SlideShare uma empresa Scribd logo

Linux Server Deep Dives (DrupalCon Amsterdam)

A
Amin Astaneh

Over the past few years the Linux kernel has gained features that allow us to learn more about what's really happening on our servers and the applications that run on them. This talk will explore how these new features, particularly perf_events and ebpf, enable us to answer questions about what a Drupal site is doing in real time beyond what the standard logs, server performance tools, and even strace will reveal. Attendees will be provided a brief introduction to example uses of these tools to diagnose performance problems. This talk is intended for attendees that are familiar with Linux, the command line, and have used host observability tools in the past (top, netstat, etc).

Internet
1 de 41
Baixar para ler offline
Linux Server Deep Dives Amin Astaneh Drupalcon Amsterdam 2019
Who Am I? ● Senior Manager, SRE, Acquia ● Acquian since December 2010 ● Champion DevOps, SRE, operational, agile best practices
WARNING: This is NOT Your Usual Linux Talk We won’t be talking about the usual suspects: ● top, ps, uptime ● sar, mpstat, iostat ● not even strace or lsof ● (well, maybe a little strace) Past talk: https://bit.ly/2BNzNy5
Goal: An Introduction to Advanced Tooling ● Tools: perf_events, ebpf ● Origins and capabilities ● How to install these tools ● Demo of examples that you can use today Aim is to provide inspiration on simple yet powerful ways to troubleshoot Drupal from the infrastructure and performance side. The classic tools answer what resources are being used. These tools answer how resources are being used in much greater detail.
Before We Begin: Tool Caveats 1) These tools can introduce a performance overhead. Keep that in mind when deciding to analyse your production workloads. Run in non-production where possible. 2) Some tools require you to rebuild your services in order to use them. Eg: mysqld, php, etc 3) Some tools require you to install debug packages to be useful. 4) These tools require root access.
Before We Begin: The Environment For This Talk ● Ubuntu 18.04 VM ● Drupal 8.7.8 installed running the Umami demo site ● Modest resources (1 core, 1GB RAM, 10GB HDD) ● No fancy caching like Varnish or Memcached
Before We Begin: Some Operating System Basics Let’s talk about system calls (aka: syscalls). It’s how programs interact with the kernel (in this case, Linux) to perform tasks, such as: ● read or write to a file ● database calls, memcached, HTTP ● executing other programs If you want the full list, run `man 2 syscalls`. If you want to read about a specific one, run `man 2 name_of_syscall`.
The New Tools
perf_events ● It’s been around since 2009 ● Part of the linux kernel since 2.6.31 ● Originally called Performance Counters for Linux ● Enables capture of analysis of broad performance-related kernel events ● Not very well documented :( ● To install: linux-tools package
The Extended Berkeley Packet Filter (eBPF) The Berkeley Packet Filter was originally simply that: a packet filter. However, there are certain characteristics of the project as it evolved since 2014 that expanded upon its originally-intended usage: ● Filters were implemented as programs that ran in a kernel-mode VM; ● “BPF guarantees that the programs loaded into the kernel cannot crash, and cannot run forever” ● eBPF programs can access in-kernel debugging features such as kprobes
What Does This Mean For eBPF? You can use eBPF for in-depth performance analysis of a running server, not just its network stack. The toolkit provided by the BPF compiler collection (BCC) provides us an accessible wealth of observability tools. It also provides the means to write your own tools.
Installing BCC ● Ubuntu: sudo apt-get install bpfcc-tools linux-headers-$(uname -r) ● RHEL: yum install bcc-tools ● Amazon Linux: yum install bcc
Examples With Demos
`perf` tool Allows you to monitor for specific OS events to trace/analyse ● counters- number of occurances that something happens ● tracing- real time tracking of events (usually syscalls) ● probing- monitor and capture specific events on the server ● reporting- analyse captured data
`perf stat` Example of counters: perf stat -e 'syscalls:sys_enter_*' COMMAND (lists the count of system calls for COMMAND) Example: let’s see what a `drush status` does to our system: sudo perf stat -e 'syscalls:sys_enter_*' drush status 2>&1 | grep -v ' 0 ' Why does this matter? A certain module or feature may be badly performing, and now you can find out why.
`perf trace` ● Say hello to a more performant replacement to strace! ● System call tracers print what is happening in real time ● Tracing PHP processes can be really useful for troubleshooting performance problems quickly when you don’t have an APM installed ● perf trace has less overhead than strace, by a LOT
`perf trace` overhead ● How do we test that? ● Using dd, we can see that perf trace has a 2.5x slowdown ● Strace had a 62x showdown. # dd if=/dev/zero of=/dev/null bs=512 count=10000k 5242880000 bytes (5.2 GB) copied, 3.53031 s, 1.5 GB/s # perf stat -e 'syscalls:sys_enter_*' dd if=/dev/zero of=/dev/null bs=512 count=10000k 5242880000 bytes (5.2 GB) copied, 9.14225 s, 573 MB/s # strace -c dd if=/dev/zero of=/dev/null bs=512 count=10000k 5242880000 bytes (5.2 GB) copied, 218.915 s, 23.9 MB/s
perf trace You can see all syscalls on the system with `perf trace`! For a single process, run `perf trace -p <PID>` or `perf trace <COMMAND>`
`perf record` ● You can sample all CPU activity on the system: ● perf record -a -F 1000 sleep 10 ○ Record activity on all processors, 1000 times per second, for 10 seconds ● Then you can generate a report on the output data ● perf report Note that you need to install debug packages in order to drill down into specific library calls! (PKG-dbg, or PKG-dbgsym)
`perf top` ● Like the top command, but for kernel-level events ● Plain `perf top` will tell you what userspace and kernel functions are using the most resources ● What is generating network traffic on the server? ● perf top -e net:net_dev_xmit -ns comm,pid
Dynamic Tracing with `perf probe` This allows you to monitor for invokation of specific kernel functions. ● create a probe: perf probe --add <FUNCTION> ● record probe behavior: perf record -e probe:<FUNCTION> -aR sleep 1 ● list probes: perf probe -l ● delete probes: perf probe -d <EVENT> You probably won’t use these when getting started, but know that this exists.
Trace HTTP Outbound Connections in Real Time Use tcpconnect to detect external calls performed by Drupal, cronjobs, etc. Could also help in detecting intruders! # tcpconnect PID COMM IP SADDR DADDR DPORT 1957 php-fpm 4 192.168.122.229 143.204.214.36 80
Trace HTTP Requests in Real Time Use tcptracer to detect all TCP connections on your server. A very easy way to find abusive or high-throughput HTTP clients as they happen!
How long do your HTTP client connections last? tcplife prints out the latency and data transfers for each connection, which again can be useful for analysing what your clients are doing.
Trace File Accesses On Web Server Use statsnoop to detect all file information accesses on your server (stat family of syscalls) # statsnoop | grep sites/default/files | egrep 'jpg|png|pdf|mp4' PID COMM IP SADDR DADDR DPORT 1957 php-fpm 4 192.168.122.229 143.204.214.36 80
Monitor file reads and writes! Use filetop to find how which specific files are getting the most activity!
How large are your per-process I/O operations? bitesize prints histograms of storage I/O operations for each process. May be useful to find programs that are doing excessive or inefficient operations.
How Long Does it Take For Filesystem Operations? ext4dist, xfsdist, zfsdist, etc will generate histograms of how long it takes to perform reads and write operations on the filesystem. This really breaks down the performance characteristics of the filesystem beyond what iostat will tell you.
Find out if you need more memory! More operating system theory: A ‘page fault’ means that a access to data required reading from the disk rather than what was in the page cache (stored in RAM). This is particularly important on servers expected to serve a lot of file data, eg: a file server. Too little memory for page cache affects performance. This is in a way similar to nginx or varnish miss rates. The cachestat tool enables you to monitor for this condition. The dcstat tool is useful for directory cache.
Trace Creation of New Processes Use pidpersec to determine the rate of new process creation. High values may be revealing that something is wrong with custom code such as cronjobs or scripts on the server.
Trace Creation of New Processes Use execsnoop to detect all new processes on your server. Quite useful for following up after use of pidpersec. # execsnoop-bpfcc PCOMM PID PPID RET ARGS date 2647 2499 0 /bin/date sleep 2648 2499 0 /bin/sleep 1 date 2649 2499 0 /bin/date sleep 2650 2499 0 /bin/sleep 1
Spy On a User Session! Use ttysnoop to watch another person’s shell session! # to find the ttys in use ps auxww --forest | egrep --color ‘^|pts’ # then to trace ttysnoop /dev/pts/X
Spy On All User Sessions! Similarly, you can use bashreadline to see all programs that have been invoked from a bash shell. Useful for analysing how jump hosts are being used.
Spy On SSL/TLS Connections! sslsniff will print the data being written to and read from SSL_write() and SSL_read() functions, basically intercepting encrypted traffic on the server!
In Summary ● perf_events and eBPF are pretty awesome additions to your toolkit ● You can see more details on Linux server activity than ever before ● You can start using these tools today :D ● Test in non-production first ● Have fun!
Further Reading
Further Reading ● Buy Brendan Gregg’s book on eBPF ○ http://www.brendangregg.com/bpf-performance-tools-book.html ● Perf Events Reference ○ https://perf.wiki.kernel.org/index.php/Main_Page ● bcc Github Project ○ https://github.com/iovisor/bcc ● Julia Evans’ Perf Cheatsheet ○ https://jvns.ca/perf-cheat-sheet.pdf ● Linux Syscall References ○ `man 2 syscalls` ○ `man 2 <SYSCALL>`
Thank You! Amin Astaneh Twitter: @aastaneh Email: amin@aminastaneh.net
Join us for contribution opportunities Mentored Contribution First Time Contributor Workshop General Contribution #DrupalContributions
What did you think? https://drupal.kuoni-congress.info/2019/program/ https://www.surveymonkey.com/r/DrupalConAmsterdam

