Production ready eBPF, or how we fixed the BSD socket API
Cloudflare has open-sourced a production tooling called "tubular" that they developed for the sk_lookup hook, which is contributed to the Linux kernel. The software consists of an eBPF program and a larger user space component. Tubular allows users to change the addresses of a service on the fly and has been used in Cloudflare's Spectrum product and authoritative DNS services. It enables handling multiple services using the same port on different addresses, listening on all 2^16 ports, and managing state with eBPF maps. The source code for tubular is available at https://github.com/cloudflare/tubular.
Company
Cloudflare
Date published
Feb. 17, 2022
Author(s)
Lorenz Bauer
Word count
2974
Language
English
Hacker News points
26