Linux Technology for the New Year: eBPF
A virtual machine for the Linux kernel, eBPF could set the stage for advanced, low-overhead tracing inside the kernel itself, offering insight into I/O and file system latency, CPU usage by process, stack tracing and other metrics useful for debugging. It could also play a role in system security, potentially offering a way to thwart DDOS attacks, to monitor for intrusion detection, and even replace IPtables. It also offers a cleaner alternative to installing drivers.
“In the future, you will see a lot more eBPF programs instead of kernel modules,” said Netflix Kernel and Performance Engineer Brendan Gregg, at the All Things Open conference held in Raleigh, North Carolina in October.
Read more at The New Stack