fledge.io brings eBPF to multi-cloud and edge
If you are a datacenter / cloud enthusiast, you would agree that eBPF has been one of the most interesting technologies in the recent times.
What is eBPF?
eBPF is a in-kernel virtual machine that can run sandboxed programs in the Linux kernel without changing the kernel source code or loading kernel modules. An eBPF program is attached to a designated code path in the kernel. When this code path is traversed in the kernel, the attached eBPF program gets executed. This provides powerful yet cheap way for user programs to attach probes, trace points into the Linux kernel. The XDP feature enables attaching to lowest level of the network stack to do high performance packet processing and filtering.
Why is eBPF interesting?
eBPF provides applications with rich capabilities to monitor cpu, disk, network code paths and statistics, at a very granular level, to make real-time decisions at a much better performance/lower cost compared to existing tools.
Application developers can view application runtime behavior such as function call latency, database access latency etc. and examine application performance in real-time. DevOps can get granular information for better application infrastructure management and SLAs.
As the eBPF documentation describes, new tools can be developed for application profiling/tracing, networking, security, which do not rely on existing kernel functionality but instead reprogram runtime behavior without compromising the efficiency or safety.
How does one leverage eBPF in applications?
eBPF enables collecting information from the kernel in real-time. But how can applications tap into this information?
- One could take a DIY approach – one needs to have a reasonable familiarity and understanding of Linux kernel to write the C code to tap into the kernel code paths and also write eBPF user code in Python, Golang or C++ to gather the information. And this needs to be further plugged into the any of the tools used for visualization, analytics and to the application itself.
- Alternatively, there are ongoing open source efforts to make this technology more consumable. These efforts will take time to mature for a wider adoption.
fledge.io makes eBPF easily accessible -as-a-service at multi-cloud and edge
fledge.io is making eBPF easier to consume and brings eBPF to multi-cloud and edge. But what does that mean?
fledge.io has developed Golang based eBPF libraries that automatically get deployed on any node being managed, no matter where it is located. These libraries attach probes and monitor the local cpu, disk, network resources. In addition, useful data path modules and capabilities are being developed leveraging the XDP feature.
fledge.io will now leverage eBPF for gathering and presenting richer, real-time application information.
eBPF will now be integral to the fledge.io orchestration, service-mesh and data collection framework. Essentially, fledge.io eBPF framework is Application Aware.
- When an application gets deployed on the node, fledge.io application orchestrator programs the eBPF library to start monitoring the relevant application specific information instantaneously. Since fledge.io orchestrator knows about application characteristics, it will be able to attach probes that are specific to the application that is running.
- fledge.io orchestrator will also dynamically (re)program the eBPF libraries when application configurations / parameters change.
- The data collected from eBPF is made available for easier consumption both via rich visualization as well as APIs for making any real-time decisions.
The application developers do not need to know how eBPF works and will not need to write any eBPF code. They can consume it -as-a-service.
What capabilities and use cases will fledge.io enable with eBPF?
With eBPF, fledge.io will enable geo-distributed applications to gather richer information for monitoring/profiling in real-time to support following capabilities.
Better root cause analysis – Managing geo-distributed application is complex and having good application visibility is paramount. Whether a developer wants to examine application performance or a support team wants to solve end user experience issue associated with slowness specific to a location – such data can now be made available. The information fledge.io will be able to provide with eBPF will enable better root cause analysis.
Real-time application (re)orchestration – Application orchestration is usually done based on heuristics e.g. microservice is deployed based on cpu, memory or network profile of a node and is migrated when node dies or runs above certain cpu usage etc. Such policies can be limiting.
fledge.io already supports dynamic application migration today. With eBPF integrated into fledge.io orchestration, more granular metrics can be collected and application re-orchestration can be enabled e.g. migration based on application starving for resources or when network latencies to a location increase etc.
Tighter application security – Packet filtering based on application specific characteristics will be enabled using XDP data path capabilities. Stay tuned for more on this topic in future.
Interested to learn more?
Looking to leverage eBPF for your applications? fledge.io would love to collaborate with you.
Reach out to info@fledge.io to learn more and see a demo of fledge.io eBPF in action.
Pramodh Mallipatna
Co-founder and CEO fledge.io