Check out this video showcasing how the new eBPF foundation can help your open-source cloud-native journey and Kubernetes projects.
Join the DZone community and get the full member experience. Current observability practice is largely based on manual instrumentation, which requires adding code in relevant points in the user’s business logic code to generate telemetry data. This can become quite burdensome and create a barrier to entry for many wishing to implement observability in their environment. This is especially true in Kubernetes environments and microservices architecture. eBPF is an exciting technology for Linux kernel-level instrumentation, which bears the promise of no-code instrumentation and easier observability into Kubernetes environments (alongside other benefits for networking and security). See the July episode of OpenObservability Talks on the topic. The industry is early on in its journey, trying to define the practices around instrumentation. The most prominent candidate for that is OpenTelemetry project under the CNCF. OpenTelemetry creates a standard for the different telemetry types and for the API, and offers SDKs per language with which engineers can manually add code to instrument their application. OpenTelemetry is constantly expanding into automatic instrumentation ( auto-instrumentation). It’s identifying popular libraries, such as Spring for Java and Django for Python, and adding instrumentation hooks in these libraries. This means that users of these libraries can enjoy out-of-the-box instrumentation with little to no additional coding effort. Service meshes offer another path to auto-instrumentation. A service mesh typically runs as a sidecar alongside the application container and routing the traffic. That positions it well to generate telemetry data from the HTTP traffic over ingress and egress. It is important to note, however, that while these agents and service meshes offer a means for automatic instrumentation, they are not fully codeless – you still need to do some coding to instrument. It is also important to note that automatic instrumentation may not be enough to satisfy all of your observability needs. Things such as system metrics or application profiling data may require manual instrumentation. eBPF (extended Berkeley Packet Filter) is a technology for the Linux kernel, letting run your code within the kernel without modifying it. It does that by adding hooks to your kernel, and enables you to specify probes that run whenever the OS does something.
