eBPF is an emerging Linux kernel technology that allows for user-supplied programs to run inside of the kernel. This enables a bunch of interesting usecases, particularly efficient CPU profiling of the whole Linux system.
For this to work you'll need
- a Linux machine with the kernel version >= 4.9.
- BCC tools installed on the system you want to profile. Visit BCC documentation to find the best way of installing it on your system. There are prebuilt binaries available for most flavors of Linux.
- pyroscope server and agent. Visit our Getting Started guide to learn about that.
This will provision a pyroscope server in your cluster in
kubectl apply -f https://pyroscope.io/k8s/pyroscope-server.yaml
This will install pyroscope eBPF agent on all of your nodes and start profiling applications across your cluster:
kubectl apply -f https://pyroscope.io/k8s/pyroscope-agent.yaml
One thing we're excited about at Pyroscope is eBPF portability efforts, particularly introduction of BTF (BPF Type Format) technology. You can read more about that here. When kernels with BTF support become more mainstream we're gonna embed libbpf directly into our go binary.