BPF (eBPF) tracing is the superpower that can analyze everything, helping you find performance wins, troubleshoot software, and more. This book covers over one hundred and fifty BPF observability tools for the analysis of CPUs, memory, disks, file systems, networking, languages, applications, containers, hypervisors, security, and the
Linux kernel. These tools range from basic to advanced, producing new metrics, stack traces, and custom latency histograms.
This is a book for everyone: sysadmins, developers, SREs, performance engineers, database engineers, researchers, and students. While prior knowledge is helpful, this book summarizes performance engineering and
kernel internals to help even relative beginners understand the included BPF tools. No programming is necessary, either, unless you want to. These easy-to-use tools can be run as-is, and this book also teaches you how to customize and develop your own BPF observability tools using different interfaces, with a focus on the high-level
bpftrace front-end.
Brendan Gregg is a senior performance engineer at Netflix and a major contributor to BPF (eBPF), leading its use for observability. In the past fifteen years he has used BPF and prior tracers in many different production environments, and has published tools, visualizations, and books about his work. He has also developed and delivered training classes worldwide to teach perfor...