An Introduction to Production Debugging with eBPF

It’s 2am. You’re woken up by your pager app. The site is up, but it’s behaving… strangely. Maybe a service is writing corrupted data. Maybe it’s running slowly, or pausing at random. These “unknown unknowns” are some of the hardest problems in production engineering. There’s no run book for this and your logs can’t save you now!

We can reach for Extended Berkeley Packet Filters (eBPF) when we need powerful tools for getting deep insights into applications running live in production, without impacting performance or availability. In this workshop, Tim Gross will lead you through debugging a broken application with eBPF. We’ll take a tour through open source eBPF tools and show you how to start writing your own tools using the BCC toolkit and ebpftrace.

The workshop will be hands-on. Each attendee will be provided a remote workspace with everything we need pre-installed. The only software you’ll need on your laptop is a SSH client and a web browser.



Tim Gross

Tim Gross is a software engineer at HashiCorp, where he works on the Nomad core team. Previously, he’s been a developer, sysadmin, developer advocate, engineering manager, and devops engineer ...