How-to guides
eBPF
Using eBPF with Edera

Using eBPF with Edera

Edera supports eBPF by default—no extra tooling, kernel patches, or custom modules required.
As long as you’re using an Edera zone kernel that supports eBPF (via the dev.edera/kernel pod annotation), you’re good to go.

This guide is for individuals who want to take it one step further and verify that eBPF is functioning correctly within the zone.

Note

You don’t need to do anything special to use eBPF with Edera, except specify the kernel. However, if you’d like to test it, follow the steps below.

Step-by-step: Verify eBPF support

1. Apply the Edera RuntimeClass

Save the following as edera-runtime.yaml:

apiVersion: node.k8s.io/v1
kind: RuntimeClass
metadata:
  name: edera
handler: edera

Then apply it:

kubectl apply -f edera-runtime.yaml

2. Launch a test pod with an eBPF-Supporting zone kernel

To verify eBPF functionality, you’ll need to use a zone kernel that includes eBPF support and run the test container in privileged mode (just for testing).

Important

Regular workloads don’t need to run privileged — but this one does so you can verify eBPF works.

Bonus: We make privileged containers safe and secure by default →

Save the following as edera-ebpf-test.yaml:

apiVersion: v1
kind: Pod
metadata:
  name: edera-ebpf-test
  annotations:
    dev.edera/kernel: ghcr.io/edera-dev/zone-kernel:6.15
    dev.edera/initial-memory-request: "2048"
spec:
  runtimeClassName: edera
  containers:
  - name: edera-ebpf-test
    image: ubuntu:latest
    command: ["/bin/sh"]
    args: ["-c", "while true; do sleep 10; done"]
    securityContext:
      privileged: true
    imagePullPolicy: Always

Apply the pod:

kubectl apply -f edera-ebpf-test.yaml

3. Verify eBPF functionality

Open a shell inside the container:

kubectl exec -it edera-ebpf-test -- bash

Install and run bpftool:

apt update && apt install curl tar -y
curl -sLO https://github.com/libbpf/bpftool/releases/download/v7.5.0/bpftool-v7.5.0-amd64.tar.gz
tar -xvf bpftool-v7.5.0-amd64.tar.gz
chmod +x bpftool
./bpftool feature probe

Expected output (partial):

Scanning system configuration...
bpf() syscall is available
eBPF program_type kprobe is available
eBPF program_type socket_filter is available
...

That’s it

You now have a secure zone kernel running with eBPF enabled—no extra kernel tuning required. Go build cool things.

Got questions or want to show off what you’ve built?
Email us at support@edera.dev

Last updated on