Skip to content

Instantly share code, notes, and snippets.

@Billy99

Billy99/bpfd_test_notes.md

Last active September 9, 2022 20:27
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save Billy99/3fcee92539e5a34f120145d0a965ec82 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save Billy99/3fcee92539e5a34f120145d0a965ec82 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
bpfd_test_notes.md

bpfd Test Notes

nginx server

Start nginx server in a container:

docker run --name my-nginx -p 80:80 -d nginx

docker ps
 CONTAINER ID   IMAGE     COMMAND                  CREATED       STATUS       PORTS                               NAMES
 d7b3d5761328   nginx     "/docker-entrypoint.…"   7 weeks ago   Up 7 weeks   0.0.0.0:80->80/tcp, :::80->80/tcp   my-nginx

Determine the nginx container interface (I don't actually do it this way, but for easier documentation):

$ ip a
:
7: vethb2795c7@if6: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 xdpgeneric/id:112 qdisc noqueue master docker0 state UP group default 
    link/ether 92:b3:35:9a:ec:ea brd ff:ff:ff:ff:ff:ff link-netnsid 0
    inet6 fe80::90b3:35ff:fe9a:ecea/64 scope link 
       valid_lft forever preferred_lft forever

export NGINX_IFACE=vethb2795c7

curl the server:

curl http://172.17.0.1/about.html
# --OR--
watch -n 5 curl -m 2 http://172.17.0.1/about.html

Clean-up:

docker stop my-nginx
docker rm my-nginx

bpfd

To Build:

cd ~/src/bpfd/

cargo xtask build-ebpf --libbpf-dir $HOME/src/libbpf
cargo build

Load static program (NOTE: Need the interface to apply to here):

cat ~/pass.toml 
[[programs]]
name = "pass"
interface = "${NGINX_IFACE}"
path = "/home/bmcfall/src/xdp-tutorial/basic01-xdp-pass/xdp_pass_kern.o"
section_name = "xdp"
program_type = "xdp"
priority = 35
proceed_on = ["pass", "dispatcher_return"]

Install as systemd service:

sudo ./scripts.sh install
sudo cp ~/pass.toml /etc/bpfd/programs.d/.

Copy binaries (leave files intact):

sudo ./scripts.sh reinstall

Cleanup:

sudo ./scripts.sh uninstall

Run in foreground (not systemd service):

sudo RUST_LOG=info /home/bmcfall/src/bpfd/target/debug/bpfd

gocounter

To Build:

cd ~/src/bpfd/examples/gocounter/

go build

Generate Certs:

sudo ./scripts.sh gocounter

To run:

sudo ./gocounter vethb2795c7
# --OR--
sudo /sbin/setcap cap_bpf=ep ./gocounter
./gocounter vethb2795c7

bpfctl

Sample commands:

bpfctl list -i ${NGINX_IFACE}
bpfctl load -i ${NGINX_IFACE} -p xdp --priority 35 -s "xdp" /home/bmcfall/src/xdp-tutorial/basic01-xdp-pass/xdp_pass_kern.o
bpfctl load -i ${NGINX_IFACE} -p xdp --priority 45 -s "xdp" /home/bmcfall/src/xdp-tutorial/basic01-xdp-drop/xdp_drop_kern.o
bpfctl load -i ${NGINX_IFACE} -p xdp --priority 65 -s "xdp" /home/bmcfall/src/xdp-tutorial/basic01-xdp-pass/xdp_pass_kern.o
bpfctl unload -i ${NGINX_IFACE} 893ed44a-3ca7-4fa5-a80d-47676a49c600
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment