发。 Kubernetes下的可观测 Golang + eBPF实现数据采 集 第四部分 eBPF在可观测领域的优势 无侵入 多语言/多协议/多框架 全栈覆盖 无侵入性 • 无需修改代码 • 无需重启应用 • Verifier保证运行安全 多协议、多框架、多语言 • 捕获网络字节流 • 无需适配编程语言 • 无需适配协议框架 • 同时支持用户态插桩 全栈覆盖 ✅ uprobe insp_pl_event_t - type insp_pl_metric_t bpf ../../../../bpf/packetloss.c -- -I../../../../bpf/headers -D__TARGET_ARCH_x86 1、安装环境 2、写好bpf.c和bpf.h,放到指定目录 3、go generate 获取转换后的go文件 构建完整的应用可观测系统 第五部分 架构感知 应用监控eBPF版 • eBPF Agent性能提升20% • Otel Collector 性能提升80% • 无需要修改任何业务代码，一键接入eBPF监控 • 语言无关、框架无关、协议无关 无侵入的应用可观测 eBPF是一种在Linux内核运行的沙盒程序，无需修改 任何应用代码，提供无侵入的应用无关、语言无关、 框架无关的应用可观测能力，提供如网络、虚拟内存、 系统调用等Otel无法获取的数据指标。

TPROXY requirements of Cilium >= 1.6.0. minikube version minikube version: v1.3.1 commit: ca60a424ce69a4d79f502650199ca2b52f29e631 3. Create a minikube cluster: minikube start --network-plugin=cni --memory=4096 0/1 PodInitializing 0 7s coredns-86c58d9df4-4g7dd 0/1 ContainerCreating 0 8m57s coredns-86c58d9df4-4l6b2 0/1 ContainerCreating 0 8m57s 1/1 Running 0 4m12s coredns-86c58d9df4-4g7dd 1/1 Running 0 13m coredns-86c58d9df4-4l6b2 1/1 Running 0 13m Deploy

TPROXY requirements of Cilium >= 1.6.0. minikube version minikube version: v1.3.1 commit: ca60a424ce69a4d79f502650199ca2b52f29e631 3. Create a minikube cluster: minikube start --network-plugin=cni --memory=4096 0/1 PodInitializing 0 7s coredns-86c58d9df4-4g7dd 0/1 ContainerCreating 0 8m57s coredns-86c58d9df4-4l6b2 0/1 ContainerCreating 0 8m57s 1/1 Running 0 4m12s coredns-86c58d9df4-4g7dd 1/1 Running 0 13m coredns-86c58d9df4-4l6b2 1/1 Running 0 13m Deploy

ACCEPT -A KUBE-FORWARD -d 10.217.0.0/16 -m comment --comment "kubernetes forwarding conntrack pod destination rule" -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT -A KUBE-SERVICES -d 10.99.38.155/32 -p -A KUBE-SERVICES -d 10.96.61.252/32 -p tcp -m comment --comment "default/nginx-64: has no endpoints" -m tcp --dport 80 -j REJECT --reject-with icmp-port-unreachable -A KUBE-SERVICES -d 10.104.166.10/32 -A KUBE-SERVICES -d 10.98.85.41/32 -p tcp -m comment --comment "default/nginx-9: has no endpoints" -m tcp --dport 80 -j REJECT --reject-with icmp-port-unreachable -A KUBE-SERVICES -d 10.97.138.144/32 -p

TPROXY requirements of Cilium >= 1.6.0. minikube version minikube version: v1.3.1 commit: ca60a424ce69a4d79f502650199ca2b52f29e631 3. Create a minikube cluster: minikube start --network-plugin=cni --memory=4096 0/1 PodInitializing 0 7s coredns-86c58d9df4-4g7dd 0/1 ContainerCreating 0 8m57s coredns-86c58d9df4-4l6b2 0/1 ContainerCreating 0 8m57s 1/1 Running 0 4m12s coredns-86c58d9df4-4g7dd 1/1 Running 0 13m coredns-86c58d9df4-4l6b2 1/1 Running 0 13m Deploy

