菜单
平台

eBPF

NOT ON THE CURRENT EDITION
This blip is not on the current edition of the radar. If it was on one of the last few editions it is likely that it is still relevant. If the blip is older it might no longer be relevant and our assessment might be different today. Unfortunately, we simply don't have the bandwidth to continuously review blips from previous editions of the radarUnderstand more
Published: May 19, 2020
May 2020
试验?

几年来,Linux 内核已经内置 eBPF (extended Berkeley Packet Filter)虚拟机,并提供将eBPF 过滤器挂载到特定套接字(socket)的功能。但是 eBPF 能做的远不止包过滤。它允许以很少的开销,在内核中不同的地方,触发自定义脚本。尽管这不是新技术,但随着容器化部署微服务的流行,其价值逐渐显露出来。在这些系统中,服务到服务的通信可能很复杂,因此很难将延迟或性能问题与 API 调用关联起来。现在一些工具会内置eBPF脚本,用于收集和可视化数据包流量,或报告 CPU 利用率。随着 Kubernetes的兴起, 出现了基于 eBPF 脚本的新一代安全实施和检测工具,以降低大规模微服务部署的复杂性。