eBPF with Nix: laptop to testbed

Setting up eBPF development environment often require some effort on getting the correct headers, manage compiler versions, tweaking kconfig knobs, just to get a program running. In this session, we'll cover how to solve these problems using Nix [1] (NixOS not required). Unlike traditional workflows that rely on imperative package managers, Nix allows us to define kernel, userspace tooling, and testing infrastructure reproducibly.

We'll explore a workflow that bridges the gap between local prototyping and experiments/production environments using NixOS VM tests [2], which would allow developers easily to spin up multiple QEMU VMs with custom kernel (e.g. with patches or non-conventional config/build flags) and network connection.

We'll then demonstrate how to scale the exact environment from a laptop to testbeds like Grid'5000 [3]. With Nix and NixOS-Compose [4], we can deploy multi-node experiments with bit-perfect* reproducibility. In the demo, we'll use a trivial eBPF program (using bpf_override_return to mandate CONFIG_BPF_KPROBE_OVERRIDE + ALLOW_ERROR_INJECTION and mock syscalls), test it locally, and deploy to a cluster to collect live telemetry and visualizations.

[1] https://nixos.org/

[2] https://wiki.nixos.org/wiki/NixOS_VM_tests

[3] https://www.grid5000.fr/w/Grid5000:Home

[4] https://github.com/oar-team/nixos-compose

[*] https://reproducible.nixos.org/