Brendan Gregg (NetFlix) claim that eBPF is the first fundamental change to how kernels are used in 50 years, and explain why in this 31 minutes video. https://www.youtube.com/watch?v=7pmXdG8-7WU I really recommend to watch this video, to understand why the BPF model is so fundamentally different from the existing OS model we all assume. XDP is mentioned, but XDP is just a user of BPF, that takes advantage of the BPF model. As I've said before, the real power comes when combining several BPF hooks. Go explore the BCC/bpftrace tracing tools that are also mentioned. -- Best regards, Jesper Dangaard Brouer MSc.CS, Principal Kernel Engineer at Red Hat LinkedIn: http://www.linkedin.com/in/brouer
|