Recomendados

DCSF 19 eBPF Superpowers
DCSF 19 eBPF SuperpowersDCSF 19 eBPF Superpowers
DCSF 19 eBPF SuperpowersDocker, Inc.
 
Make Your Containers Faster: Linux Container Performance Tools
Make Your Containers Faster: Linux Container Performance ToolsMake Your Containers Faster: Linux Container Performance Tools
Make Your Containers Faster: Linux Container Performance ToolsKernel TLV
 
Performance Analysis Tools for Linux Kernel
Performance Analysis Tools for Linux KernelPerformance Analysis Tools for Linux Kernel
Performance Analysis Tools for Linux Kernellcplcp1
 
Linux kernel debugging
Linux kernel debuggingLinux kernel debugging
Linux kernel debuggingHao-Ran Liu
 
Linux Performance Analysis: New Tools and Old Secrets
Linux Performance Analysis: New Tools and Old SecretsLinux Performance Analysis: New Tools and Old Secrets
Linux Performance Analysis: New Tools and Old SecretsBrendan Gregg
 
Linux Systems Performance 2016
Linux Systems Performance 2016Linux Systems Performance 2016
Linux Systems Performance 2016Brendan Gregg
 
Kernel Recipes 2019 - BPF at Facebook
Kernel Recipes 2019 - BPF at FacebookKernel Recipes 2019 - BPF at Facebook
Kernel Recipes 2019 - BPF at FacebookAnne Nicolas
 
Cache profiling on ARM Linux
Cache profiling on ARM LinuxCache profiling on ARM Linux
Cache profiling on ARM LinuxPrabindh Sundareson
 

Recomendados

DCSF 19 eBPF Superpowers
DCSF 19 eBPF SuperpowersDCSF 19 eBPF Superpowers
DCSF 19 eBPF SuperpowersDocker, Inc.
 
Make Your Containers Faster: Linux Container Performance Tools
Make Your Containers Faster: Linux Container Performance ToolsMake Your Containers Faster: Linux Container Performance Tools
Make Your Containers Faster: Linux Container Performance ToolsKernel TLV
 
Performance Analysis Tools for Linux Kernel
Performance Analysis Tools for Linux KernelPerformance Analysis Tools for Linux Kernel
Performance Analysis Tools for Linux Kernellcplcp1
 
Linux kernel debugging
Linux kernel debuggingLinux kernel debugging
Linux kernel debuggingHao-Ran Liu
 
Linux Performance Analysis: New Tools and Old Secrets
Linux Performance Analysis: New Tools and Old SecretsLinux Performance Analysis: New Tools and Old Secrets
Linux Performance Analysis: New Tools and Old SecretsBrendan Gregg
 
Linux Systems Performance 2016
Linux Systems Performance 2016Linux Systems Performance 2016
Linux Systems Performance 2016Brendan Gregg
 
Kernel Recipes 2019 - BPF at Facebook
Kernel Recipes 2019 - BPF at FacebookKernel Recipes 2019 - BPF at Facebook
Kernel Recipes 2019 - BPF at FacebookAnne Nicolas
 
Cache profiling on ARM Linux
Cache profiling on ARM LinuxCache profiling on ARM Linux
Cache profiling on ARM LinuxPrabindh Sundareson
 
A brief history of system calls
A brief history of system callsA brief history of system calls
A brief history of system callsSysdig
 
Container Performance Analysis
Container Performance AnalysisContainer Performance Analysis
Container Performance AnalysisBrendan Gregg
 
Netflix: From Clouds to Roots
Netflix: From Clouds to RootsNetflix: From Clouds to Roots
Netflix: From Clouds to RootsBrendan Gregg
 
Linux Profiling at Netflix
Linux Profiling at NetflixLinux Profiling at Netflix
Linux Profiling at NetflixBrendan Gregg
 
Kernel Recipes 2017: Performance Analysis with BPF
Kernel Recipes 2017: Performance Analysis with BPFKernel Recipes 2017: Performance Analysis with BPF
Kernel Recipes 2017: Performance Analysis with BPFBrendan Gregg
 
Systemtap
SystemtapSystemtap
SystemtapFeng Yu
 
Overview of FreeBSD PMC Tools
Overview of FreeBSD PMC ToolsOverview of FreeBSD PMC Tools
Overview of FreeBSD PMC ToolsACMBangalore
 
LISA17 Container Performance Analysis
LISA17 Container Performance AnalysisLISA17 Container Performance Analysis
LISA17 Container Performance AnalysisBrendan Gregg
 
LISA2010 visualizations
LISA2010 visualizationsLISA2010 visualizations
LISA2010 visualizationsBrendan Gregg
 
Modern Linux Tracing Landscape
Modern Linux Tracing LandscapeModern Linux Tracing Landscape
Modern Linux Tracing LandscapeKernel TLV
 
TIP1 - Overview of C/C++ Debugging/Tracing/Profiling Tools
TIP1 - Overview of C/C++ Debugging/Tracing/Profiling ToolsTIP1 - Overview of C/C++ Debugging/Tracing/Profiling Tools
TIP1 - Overview of C/C++ Debugging/Tracing/Profiling ToolsXiaozhe Wang
 
Kernel Recipes 2017: Using Linux perf at Netflix
Kernel Recipes 2017: Using Linux perf at NetflixKernel Recipes 2017: Using Linux perf at Netflix
Kernel Recipes 2017: Using Linux perf at NetflixBrendan Gregg
 
Introduction to Perf
Introduction to PerfIntroduction to Perf
Introduction to PerfWang Hsiangkai
 
Designing Tracing Tools
Designing Tracing ToolsDesigning Tracing Tools
Designing Tracing ToolsSysdig
 
Tracing MariaDB server with bpftrace - MariaDB Server Fest 2021
Tracing MariaDB server with bpftrace - MariaDB Server Fest 2021Tracing MariaDB server with bpftrace - MariaDB Server Fest 2021
Tracing MariaDB server with bpftrace - MariaDB Server Fest 2021Valeriy Kravchuk
 
DiUS Computing Lca Rails Final
DiUS Computing Lca Rails FinalDiUS Computing Lca Rails Final
DiUS Computing Lca Rails FinalRobert Postill
 
USENIX ATC 2017: Visualizing Performance with Flame Graphs
USENIX ATC 2017: Visualizing Performance with Flame GraphsUSENIX ATC 2017: Visualizing Performance with Flame Graphs
USENIX ATC 2017: Visualizing Performance with Flame GraphsBrendan Gregg
 
RxNetty vs Tomcat Performance Results
RxNetty vs Tomcat Performance ResultsRxNetty vs Tomcat Performance Results
RxNetty vs Tomcat Performance ResultsBrendan Gregg
 
Designing Tracing Tools
Designing Tracing ToolsDesigning Tracing Tools
Designing Tracing ToolsBrendan Gregg
 
Broken Linux Performance Tools 2016
Broken Linux Performance Tools 2016Broken Linux Performance Tools 2016
Broken Linux Performance Tools 2016Brendan Gregg
 
Dynamic tracing of MariaDB on Linux - problems and solutions (MariaDB Server ...
Dynamic tracing of MariaDB on Linux - problems and solutions (MariaDB Server ...Dynamic tracing of MariaDB on Linux - problems and solutions (MariaDB Server ...
Dynamic tracing of MariaDB on Linux - problems and solutions (MariaDB Server ...Valeriy Kravchuk
 
linux monitoring and performance tunning
linux monitoring and performance tunning linux monitoring and performance tunning
linux monitoring and performance tunning iman darabi
 

Mais conteúdo relacionado

Mais procurados

A brief history of system calls
A brief history of system callsA brief history of system calls
A brief history of system callsSysdig
 
Container Performance Analysis
Container Performance AnalysisContainer Performance Analysis
Container Performance AnalysisBrendan Gregg
 
Netflix: From Clouds to Roots
Netflix: From Clouds to RootsNetflix: From Clouds to Roots
Netflix: From Clouds to RootsBrendan Gregg
 
Linux Profiling at Netflix
Linux Profiling at NetflixLinux Profiling at Netflix
Linux Profiling at NetflixBrendan Gregg
 
Kernel Recipes 2017: Performance Analysis with BPF
Kernel Recipes 2017: Performance Analysis with BPFKernel Recipes 2017: Performance Analysis with BPF
Kernel Recipes 2017: Performance Analysis with BPFBrendan Gregg
 
Systemtap
SystemtapSystemtap
SystemtapFeng Yu
 
Overview of FreeBSD PMC Tools
Overview of FreeBSD PMC ToolsOverview of FreeBSD PMC Tools
Overview of FreeBSD PMC ToolsACMBangalore
 
LISA17 Container Performance Analysis
LISA17 Container Performance AnalysisLISA17 Container Performance Analysis
LISA17 Container Performance AnalysisBrendan Gregg
 
LISA2010 visualizations
LISA2010 visualizationsLISA2010 visualizations
LISA2010 visualizationsBrendan Gregg
 
Modern Linux Tracing Landscape
Modern Linux Tracing LandscapeModern Linux Tracing Landscape
Modern Linux Tracing LandscapeKernel TLV
 
TIP1 - Overview of C/C++ Debugging/Tracing/Profiling Tools
TIP1 - Overview of C/C++ Debugging/Tracing/Profiling ToolsTIP1 - Overview of C/C++ Debugging/Tracing/Profiling Tools
TIP1 - Overview of C/C++ Debugging/Tracing/Profiling ToolsXiaozhe Wang
 
Kernel Recipes 2017: Using Linux perf at Netflix
Kernel Recipes 2017: Using Linux perf at NetflixKernel Recipes 2017: Using Linux perf at Netflix
Kernel Recipes 2017: Using Linux perf at NetflixBrendan Gregg
 
Designing Tracing Tools
Designing Tracing ToolsDesigning Tracing Tools
Designing Tracing ToolsSysdig
 
Tracing MariaDB server with bpftrace - MariaDB Server Fest 2021
Tracing MariaDB server with bpftrace - MariaDB Server Fest 2021Tracing MariaDB server with bpftrace - MariaDB Server Fest 2021
Tracing MariaDB server with bpftrace - MariaDB Server Fest 2021Valeriy Kravchuk
 
DiUS Computing Lca Rails Final
DiUS Computing Lca Rails FinalDiUS Computing Lca Rails Final
DiUS Computing Lca Rails FinalRobert Postill
 
USENIX ATC 2017: Visualizing Performance with Flame Graphs
USENIX ATC 2017: Visualizing Performance with Flame GraphsUSENIX ATC 2017: Visualizing Performance with Flame Graphs
USENIX ATC 2017: Visualizing Performance with Flame GraphsBrendan Gregg
 
RxNetty vs Tomcat Performance Results
RxNetty vs Tomcat Performance ResultsRxNetty vs Tomcat Performance Results
RxNetty vs Tomcat Performance ResultsBrendan Gregg
 
Designing Tracing Tools
Designing Tracing ToolsDesigning Tracing Tools
Designing Tracing ToolsBrendan Gregg
 
Broken Linux Performance Tools 2016
Broken Linux Performance Tools 2016Broken Linux Performance Tools 2016
Broken Linux Performance Tools 2016Brendan Gregg
 

Mais procurados (20)

A brief history of system calls
A brief history of system callsA brief history of system calls
A brief history of system calls
 
Container Performance Analysis
Container Performance AnalysisContainer Performance Analysis
Container Performance Analysis
 
Netflix: From Clouds to Roots
Netflix: From Clouds to RootsNetflix: From Clouds to Roots
Netflix: From Clouds to Roots
 
Linux Profiling at Netflix
Linux Profiling at NetflixLinux Profiling at Netflix
Linux Profiling at Netflix
 
Kernel Recipes 2017: Performance Analysis with BPF
Kernel Recipes 2017: Performance Analysis with BPFKernel Recipes 2017: Performance Analysis with BPF
Kernel Recipes 2017: Performance Analysis with BPF
 
Systemtap
SystemtapSystemtap
Systemtap
 
Overview of FreeBSD PMC Tools
Overview of FreeBSD PMC ToolsOverview of FreeBSD PMC Tools
Overview of FreeBSD PMC Tools
 
LISA17 Container Performance Analysis
LISA17 Container Performance AnalysisLISA17 Container Performance Analysis
LISA17 Container Performance Analysis
 
LISA2010 visualizations
LISA2010 visualizationsLISA2010 visualizations
LISA2010 visualizations
 
Modern Linux Tracing Landscape
Modern Linux Tracing LandscapeModern Linux Tracing Landscape
Modern Linux Tracing Landscape
 
TIP1 - Overview of C/C++ Debugging/Tracing/Profiling Tools
TIP1 - Overview of C/C++ Debugging/Tracing/Profiling ToolsTIP1 - Overview of C/C++ Debugging/Tracing/Profiling Tools
TIP1 - Overview of C/C++ Debugging/Tracing/Profiling Tools
 
Kernel Recipes 2017: Using Linux perf at Netflix
Kernel Recipes 2017: Using Linux perf at NetflixKernel Recipes 2017: Using Linux perf at Netflix
Kernel Recipes 2017: Using Linux perf at Netflix
 
Introduction to Perf
Introduction to PerfIntroduction to Perf
Introduction to Perf
 
Designing Tracing Tools
Designing Tracing ToolsDesigning Tracing Tools
Designing Tracing Tools
 
Tracing MariaDB server with bpftrace - MariaDB Server Fest 2021
Tracing MariaDB server with bpftrace - MariaDB Server Fest 2021Tracing MariaDB server with bpftrace - MariaDB Server Fest 2021
Tracing MariaDB server with bpftrace - MariaDB Server Fest 2021
 
DiUS Computing Lca Rails Final
DiUS Computing Lca Rails FinalDiUS Computing Lca Rails Final
DiUS Computing Lca Rails Final
 
USENIX ATC 2017: Visualizing Performance with Flame Graphs
USENIX ATC 2017: Visualizing Performance with Flame GraphsUSENIX ATC 2017: Visualizing Performance with Flame Graphs
USENIX ATC 2017: Visualizing Performance with Flame Graphs
 
RxNetty vs Tomcat Performance Results
RxNetty vs Tomcat Performance ResultsRxNetty vs Tomcat Performance Results
RxNetty vs Tomcat Performance Results
 
Designing Tracing Tools
Designing Tracing ToolsDesigning Tracing Tools
Designing Tracing Tools
 
Broken Linux Performance Tools 2016
Broken Linux Performance Tools 2016Broken Linux Performance Tools 2016
Broken Linux Performance Tools 2016
 

Semelhante a Linux Server Deep Dives (DrupalCon Amsterdam)

Dynamic tracing of MariaDB on Linux - problems and solutions (MariaDB Server ...
Dynamic tracing of MariaDB on Linux - problems and solutions (MariaDB Server ...Dynamic tracing of MariaDB on Linux - problems and solutions (MariaDB Server ...
Dynamic tracing of MariaDB on Linux - problems and solutions (MariaDB Server ...Valeriy Kravchuk
 
linux monitoring and performance tunning
linux monitoring and performance tunning linux monitoring and performance tunning
linux monitoring and performance tunning iman darabi
 
Kernel Recipes 2017 - Using Linux perf at Netflix - Brendan Gregg
Kernel Recipes 2017 - Using Linux perf at Netflix - Brendan GreggKernel Recipes 2017 - Using Linux perf at Netflix - Brendan Gregg
Kernel Recipes 2017 - Using Linux perf at Netflix - Brendan GreggAnne Nicolas
 
Archivematica Technical Training Diagnostics Guide (September 2018)
Archivematica Technical Training Diagnostics Guide (September 2018)Archivematica Technical Training Diagnostics Guide (September 2018)
Archivematica Technical Training Diagnostics Guide (September 2018)Artefactual Systems - Archivematica
 
A Fabric/Puppet Build/Deploy System
A Fabric/Puppet Build/Deploy SystemA Fabric/Puppet Build/Deploy System
A Fabric/Puppet Build/Deploy Systemadrian_nye
 
Black hat dc-2010-egypt-uav-slides
Black hat dc-2010-egypt-uav-slidesBlack hat dc-2010-egypt-uav-slides
Black hat dc-2010-egypt-uav-slidesBakry3
 
Devops with Python by Yaniv Cohen DevopShift
Devops with Python by Yaniv Cohen DevopShiftDevops with Python by Yaniv Cohen DevopShift
Devops with Python by Yaniv Cohen DevopShiftYaniv cohen
 
Metasploit: Pwnage and Ponies
Metasploit: Pwnage and PoniesMetasploit: Pwnage and Ponies
Metasploit: Pwnage and PoniesTrowalts
 
uWSGI - Swiss army knife for your Python web apps
uWSGI - Swiss army knife for your Python web appsuWSGI - Swiss army knife for your Python web apps
uWSGI - Swiss army knife for your Python web appsTomislav Raseta
 
Nrpe - Nagios Remote Plugin Executor. NRPE plugin for Nagios Core
Nrpe - Nagios Remote Plugin Executor. NRPE plugin for Nagios CoreNrpe - Nagios Remote Plugin Executor. NRPE plugin for Nagios Core
Nrpe - Nagios Remote Plugin Executor. NRPE plugin for Nagios CoreNagios
 
NRPE - Nagios Remote Plugin Executor. NRPE plugin for Nagios Core 4 and others.
NRPE - Nagios Remote Plugin Executor. NRPE plugin for Nagios Core 4 and others.NRPE - Nagios Remote Plugin Executor. NRPE plugin for Nagios Core 4 and others.
NRPE - Nagios Remote Plugin Executor. NRPE plugin for Nagios Core 4 and others.Marc Trimble
 
The Popper Experimentation Protocol and CLI tool
The Popper Experimentation Protocol and CLI toolThe Popper Experimentation Protocol and CLI tool
The Popper Experimentation Protocol and CLI toolIvo Jimenez
 
AIX Advanced Administration Knowledge Share
AIX Advanced Administration Knowledge ShareAIX Advanced Administration Knowledge Share
AIX Advanced Administration Knowledge Share.Gastón. .Bx.
 
Linux Capabilities - eng - v2.1.5, compact
Linux Capabilities - eng - v2.1.5, compactLinux Capabilities - eng - v2.1.5, compact
Linux Capabilities - eng - v2.1.5, compactAlessandro Selli
 
Linux 开源操作系统发展新趋势
Linux 开源操作系统发展新趋势Linux 开源操作系统发展新趋势
Linux 开源操作系统发展新趋势Anthony Wong
 
Positive Hack Days. Pavlov. Network Infrastructure Security Assessment
Positive Hack Days. Pavlov. Network Infrastructure Security AssessmentPositive Hack Days. Pavlov. Network Infrastructure Security Assessment
Positive Hack Days. Pavlov. Network Infrastructure Security AssessmentPositive Hack Days
 
Unmanned Aerial Vehicles: Exploit Automation with the Metasploit Framework
Unmanned Aerial Vehicles: Exploit Automation with the Metasploit FrameworkUnmanned Aerial Vehicles: Exploit Automation with the Metasploit Framework
Unmanned Aerial Vehicles: Exploit Automation with the Metasploit Frameworkegypt
 
Process management in linux
Process management in linuxProcess management in linux
Process management in linuxMazenetsolution
 

Semelhante a Linux Server Deep Dives (DrupalCon Amsterdam) (20)

Dynamic tracing of MariaDB on Linux - problems and solutions (MariaDB Server ...
Dynamic tracing of MariaDB on Linux - problems and solutions (MariaDB Server ...Dynamic tracing of MariaDB on Linux - problems and solutions (MariaDB Server ...
Dynamic tracing of MariaDB on Linux - problems and solutions (MariaDB Server ...
 
linux monitoring and performance tunning
linux monitoring and performance tunning linux monitoring and performance tunning
linux monitoring and performance tunning
 
Kernel Recipes 2017 - Using Linux perf at Netflix - Brendan Gregg
Kernel Recipes 2017 - Using Linux perf at Netflix - Brendan GreggKernel Recipes 2017 - Using Linux perf at Netflix - Brendan Gregg
Kernel Recipes 2017 - Using Linux perf at Netflix - Brendan Gregg
 
Archivematica Technical Training Diagnostics Guide (September 2018)
Archivematica Technical Training Diagnostics Guide (September 2018)Archivematica Technical Training Diagnostics Guide (September 2018)
Archivematica Technical Training Diagnostics Guide (September 2018)
 
A Fabric/Puppet Build/Deploy System
A Fabric/Puppet Build/Deploy SystemA Fabric/Puppet Build/Deploy System
A Fabric/Puppet Build/Deploy System
 
Black hat dc-2010-egypt-uav-slides
Black hat dc-2010-egypt-uav-slidesBlack hat dc-2010-egypt-uav-slides
Black hat dc-2010-egypt-uav-slides
 
Devops with Python by Yaniv Cohen DevopShift
Devops with Python by Yaniv Cohen DevopShiftDevops with Python by Yaniv Cohen DevopShift
Devops with Python by Yaniv Cohen DevopShift
 
Metasploit: Pwnage and Ponies
Metasploit: Pwnage and PoniesMetasploit: Pwnage and Ponies
Metasploit: Pwnage and Ponies
 
uWSGI - Swiss army knife for your Python web apps
uWSGI - Swiss army knife for your Python web appsuWSGI - Swiss army knife for your Python web apps
uWSGI - Swiss army knife for your Python web apps
 
Nrpe - Nagios Remote Plugin Executor. NRPE plugin for Nagios Core
Nrpe - Nagios Remote Plugin Executor. NRPE plugin for Nagios CoreNrpe - Nagios Remote Plugin Executor. NRPE plugin for Nagios Core
Nrpe - Nagios Remote Plugin Executor. NRPE plugin for Nagios Core
 
NRPE - Nagios Remote Plugin Executor. NRPE plugin for Nagios Core 4 and others.
NRPE - Nagios Remote Plugin Executor. NRPE plugin for Nagios Core 4 and others.NRPE - Nagios Remote Plugin Executor. NRPE plugin for Nagios Core 4 and others.
NRPE - Nagios Remote Plugin Executor. NRPE plugin for Nagios Core 4 and others.
 
The Popper Experimentation Protocol and CLI tool
The Popper Experimentation Protocol and CLI toolThe Popper Experimentation Protocol and CLI tool
The Popper Experimentation Protocol and CLI tool
 
AIX Advanced Administration Knowledge Share
AIX Advanced Administration Knowledge ShareAIX Advanced Administration Knowledge Share
AIX Advanced Administration Knowledge Share
 
Linux Capabilities - eng - v2.1.5, compact
Linux Capabilities - eng - v2.1.5, compactLinux Capabilities - eng - v2.1.5, compact
Linux Capabilities - eng - v2.1.5, compact
 
Multicore
MulticoreMulticore
Multicore
 
Linux 开源操作系统发展新趋势
Linux 开源操作系统发展新趋势Linux 开源操作系统发展新趋势
Linux 开源操作系统发展新趋势
 
Positive Hack Days. Pavlov. Network Infrastructure Security Assessment
Positive Hack Days. Pavlov. Network Infrastructure Security AssessmentPositive Hack Days. Pavlov. Network Infrastructure Security Assessment
Positive Hack Days. Pavlov. Network Infrastructure Security Assessment
 
Unmanned Aerial Vehicles: Exploit Automation with the Metasploit Framework
Unmanned Aerial Vehicles: Exploit Automation with the Metasploit FrameworkUnmanned Aerial Vehicles: Exploit Automation with the Metasploit Framework
Unmanned Aerial Vehicles: Exploit Automation with the Metasploit Framework
 
Process management in linux
Process management in linuxProcess management in linux
Process management in linux
 
Automation tools: making things go... (March 2019)
Automation tools: making things go... (March 2019)Automation tools: making things go... (March 2019)
Automation tools: making things go... (March 2019)
 

Último

Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...SofiyaSharma5
 
Networking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOGNetworking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOGAPNIC
 
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark WebGDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark WebJames Anderson
 
Call Girls In Saket Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Saket Delhi 💯Call Us 🔝8264348440🔝Call Girls In Saket Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Saket Delhi 💯Call Us 🔝8264348440🔝soniya singh
 
Challengers I Told Ya ShirtChallengers I Told Ya Shirt
Challengers I Told Ya ShirtChallengers I Told Ya ShirtChallengers I Told Ya ShirtChallengers I Told Ya Shirt
Challengers I Told Ya ShirtChallengers I Told Ya Shirtrahman018755
 
Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝soniya singh
 
Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Service
Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine ServiceHot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Service
Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Servicesexy call girls service in goa
 
Hot Call Girls |Delhi |Hauz Khas ☎ 9711199171 Book Your One night Stand
Hot Call Girls |Delhi |Hauz Khas ☎ 9711199171 Book Your One night StandHot Call Girls |Delhi |Hauz Khas ☎ 9711199171 Book Your One night Stand
Hot Call Girls |Delhi |Hauz Khas ☎ 9711199171 Book Your One night Standkumarajju5765
 
Call Girls In Pratap Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Pratap Nagar Delhi 💯Call Us 🔝8264348440🔝Call Girls In Pratap Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Pratap Nagar Delhi 💯Call Us 🔝8264348440🔝soniya singh
 
Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort Service
Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort ServiceEnjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort Service
Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort ServiceDelhi Call girls
 
How is AI changing journalism? (v. April 2024)
How is AI changing journalism? (v. April 2024)How is AI changing journalism? (v. April 2024)
How is AI changing journalism? (v. April 2024)Damian Radcliffe
 
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts serviceChennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts servicevipmodelshub1
 
Russian Call girls in Dubai +971563133746 Dubai Call girls
Russian Call girls in Dubai +971563133746 Dubai Call girlsRussian Call girls in Dubai +971563133746 Dubai Call girls
Russian Call girls in Dubai +971563133746 Dubai Call girlsstephieert
 
FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607
FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607
FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607dollysharma2066
 
Delhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip CallDelhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Callshivangimorya083
 
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.soniya singh
 
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...Diya Sharma
 
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...APNIC
 

Último (20)

Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...
 
Networking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOGNetworking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOG
 
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark WebGDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
 
Call Girls In Saket Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Saket Delhi 💯Call Us 🔝8264348440🔝Call Girls In Saket Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Saket Delhi 💯Call Us 🔝8264348440🔝
 
Challengers I Told Ya ShirtChallengers I Told Ya Shirt
Challengers I Told Ya ShirtChallengers I Told Ya ShirtChallengers I Told Ya ShirtChallengers I Told Ya Shirt
Challengers I Told Ya ShirtChallengers I Told Ya Shirt
 
Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝
 
Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Service
Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine ServiceHot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Service
Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Service
 
Hot Call Girls |Delhi |Hauz Khas ☎ 9711199171 Book Your One night Stand
Hot Call Girls |Delhi |Hauz Khas ☎ 9711199171 Book Your One night StandHot Call Girls |Delhi |Hauz Khas ☎ 9711199171 Book Your One night Stand
Hot Call Girls |Delhi |Hauz Khas ☎ 9711199171 Book Your One night Stand
 
Call Girls In Pratap Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Pratap Nagar Delhi 💯Call Us 🔝8264348440🔝Call Girls In Pratap Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Pratap Nagar Delhi 💯Call Us 🔝8264348440🔝
 
Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort Service
Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort ServiceEnjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort Service
Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort Service
 
How is AI changing journalism? (v. April 2024)
How is AI changing journalism? (v. April 2024)How is AI changing journalism? (v. April 2024)
How is AI changing journalism? (v. April 2024)
 
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts serviceChennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
 
Rohini Sector 6 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 6 Call Girls Delhi 9999965857 @Sabina Saikh No AdvanceRohini Sector 6 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 6 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
 
Russian Call girls in Dubai +971563133746 Dubai Call girls
Russian Call girls in Dubai +971563133746 Dubai Call girlsRussian Call girls in Dubai +971563133746 Dubai Call girls
Russian Call girls in Dubai +971563133746 Dubai Call girls
 
FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607
FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607
FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607
 
Delhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip CallDelhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
 
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
 
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
 
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
 
Rohini Sector 22 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 22 Call Girls Delhi 9999965857 @Sabina Saikh No AdvanceRohini Sector 22 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 22 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
 

Linux Server Deep Dives (DrupalCon Amsterdam)

