performance analysis superpowers with linux bpf
play

Performance Analysis Superpowers with Linux BPF Brendan Gregg Sep - PowerPoint PPT Presentation

Nov 09, 2022 •273 likes •971 views

Performance Analysis Superpowers with Linux BPF Brendan Gregg Sep 2017 bcc/BPF tools DEMO Agenda 1. eBPF & bcc 2. bcc/BPF CLI Tools 3. bcc/BPF Visualizations Take aways 1. Understand Linux tracing and enhanced BPF 2. How to use BPF

  1. Performance Analysis Superpowers with Linux BPF Brendan Gregg Sep 2017

  3. bcc/BPF tools

  4. DEMO

  5. Agenda 1. eBPF & bcc 2. bcc/BPF CLI Tools 3. bcc/BPF Visualizations

  6. Take aways 1. Understand Linux tracing and enhanced BPF 2. How to use BPF tools 3. Areas of future development

  8. Who at Ne/lix will use BPF?

  9. BPF Introducing enhanced BPF for tracing: kernel-level software

  10. Ye Olde BPF Berkeley Packet Filter # tcpdump host 127.0.0.1 and port 22 -d Optimizes packet filter (000) ldh [12] performance (001) jeq #0x800 jt 2 jf 18 (002) ld [26] (003) jeq #0x7f000001 jt 6 jf 4 (004) ld [30] 2 x 32-bit registers (005) jeq #0x7f000001 jt 6 jf 18 & scratch memory (006) ldb [23] (007) jeq #0x84 jt 10 jf 8 (008) jeq #0x6 jt 10 jf 9 User-defined bytecode (009) jeq #0x11 jt 10 jf 18 (010) ldh [20] executed by an in-kernel (011) jset #0x1fff jt 18 jf 12 sandboxed virtual machine (012) ldxb 4*([14]&0xf) (013) ldh [x + 14] Steven McCanne and Van Jacobson, 1993 [...]

  11. Enhanced BPF aka eBPF or just "BPF" 10 x 64-bit registers maps (hashes) actions Alexei Starovoitov, 2014+

  12. BPF for Tracing, Internals Observability Program Kernel load static tracing verifier BPF BPF program bytecode tracepoints attach dynamic tracing event config BPF kprobes uprobes per-event data async output sampling, PMCs copy perf_events maps statistics Enhanced BPF is also now used for SDNs, DDOS mitigation, intrusion detection, container security, …

  13. Dynamic Tracing

  14. 1999: Kerninst http://www.paradyn.org/html/kerninst.html

  15. Event Tracing Efficiency E.g., tracing TCP retransmits Kernel Old way : packet capture send 1. read tcpdump buffer 2. dump receive 1. read Analyzer 2. process file system disks 3. print New way : dynamic tracing tcp_retransmit_skb() Tracer 1. configure 2. read

  16. Linux Events & BPF Support BPF output Linux 4.7 Linux 4.9 Linux 4.4 BPF stacks Linux 4.6 Linux 4.3 Linux 4.1 (version BPF support arrived) Linux 4.9

  17. A Linux Tracing Timeline - 1990’s: Static tracers, prototype dynamic tracers - 2000: LTT + DProbes (dynamic tracing; not integrated) - 2004: kprobes (2.6.9) - 2005: DTrace (not Linux), SystemTap (out-of-tree) - 2008: ftrace (2.6.27) - 2009: perf_events (2.6.31) - 2009: tracepoints (2.6.32) - 2010-2017: ftrace & perf_events enhancements - 2012: uprobes (3.5) - 2014-2017: enhanced BPF patches: supporting tracing events - 2016-2017: ftrace hist triggers also: LTTng, ktap, sysdig, ...

  18. BCC Introducing BPF Complier Collection: user-level front-end

  19. bcc • BPF Compiler Collection Tracing layers: – https://github.com/iovisor/bcc – Lead developer: Brenden Blanco … bcc tool bcc tool • Includes tracing tools • Provides BPF front-ends: bcc … – Python Python lua – Lua front-ends user – C++ kernel – C helper libraries Kernel – golang (gobpf) BPF Events

  20. Raw BPF samples/bpf/sock_example.c 87 lines truncated

  21. C/BPF samples/bpf/tracex1_kern.c 58 lines truncated

  22. bcc/BPF (C & Python) bcc examples/tracing/bitehist.py enBre program

  23. bpftrace hHps://github.com/ajor/bpJrace enBre program

  24. The Tracing Landscape, Sep 2017 (my opinion) (less brutal) bpftrace dtrace4L. ply/BPF ktap sysdig (many) perf Ease of use stap LTTng (hist triggers) ftrace recent changes bcc/BPF (alpha) (mature) C/BPF (brutal) Stage of Raw BPF Development Scope & Capability

  25. BCC/BPF CLI Tools Performance Analysis

  26. Pre-BPF: Linux Perf Analysis in 60s 1. uptime 2. dmesg -T | tail 3. vmstat 1 4. mpstat -P ALL 1 5. pidstat 1 6. iostat -xz 1 7. free -m 8. sar -n DEV 1 9. sar -n TCP,ETCP 1 10. top hHp://techblog.ne/lix.com/2015/11/linux-performance-analysis-in-60s.html

  27. bcc Installation • https://github.com/iovisor/bcc/blob/master/INSTALL.md • eg, Ubuntu Xenial: # echo "deb [trusted=yes] https://repo.iovisor.org/apt/xenial xenial-nightly main" |\ 
 sudo tee /etc/apt/sources.list.d/iovisor.list # sudo apt-get update # sudo apt-get install bcc-tools – Also available as an Ubuntu snap – Ubuntu 16.04 is good, 16.10 better: more tools work • Installs many tools – In /usr/share/bcc/tools, and … /tools/old for older kernels

  28. bcc General Performance Checklist 1. execsnoop 2. opensnoop 3. ext4slower ( … ) 4. biolatency 5. biosnoop 6. cachestat 7. tcpconnect 8. tcpaccept 9. tcpretrans 10. gethostlatency 11. runqlat 12. profile

  29. Discover short-lived process issues using execsnoop # execsnoop -t TIME(s) PCOMM PID PPID RET ARGS 0.031 dirname 23832 23808 0 /usr/bin/dirname /apps/tomcat/bin/catalina.sh 0.888 run 23833 2344 0 ./run 0.889 run 23833 2344 -2 /command/bash 0.889 run 23833 2344 -2 /usr/local/bin/bash 0.889 run 23833 2344 -2 /usr/local/sbin/bash 0.889 bash 23833 2344 0 /bin/bash 0.894 svstat 23835 23834 0 /command/svstat /service/nflx-httpd 0.894 perl 23836 23834 0 /usr/bin/perl -e $l=<>;$l=~/(\d+) sec/;print $1||0; 0.899 ps 23838 23837 0 /bin/ps --ppid 1 -o pid,cmd,args 0.900 grep 23839 23837 0 /bin/grep org.apache.catalina 0.900 sed 23840 23837 0 /bin/sed s/^ *//; 0.900 cut 23841 23837 0 /usr/bin/cut -d -f 1 0.901 xargs 23842 23837 0 /usr/bin/xargs 0.912 xargs 23843 23842 -2 /command/echo 0.912 xargs 23843 23842 -2 /usr/local/bin/echo 0.912 xargs 23843 23842 -2 /usr/local/sbin/echo 0.912 echo 23843 23842 0 /bin/echo [...] Efficient : only traces exec()

  30. Discover short-lived process issues using execsnoop # execsnoop -t TIME(s) PCOMM PID PPID RET ARGS 0.031 dirname 23832 23808 0 /usr/bin/dirname /apps/tomcat/bin/catalina.sh 0.888 run 23833 2344 0 ./run 0.889 run 23833 2344 -2 /command/bash 0.889 run 23833 2344 -2 /usr/local/bin/bash 0.889 run 23833 2344 -2 /usr/local/sbin/bash 0.889 bash 23833 2344 0 /bin/bash 0.894 svstat 23835 23834 0 /command/svstat /service/nflx-httpd 0.894 perl 23836 23834 0 /usr/bin/perl -e $l=<>;$l=~/(\d+) sec/;print $1||0; 0.899 ps 23838 23837 0 /bin/ps --ppid 1 -o pid,cmd,args 0.900 grep 23839 23837 0 /bin/grep org.apache.catalina 0.900 sed 23840 23837 0 /bin/sed s/^ *//; 0.900 cut 23841 23837 0 /usr/bin/cut -d -f 1 0.901 xargs 23842 23837 0 /usr/bin/xargs 0.912 xargs 23843 23842 -2 /command/echo 0.912 xargs 23843 23842 -2 /usr/local/bin/echo 0.912 xargs 23843 23842 -2 /usr/local/sbin/echo 0.912 echo 23843 23842 0 /bin/echo [...] Efficient : only traces exec()

