Muutke küpsiste eelistusi

E-raamat: Linux Observability with BPF: Advanced Programming for Performance Analysis and Networking

4.03/5 (64 hinnangut Goodreads-ist)
,
  • Formaat: 180 pages
  • Ilmumisaeg: 14-Nov-2019
  • Kirjastus: O'Reilly Media
  • Keel: eng
  • ISBN-13: 9781492050155
Teised raamatud teemal:
  • Formaat - EPUB+DRM
  • Hind: 40,37 €*
  • * hind on lõplik, st. muud allahindlused enam ei rakendu
  • Lisa ostukorvi
  • Lisa soovinimekirja
  • See e-raamat on mõeldud ainult isiklikuks kasutamiseks. E-raamatuid ei saa tagastada.
Linux Observability with BPF: Advanced Programming for Performance Analysis and NetworkingSuurem pilt
  • Formaat: 180 pages
  • Ilmumisaeg: 14-Nov-2019
  • Kirjastus: O'Reilly Media
  • Keel: eng
  • ISBN-13: 9781492050155
Teised raamatud teemal:

DRM piirangud

  • Kopeerimine (copy/paste):

    ei ole lubatud

  • Printimine:

    ei ole lubatud

  • Kasutamine:

    Digitaalõiguste kaitse (DRM)
    Kirjastus on väljastanud selle e-raamatu krüpteeritud kujul, mis tähendab, et selle lugemiseks peate installeerima spetsiaalse tarkvara. Samuti peate looma endale  Adobe ID Rohkem infot siin. E-raamatut saab lugeda 1 kasutaja ning alla laadida kuni 6'de seadmesse (kõik autoriseeritud sama Adobe ID-ga).

    Vajalik tarkvara
    Mobiilsetes seadmetes (telefon või tahvelarvuti) lugemiseks peate installeerima selle tasuta rakenduse: PocketBook Reader (iOS / Android)

    PC või Mac seadmes lugemiseks peate installima Adobe Digital Editionsi (Seeon tasuta rakendus spetsiaalselt e-raamatute lugemiseks. Seda ei tohi segamini ajada Adober Reader'iga, mis tõenäoliselt on juba teie arvutisse installeeritud )

    Seda e-raamatut ei saa lugeda Amazon Kindle's. 

Build your expertise in the BPF virtual machine in the Linux kernel with this practical guide for systems engineers. Youll not only dive into the BPF program lifecycle but also learn to write applications that observe and modify the kernels behavior; inject code to monitor, trace, and securely observe events in the kernel; and more.

Authors David Calavera and Lorenzo Fontana help you harness the power of BPF to make any computing system more observable. Familiarize yourself with the essential concepts youll use on a day-to-day basis and augment your knowledge about performance optimization, networking, and security. Then see how it all comes together with code examples in C, Go, and Python.

Write applications that use BPF to observe and modify the Linux kernels behavior on demand Inject code to monitor, trace, and observe events in the kernel in a secure wayno need to recompile the kernel or reboot the system Explore code examples in C, Go, and Python Gain a more thorough understanding of the BPF program lifecycle
Foreword vii
Preface ix
1 Introduction
1(6)
BPF's History
3(1)
Architecture
4(1)
Conclusion
5(2)
2 Running Your First BPF Programs
7(14)
Writing BPF Programs
8(2)
BPF Program Types
10(7)
Socket Filter Programs
11(1)
Kprobe Programs
11(1)
Tracepoint Programs
12(1)
XDP Programs
12(1)
Perf Event Programs
13(1)
Cgroup Socket Programs
13(1)
Cgroup Open Socket Programs
13(1)
Socket Option Programs
13(1)
Socket Map Programs
14(1)
Cgroup Device Programs
14(1)
Socket Message Delivery Programs
15(1)
Raw Tracepoint Programs
15(1)
Cgroup Socket Address Programs
15(1)
Socket Reuseport Programs
15(1)
Flow Dissection Programs
16(1)
Other BPF Programs
16(1)
The BPF Verifier
17(2)
BPF Type Format
19(1)
BPF Tail Calls
19(1)
Conclusion
20(1)
3 BPF Maps
21(26)
Creating BPF Maps
21(2)
ELF Conventions to Create BPF Maps
22(1)
Working with BFP Maps
23(10)
Updating Elements in a BPF Map
24(2)
Reading Elements from a BPF Map
26(1)
Removing an Element from a BPF Map
27(1)
Iterating Over Elements in a BPF Map
28(2)
Looking Up and Deleting Elements
30(1)
Concurrent Access to Map Elements
31(2)
Types of BPF Maps
33(10)
Hash-Table Maps
33(1)
Array Maps
34(1)
Program Array Maps
34(2)
Perf Events Array Maps
36(1)
Per-CPU Hash Maps
37(1)
Per-CPU Array Maps
37(1)
Stack Trace Maps
37(1)
Cgroup Array Maps
37(1)
LRU Hash and Per-CPU Hash Maps
38(1)
LPM Trie Maps
38(1)
Array of Maps and Hash of Maps
39(1)
Device Map Maps
39(1)
CPU Map Maps
39(1)
Open Socket Maps
40(1)
Socket Array and Hash Maps
40(1)
Cgroup Storage and Per-CPU Storage Maps
40(1)
Reuseport Socket Maps
41(1)
Queue Maps
41(1)
Stack Maps
42(1)
The BPF Virtual Filesystem
43(3)
Conclusion
46(1)
4 Tracing with BPF
47(26)
Probes
48(13)
Kernel Probes
49(2)
Tracepoints
51(2)
User-Space Probes
53(3)
User Statically Defined Tracepoints
56(5)
Visualizing Tracing Data
61(10)
Flame Graphs
61(6)
Histograms
67(2)
Perf Events
69(2)
Conclusion
71(2)
5 BPF Utilities
73(18)
BPFTool
73(10)
Installation
74(1)
Feature Display
74(1)
Inspecting BPF Programs
75(3)
Inspecting BPF Maps
78(2)
Inspecting Programs Attached to Specific Interfaces
80(1)
Loading Commands in Batch Mode
81(1)
Displaying BTF Information
82(1)
BPFTrace
83(3)
Installation
83(1)
Language Reference
83(2)
Filtering
85(1)
Dynamic Mapping
85(1)
Kubectl-trace
86(2)
Installation
87(1)
Inspecting Kubernetes Nodes
87(1)
eBPF Exporter
88(2)
Installation
88(1)
Exporting Metrics from BPF
88(2)
Conclusion
90(1)
6 Linux Networking and BPF
91(22)
BPF and Packet Filtering
92(11)
Tcpdump and BPF Expressions
92(5)
Packet Filtering for Raw Sockets
97(6)
BPF-Based Traffic Control Classifier
103(9)
Terminology
103(3)
Traffic Control Classifier Program Using cls_bpf
106(6)
Differences Between Traffic Control and XDP
112(1)
Conclusion
112(1)
7 Express Data Path
113(22)
XDP Programs Overview
114(10)
Operation Modes
114(2)
The Packet Processor
116(3)
XDP and iproute2 as a Loader
119(5)
XDP and BCC
124(3)
Testing XDP Programs
127(6)
XDP Testing Using the Python Unit Testing Framework
128(5)
XDP Use Cases
133(1)
Monitoring
133(1)
DDoS Mitigation
133(1)
Load Balancing
133(1)
Firewalling
134(1)
Conclusion
134(1)
8 Linux Kernel Security, Capabilities, and Seccomp
135(14)
Capabilities
135(4)
Seccomp
139(7)
Seccomp Errors
140(2)
Seccomp BPF Filter Example
142(4)
BPF LSM Hooks
146(1)
Conclusion
147(2)
9 Real-World Use Cases
149(6)
Sysdig eBPF God Mode
149(3)
Flowmill
152(3)
Index 155
David Calavera works as CTO at Netlify. He's served as the maintainer of Docker and contributor to Runc, Go, and BCC tools as well as other open source projects. He's known for his work on the Docker projects, building and fostering the Docker plugin ecosystem. David has a strong fondness for flame graphs and performance optimizations.

Lorenzo Fontana is on the Open Source Team at Sysdig where he primarily works on Falco, a Cloud Native Computing Foundation project that does container runtime security and anomaly detection through a kernel module and eBPF. He's passionate about distributed systems, software-defined networking, the Linux kernel, and performance analysis.
Lisainfo e-raamatute kohta Lisainfo e-raamatute kohta
Püsilink: https://www.kriso.ee/db/97814920501556e.html
Märksõnad: