The rise of eBPF for non-intrusive performance monitoring

[en] In this paper, we explain that container engines are strengthening their isolation mechanisms. Therefore, nonintrusive monitoring becomes a must-have for the performance analysis of containerized user-space application in production environments. After a literature review and background of Linux subsystems and container isolation concepts, we present our lessons learned of using the extended Berkeley packet filter to monitor and profile performance. We carry out the profiling and tracing of several Interledger connectors using two full-fledged implementations of the Interledger protocol specifications.

Research center :

Interdisciplinary Centre for Security, Reliability and Trust (SnT) > Services and Data management research group (SEDAN)

Disciplines :

Computer science

Author, co-author :

CASSAGNES, Cyril ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT)

TRESTIOREANU, Lucian Andrei ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT)

JOLY, Clement ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT)

STATE, Radu ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT)

External co-authors :

Language :

English

Title :

The rise of eBPF for non-intrusive performance monitoring

Publication date :

08 June 2020

Event name :

NOMS 2020 - 2020 IEEE/IFIP Network Operations and Management Symposium

Event place :

Budapest, Hungary

Event date :

20-24 April 2020

Audience :

International

Journal title :

IEEE Xplore

ISSN :

1542-1201

eISSN :

2374-9709

Pages :

Peer reviewed :

Peer reviewed

Focus Area :

Security, Reliability and Trust

Additional URL :

https://ieeexplore.ieee.org/document/9110434

Funders :

RIPPLE University Blockchain Research Initiative (UBRI)
FNR - Fonds National de la Recherche

Available on ORBilu :

since 24 June 2020

Statistics

Number of views

267 (26 by Unilu)

Number of downloads

1455 (14 by Unilu)

