Linux System and Application Observability
Brendan Gregg
简介
BPF (eBPF) tracing is the superpower that can analyze everything, helping you find performance wins, troubleshoot software, and more. This book covers over one hundred and fifty BPF observability tools for the analysis of CPUs, memory, disks, file systems, networking, languages, applications, containers, hypervisors, security, and the
Linux kernel. These tools range from basic to advanced, producing new metrics, stack traces, and custom latency histograms.
This is a book for everyone: sysadmins, developers, SREs, performance engineers, database engineers, researchers, and students. While prior knowledge is helpful, this book summarizes performance engineering and
kernel internals to help even relative beginners understand the included BPF tools. No programming is necessary, either, unless you want to. These easy-to-use tools can be run as-is, and this book also teaches you how to customize and develop your own BPF observability tools using different interfaces, with a focus on the high-level
bpftrace front-end.
目录
Table of Contents
Preface
Part I: Technologies
1. Intro
2. Technology Background
3. Performance Analysis
4. bcc
5. bpftrace
Part II: Using BPF Tools
6. CPUs
7. Memory
8. File Systems
9. Disk I/O
10. Networking
11. Security
12. Languages
13. Applications
14. Kernel
15. Containers
16. Hypervisors
Part III: Additional Topics
17. Other BPF Tools
18. Tips and Tricks
Apx.A. bpftrace One-Liners
Apx.B. bpftrace Cheat Sheet
Apx C. bcc Tool Development
Apx D. C BPF
Apx E. BPF Instructions
Glossary
Bibliography