  31. Exonerate or confirm storage latency outliers with ext4slower # /usr/share/bcc/tools/ext4slower 1 Tracing ext4 operations slower than 1 ms TIME COMM PID T BYTES OFF_KB LAT(ms) FILENAME 17:31:42 postdrop 15523 S 0 0 2.32 5630D406E4 17:31:42 cleanup 15524 S 0 0 1.89 57BB7406EC 17:32:09 titus-log-ship 19735 S 0 0 1.94 slurper_checkpoint.db 17:35:37 dhclient 1061 S 0 0 3.32 dhclient.eth0.leases 17:35:39 systemd-journa 504 S 0 0 26.62 system.journal 17:35:39 systemd-journa 504 S 0 0 1.56 system.journal 17:35:39 systemd-journa 504 S 0 0 1.73 system.journal 17:35:45 postdrop 16187 S 0 0 2.41 C0369406E4 17:35:45 cleanup 16188 S 0 0 6.52 C1B90406EC […] Tracing at the file system is a more reliable and complete indicator than measuring disk I/O latency Also: btrfsslower, xfsslower, zfsslower

  32. Exonerate or confirm storage latency outliers with ext4slower # /usr/share/bcc/tools/ext4slower 1 Tracing ext4 operations slower than 1 ms TIME COMM PID T BYTES OFF_KB LAT(ms) FILENAME 17:31:42 postdrop 15523 S 0 0 2.32 5630D406E4 17:31:42 cleanup 15524 S 0 0 1.89 57BB7406EC 17:32:09 titus-log-ship 19735 S 0 0 1.94 slurper_checkpoint.db 17:35:37 dhclient 1061 S 0 0 3.32 dhclient.eth0.leases 17:35:39 systemd-journa 504 S 0 0 26.62 system.journal 17:35:39 systemd-journa 504 S 0 0 1.56 system.journal 17:35:39 systemd-journa 504 S 0 0 1.73 system.journal 17:35:45 postdrop 16187 S 0 0 2.41 C0369406E4 17:35:45 cleanup 16188 S 0 0 6.52 C1B90406EC […] Tracing at the file system is a more reliable and complete indicator than measuring disk I/O latency Also: btrfsslower, xfsslower, zfsslower

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Performance Analysis Superpowers with Linux eBPF Brendan Gregg Senior Performance Architect Jun

Performance Analysis Superpowers with Linux eBPF Brendan Gregg Senior Performance Architect Jun

Performance Analysis Superpowers with Linux eBPF Brendan Gregg Senior Performance Architect Jun 2017 Efficiently trace TCP sessions with PID, bytes, and dura:on using tcplife # /usr/share/bcc/tools/tcplife PID COMM LADDR LPORT

655 views • 54 slides
Linux 4.x Tracing: Performance Analysis with bcc/BPF Brendan Gregg Senior Performance Architect

Linux 4.x Tracing: Performance Analysis with bcc/BPF Brendan Gregg Senior Performance Architect

Linux 4.x Tracing: Performance Analysis with bcc/BPF Brendan Gregg Senior Performance Architect Mar 2017 Linux tracing in the last 3 years How do we use these superpowers? Take aways 1. Understanding the value of Linux tracing superpowers

864 views • 70 slides
Linux 4.x Performance Using BPF Superpowers Brendan Gregg Senior

Linux 4.x Performance Using BPF Superpowers Brendan Gregg Senior

Feb 2016 Linux 4.x Performance Using BPF Superpowers Brendan Gregg Senior Performance Architect Ten years ago, I gave a talk here about DTrace tools

1.09k views • 60 slides
Linux Performance Analysis New Tools and Old Secrets Brendan Gregg Senior Performance Architect

Linux Performance Analysis New Tools and Old Secrets Brendan Gregg Senior Performance Architect

Linux Performance Analysis New Tools and Old Secrets Brendan Gregg Senior Performance Architect Performance Engineering Team bgregg@netflix.com @brendangregg Porting these to Linux Massive Amazon EC2 Linux cloud Tens of thousands of

864 views • 75 slides
Linux 4.x Tracing Tools Using BPF Superpowers Brendan Gregg, NeElix bgregg@neElix.com December

Linux 4.x Tracing Tools Using BPF Superpowers Brendan Gregg, NeElix bgregg@neElix.com December

Linux 4.x Tracing Tools Using BPF Superpowers Brendan Gregg, NeElix bgregg@neElix.com December 49, 2016 | Boston, MA www.usenix.org/lisa16 #lisa16 Demo Gme GIVE ME 15 MINUTES AND I'LL CHANGE YOUR VIEW OF LINUX TRACING

814 views • 68 slides
Real-Time Performance of Linux Among others: A Measurement-Based Analysis of the Real-Time

Real-Time Performance of Linux Among others: A Measurement-Based Analysis of the Real-Time

CPSC-663: Real-Time Systems Linux, Preemption, and Real-Time Real-Time Performance of Linux Among others: A Measurement-Based Analysis of the Real-Time Performance of Linux (L. Abeni , A. Goel, C. Krasic, J. Snow, J. Walpole) [RTAS

472 views • 9 slides
Java Performance Analysis on Linux with Flame Graphs Brendan Gregg Senior Performance Architect

Java Performance Analysis on Linux with Flame Graphs Brendan Gregg Senior Performance Architect

Sep 2016 Java Performance Analysis on Linux with Flame Graphs Brendan Gregg Senior Performance Architect Complete Visibility Java Mixed-Mode Flame Graph via Linux perf_events Java C C++ (User) (JVM) Java C (Inlined) (Kernel) Cloud

1.13k views • 71 slides
Linux and High-Performance Computing Outline Architectures &amp; Performance Measurement

Linux and High-Performance Computing Outline Architectures &amp; Performance Measurement

Linux and High-Performance Computing Outline Architectures &amp; Performance Measurement Linux on High-Performance Computers Beowulf Clusters, ROCKS Kitten: A Linux-derived LWK Linux on I/O and Service Nodes Free

630 views • 20 slides
Linux Performance Analysis and Tools Brendan Gregg Polyglot Lead Performance Engineer

Linux Performance Analysis and Tools Brendan Gregg Polyglot Lead Performance Engineer

Linux Performance Analysis and Tools Brendan Gregg Polyglot Lead Performance Engineer Vancouver October, 2013 brendan@joyent.com @brendangregg whoami GDay, Im Brendan Performance Engineering Work/Research: tools,

599 views • 58 slides
Linux Performance Analysis and Tools Brendan Gregg Lead Performance Engineer brendan@joyent.com

Linux Performance Analysis and Tools Brendan Gregg Lead Performance Engineer brendan@joyent.com

Linux Performance Analysis and Tools Brendan Gregg Lead Performance Engineer brendan@joyent.com SCaLE11x @brendangregg February, 2013 Sunday, February 24, 13 Find the Bottleneck Operating System Hardware Applications DBs, all server

1.6k views • 115 slides
Performance analysis Agenda Code Profiling Linux tools GNU Profiler (Gprof)

Performance analysis Agenda Code Profiling Linux tools GNU Profiler (Gprof)

Blue Gene/Q User Workshop Performance analysis Agenda Code Profiling Linux tools GNU Profiler (Gprof) bfdprof Hardware Performance counter Monitors IBM Blue Gene/Q performances tools Internal mpitrace Library

1.03k views • 38 slides
Designing Tracing Tools Brendan Gregg , Senior Performance Architect Wielding Superpowers I'm

Designing Tracing Tools Brendan Gregg , Senior Performance Architect Wielding Superpowers I'm

Designing Tracing Tools Brendan Gregg , Senior Performance Architect Wielding Superpowers I'm currently developing more tracing tools (bcc/BPF) Tool Design For tool developers For everyone else: what you can ask for Tool templates

590 views • 40 slides
Brok oken en Linux Linux Per erfor ormance mance Tools ools Brendan Gregg Senior

Brok oken en Linux Linux Per erfor ormance mance Tools ools Brendan Gregg Senior

Jan 2016 Brok oken en Linux Linux Per erfor ormance mance Tools ools Brendan Gregg Senior Performance Architect, Netflix Previously (SCaLE11x) Working Linux performance tools: This Talk (SCaLE14x) Broken Linux performance

1.52k views • 95 slides
Linux Performance 2018 Brendan Gregg Senior Performance Architect

Linux Performance 2018 Brendan Gregg Senior Performance Architect

Linux Performance 2018 Brendan Gregg Senior Performance Architect http://neuling.org/linux-next-size.html Post frequency: 4 per year https://kernelnewbies.org/Linux_4.15 https://lwn.net/Kernel/ 4 per week LKML 400 per day

473 views • 19 slides
Linux Systems Performance Brendan Gregg Senior Performance Architect Systems

Linux Systems Performance Brendan Gregg Senior Performance Architect Systems

Apr, 2016 Linux Systems Performance Brendan Gregg Senior Performance Architect Systems Performance in 50 mins Agenda A brief discussion of 6 facets of Linux performance: 1. Observability 2.

1.06k views • 72 slides
Computing using Linux: The Good and the Bad Christoph Lameter HPC and Linux Most of the

Computing using Linux: The Good and the Bad Christoph Lameter HPC and Linux Most of the

High Performance Computing using Linux: The Good and the Bad Christoph Lameter HPC and Linux Most of the supercomputers today run Linux. All of the computational clusters in corporations that I know of run Linux. Support for

419 views • 12 slides
Futures and Promises: Lessons in Concurrency Learned at Tumblr QCon NY 2012 Tuesday, June 19, 12

Futures and Promises: Lessons in Concurrency Learned at Tumblr QCon NY 2012 Tuesday, June 19, 12

Futures and Promises: Lessons in Concurrency Learned at Tumblr QCon NY 2012 Tuesday, June 19, 12 Overview Tumblr stats Macro, Mecro and Micro Concurrency Platform History Motherboy and the Dashboard Lessons Learned Q

714 views • 35 slides
ASYNC PROGRAMMING What does this print? function getY() { var y; $http.get(/gety,

ASYNC PROGRAMMING What does this print? function getY() { var y; $http.get(/gety,

CS 498RK FALL 2017 ASYNC PROGRAMMING What does this print? function getY() { var y; $http.get(/gety, function(jsonData){ // suppose the value of y on the server is 3 y = jsonData.y; }); return y; } var x = 5; var y = getY();

642 views • 20 slides
Pyramidal Stochastic Graphlet Embedding for Document Pattern Classification Anjan Dutta , Pau

Pyramidal Stochastic Graphlet Embedding for Document Pattern Classification Anjan Dutta , Pau

Pyramidal Stochastic Graphlet Embedding for Document Pattern Classification Anjan Dutta , Pau Riba, Josep Llad os, Alicia Forn es Computer Vision Center, Autonomous University of Barcelona ICDAR, Kyoto, Japan, 13th November, 2017

516 views • 24 slides
CORPORATE PARENTING BOARD: MARCH 16 TH 2020 This Annual Report provides evidence relating to the

CORPORATE PARENTING BOARD: MARCH 16 TH 2020 This Annual Report provides evidence relating to the

CORPORATE PARENTING BOARD: MARCH 16 TH 2020 This Annual Report provides evidence relating to the services in Nottingham City as required by statutory guidance. The core business of the team includes the chairing of Children in Care

144 views • 10 slides
Natural Language Processing (CSE 517): Machine Translation Noah Smith 2018 c University of

Natural Language Processing (CSE 517): Machine Translation Noah Smith 2018 c University of

Natural Language Processing (CSE 517): Machine Translation Noah Smith 2018 c University of Washington nasmith@cs.washington.edu May 23, 2018 1 / 82 Evaluation Intuition: good translations are fluent in the target language and faithful to

990 views • 82 slides
Neuropalliative Case Laura Koehn Assistant Professor Neurology and Palliative Care

Neuropalliative Case Laura Koehn Assistant Professor Neurology and Palliative Care

2/13/2015 No Disclosures Neuropalliative Case Laura Koehn Assistant Professor Neurology and Palliative Care Laura.Koehn@ucsfmedctr.org The Case Case continued Mrs. Smith is a 82 year-old woman brought in by her Liz has received phone

353 views • 8 slides
TF NOC TF-NOC About TERENA TERENA offers a forum to collaborate innovate and TERENA

TF NOC TF-NOC About TERENA TERENA offers a forum to collaborate innovate and TERENA

15 February, 2011 Ljubljana, Slovenia Peter Szegedi, PDO szegedi@terena org szegedi@terena.org www.terena.org TF NOC TF-NOC About TERENA TERENA offers a forum to collaborate innovate and TERENA offers a forum to collaborate,

292 views • 17 slides
Advocating for a world with #NOhep WHA 258 members 86 countries Our first 10 years 2010 2016

Advocating for a world with #NOhep WHA 258 members 86 countries Our first 10 years 2010 2016

Advocating for a world with #NOhep WHA 258 members 86 countries Our first 10 years 2010 2016 2015 2013 Adoption of the first The World Health Assembly WHA launches WHA and WHO launch the resolution on viral hepatitis endorsed the

236 views • 19 slides

More recommend