31 Resources
Golang ebpf Libraries
Use eBPF to speed up your Service Mesh like crossing an Einstein-Rosen Bridge.
merbridge Use eBPF to speed up your Service Mesh like crossing an Einstein-Rosen Bridge. Usage Install You just only need to run the following command
Provide task runtime implementation with pidfd and eBPF sched_process_exit tracepoint to manage deamonless container with low overhead.
embedshim The embedshim is the kind of task runtime implementation, which can be used as plugin in containerd. With current shim design, it is used to
OpenTelemetry auto-instrumentation for Go applications
OpenTelemetry Auto-Instrumentation for Go This project adds OpenTelemetry instrumentation to Go applications without having to modify their source cod
Kepler (Kubernetes-based Efficient Power Level Exporter) uses eBPF to probe energy related system stats and exports as Prometheus metrics
kepler Kepler (Kubernetes Efficient Power Level Exporter) uses eBPF to probe energy related system stats and exports as Prometheus metrics Architectur
Metrics collector and ebpf-based profiler for C, C++, Golang, and Rust
Apache SkyWalking Rover SkyWalking Rover: Metrics collector and ebpf-based profiler for C, C++, Golang, and Rust. Documentation Official documentation
Mimic - a eBPF virtual machine and emulator which runs in userspace
Mimic is a eBPF virtual machine and emulator which runs in userspace. Mimic attempts to 'mimic' the eBPF machinery we find in the Linux kernel, as well as other possible implementation/environments.
SailFirewall - Linux firewall powered by eBPF and XDP
SailFirewall Linux firewall powered by eBPF and XDP Requirements Go 1.16+ Linux
An ebpf's tool to watch traffic
watch-dog watch-dog利用ebpf的能力,监听指定网卡的流量来达到旁路检测流量的目的,并使用图数据库neo4j保存节点之间的流量关系。 Get go get github.com/TomatoMr/watch-dog Install make build Usage sudo ./w
Furui - A process-based communication control system for containers
furui Communication control of the container runtime environment(now only docker
Edb - An eBPF program debugger
EDB (eBPF debugger) edb is a debugger(like gdb and dlv) for eBPF programs. Norma
Ebpfmanager - A golang ebpf libary base on cilium/ebpf and datadog/ebpf
介绍 ebpfmanager参照datadog/ebpf/manager包的思想,基于cilium/ebpf实现的ebpf类库封装。 相比cilium/ebpf
Instant Kubernetes-Native Application Observability
Pixie is an open source observability tool for Kubernetes applications. Use Pixie to view the high-level state of your cluster (service maps, cluster
eBPF & Cilium Office Hours
eCHO - eBPF & Cilium Office Hours With a little bit of imagination, eCHO stands for "eBPF & Cilium Office Hours". Inspired by TGIK this is a livestrea
eBPF-based EDR for Linux
ebpf-edr A proof-of-concept eBPF-based EDR for Linux Seems to be working fine with the 20 basic rules implemented. Logs the alerts to stdout at the mo
Automatically capture all potentially useful information about each executed command (as well as its output) and get powerful querying mechanism
nhi is a revolutionary tool which automatically captures all potentially useful information about each executed command and everything around, and delivers powerful querying mechanism.
A distributed Layer 2 Direct Server Return (L2DSR) load balancer for Linux using XDP/eBPF
VC5 A distributed Layer 2 Direct Server Return (L2DSR) load balancer for Linux using XDP/eBPF This is very much a proof of concept at this stage - mos
A tool based on eBPF, prometheus and grafana to monitor network connectivity.
Connectivity Monitor Tracks the connectivity of a kubernetes cluster to its api server and exposes meaningful connectivity metrics. Uses ebpf to obser
This manager helps handle the life cycle of your eBPF programs
eBPF Manager This repository implements a manager on top of Cilium's eBPF library. This declarative manager simplifies attaching and detaching eBPF pr
eBPF Library for Go
eBPF eBPF is a pure Go library that provides utilities for loading, compiling, and debugging eBPF programs. It has minimal external dependencies and i
eBPF library for Go based on Linux libbpf
libbpfgo libbpfgo is a Go library for working with Linux's eBPF. It was created for Tracee, our open source Runtime Security and eBPF tracing tools wr
A K8s ClusterIP HTTP monitoring library based on eBPF
Owlk8s Seamless RED monitoring of k8s ClusterIP HTTP services. This library provides RED (rate,error,duration) monitoring for all(by default but exclu
Trace Go program execution with uprobes and eBPF
Weaver PLEASE READ! - I am currently refactoring Weaver to use libbpf instead of bcc which would include various other major improvements. If you're c
Pixie gives you instant visibility by giving access to metrics, events, traces and logs without changing code.
Pixie gives you instant visibility by giving access to metrics, events, traces and logs without changing code.
Packiffer is a lightweight cross-platform networking toolkit that let you sniff/analyze/inject/filter packets.
Packiffer is a lightweight cross-platform networking toolkit that let you sniff/analyze/inject/filter packets.
Open Source runtime tool which help to detect malware code execution and run time mis-configuration change on a kubernetes cluster
Kube-Knark Project Trace your kubernetes runtime !! Kube-Knark is an open source tracer uses pcap & ebpf technology to perform runtime tracing on a de
Hubble - Network, Service & Security Observability for Kubernetes using eBPF
Network, Service & Security Observability for Kubernetes What is Hubble? Getting Started Features Service Dependency Graph Metrics & Monitoring Flow V
Library to work with eBPF programs from Go
Go eBPF A nice and convenient way to work with eBPF programs / perf events from Go. Requirements Go 1.10+ Linux Kernel 4.15+ Supported eBPF features e
Tracee: Linux Runtime Security and Forensics using eBPF
Tracee is a Runtime Security and forensics tool for Linux. It is using Linux eBPF technology to trace your system and applications at runtime, and analyze collected events to detect suspicious behavioral patterns.
eBPF based TCP observability.
TCPDog is a total solution from exporting TCP statistics from Linux kernel by eBPF very efficiently to store them at your Elasticsearch or InfluxDB da
Simple project to demonstrate the loading of eBPF programs via florianl/go-tc.
tc-skeleton Simple project to demonstrate the loading of eBPF programs via florianl/go-tc.
Instant Kubernetes-Native Application Observability
What is Pixie? Pixie gives you instant visibility by giving access to metrics, events, traces and logs without changing code. We're building up Pixie