Hopefully a repost of this article in a year or two will get a FreeBSD/OpenBSD tag, too. Pity that such a good tech remains on Linux only.
How is eBPF similar or different from DTrrace? I know they are philosophically related, but I’ve never written a program in either…
My comment mostly stems from the desire to use the same tool across different platforms, as that would make life easier, due to less context switching.
Of course, there is bpftrace, where I could use DTrace-like language for doing instrumentation, but (e)BPF tools seem to be more advanced.
This is quite a great overview of both, pointing out the major differences: https://tracingsummit.org/ts/2019/files/Tracingsummit2019-dtrace-hees.pdf
One thing I can’t seem to understand is whether or not eBPF requires you to write in C or not. Most “other languages you can use” seem to just wrap C programs you also have to write anyway. This has remained a point of confusion for me.
Start with bpftrace which is a very DTrace like tool. If you want to do more elaborate things look into BCC. BCC has support for LuaJIT, Python and C.
The references for C in the scripts is to be able to interpret and reference the information correctly (inclusion of C headers to get prototypes and data structures)
Neato, I appreciate the pointers! Get it? Pointers!
Take this upvote and leave.
Besides the ones mentioned by @sevan there are also some libraries which allow writing in Rust as well.
Have a link to the ones you like? I’m a big fan of Rust!
redbpf is the one I’m most familiar with, but I believe there are other options as well.