More statistics

Scopus citations^®

Scopus citations^®
without self-citations

OpenAlex citations

WoS citations^™

Bibliography

B. Beyer and R. Ewaschuk, Monitoring Distributed Systems, O'Reilly, Ed. O'Reilly Media, Inc., 2016.
G. Liu and T. Wood, "Cloud-scale application performance monitoring with sdn and nfv," in Proceedings of the IEEE International Conference on Cloud Engineering (IC2E), March 2015, pp. 440-445.
D. Merkel, "Docker: Lightweight linux containers for consistent development and deployment," Linux J., vol. 2014, no. 239, Mar. 2014.
E. Gershuni, N. Amit, A. Gurfinkel, N. Narodytska, J. A. Navas, N. Rinetzky, L. Ryzhyk, and M. Sagiv, "Simple and precise static analysis of untrusted linux kernel extensions," in Proceedings of the 40th ACM SIGPLAN Conference on Programming Language Design and Implementation, ser. PLDI 2019. New York, NY, USA: ACM, 2019, pp. 1069-1084.
L. Deri, S. Sabella, and S. Mainardi, "Combining system visibility and security using ebpf," in Proceedings of the Third Italian Conference on Cyber Security (ITASEC), ser. ITASEC'19, vol. Vol-2315, 2019, pp. 50-62.
Cilium Authors community, "BPF and XDP Reference Guide," https://docs.cilium.io/en/v1.6/bpf.
D. Scholz, D. Raumer, P. Emmerich, A. Kurtz, K. Lesiak, and G. Carle, "Performance implications of packet filtering with linux ebpf," in 2018 30th International Teletraffic Congress (ITC 30), vol. 01, Sep. 2018, pp. 209-217.
T. Nam and J. Kim, "Open-source io visor ebpf-based packet tracing on multiple network interfaces of linux boxes," in 2017 International Conference on Information and Communication Technology Convergence (ICTC), Oct 2017, pp. 324-326.
K. Suo, Y. Zhao, W. Chen, and J. Rao, "vnettracer: Efficient and programmable packet tracing in virtualized networks," in 2018 IEEE 38th International Conference on Distributed Computing Systems (ICDCS), July 2018, pp. 165-175.
S. Baidya, Y. Chen, and M. Levorato, "ebpf-based content and computation-Aware communication for real-time edge computing," in IEEE INFOCOM 2018-IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS), Apr. 2018, pp. 865-870.
Z. Ahmed, M. H. Alizai, and A. A. Syed, "Inkev: In-kernel distributed network virtualization for dcn," SIGCOMM Comput. Commun. Rev., vol. 46, no. 3, pp. 4:1-4:6, Jul. 2018.
T. Graf, "Accelerating envoy with the linux kernel," in CloudNativeCon Europe and KubeCon Europe, 2018.
T. Høiland-Jørgensen, J. D. Brouer, D. Borkmann, J. Fastabend, T. Herbert, D. Ahern, and D. Miller, "The express data path: Fast programmable packet processing in the operating system kernel," in Proceedings of the 14th International Conference on Emerging Networking EXperiments and Technologies, ser. CoNEXT '18. New York, NY, USA: ACM, 2018, pp. 54-66.
S. Jouet and D. P. Pezaros, "Bpfabric: Data plane programmability for software defined networks," in 2017 ACM/IEEE Symposium on Architectures for Networking and Communications Systems (ANCS), May 2017, pp. 38-48.
L. Deri and S. Sabella, "Merging system and network monitoring with bpf," in Open Source Developers' European Meeting (FOSDEM), 2019.
J. Hong, S. Jeong, J.-H. Yoo, and J. W. Hong, "Design and implementation of ebpf-based virtual tap for inter-vm traffic monitoring," in 2018 14th International Conference on Network and Service Management (CNSM), Nov 2018, pp. 402-407.
C. B. Hauser and S. Wesner, "Reviewing cloud monitoring: Towards cloud resource profiling," in Proceedings of the IEEE 11th International Conference on Cloud Computing (CLOUD), July 2018, pp. 678-685.
Y. Gan, Y. Zhang, D. Cheng, A. Shetty, P. Rathi, N. Katarki, A. Bruno, J. Hu, B. Ritchken, B. Jackson, K. Hu, M. Pancholi, Y. He, B. Clancy, C. Colen, F. Wen, C. Leung, S. Wang, L. Zaruvinsky, M. Espinosa, R. Lin, Z. Liu, J. Padilla, and C. Delimitrou, "An open-source benchmark suite for microservices and their hardware-software implications for cloud & edge systems," in Proceedings of the Twenty-Fourth International Conference on Architectural Support for Programming Languages and Operating Systems, ser. ASPLOS '19. New York, NY, USA: ACM, 2019, pp. 3-18.
E. Schwartz, "A payment protocol of the web, for the web: Or, finally enabling web micropayments with the interledger protocol," in Proceedings of the 25th International Conference Companion on World Wide Web, ser. WWW '16 Companion. Republic and Canton of Geneva, Switzerland: International World Wide Web Conferences Steering Committee, 2016, pp. 279-280.
B. Gregg, "Performance superpowers with enhanced BPF," in Proceedings of USENIX Annual Technical Conference (ATC). Santa Clara, CA: USENIX Association, Jul. 2017.
M. Gebai and M. R. Dagenais, "Survey and analysis of kernel and userspace tracers on linux: Design, implementation, and overhead," ACM Comput. Survey, vol. 51, no. 2, pp. 26:1-26:33, Mar. 2018.
M. Marchini, "Enhancing user defined tracepoints," in Linux Plumbers Conference (LPC), 2018.
B. Gregg, "System observability with bpf," in Linux Storage, Filesystem, and Memory-Management Summit (LSFMM), 2019.
B. Gregg, BPF Performance Tools. Addison-Wesley Professional, 2019.
T. Høiland-Jørgensen and J. D. Brouer, "Xdp-challenges and future work," in Linux Plumbers Conference (LPC), 2018.
V.-H. Tran and O. Bonaventure, "Making the linux tcp stack more extensible with ebpf," in Netdev 0x13, 2019.
Z. Shen, Z. Sun, G.-E. Sela, E. Bagdasaryan, C. Delimitrou, R. Van Re-nesse, and H. Weatherspoon, "X-containers: Breaking down barriers to improve performance and isolation of cloud-native containers," in Proceedings of the Twenty-Fourth International Conference on Architectural Support for Programming Languages and Operating Systems, ser. ASPLOS '19. New York, NY, USA: ACM, 2019, pp. 121-135.
J. Wei and C.-Z. Xu, "smonitor: A non-intrusive client-perceived end-to-end performance monitor of secured internet services," in Proceedings of the Annual Conference on USENIX '06 Annual Technical Conference, ser. ATEC '06. Berkeley, CA, USA: USENIX Association, 2006, pp. 21-21.
M. Wagner, J. Doleschal, A. Knpfer, and W. E. Nagel, "Selective runtime monitoring: Non-intrusive elimination of high-frequency functions," in Proceedings of the International Conference on High Performance Computing Simulation (HPCS), July 2014, pp. 295-302.
T. Sheng, N. Vachharajani, S. Eranian, R. Hundt, W. Chen, and W. Zheng, "Racez: A lightweight and non-invasive race detection tool for production applications," in Proceedings of the 33rd International Conference on Software Engineering, ser. ICSE '11. New York, NY, USA: ACM, 2011, pp. 401-410.
B. Sengupta, N. Banerjee, A. Anandkumar, and C. Bisdikian, "Non-intrusive transaction monitoring using system logs," in Proceedings of the IEEE Network Operations and Management Symposium (NOMS), April 2008, pp. 879-882.
C. E. T. de Oliveira and R. F. Junior, "A transparent and centralized performance management service for corba based applications," in Proceedings of the IEEE Network Operations and Management Symposium NOMS (IEEE Cat. No.04CH37507), vol. 1, April 2004, pp. 439-452 Vol.1.
A. Crequy, "bpftrace meets kubernetes with kubectl-trace," in Open Source Developers' European Meeting (FOSDEM), 2019.
A. Hope-Bailie and S. Thomas, "Interledger: Creating a standard for payments," in Proceedings of the 25th International Conference Companion on World Wide Web, ser. WWW '16 Companion. Republic and Canton of Geneva, Switzerland: International World Wide Web Conferences Steering Committee, 2016, pp. 281-282.
L. A. Trestioreanu, C. Cassagnes, and R. State, "Deep dive into interledger: Understanding the interledger ecosystem," University of Luxembourg, Interdisciplinary Centre for Security, Reliability and Trust (SnT), Tech. Rep., 2019.