Skip to content

This is just some simple code (very basic) for messing about with eBPF

Notifications You must be signed in to change notification settings

richardclegg/ebpf_testing

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

12 Commits
 
 
 
 
 
 
 
 
 
 

Repository files navigation

These are very basic demo files to investigate eBPF at an extremely simple level. Note -- EBPF is really touchy as to exact versions of software and OS. I am using Ubuntu 22.04 LTS

A good way to start (far better than this trivial intro) is the lab here: ']

https://play.instruqt.com/embed/isovalent/tracks/ebpf-getting-started?token=em_9nxLzhlV41gb3rKM&show_challenges=true

or the resources here

https://www.brendangregg.com/blog/2019-01-01/learn-ebpf-tracing.html

In recent versions of Ubuntu at least package names and command names have been changing around. I suspect this information will be very different for very different releases of Ubuntu (never mind different distros). In Ubuntu 22.04 I needed

# sudo apt install bpfcc-tools 
# sudo apt install linux-tools-generic
# sudo apt install linux-hwe-6.2-tools-common
# sudo apt install libbpf-dev

Also for some reason opensnoop (referred to by a lot of tutorials) is known as opensnoop-bpfcc.

I found it useful to clone: [email protected]:iovisor/bcc.git To get example code to look at.

Also note that on Ubuntu 22.04 programs like opensnoop-bpfcc give a warning (yet still run). iovisor/bcc#3366

About

This is just some simple code (very basic) for messing about with eBPF

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages