eBPF at LINE’s Private Cloud Yutaro Hayakawa October 28, 2020 • Messaging & many family services • 185 million global MAU • 3Tbps+ network traffic in total LINE Verda: LINE’s Private Cloud Service PaaS FaaS … Verda and XDP Based L4 Load Balancer Service • Part of our private cloud service since 2017 • 5100 private, 760 public VIPs • k8s CCM integration (Type: LoadBalancer) L4LB Node L4LB gso_type: tcpv4) Functions the packets have gone through CPU ID Time Stamp User defined tracing data (with Lua script) … Use case • Multi tenant HV networking using SRv6 + VRF • Contributed to find

from the Data Deluge? A case for file filtering in eBPF Giulia Frascaria October 28, 2020 1 The data deluge on modern storage 2 Compute node CPU Network Storage node Flash The data deluge on CPU Network Storage node Flash Data DoS in reverse! 11 Compute node CPU Network Storage node Flash Data So similar yet so different ● DoS is malicious ● Data transfer is business-critical ● We 12 So similar yet so different ● DoS is malicious ● Data transfer is business-critical ● We can blindly drop DoS 13 But could we reduce data transfer size? eBPF filter-reduce 14 Filter Reduce input

Cilium Hubble Important common packages Debugging toFQDNs and DNS Debugging Mutexes / Locks and Data Races Hubble Bumping the vendored Cilium dependency Release Management Organization Release tracking Cilium’s eBPF implementation is optimized for maximum performance, can be attached to XDP (eXpress Data Path), and supports direct server return (DSR) as well as Maglev consistent hashing if the load balancing open http://localhost:12000/ to access the UI. Hubble UI is not the only way to get access to Hubble data. A command line tool, the Hubble CLI, is also available. It can be installed by following the instructions

run in standalone mode or as a cluster making it a great choice for local testing with multi-node data paths. Agent nodes are joined to the master node using a node-token which can be found on the master wildcards for the kubernetes block like this: kubectl -n kube-system edit cm coredns [...] apiVersion: v1 data: Corefile: | .:53 { errors health kubernetes cluster.local in-addr.arpa configuration: apiVersion: v1 kind: ConfigMap metadata: name: cni-configuration namespace: cilium data: cni-config: |- { "cniVersion": "0.3.0", "name": "azure", "plugins": [

Cilium Hubble Important common packages Debugging toFQDNs and DNS Debugging Mutexes / Locks and Data Races Hubble Bumping the vendored Cilium dependency Release Management Organization Release tracking Cilium’s eBPF implementation is optimized for maximum performance, can be attached to XDP (eXpress Data Path), and supports direct server return (DSR) as well as Maglev consistent hashing if the load balancing run in standalone mode or as a cluster making it a great choice for local testing with multi-node data paths. Agent nodes are joined to the master node using a node-token which can be found on the master

Cilium Hubble Important common packages Debugging toFQDNs and DNS Debugging Mutexes / Locks and Data Races Hubble Bumping the vendored Cilium dependency Documentation Style Header Titles Body Code Cilium’s eBPF implementation is optimized for maximum performance, can be attached to XDP (eXpress Data Path), and supports direct server return (DSR) as well as Maglev consistent hashing if the load balancing run in standalone mode or as a cluster making it a great choice for local testing with multi-node data paths. Agent nodes are joined to the master node using a node-token which can be found on the master

wildcards for the kubernetes block like this: kubectl -n kube-system edit cm coredns [...] apiVersion: v1 data: Corefile: | .:53 { errors health kubernetes cluster.local in-addr.arpa configuration: apiVersion: v1 kind: ConfigMap metadata: name: cni-configuration namespace: cilium data: cni-config: |- { "cniVersion": "0.3.0", "name": "azure", "plugins": [ --state=${KOPS_STATE_STORE} --node-count 3 --node- size t2.medium --master-size t2.medium --topology private --master- zones us-west-2a,us-west-2b,us-west-2c --zones us-west-2a,us-west- 2b,us-west-2c --image

for the kubernetes block like this: kubectl -n kube-system edit cm coredns [...] apiVersion: v1 data: Corefile: | .:53 { errors health kubernetes cluster.local in-addr public:192.168.0.0/19 private:192.168.96.0/19 [ℹ] subnets for us-west-2a - public:192.168.32.0/19 private:192.168.128.0/ [ℹ] subnets for us-west-2c - public:192.168.64.0/19 private:192.168.160.0/ [ℹ] for the kubernetes block like this: kubectl -n kube-system edit cm coredns [...] apiVersion: v1 data: Corefile: | .:53 { errors health kubernetes cluster.local in-addr

Cilium Hubble Important common packages Debugging toFQDNs and DNS Debugging Mutexes / Locks and Data Races Release Management Organization Release tracking Release Cadence Backporting process Backport run in standalone mode or as a cluster making it a great choice for local testing with multi-node data paths. Agent nodes are joined to the master node using a node-token which can be found on the master wildcards for the kubernetes block like this: kubectl -n kube-system edit cm coredns [...] apiVersion: v1 data: Corefile: | .:53 { errors health kubernetes cluster.local in-addr.arpa

retrieve configuration options, and store state through eBPF maps to save and retrieve data in a wide set of data structures. These maps can be accessed from eBPF programs as well as from applications their own encoding. When the bees jumped on the case, it marked the beginning Of a whole new era for data sharing and messaging. Mail was still slow to go through the ship’s processors, But the electrician in-kernel aggregation of metrics allows flexible and efficient generation of observability events and data structures from a wide range of possible sources without having to export samples. Attaching eBPF