Virtana Enhances Container Observability with eBPF

With containerized microservices, gaining deep visibility into application behavior and network performance of those applications is important to ensure applications run in a healthy and performant manner. While telemetry for network performance of applications is available, enabling it for applications is often intrusive, complex, and overly involved, leaving many organizations without the implementation of this key piece of data.

Virtana resolves that visibility gap and effort by leveraging eBPF, a powerful Linux kernel technology that allows simplified and powerful observability into an application’s network calls. Virtana’s Platform utilizes eBPF’s power to provide automatic and actionable insights into your containerized environments.

Virtana’s Container Observability solution leverages eBPF to deliver flow and network-level insights. You get a clear picture of how your containerized applications are communicating, without any application modifications or complex implementation steps.

A Powerful Combination for Deep Visibility

Virtana’s architecture for Container Observability doesn’t just rely on eBPF in isolation. It combines it with other powerful open-source tools and telemetry, like logs, metrics, traces, events, and changes, with the inclusion of OpenTelemetry and Prometheus data, to create a comprehensive solution for monitoring container workloads. The key components of Virtana’s observability for flow and network communication are:

• eBPF: The foundation of the solution. eBPF (Extended Berkeley Packet Filter) allows Virtana to safely run sandboxed programs in the Linux kernel. This provides a highly efficient way to collect detailed networking and performance data of containerized applications without impacting application performance.
• Beyla: Virtana also integrates with Beyla, an eBPF-based application auto-instrumentation tool. This allows for the collection of application-level context, providing a richer understanding of the network flows.
• Conntrack: By using Conntrack, a standard Linux kernel feature for connection tracking, Virtana can provide a complete picture of all network connections to and from your containers.

eBPF-Powered Use Cases

Automated Topology

• With Virtana’s visibility into traffic between components, you can:
  • Visualize application dependencies
  • Understand Service Impact when applications degrade or fail
  • Identify the change risk and affected entities involved
  • Audit data flows so applications remain compliant with who they’re exchanging data with

Bandwidth Utilization

• Virtana allows you to understand bandwidth utilization at a Service, Deployment / StatefulSet / DaemonSet level, allowing you to:
  • Pinpoint bottlenecks
  • Manage costs
  • Identify possible security issues, e.g., sudden high traffic to an unexpected endpoint
  • And properly plan for application growth

Automated Problem Detection

• Virtana automatically detects application slowdowns and high communication error rates, leveraging data from eBPF, allowing for:
  • Quicker Mean Time To Resolution
  • The ability to detect problems for domains where engineers may not have a full understanding of observability needs
  • Finding problems that may be missed at scale in large, busy environments

Key Benefits of Virtana’s Observability Approach

By leveraging eBPF, Virtana brings key benefits for organizations running containerized applications:

• Effortless, Deep Visibility: Get deep network and application insights without the need for manual instrumentation or code changes. (Though we also support code-level instrumentation for even deeper visibility into transactions and lines of code!)
• Unified Telemetry: Virtana’s approach of Unified Telemetry Ingestion means you can get a single, coherent view of your container environment, with data across your environment in a single place, including logs, metrics, traces, network flows, and changes.
• Enhanced Troubleshooting: With detailed flow and network-level data, you can quickly detect, diagnose, and resolve network-related issues in your containerized applications.
• Improved Data Governance: By providing a clear picture of all network communications, Virtana’s solution can also help you to identify and investigate suspicious or misdirected network activity.

Virtana’s strategic use of eBPF, in combination with other powerful tools, demonstrates a commitment to providing a modern, effective solution for container observability. By tapping directly into the Linux kernel, Virtana offers a level of insight that is deep, automatic, and non-intrusive, empowering you to run your containerized applications with confidence that the Virtana platform will be there to help when problems arise.