Upgrade to Pro — share decks privately, control downloads, hide ads and more …

PHPアプリケーションにおけるeBPFの使い所

 PHPアプリケーションにおけるeBPFの使い所

- PHPer視点でのPHPの世界
- PHPの世界における可観測性のカバー範囲
- PHPアプリケーションにおけるeBPFの使い所
- 実際に使ってみた話
- 今度使ってみたい話(時間があれば)
- まとめ

Sohei Iwahori

August 19, 2024
Tweet

More Decks by Sohei Iwahori

Other Decks in Technology

Transcript

  1. who? » Sohei Iwahori (@egmc) » GREE, Inc. » Πϯϑϥ

    / Monitoring Unit Leader / Senior Lead Engineer » ओʹήʔϜͷΠϯϑϥͱ؂ࢹγεςϜ » SRE NEXT 2025ͷCo-Chairʢnew!ʣ
  2. ϓϩηεʢঢ়ଶʣ͸୹໋Ͱ͋Δ » webͷίϯςΩετ » ϦΫΤετ୯ҐͰجຊతʹঢ়ଶ͕ഁغ͞ΕΔ » ҰఆͷϦΫΤετΛࡹ͍ͨΒϓϩηε͸࠶ੜ੒͞ΕΔ » (Α͘࢖ΘΕΔapache+mod-php΋php-fpmͳͲ) »

    webҎ֎ͷίϯςΩετ » ༗໊Ͳ͜ΖͷLaravelͷΩϡʔϫʔΧʔ͸ಉ͘͡Ұఆ਺ϦΫΤετΛࡹ͍ͨΓɺϝϞϦ ࢖༻ྔ͕͖͍͠஋Λ௒͑ͨΒࣗ਎Λkillͯ͠࠶ىಈͯ͠΋Β͏Α͏ͳઃܭʹͳ͍ͬͯΔ
  3. PHP͸άϧʔͰ͋Δ(2/2) » PHPຊମ͔ΒϦϯΫ » libcryptoͳͲ » γεςϜϥΠϒϥϦʢlibxxxʣʹϦϯΫͯ͠PHPଆʹΠϯλʔϑ ΣʔεΛఏڙ͢Δ » memcached.so

    + libmemcached » curl.so + libcurl » ... » C֦ுϨΠϠʔࣗମͰͷػೳఏڙ » mysqlnd » apcu » phpredis » ...
  4. PHPຊମʹ࢖͍ͬͯ͘(2/2) » USDT͕ར༻ग़དྷΔ৚݅ » enable-dtrace͕༗ޮʹͳ͍ͬͯΔ » USE_ZEND_DTRACE=1؀ڥม਺͕ઃఆ͞Ε͍ͯΔ » ಺෦తʹ͸؀ڥม਺ΛΈͯɺτϨʔεϙΠϯτΛؚΉؔ਺ʹϙΠϯλ(execute_ex->dtrace_execute_ex) Λஔ͖׵͍͑ͯΔ3

    » pidΛࢦఆ͠ͳ͚Ε͹probeΛΞλονग़དྷͳ͍ » bpftrace͸--usdt-file-activation͕͋Δ͕ɺPHPͷϓϩηεण໋͸୹͍ͷͰ௥͍͔͚ଓ͚Δ͜ͱ͸ग़དྷͳ͍ 3 https://github.com/php/php-src/blob/97b3b4552d343a830e67a63aa9b93cf4f2b1158f/Zend/zend.c#L941-L953
  5. caching_sha2_passwordͷڍಈௐࠪ » MySQL8.0Ͱcaching_sha2_password͕σϑΥϧτʹͳΓɺ8.1Ͱmysql_native_password͕ deprecatedʹͳͬͨ » ηΩϡΞ͡Όͳ͍ܦ࿏Ͱ͸mysqld͔Βެ։伴͕औಘ͞ΕɺͦͷΩʔʹΑΓύεϫʔυ͕҉߸Խ͞Εૹ৴ ͞ΕΔ » get-server-public-keyΦϓγϣϯͰ໌ࣔతʹϦΫΤετͰ͖Δ »

