ebPF for Observability

The Office of the CTO defines, evolves, and accelerates the long-term technology strategy of F5. As part of this responsibility, this group identifies and tracks techology trends that are relevant to us and to our customers. When certain technologies reach an inflection point of capability and adoption, we research them to determine how and when they should be used...and then share our views publicly. 

Recently we've been spending some time on Enhanced Berkeley Packet Filters (eBPF). In our research we've observed that the rising adoption of microservices and cloud native architectures for applications has brought both the developer and operations communities to eBPF. Their shared need for visibility into systems under management has increased appreciation for this technology's potential to address acute Obervability needs as well as an assortment of common security and networking needs.

Linux System Call Intercept Example

You can read more in the first post of our new series which introduces eBPF and its fundamental advanatages in $ per watt as a technology for collecting operational data from systems in real time. Successive posts will focus on specific attributes and uses of eBPF to solve for observabilty, runtime security, and network traffic management needs. 

Operations/SRE teams, security teams, network operations, and application developers will find this blog series especially useful.

Read more about eBPF: It's All About Observability in our latest OCTO blog.

If you have any questions, comments, or feedback, leave us a comment below.

Updated Jul 26, 2022
Version 3.0

Was this article helpful?

No CommentsBe the first to comment