Liz Rice - Learning eBPF: Programming the Linux Kernel for Enhanced Observability, Networking, and Security
Here you can read online Liz Rice - Learning eBPF: Programming the Linux Kernel for Enhanced Observability, Networking, and Security full text of the book (entire story) in english for free. Download pdf and epub, get meaning, cover and reviews about this ebook. City: Sebastopol, CA, year: 2023, publisher: OReilly Media, genre: Computer. Description of the work, (preface) as well as reviews are available. Best literature library LitArk.com created for fans of good reading and offers a wide selection of genres:
Romance novel
Science fiction
Adventure
Detective
Science
History
Home and family
Prose
Art
Politics
Computer
Non-fiction
Religion
Business
Children
Humor
Choose a favorite category and find really read worthwhile books. Enjoy immersion in the world of imagination, feel the emotions of the characters or learn something new for yourself, make an fascinating discovery.
Learning eBPF: Programming the Linux Kernel for Enhanced Observability, Networking, and Security: summary, description and annotation
We offer to read an annotation, description, summary or preface (depends on what the author of the book "Learning eBPF: Programming the Linux Kernel for Enhanced Observability, Networking, and Security" wrote himself). If you haven't found the necessary information about the book — write in the comments, we will try to find it.
What is eBPF? With this revolutionary technology, you can write custom code that dynamically changes the way the kernel behaves. Its an extraordinary platform for building a whole new generation of security, observability, and networking tools.
This practical book is ideal for developers, system administrators, operators, and students who are curious about eBPF and want to know how it works. Author Liz Rice, chief open source officer with cloud native networking and security specialists Isovalent, also provides a foundation for those who want to explore writing eBPF programs themselves.
With this book, you will:
- Learn why eBPF has become so important in the past couple of years
- Write basic eBPF code, and manipulate eBPF programs and attach them to events
- Explore how eBPF components interact with Linux to dynamically change the operating systems behavior
- Learn how tools based on eBPF can instrument applications without changes to the apps or their configuration
- Discover how this technology enables new tools for observability, security, and networking
Liz Rice: author's other books
Who wrote Learning eBPF: Programming the Linux Kernel for Enhanced Observability, Networking, and Security? Find out the surname, the name of the author of the book and a list of all author's works by series.
Learning eBPF: Programming the Linux Kernel for Enhanced Observability, Networking, and Security — read online for free the complete book (whole text) full work
Below is the text of the book, divided by pages. System saving the place of the last page read, allows you to conveniently read the book "Learning eBPF: Programming the Linux Kernel for Enhanced Observability, Networking, and Security" online for free, without having to search again every time where you left off. Put a bookmark, and you can go to the page where you finished reading at any time.
Font size:
Interval:
Bookmark:
by Liz Rice
Copyright 2023 Vertical Shift Ltd. All rights reserved.
Printed in the United States of America.
Published by OReilly Media, Inc. , 1005 Gravenstein Highway North, Sebastopol, CA 95472.
OReilly books may be purchased for educational, business, or sales promotional use. Online editions are also available for most titles (http://oreilly.com). For more information, contact our corporate/institutional sales department: 800-998-9938 or corporate@oreilly.com.
- Acquisitions Editor: John Devins
- Development Editor: Rita Fernando
- Production Editor: Chris Faucher
- Copyeditor: Audrey Doyle
- Proofreader: Kim Wimpsett
- Indexer: WordCo Indexing Services, Inc.
- Interior Designer: David Futato
- Cover Designer: Karen Montgomery
- Illustrator: Kate Dullea
- March 2023: First Edition
- 2023-03-07: First Release
See http://oreilly.com/catalog/errata.csp?isbn=9781098135126 for release details.
The OReilly logo is a registered trademark of OReilly Media, Inc. Learning eBPF, the cover image, and related trade dress are trademarks of OReilly Media, Inc.
The views expressed in this work are those of the author and do not represent the publishers views. While the publisher and the author have used good faith efforts to ensure that the information and instructions contained in this work are accurate, the publisher and the author disclaim all responsibility for errors or omissions, including without limitation responsibility for damages resulting from the use of or reliance on this work. Use of the information and instructions contained in this work is at your own risk. If any code samples or other technology this work contains or describes is subject to open source licenses or the intellectual property rights of others, it is your responsibility to ensure that your use thereof complies with such licenses and/or rights.
This work is part of a collaboration between OReilly and Isovalent. See our statement of editorial independence .
