Hacker News new | past | comments | ask | show | jobs | submit login

It would be much easier to write a kernel module than an eBPF program. But the eBPF program is unlikely to panic your machine, and the kernel module is almost certain to.



Also In cloud environments, I would much rather trust an eBPF program, than a kernel module.


Why in cloud environments?


You don’t want kernel panic affecting other users


Why would your cloud instance panicking affect other users of the cloud provider?

Or do you mean something else?


Anecdotically, I had the case on VMWare 4 (that was in 2012 or 2013) that a Solaris 11 VM managed to reboot the entire ESX it was hosted on. Very weird bug where ESX passed through some interrupt or something.

But in this case I think they mean on the same machine. "In production" would be more accurate than "in a cloud environment". And yeah I wouldn't load custom kernel modules in production just to do observability.


Cloud goes beyond rented VMs. Fully managed cloud services have thousands or millions of production customers on the same node. They have to be very careful about what they run as root.


I understand your point, but millions sounds an exaggeration- I have a hard time believing a single node can handle millions of concurrent users


I didn't mean to imply concurrent. A large fraction of the user base is very sporadic in its usage!


Thanks for clarifying :)




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: