Skip to content

Commit

Permalink
docs: ebpf
Browse files Browse the repository at this point in the history
  • Loading branch information
@ryan4yin
ryan4yin committed Sep 17, 2024
1 parent 9b1230a commit a220161
Showing 1 changed file with 5 additions and 0 deletions.
5 changes: 5 additions & 0 deletions linux/ebpf/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,3 +14,8 @@
1. 可观测性:我们用 ebpf 来分析什么东西?解决什么问题?
2. 网络:ebpf 如何做到拦截处理流量,同时更新 ebpf 程序还不会中断连接?
3. 安全性:基于 ebpf 的安全技术有哪些,跟 apparmor 想比有什么区别、优势?

## 可观测性

1. bcc - execsnoop: 监控进程的创建及详细信息。
- 用途之一:定位由程序不断重启导致的性能问题。由于进程存在时间太短,很难通过 ps/top 等工具观察到。

0 comments on commit a220161

Please sign in to comment.