TPROXY requirements of Cilium >= 1.6.0. minikube version minikube version: v1.3.1 commit: ca60a424ce69a4d79f502650199ca2b52f29e631 3. Create a minikube cluster: minikube start --network-plugin=cni --memory=4096 0/1 PodInitializing 0 7s coredns-86c58d9df4-4g7dd 0/1 ContainerCreating 0 8m57s coredns-86c58d9df4-4l6b2 0/1 ContainerCreating 0 8m57s 1/1 Running 0 4m12s coredns-86c58d9df4-4g7dd 1/1 Running 0 13m coredns-86c58d9df4-4l6b2 1/1 Running 0 13m Deploy

kubectl delete pod pod "event-exporter-v0.2.3-f9c896d75-cbvcz" deleted pod "fluentd-gcp-scaler-69d79984cb-nfwwk" deleted pod "heapster-v1.6.0-beta.1-56d5d5d87f-qw8pv" deleted pod "kube-dns-5f8689dbc9-2nzft" "kube-dns-autoscaler-76fcd5f658-22r72" deleted pod "kube-state-metrics-7d9774bbd5-n6m5k" deleted pod "l7-default-backend-6f8697844f-d2rq2" deleted pod "metrics-server-v0.3.1-54699c9cc8-7l5w2" deleted Note 0/1 PodInitializing 0 7s coredns-86c58d9df4-4g7dd 0/1 ContainerCreating 0 8m57s coredns-86c58d9df4-4l6b2 0/1 ContainerCreating 0 8m57s

kubectl delete pod pod "event-exporter-v0.2.3-f9c896d75-cbvcz" deleted pod "fluentd-gcp-scaler-69d79984cb-nfwwk" deleted pod "heapster-v1.6.0-beta.1-56d5d5d87f-qw8pv" deleted pod "kube-dns-5f8689dbc9-2nzft" "kube-dns-autoscaler-76fcd5f658-22r72" deleted pod "kube-state-metrics-7d9774bbd5-n6m5k" deleted pod "l7-default-backend-6f8697844f-d2rq2" deleted pod "metrics-server-v0.3.1-54699c9cc8-7l5w2" deleted Note 0/1 PodInitializing 0 7s coredns-86c58d9df4-4g7dd 0/1 ContainerCreating 0 8m57s coredns-86c58d9df4-4l6b2 0/1 ContainerCreating 0 8m57s

0/1 PodInitializing 0 coredns-86c58d9df4-4g7dd 0/1 ContainerCreating 0 coredns-86c58d9df4-4l6b2 0/1 ContainerCreating 0 to achieve quorum. Once it reaches quorum, all components should be healthy and ready: cilium-etcd-8d95ggpjmw 1/1 Running 0 78s cilium-etcd-operator-6ffbd46df9-pn6cf 1/1 1/1 Running 0 4m12s coredns-86c58d9df4-4g7dd 1/1 Running 0 13m coredns-86c58d9df4-4l6b2 1/1 Running 0 13m etcd

0.0.1:7777 0.0.0.0:* users:(("nc",pid=1289,fd=3)) $ nc -4 127.0.0.1 7777 hello⏎ hello ^D Netcat + /bin/cat Test it! Check open ports on VM external IP vm $ ip -4 addr show eth0 2: eth0: prog show pinned /sys/fs/bpf/echo_dispatch_prog 75: sk_lookup name echo_dispatch tag 77fd96f660a5d2ab gpl loaded_at 2020-10-23T09:36:45+0000 uid 0 xlated 304B jited 197B memlock $HOME/bpffs/echo_ports key 0x4d 0x00 value 0x00 $ bpftool map update pinned $HOME/bpffs/echo_ports key 0x09 0x03 value 0x00 $ bpftool map dump pinned $HOME/bpffs/echo_ports key: 4d 00 value: 00 key: 07 00