Minikube
https://github.com/lftraining/MWC
linux foundation training
minikube start –driver=podman –cpus=4 –memory=8192
eBPF monitor
sudo dnf install bpftool
https://dev.to/maheshrayas/-intro-into-ebpf-and-rust-l2m
eBPF is a technology that allows developers to run safe, sandboxed programs in the Linux kernel. These programs can be used for networking, observability, and security, without modifying kernel source code or loading kernel modules.
eBPF runs inside a restricted virtual machine in the kernel — somewhat like how WebAssembly (WASM) or the JVM operates in userspace — ensuring safety and control over what the program can do.sudo
Probe BPF system capabilities. This command queries the kernel for supported BPF features; look for “supported” on key items like bpf_syscall, map types, and program types. Some may be restricted to only root users.
| Install Required eBPF Tools
Update package index and install core packages
student@cp:$ sudo apt update
student@cp:$ sudo apt install -y bpftrace clang llvm libbpf-dev linux-headers-$(uname -r) bpfcc-tools
These packages provide bpftrace (high-level scripting), bpftool (inspection and debugging), clang/LLVM (compilation), and BCC tools (classic BPF examples) needed throughout the course.
Verify installations
student@cp:$ which bpftrace && bpftrace –version
student@cp:$ which bpftool && bpftool version
student@cp:~$ which clang && clang –version
Successful output confirms the tools are available in PATH and ready for use.
Run eBPF “Hello World” with bpftrace
Execute simplest possible eBPF program. The BEGIN probe triggers immediately when the program loads, proving that the kernel accepted and executed a BPF bytecode program. If the message appears without errors, eBPF loading, verification, and JIT compilation are working correctly. student@cp:~$ sudo bpftrace -e ‘BEGIN { printf(“Hello, eBPF World!\n”); exit(); }’ Attaching 1 probe… Hello, eBPF World!