purpose of this repo is to keep them as updated as possible and correct mistakes we made while writing the book. Nota Bene: All the examples in this repository are adapted from the book to assume that you use the Vagrant environment we provide. Examples can be slightly different in this repository because of that. The reason is that we didn't want to couple the book itself to Vagrant as a tool. If you don't want a Vagrant based environment, make sure you have: bcc and clang Environment setup
Fedora 30First, we need to install some build dependencies and all the tools needed for the examples: sudo dnf install make glibc-devel.i686 elfutils-libelf-devel wget tar clang bcc strace kernel-devel -y Then we need grab a copy of the source code of the current kernel. In our case the kernel runing can be verified with $ uname -r
5.0.9-301.fc30.x86_64 Given that version, please notice the URL we fetch the sources from in the following command. Change it according to your version. cd /tmp
wget -c https://cdn.kernel.org/pub/linux/kernel/v5.x/linux-5.0.9.tar.gz -O - | tar -xz Now that we have the kernel source, we can move it to the NOTE THAT: All the examples using kernel sources in this repo assume that the kernel sources are available there. In case you don't like it, make sure you do a search and replace! At this point we move the kernel sources and compile
Ubuntu 18.04First, we need to install some build dependencies and all the tools needed for the examples: sudo apt update
sudo apt install build-essential git make libelf-dev clang strace tar bpfcc-tools linux-headers-$(uname -r) gcc-multilib Note on Kernel version: make sure to have a recent kernel to run the examples, a version After dependencies, we need grab a copy of the kernel source code for the current release. Since this assumes that you are running an updated Ubuntu 18.04 we can get it directly from the repo they provide.
Now that we have the kernel source, we can move it to the NOTE THAT: All the examples using kernel sources in this repo assume that the kernel sources are available at At this point we move the kernel sources and compile
Ubuntu doesn't have the library path that the makefile expects so we need to move our libraries to its library path now.
Vagrant (recommended)We provide reproducible environment in the form of a Vagrantfile that installs all the needed to make the examples work.The environment is based on Fedora 30. Install VagrantTo install Vagrant, follow the official guide here. Once you have Vagrant installed, you will need to clone this repository and issue a git clone https://github.com/bpftools/linux-observability-with-bpf.git
cd linux-observability-with-bpf
vagrant up This Vagrant command, will start a Fedora 30 VM in Virtualbox, you can SSH into the machine using:
Before going on, make sure you download the kernel source tree in this repository. It is needed as a dependency for some examples. We will be downloading the code for Kernel 5.0.9 - We are avoiding a git clone here because the Git history of the kernel is very big. In the machine: cd /tmp
wget -c https://cdn.kernel.org/pub/linux/kernel/v5.x/linux-5.0.9.tar.gz -O - | tar -xz
sudo mv linux-5.0.9 /kernel-src At this point, we need to compile the
Before going to the examples, it will be useful to have a copy of this repo in your environment.
IMPORTANT NOTE: The examples assume that you clone the repo in your home folder Yay, at this point you have everything and can follow the following code examples. Code examplesClick on each example to follow the setup instructions. Chapter 2Chapter 3Chapter 4ProbesKernel ProbesUser-Space ProbesTracepointsUser Statically Defined Tracepoints (USDT)Visualizing Tracing DataChapter 6 - Linux Networking and BPFChapter 7 - eXpress Data Path (XDP)Chapter 8 - Linux Kernel security, Capabilities and Seccomp |
2023-10-27
2022-08-15
2022-08-17
2022-09-23
2022-08-13
请发表评论