Zero-instrumentation Observability Based on eBPF

How do you turn raw system data into actionable insights without drowning your team in complexity? This session explores how eBPF is redefining observability for distributed systems and Kubernetes-native environments.

Traditional observability approaches come with real costs: code instrumentation adds implementation overhead, maintaining visibility across distributed systems is resource-intensive, and data overload without clear troubleshooting pathways slows down incident response rather than speeding it up.

This talk demonstrates how eBPF addresses those challenges directly. We cover how it captures telemetry at the kernel level, including real-time network call mapping across HTTP, gRPC, and TCP, filesystem operation tracking, and process execution monitoring across namespaces, all without requiring code changes.

We also walk through how metrics, logs, and traces work together as a unified pipeline: kernel-level performance indicators, context-rich event correlations, and cross-service dependency mapping that gives teams a complete picture of what's happening inside their infrastructure.

The session then shifts to practical troubleshooting, covering how to identify latency spikes through correlated traces, detect configuration drift via filesystem change timelines, and pinpoint network bottlenecks using protocol-level metrics to reduce MTTR.

If you're a DevOps engineer or SRE looking to reduce monitoring overhead while improving system reliability, this session offers a concrete look at lightweight, production-safe observability that scales with your infrastructure.