Hi all,
Thanks for joining the call today. Below is the summary of the topics
discussed.
If you are in the Bay Area tomorrow, PLUMgrid will be hosting a meetup
to discuss XDP, feel free to join if you can.
===========
On the kernel side, two patches landed recently, both should be
available in Linux 4.8:
From myself, the initial xdp framework was accepted into net-next.
From Sargun Dhillon, experimental support for writing into process memory
from a kprobe.
Brendan has been working on some excellent documentation, adding:
- An end user guide
- A developer tutorial
- A developer reference guide
Alban had 2 questions/use cases that he shared:
1. Monitor all local connections on a machine
Current approach does effectively:
- get a list of sockets
- usually look in /proc/$PID/...
- racy
- not for short-lived connections
- poll-heavy
Instead would like to:
- trace connect()/accept()/send()...
- kprobe can fill the gap for now
- still need tracepoints for tcp+sockets, reliable api
- would be nice to have multiple bpf programs per kprobe
- this has been brought up before, possible to use tail calls to
implement this in bcc without new kernel features
2. Monitor all services in a cgroup, e.g. network bytes sent/recd
- Kprobes are global, but often have access to cgroup pathname
- Possible to filter/bucket kprobe statistics based on this, but
relies on kernel data structures...fragile
- Suggest to formalize use case to iovisor-dev list, possible new bpf
program type/helper to be discussed there
Brendan mentioned a new observability feature they would like:
Dynamic USDT probe
- node.js/java/language-foo can dynamically generate its own usdt
symbol, and add a separate elf section on the fly
- still working out what bcc instrumentation this needs, more in the
future
===========
Attendees:
Kyle Laracey
Brenden Blanco
Deepa Kalani
Keith Burns
Jesper Brouer
Alban Crequy
Martin Lau
Brendan Gregg