978-1-098-13887-5
LSI
In the cloud native community and beyond, eBPF has become one of the hottest technical topics of recent years. A new generation of powerful tools and projects in networking, security, observability, and more have been built (and more continue to be created) using eBPF as a platform, offering better performance and accuracy compared to their predecessors. eBPF-related conferences such as the eBPF Summit and Cloud Native eBPF Day have attracted thousands of attendees and viewers, and at the time of this writing, the eBPF Slack community has more than 14,000 members.
Why is eBPF being selected as the underlying technology for so many infrastructure tools? How does it deliver the promised improvements to performance? How is eBPF useful in such disparate technical fields, which range from performance tracing to network traffic encryption?
This book aims to answer these questions by giving the reader an understanding of how eBPF works, as well as providing an introduction to writing eBPF code.
This book is for developers, system administrators, operators, and students who are curious about eBPF and want to know more about how it works. It will provide a foundation for those who want to explore writing eBPF programs themselves. Since eBPF provides a great platform for a whole new generation of instrumentation and tooling, there will likely be gainful employment for eBPF developers for some years to come.
But you dont necessarily need to be planning to write eBPF code yourself for this book to be useful to you. If you work in operations, security, or any other role that involves software infrastructure, youre likely to come across eBPF-based tooling, now or over the next few years. If you understand something about the internals of these tools, youll be in a better position to use them effectively. For example, if you know how events can trigger eBPF programs, youll have a better mental model for exactly what an eBPF-based tool is really measuring when it shows you performance metrics. If youre an application developer, you might also come into contact with some of these eBPF-based toolsfor example, if you are performance tuning an application, you might use a tool like Parca to generate flame graphs showing which functions are taking the most time. If you are evaluating security tools, this book will help you understand where eBPF shines and how to avoid using it in a nave way that is less effective against attacks.
Even if youre not using eBPF tools today, I hope this book will give you interesting insights into areas of Linux that you might not have considered before. Most developers take the kernel for granted, as they use programming languages with convenient higher-level abstractions that allow them to focus on the work of application developmentwhich is plenty hard enough! They use tools like debuggers and performance analyzers to help them do their job effectively. Knowing the internals of how a debugger or performance tool works might be interesting, but its not essential. Yet, for many of us, its fun and fulfilling to go down the rabbit hole to find out more. that any sufficiently advanced technology is indistinguishable from magic, but personally, I like to dig in and find out how the magic trick works. You might be like me and feel compelled to explore eBPF programming to get a better feel for what is possible with this technology. If so, I think youll enjoy this book.
eBPF continues to evolve at quite a rapid pace, which makes it rather difficult to write a comprehensive reference that doesnt constantly need updating. However, there are some fundamentals and basic principles that are unlikely to change significantly, and thats what this book discusses.
sets the scene by describing why eBPF is so powerful as a technology and explaining how the ability to run custom programs in the operating system kernel enables so many exciting capabilities.
Things become more concrete in , where youll see some Hello World examples that introduce you to the concepts of eBPF programs and maps.
explores the interface between user space applications and eBPF programs.
One of the big challenges of eBPF in recent years has been the question of compatibility across kernel versions. looks at the compile once, run everywhere (CO-RE) approach that solves this problem.
The verification process is perhaps the most important characteristic that distinguishes eBPF from kernel modules. Ill introduce you to the eBPF verifier in .
In looks at how eBPF is being used to build security tools.
If you want to write a user space application that interacts with eBPF programs, there are many libraries and frameworks available to help. gives an overview of the options for various programming languages.
Finally, in Ill gaze into my crystal ball and tell you about some future developments that are likely to unfold in the eBPF world.
This book assumes you are comfortable with basic shell commands on Linux and with the idea of using a compiler to turn source code into an executable program. There are some simple example extracts from Makefiles, on the assumption that you have at least a minimal understanding of how
Font size:
Interval:
Bookmark:
Similar books «Learning eBPF: Programming the Linux Kernel for Enhanced Observability, Networking, and Security»
Look at similar books to Learning eBPF: Programming the Linux Kernel for Enhanced Observability, Networking, and Security. We have selected literature similar in name and meaning in the hope of providing readers with more options to find new, interesting, not yet read works.
Discussion, reviews of the book Learning eBPF: Programming the Linux Kernel for Enhanced Observability, Networking, and Security and just readers' own opinions. Leave your comments, write what you think about the work, its meaning or the main characters. Specify what exactly you liked and what you didn't like, and why you think so.