Linux BPF For Observability: Getting Started Quickly
BPF For Observability: Getting Started Quickly

How and Why for BPF

BPF is a powerful component in the Linux kernel and the tools that make use of it are vastly varied and numerous. In this article we examine the general usefulness of BPF and guide you on a path towards taking advantage of BPF’s utility and power. One aspect of BPF, like many technologies, is that at first blush it can appear overwhelming. We seek to remove that feeling and to get you started.

What is BPF?

BPF is the name, and no longer an acronym, but it was originally Berkeley Packet Filter and then eBPF for Extended BPF, and now just BPF. BPF is a kernel and user-space observability scheme for Linux.

Kevin Dankwardt - December 2, 2020
Linux For Beginners
A Linux Survey For Beginners
John Duchek
November 27, 2020
Terminal Vitality - Difference Engine
Terminal Vitality
George F Rice
November 24, 2020
raspberry-pi-zero-w
Building A Dashcam With The Raspberry Pi Zero W
Ramon Persaud
November 19, 2020

Breaking News

Ubuntu 20.10 “Groovy Gorilla” Arrives With Linux 5.8, GNOME 3.38, Raspberry Pi 4 Support
Sarvottam Kumar
October 22, 2020
Linux Mint 20.1 “Ulyssa” Will Arrive In Mid-December With Chromium, WebApp Manager
Sarvottam Kumar
October 1, 2020
Newest IPFire Release Includes Security Fixes and Additional Hardware Support (IPFire 2.25 - Core Update 147)
George Whittaker
July 24, 2020
Linux Mint 19.2 "Tina" Cinnamon Now Available, IBM Has Transformed Its Software to Be Cloud-Native and Run on Any Cloud with Red Hat OpenShift, Icinga Web 2.7.0 Released, Google Rolling Out Android Auto Design Updates and Kernel 5.1 Reaches End of Life
Jill Franklin
August 2, 2019
see more news >>
Btrfs on CentOS

Btrfs on CentOS: Living with Loopback

Introduction The btrfs filesystem has taunted the Linux community for years, offering a stunning array of features and capability, but never earning universal acclaim. Btrfs is perhaps more deserving of patience, as its promised capabilities dwarf all peers, earning it vocal proponents with great influence. Still, none can argue that btrfs is unfinished, many features are very new, and stability concerns remain for common functions.
How To Kill Zombie Processes on Linux

How To Kill Zombie Processes on Linux

Killing Zombies! Also known as “defunct” or “dead” process – In simple words, a Zombie process is one that is dead but is present in the system’s process table. Ideally, it should have been cleaned from the process table once it completed its job/execution but for some reason, its parent process didn’t clean it up properly after the execution.
""

The Bash Trap Command

  If you've written any amount of bash code, you've likely come across the trap command. Trap allows you to catch signals and execute code when they occur. Signals are asynchronous notifications that are sent to your script when certain events occur. Most of these notifications are for events that you hope never happen, such as an invalid memory access or a bad system call. However, there are one or two events that you might reasonably want to deal with. There are also "user" events available that are never generated by the system that you can generate to signal your script. Bash also provides a psuedo-signal called "EXIT", which is executed when your script exits; this can be used to make sure that your script executes some cleanup on exit.
""

Simplifying Function Tracing for the Modern GCC

Steven Rostedt wanted to do a little housekeeping, specifically with the function tracing code used in debugging the kernel. Up until then, the kernel could enable function tracing using either GCC's -pg flag or a combination of -pg and -mfentry. In each case, GCC would create a special routine that would execute at the start of each function, so the kernel could track calls to all functions.
see more recent articles >>
Subscribe to