Sep 18, 2017

BPF Updates 11

This is issue 11 of the regular newsletter around BPF written by Alexander Alemayhu. It summarizes ongoing development, presentations, videos and other information related to BPF and XDP. It is released roughly once a week.


The highlights since last time are

  • New helper functions bpf_perf_read_counter_time and bpf_perf_prog_read_time.
  • Initial BPF assembly support in LLVM.
  • LRU map lookup improvements.

Linux 4.13 was released last week and net-next closed around the same time. The last [GIT] Networking pull request includes a couple of BPF fixes and so do the two after the merge window opened up as well. See the dates for all the details

LLVM 5.0.0 was released. For BPF there is some fixes like improved code generation for certain instructions which can prevent your program from being rejected. Also the latest release of iproute2 4.13 is worth checking out for the map in map support and the improved error messages for tailcalls.

Presentations

Slides

Making the Kernel’s Networking Data Path Programmable with BPF and XDP.

Great slides covering the what, why and how on BPF and XDP. Also has an interesting graph on the number of contributions to the BPF subsystem from v4.1 - v4.13+.

Cilium - Network security for microservices

Updated Cilium slides presented at Open Source Summit North America. Includes new performance numbers around XDP for DDoS mitigation, kernel proxy (kproxy), and socket redirect.

Our Experiences Deploying Kubernetes With IPv6

While primarily on Kubernetes and IPv6, this shows how Cilium fits into that picture.

Performance Analysis Superpowers with Linux BPF

Covering the use cases for BPF with a emphasis on tracing. Several programs shown that utilize BCC. The slide on possible improvements to BCC is interesting.

Videos

Future:Net 2017 - Layer 7 is the New Layer 4: Cilium – Layer 7 Aware Networking & Security with BPF

Great talk on the potential of BPF for application level security and more.

Future:Net 2017 - The Rise of Programmable Networks

Nice introduction to BPF with a focus on some of the history of IO Visor and related things.

Future:Net 2017 - The Role of Hardware and IO Processors in the Ongoing Network Transformation

Panel from some of the NIC vendors talking about smartNICs. BPF is mentioned as a option for the dataplane and offloading.

In case you missed it

Terraform recipes to test Cilium on Kubernetes

Mostly related to Cilium, but there is some introductory information on BPF and XDP.

eBPF, Microservices, Docker, and Cilium: From Novice to Seasoned

Introduction to BPF focusing mostly on Cilium. The post also covers parts of the bpf(2) syscall with code from the v4.11 kernel.

An update on gobpf - ELF loading, uprobes, more program types

A look at the progress made in gobpf and how far it's come. Also has some kprobe examples in there.

Linux の BPF : (3) eBPF の基礎

Introductory post using code from the 4.7 kernel. While some of it is dated, most of it should still apply today, for example the sample code.

Linux の BPF : (4) Clang による eBPF プログラムの作成と,BPF Compiler Collection (BCC)

Nice post going through some code from the kernel, LLVM, BCC programs and the code generation.

[iovisor-dev] Accessing user memory and minor page faults

Interesting post on tracing experiences.

Random cool note

Mind blown by eBPF performance! A simple ingress firewall I wrote using XDP processes 11 million packets/s. Time for more optimizations!

Patches

Please note that netdev receives a lot of patches and the list above is not meant to be comprehensive.

Happy eBPF hacking! ;)

Popular posts

Tetragon 1.0: Kubernetes Security Observability & Runtime Enforcement with eBPF
Oct 31, 2023

Tetragon 1.0: Kubernetes Security Observability & Runtime Enforcement with eBPF

Cilium Tetragon 1.0 has arrived! marking a significant stride in Kubernetes security and observability, offering low-overhead, eBPF-driven runtime enforcement and monitoring

Technology
External
How DB Schenker Migrated from Calico to Cilium
Sep 07, 2023

How DB Schenker Migrated from Calico to Cilium

Learn how DB Schneker migrated their Kubernetes platform CNI from Calico to Cilium

CommunityTechnology
Unleashing the Power of Cilium CNI to Propel Trendyol’s Performance Up to 40%
Jul 26, 2023

Unleashing the Power of Cilium CNI to Propel Trendyol’s Performance Up to 40%

Explore the reasons why Trendyol chose Cilium and the value they received from it

Community
External