Ayesha Kaleem

Gentle Introduction to eBPF

What if you could safely program the Linux kernel without changing its code? Discover how eBPF makes it possible for observability, security, and networking.

Gentle Introduction to eBPF
#1about 1 minute

The challenge of extending the Linux kernel

Adding new features to the Linux kernel is a slow and complex process, creating a bottleneck for developers who need new observability or security capabilities.

#2about 1 minute

Introducing eBPF as a kernel programmability solution

eBPF allows running custom programs in a sandboxed virtual machine inside the kernel, enabling new features without changing kernel source code.

#3about 1 minute

How eBPF programs are event-driven and written

eBPF programs are triggered by kernel events called hooks, and they are typically written in C or Python using libraries like BCC and compiled with LLVM.

#4about 1 minute

A practical "Hello World" eBPF code example

A simple program demonstrates how to write an eBPF function in C and use a Python script to load it and attach it to the execve system call.

#5about 1 minute

The eBPF runtime, verifier, and JIT compiler

Before execution, eBPF bytecode is validated by a verifier for safety and then compiled by a Just-In-Time (JIT) compiler into native machine code for performance.

#6about 1 minute

Using eBPF maps to share data efficiently

eBPF maps are key-value data structures that enable efficient data sharing between eBPF programs in the kernel and applications in user space.

#7about 2 minutes

Popular projects and companies using eBPF

Major open-source projects like Cilium, Falco, and Pixie leverage eBPF for networking and observability, and it is widely adopted by large tech companies.

Related jobs
Jobs that call for the skills explored in this talk.

Featured Partners

Related Videos

Into the hive of eBPF!28:20

Into the hive of eBPF!

Mohammed Aboullaite

An Applied Introduction to eBPF with Go26:48

An Applied Introduction to eBPF with Go

Ozan Sazak

Enhancing Workload Security in Kubernetes44:00

Enhancing Workload Security in Kubernetes

Dimitrij Klesev & Andreas Zeissner

Unlocking the Power of the Mainframe: Developing modern applications on z/OS28:26

Unlocking the Power of the Mainframe: Developing modern applications on z/OS

Igor Todorovski

A Hitchhikers Guide to Container Security - Automotive Edition 202421:49

A Hitchhikers Guide to Container Security - Automotive Edition 2024

Reinhard Kugler

Kubernetes Security - Challenge and Opportunity42:45

Kubernetes Security - Challenge and Opportunity

Marc Nimmerrichter

Hacking Kubernetes: Live Demo Marathon46:36

Hacking Kubernetes: Live Demo Marathon

Andrew Martin

Turning Container security up to 11 with Capabilities28:47

Turning Container security up to 11 with Capabilities

Mathias Tausig

From learning to earning

Jobs that call for the skills explored in this talk.