  • 1. Linux Server Deep Dives Amin Astaneh Drupalcon Amsterdam 2019
  • 2. Who Am I? ● Senior Manager, SRE, Acquia ● Acquian since December 2010 ● Champion DevOps, SRE, operational, agile best practices
  • 3. WARNING: This is NOT Your Usual Linux Talk We won’t be talking about the usual suspects: ● top, ps, uptime ● sar, mpstat, iostat ● not even strace or lsof ● (well, maybe a little strace) Past talk: https://bit.ly/2BNzNy5
  • 4. Goal: An Introduction to Advanced Tooling ● Tools: perf_events, ebpf ● Origins and capabilities ● How to install these tools ● Demo of examples that you can use today Aim is to provide inspiration on simple yet powerful ways to troubleshoot Drupal from the infrastructure and performance side. The classic tools answer what resources are being used. These tools answer how resources are being used in much greater detail.
  • 5. Before We Begin: Tool Caveats 1) These tools can introduce a performance overhead. Keep that in mind when deciding to analyse your production workloads. Run in non-production where possible. 2) Some tools require you to rebuild your services in order to use them. Eg: mysqld, php, etc 3) Some tools require you to install debug packages to be useful. 4) These tools require root access.
  • 6. Before We Begin: The Environment For This Talk ● Ubuntu 18.04 VM ● Drupal 8.7.8 installed running the Umami demo site ● Modest resources (1 core, 1GB RAM, 10GB HDD) ● No fancy caching like Varnish or Memcached
  • 7. Before We Begin: Some Operating System Basics Let’s talk about system calls (aka: syscalls). It’s how programs interact with the kernel (in this case, Linux) to perform tasks, such as: ● read or write to a file ● database calls, memcached, HTTP ● executing other programs If you want the full list, run `man 2 syscalls`. If you want to read about a specific one, run `man 2 name_of_syscall`.
  • 8.
  • 10. perf_events ● It’s been around since 2009 ● Part of the linux kernel since 2.6.31 ● Originally called Performance Counters for Linux ● Enables capture of analysis of broad performance-related kernel events ● Not very well documented :( ● To install: linux-tools package
  • 11. The Extended Berkeley Packet Filter (eBPF) The Berkeley Packet Filter was originally simply that: a packet filter. However, there are certain characteristics of the project as it evolved since 2014 that expanded upon its originally-intended usage: ● Filters were implemented as programs that ran in a kernel-mode VM; ● “BPF guarantees that the programs loaded into the kernel cannot crash, and cannot run forever” ● eBPF programs can access in-kernel debugging features such as kprobes
  • 12. What Does This Mean For eBPF? You can use eBPF for in-depth performance analysis of a running server, not just its network stack. The toolkit provided by the BPF compiler collection (BCC) provides us an accessible wealth of observability tools. It also provides the means to write your own tools.
  • 13. Installing BCC ● Ubuntu: sudo apt-get install bpfcc-tools linux-headers-$(uname -r) ● RHEL: yum install bcc-tools ● Amazon Linux: yum install bcc
  • 15. `perf` tool Allows you to monitor for specific OS events to trace/analyse ● counters- number of occurances that something happens ● tracing- real time tracking of events (usually syscalls) ● probing- monitor and capture specific events on the server ● reporting- analyse captured data
  • 16. `perf stat` Example of counters: perf stat -e 'syscalls:sys_enter_*' COMMAND (lists the count of system calls for COMMAND) Example: let’s see what a `drush status` does to our system: sudo perf stat -e 'syscalls:sys_enter_*' drush status 2>&1 | grep -v ' 0 ' Why does this matter? A certain module or feature may be badly performing, and now you can find out why.
  • 17. `perf trace` ● Say hello to a more performant replacement to strace! ● System call tracers print what is happening in real time ● Tracing PHP processes can be really useful for troubleshooting performance problems quickly when you don’t have an APM installed ● perf trace has less overhead than strace, by a LOT
  • 18. `perf trace` overhead ● How do we test that? ● Using dd, we can see that perf trace has a 2.5x slowdown ● Strace had a 62x showdown. # dd if=/dev/zero of=/dev/null bs=512 count=10000k 5242880000 bytes (5.2 GB) copied, 3.53031 s, 1.5 GB/s # perf stat -e 'syscalls:sys_enter_*' dd if=/dev/zero of=/dev/null bs=512 count=10000k 5242880000 bytes (5.2 GB) copied, 9.14225 s, 573 MB/s # strace -c dd if=/dev/zero of=/dev/null bs=512 count=10000k 5242880000 bytes (5.2 GB) copied, 218.915 s, 23.9 MB/s
  • 19. perf trace You can see all syscalls on the system with `perf trace`! For a single process, run `perf trace -p <PID>` or `perf trace <COMMAND>`
  • 20. `perf record` ● You can sample all CPU activity on the system: ● perf record -a -F 1000 sleep 10 ○ Record activity on all processors, 1000 times per second, for 10 seconds ● Then you can generate a report on the output data ● perf report Note that you need to install debug packages in order to drill down into specific library calls! (PKG-dbg, or PKG-dbgsym)
  • 21. `perf top` ● Like the top command, but for kernel-level events ● Plain `perf top` will tell you what userspace and kernel functions are using the most resources ● What is generating network traffic on the server? ● perf top -e net:net_dev_xmit -ns comm,pid
  • 22. Dynamic Tracing with `perf probe` This allows you to monitor for invokation of specific kernel functions. ● create a probe: perf probe --add <FUNCTION> ● record probe behavior: perf record -e probe:<FUNCTION> -aR sleep 1 ● list probes: perf probe -l ● delete probes: perf probe -d <EVENT> You probably won’t use these when getting started, but know that this exists.
  • 23. Trace HTTP Outbound Connections in Real Time Use tcpconnect to detect external calls performed by Drupal, cronjobs, etc. Could also help in detecting intruders! # tcpconnect PID COMM IP SADDR DADDR DPORT 1957 php-fpm 4 192.168.122.229 143.204.214.36 80
  • 24. Trace HTTP Requests in Real Time Use tcptracer to detect all TCP connections on your server. A very easy way to find abusive or high-throughput HTTP clients as they happen!
  • 25. How long do your HTTP client connections last? tcplife prints out the latency and data transfers for each connection, which again can be useful for analysing what your clients are doing.
  • 26. Trace File Accesses On Web Server Use statsnoop to detect all file information accesses on your server (stat family of syscalls) # statsnoop | grep sites/default/files | egrep 'jpg|png|pdf|mp4' PID COMM IP SADDR DADDR DPORT 1957 php-fpm 4 192.168.122.229 143.204.214.36 80
  • 27. Monitor file reads and writes! Use filetop to find how which specific files are getting the most activity!
  • 28. How large are your per-process I/O operations? bitesize prints histograms of storage I/O operations for each process. May be useful to find programs that are doing excessive or inefficient operations.
  • 29. How Long Does it Take For Filesystem Operations? ext4dist, xfsdist, zfsdist, etc will generate histograms of how long it takes to perform reads and write operations on the filesystem. This really breaks down the performance characteristics of the filesystem beyond what iostat will tell you.
  • 30. Find out if you need more memory! More operating system theory: A ‘page fault’ means that a access to data required reading from the disk rather than what was in the page cache (stored in RAM). This is particularly important on servers expected to serve a lot of file data, eg: a file server. Too little memory for page cache affects performance. This is in a way similar to nginx or varnish miss rates. The cachestat tool enables you to monitor for this condition. The dcstat tool is useful for directory cache.
  • 31. Trace Creation of New Processes Use pidpersec to determine the rate of new process creation. High values may be revealing that something is wrong with custom code such as cronjobs or scripts on the server.
  • 32. Trace Creation of New Processes Use execsnoop to detect all new processes on your server. Quite useful for following up after use of pidpersec. # execsnoop-bpfcc PCOMM PID PPID RET ARGS date 2647 2499 0 /bin/date sleep 2648 2499 0 /bin/sleep 1 date 2649 2499 0 /bin/date sleep 2650 2499 0 /bin/sleep 1
  • 33. Spy On a User Session! Use ttysnoop to watch another person’s shell session! # to find the ttys in use ps auxww --forest | egrep --color ‘^|pts’ # then to trace ttysnoop /dev/pts/X
  • 34. Spy On All User Sessions! Similarly, you can use bashreadline to see all programs that have been invoked from a bash shell. Useful for analysing how jump hosts are being used.
  • 35. Spy On SSL/TLS Connections! sslsniff will print the data being written to and read from SSL_write() and SSL_read() functions, basically intercepting encrypted traffic on the server!
  • 36. In Summary ● perf_events and eBPF are pretty awesome additions to your toolkit ● You can see more details on Linux server activity than ever before ● You can start using these tools today :D ● Test in non-production first ● Have fun!
  • 38. Further Reading ● Buy Brendan Gregg’s book on eBPF ○ http://www.brendangregg.com/bpf-performance-tools-book.html ● Perf Events Reference ○ https://perf.wiki.kernel.org/index.php/Main_Page ● bcc Github Project ○ https://github.com/iovisor/bcc ● Julia Evans’ Perf Cheatsheet ○ https://jvns.ca/perf-cheat-sheet.pdf ● Linux Syscall References ○ `man 2 syscalls` ○ `man 2 <SYSCALL>`
  • 39. Thank You! Amin Astaneh Twitter: @aastaneh Email: amin@aminastaneh.net
  • 40. Join us for contribution opportunities Mentored Contribution First Time Contributor Workshop General Contribution #DrupalContributions
  • 41. What did you think? https://drupal.kuoni-congress.info/2019/program/ https://www.surveymonkey.com/r/DrupalConAmsterdam