    σϑΥϧτͰ͸SSL_MODE=PREFERREDͳͷͰmysqlίϚϯυͳͲlibmysqlΛར༻͢Δ؀ڥ͸࠷ॳʹSSL઀ ଓΛࢼΈΔ » ରͯ͠PHPͷmysqlnd֦ு͸get-server-public-key૬౰ͷΦϓγϣϯͳͲ͕ͳ͘ڍಈʹෆ͕҆͋ͬͨ » ͦ͜ͰbpftraceͳͲΛར༻ͯ͠ڍಈௐࠪΛߦ͏͜ͱʹͨ͠
  6. caching_sha2_passwordͷڍಈௐࠪ » mysqlnd.so΁͸ͦͷ··Ͱ͸symbolͷղܾʹࣦഊͯ͠uprobeͷΞλον͕ग़དྷͳ ͍ » σόοάγϯϘϧ php7.4-mysql-dbgsym ύοέʔδΛ௥Ճ͢Δ͜ͱͰҎԼͷؔ࿈ ͨؔ͠਺ʹΞλονͰ͖ΔΑ͏ʹͳΔ »

    mysqlnd_caching_sha2_handle_server_response » mysqlnd_caching_sha2_get_auth_data » ެ։伴΁ͷΞΫηε͸libcrypto.soͷBIO_new_mem_bufؔ਺ʹΞλον͢Δ͜ͱͰ ެ։伴͕࢖ΘΕ͍ͯΔ͜ͱΛ֬ೝͨ͠
  7. caching_sha2_passwordͷڍಈௐࠪ #ίʔυύεͷ֬ೝ sudo bpftrace -e 'uprobe:/usr/lib/php/20190902/mysqlnd.so:mysqlnd_caching_sha2_handle_server_response {printf("here\n");}' #ެ։伴Λ֬ೝ͠ɺmysqldଆ͔Βఏࣔ͞Ε͍ͯΔ΋ͷͱͷҰகΛ֬ೝ $ sudo

    BPFTRACE_STRLEN=200 bpftrace -e 'uprobe:/lib/x86_64-linux-gnu/libcrypto.so.1.1:BIO_new_mem_buf {printf("%s\n", str(arg0));}' Attaching 1 probe... -----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv6agEXz7+WMj0uYjneXo IsWGu7pjdQB6/C3mShqTVvqnc2OgmjQ+K25qDU8MZc/yFiAVgFbQ4PFIiFIxdr2D faBBIW1fw/BMqXGRTXIa6aqDMWShcC9XNuWdsp1y3V $ sudo cat /var/lib/mysql/public_key.pem -----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv6agEXz7+WMj0uYjneXo IsWGu7pjdQB6/C3mShqTVvqnc2OgmjQ+K25qDU8MZc/yFiAVgFbQ4PFIiFIxdr2D faBBIW1fw/BMqXGRTXIa6aqDMWShcC9XNuWdsp1y3V1XUwWneW5R+TOmoDsx4igX ieH0xa6L8oYWM+KZNNvKD5+ESo2i9sAF+SZAgF3ZSYfET+I68KMHN/zMAR2l0Q5i YVlrKc33cAK6kabz6EeeufOzgRM6EFNrw0kMjZ5RVPsAeLO/r8NmcB4Fn7DTcpuz hkgcmbcPEAzaiI6yR0MiiDWPyBJeZgk0f96pD2iv6cpujgqWndQFc69v0OyAz7gR cwIDAQAB -----END PUBLIC KEY-----
  8. caching_sha2_passwordͷڍಈௐࠪ » mysqlndͰ͸σϑΥϧτͷ -ssl-mode=PREFERRED ૬౰ͷڍಈͰ͸ͳ͘ɺ-- ssl-mode=DISABLED --get-server-public-key ͷΑ͏ͳಈ࡞Ͱ͋Δ͜ͱ͕ ֬ೝͰ͖ͨ »

    ຊ݅͸gdbͱperfͷผղ΋͋ΔͷͰͪ͜Β΋ΑΖ͚͠Ε͹͝ཡ͍ͩ͘͞ » Debugging mysqlnd.so ʙmysql_native_password͕ഇࢭ͞ΕΔະདྷʹඋ͑ͯʙ4 4 https://labs.gree.jp/blog/2023/08/22599/
  9. appendix » Tracing mysqlnd.so and mysqld (with perf and bpftrace)

    » https://labs.gree.jp/blog/2023/08/22599/ » Debugging mysqlnd.so ʙmysql_native_password͕ഇࢭ͞ΕΔະདྷʹඋ͑ͯʙ » https://labs.gree.jp/blog/2023/07/22581/ » caching_sha2_password as the Preferred Authentication Plugin » https://dev.mysql.com/doc/refman/8.0/en/upgrading-from-previous- series.html#upgrade-caching-sha2-password