0 views collected around this technical thread.
This article outlines the standard BCC workflow for creating eBPF tools, then dissects the opensnoop source code, covering requirement analysis, kernel‑space program writing, BPF map configuration, user‑space Python integration, argument handling, testing, optimization, and deployment steps to monitor open system calls.
This article provides an in‑depth analysis of BPF maps—explaining their design principles, core features, various map types with code examples, and the macro expansion process that turns high‑level BCC helpers into native kernel map definitions for cloud‑native observability.
This article explains the problem of internal and external memory fragmentation in Linux systems, introduces eBPF as a powerful tracing tool, and provides step‑by‑step guidance for building, loading, and running eBPF programs to analyze and mitigate fragmentation on both Linux and Android platforms.
This tutorial introduces the BPF Compiler Collection (BCC) suite, explains how to install it, lists essential Linux commands, and provides step‑by‑step examples of each BCC tool for fast performance analysis, fault isolation, and network troubleshooting on Linux systems.
This article demonstrates how to use ACK AI Profiling, built on eBPF and dynamic process injection, to perform non-intrusive, low‑overhead profiling of Kubernetes‑deployed large‑language‑model inference services, identify GPU memory growth causes, and apply optimization recommendations to prevent OOM issues.
This article explains the concept of process hotspot tracing, analyzes common performance pain points in cloud‑native environments, and details Sysom's solution—including stack unwinding, symbol resolution, flame‑graph generation, and real‑world case studies—to help developers and operators quickly locate and resolve system bottlenecks.
This article introduces bpftrace, an eBPF‑based dynamic tracing tool for Linux, explains its core concepts, technical architecture, installation methods, basic syntax, and demonstrates real‑world performance analysis, fault diagnosis, and security monitoring scenarios while comparing it with DTrace, SystemTap, and BCC.
The article traces the evolution of AI training stability from early manual operations on small GPU clusters to sophisticated, fault‑tolerant infrastructures for thousand‑card and ten‑thousand‑card models, detailing Baidu Baige’s metrics, monitoring, eBPF‑based diagnostics, and checkpoint strategies that reduce invalid training time and accelerate fault recovery.
UprobeStats, introduced in Android 15, uses the Linux kernel eBPF uprobe mechanism to dynamically insert probes into user‑space methods, capture timestamps and arguments, load BPF programs, and forward the data to StatsD via configurable protobufs, enabling flexible, source‑free instrumentation with minimal overhead.
This article presents a lightweight, zero‑code‑change solution that leverages eBPF uprobe tracing to monitor Redis in real time, capture client IP, command arguments, and response size, detect big‑key operations, and report them with minimal performance impact.
This guide explains how to use Kmesh, an eBPF‑based high‑performance service‑mesh data plane, with Alibaba Cloud ASM by configuring the control plane, deploying the Kmesh DaemonSet, setting required environment variables, and verifying traffic routing and service status.
This article explains how zero‑intrusion eBPF technology enables detailed, non‑disruptive TCP network monitoring, covering data collection interfaces, aggregation methods, implementation steps, usage limitations, and practical installation and visualization guidance for improving network performance and fault analysis.
netcap is an open‑source eBPF‑driven kernel network packet capture tool that extends tcpdump syntax to trace skb‑related functions across the Linux network stack, offering detailed packet tracing, customizable filters, multi‑trace aggregation, and user‑defined output to improve debugging of packet loss and performance issues.
Kyanos is an open‑source command‑line utility that leverages eBPF to provide low‑overhead, kernel‑compatible network tracing and performance analysis for HTTP, MySQL, and Redis traffic, offering simple watch and stat commands that replace slow tcpdump workflows with seconds‑level diagnostics.
This article explains how kube-proxy and CNI plugins cooperate within a Kubernetes cluster to translate Service ClusterIP requests into real Pod IPs, detailing the Netfilter, iptables/ipvs rule configuration, overlay networking modes, and the emerging proxy‑free approaches using eBPF.
The presentation outlines Alibaba Cloud's ACK container service observability framework, covering its architecture, key capabilities such as eBPF‑based tracing, GPU profiling, network diagnostics, storage monitoring, and FinOps integration, and demonstrates how these features support AI workloads, large‑scale production stability, and automated incident response.
Observability turns a black‑box application into a system by gathering logs, metrics, and traces, using alerts to spot anomalies, then linking trace IDs to logs; OpenTelemetry standardizes this with instrumented client agents, a Collector (receivers, processors, exporters), and backend storage, while Java agents, span propagation, exemplars, eBPF, and bundles like SigNoz or OpenObserve let teams choose between a custom OTel stack or a solution.
By deploying eBPF agents as DaemonSets that hook kernel network and performance events, the Xiaohongshu observability team extended cloud‑native monitoring from the application to the kernel, delivering real‑time traffic analysis and low‑overhead continuous profiling for C++ services, aggregating data into centralized collectors for dashboards, flame‑graphs, and rapid root‑cause diagnosis.
Netcap, an open‑source eBPF‑based kernel network capture tool from ByteDance STE, lets developers trace packets across the entire Linux network stack, filter with tcpdump syntax, and extend functionality with custom filters, dramatically improving the efficiency of diagnosing kernel packet loss problems.
This comprehensive course provides a deep dive into Kubernetes networking, covering core concepts, network models, policies, plugins, traffic management, security, multi‑tenant, cross‑cloud, and hybrid‑cloud designs, and offers hands‑on performance optimization techniques across more than 60 video modules.