Efficient monitoring of large-scale networks poses a delicate balance between capture granularity on the one hand and the imposed overheads and performance penalties on the other. Skydive is an open source real-time network topology and protocol analyzer, featuring smart network collection which is both granular and efficient. Skydive allows for efficient network monitoring at scale through Linux networking features such as BPF and eBPF.
In the talk we will present Skydive and will give an update of the features that introduced since one year. We will show how Skydive leverages eBPF to produce useful insights on top of network topology information. We will share some performance results showing the efficiency of Skydive BPF/eBPF capturing in the context of a Kubernetes deployment.