Speaker
Description
Monitoring is something every sysadmin or developer must consider, particularly when dealing with Linux-based systems such as Ubuntu. But most classic monitoring tools either don't provide enough information, or they slow down because they execute heavy agents or scripts. In this presentation, I'll demonstrate how we can do it differently by leveraging two strong tools: eBPF and Prometheus.
eBPF (extended Berkeley Packet Filter) is a capability integrated into current Linux kernels that allows us to execute little programs securely within the kernel itself. That way, we can observe what's going on way down in the system, stuff like system calls, network activity, and CPU consumption, without altering the apps in use or introducing a ton of overhead. It's fast, secure, and incredibly useful for observability.
Prometheus, however, is already a very popular open-source tool for monitoring and alerting. It collects metrics from different places and assists us in analyzing them through PromQL, its query language. Putting eBPF and Prometheus together, you get a very effective and granular method of monitoring your Ubuntu system, with real-time data and little performance overhead.
In this session, I'll take you through the process of how eBPF gathers metrics and how Prometheus is able to leverage those metrics to provide you with information about your system. We'll cover existing eBPF exporters, and I'll demonstrate how to get everything installed on an Ubuntu machine—from installing Prometheus to running an eBPF exporter.
There will also be a live demonstration, where we'll track things such as CPU utilization, memory, disk I/O, and network performance in real time. I'll write some PromQL queries, so the audience can see just how easy it is to go exploring and see what your system is doing.
I'll conclude by examining what's new in Prometheus, such as new features that further empower it for system monitoring. I'll discuss how these enhancements, when paired with eBPF, can better monitor Ubuntu machines and provide greater flexibility in monitoring system activity.
What audience can learn
The audience will learn how eBPF enhances Prometheus monitoring for Ubuntu, enabling efficient, real-time observability with minimal overhead. They’ll see a live setup and demo of tracking system metrics and understand practical use cases for performance tuning and security monitoring.
Biography
Neeraj Gartia is an open-source contributor and an incoming SDE at Microsoft. As a Grafana Champion, he has contributed to Prometheus, particularly in PromQL native histograms. He has also interned at Microsoft, participated in Google Summer of Code and LFX mentorships, and is passionate about eBPF, Prometheus, and cloud-native monitoring solutions.
Summary
This talk will show how eBPF and Prometheus can monitor Ubuntu systems efficiently and in real time. I'll explain what eBPF is, set up Prometheus with an eBPF exporter, and run a live demo to track system performance.
| Difficulty level | Intermediate |
|---|