TIL: eBPF is a revolutionary kernel technology that allows developers to write custom code that can be loaded into the kernel dynamically, changing the way the kernel behaves. #61
This enables a new generation of highly performant networking,
observability, and security tools. And as you’ll see, if you want to instrument
an app with these eBPF-based tools, you don’t need to modify or reconfigure
the app in any way, thanks to eBPF’s vantage point within the kernel.
Just a few of the things you can do with eBPF include:
Performance tracing of pretty much any aspect of a system
High-performance networking, with built-in visibility
Detecting and (optionally) preventing malicious activity
irthomasthomas
commented
1 year ago
This enables a new generation of highly performant networking, observability, and security tools. And as you’ll see, if you want to instrument an app with these eBPF-based tools, you don’t need to modify or reconfigure the app in any way, thanks to eBPF’s vantage point within the kernel. Just a few of the things you can do with eBPF include: Performance tracing of pretty much any aspect of a system High-performance networking, with built-in visibility Detecting and (optionally) preventing malicious activity