Journal Articles

CVu Journal Vol 32, #3 - July 2020
Browse in : All > Journals > CVu > 323 (11)

Note: when you create a new publication type, the articles module will automatically use the templates user-display-[publicationtype].xt and user-summary-[publicationtype].xt. If those templates do not exist when you try to preview or display a new article, you'll get this warning :-) Please place your own templates in themes/yourtheme/modules/articles . The templates will get the extension .xt there.

Title: Reviews

Author: Bob Schmidt

Date: 02 July 2020 16:54:01 +01:00 or Thu, 02 July 2020 16:54:01 +01:00

Summary: The latest roundup of reviews.

Body: 

We are always happy to receive reviews of anything that may be of use, or of interest, to software developers. The emphasis will tend to be on technical books, but we are also interested in less-technical works – for example the humanities or fiction – and in media other than traditional print books.

Do you know of something you think deserves – or does not deserve – a wider audience? Share it here. We're keen to highlight differing opinions on the same work, so if you disagree with a review here do send in your own! Contact Ian Bruntlett at reviews@accu.org.

Linux Observability with BPF: Advanced Programming for Performance and Networking

By David Calavera & Lorenzo Frazelle, published by O’Reilly, website: github.com/bpftools/linux-observability-with-bpf, ISBN: 978-1-492-05020-9

Reviewed by Ian Bruntlett

Verdict: I liked it. Mind-bending but good.

BPF is a technology that emerged out of bpf and eBPF. Whilst not a kernel expert, I am a programmer and I bought this book with a view to learning what goes on inside the kernel and to help when testing pre-release versions of Ubuntu/Lubuntu Linux. This slim book (162 pages) that brings many things together in one place. It has its source code on the book’s GitHub page. Warning: this is bleeding edge stuff.

The ‘Introduction’ chapter covers the history and architecture of bpf. It turns out that bpf programs have certain limitations which in turn makes certain guarantees possible.

The ‘Running your first BPF program’ chapter has a short example that has to be compiled using LLVM’s C compiler. It then goes on to catalogue the different BPF program types and gives info on the BPF verifier and other details.

The ‘BPF Maps’ chapter is highly technical and fiddly – it describes an illustrates the BPF Map API where a Map can be some arbitrary key-value pairs – other data structures – confusingly still called Maps – have been added to BPF over time. Finally, it explains the BPF Virtual Filesystem.

The ‘Tracing with BPF’ chapter is all about efficiently collecting data from the Kernel and User-Space programs for debugging and profiling. It introduces the BPF Compiler Collection (BCC) and mostly uses Python programs to provide hosts for BPF programs. It goes into detail about tracing probes which it defines as ‘exploratory programs designed to transmit information about the environment in which they are executed’. This sounds dangerous but the BPF verifier validates code before it is accepted for execution. It finishes with two ways to visualise accumulated data – flame graphs and histograms.

The ‘BPF Utilities’ chapter covers some very interesting tools. BPFTool is an awesome tool for working with BPF programs and the data they generate. In Ubuntu, searching the package repositories for BPFTool found nothing but later on I found it is provided by the linux-tools-common package. BPFTrace implements a concise, domain-specific-language for writing BPF programs – it provides more support for the programmer than BCC does – however, it is less suited for advanced programs. It covers kubectl-trace, a kubernetes tool which I cannot comment upon. Finally, it covers eBPF Exporter, a tool to export data to Prometheus, a monitoring tool alerting system.

The ‘Linux Networking and BPF’ chapter is interesting but a bit beyond my experience. It covers packet filtering with BPF and illustrates how tcpdump in turn writes bpf programs. It disassembles a BPF program’s byte code and explains what it does. I did notice that on page 96 there is a small problem with the Ethernet frame header offsets. It goes on to cover the Traffic Control subsystem with examples.

The ‘Express Data Path (XDP)’ chapter is more networking. It is all about running BPF programs whenever a network interface receives a packet. It is intricate, complete with useful diagrams. I was impressed by its flexibility to handle denial of service attacks. It also covers the writing and testing of XDP programs. It finishes with XDP Use Cases – monitoring, DDOS mitigation, Load Balancing and Firewalling.

The ‘Linux Kernel Security, Capabilities, and Seccomp’ chapter explains Secure Computing (abbreviated to Seccomp), a security layer of the kernel for filtering syscalls and provides a C program example.

The final chapter, ‘Real-World Use-Cases’, is a couple of anecdotes on real-world uses of BPF – Sysdig and Flowmill.

To conclude: this is a slim book that covers a highly technical subject. It has a reasonable index but no bibliography. Should you read this book? Maybe. There is another BPF book available (BPF Performance Tools by Brendan Gregg) which is considerably larger. This book has an improved awareness of BPF in the Kernel and was sufficiently brief to make reading it a manageable project.

The Pragmatic Programmer (20th Anniversary Edition)

By David Thomas & Andrew Hunt, published by Addison-Wesley, website: pragprog.com/titles/tpp20, ISBN: 0-13-595705-2

Reviewed by Ian Bruntlett

Verdict: A classic.

Physically this is a beautiful book that will endure much use. Split into 9 chapters, 53 topics and 100 tips (with a tear-out tips reference card) it is an impressive piece of work. A short Bibliography is provided. Also, some chapters have exercises and challenges for the reader – with possible answers to the exercises at the back of the book.

According to the Preface, one third of topics in this second edition are new and the majority of the rest have been re-written – either partially or totally. Also, ‘Kaizen’, the Japanese term that captures the concept of continually making many small improvements is introduced.

The ‘Pragmatic Philosophy’ chapter presents the authors philosophy regarding software development – taking responsibility for your career and the consequences of your actions; technical debt; being a catalyst for change; trade-offs in quality; and managing your knowledge portfolio; and finishes off covering different types of communication and, how to do it well.

The ‘Pragmatic Approach’ chapter builds on the previous chapter, but deals with issues involved in coding, backed up with example Ruby code. It boldly proclaims ‘There are certain tips and tricks that apply at all levels of software development, processes that are virtually universal, and ideas that are almost axiomatic’ and that this chapter presents them to you. It covers design principles, strategies for dealing with change, the start of projects, domain languages and estimation.

The ‘Basic Tools’ chapter builds on the programmer-as-artisan metaphor where a maker starts with a basic set of good quality tools. It is heavily biased towards the Unix way of doing things – the importance of plain text, command shells, power editing (text), version control and text manipulation languages. More universal is its recommendation of maintaining Engineering Daybooks. The Unix command line tools have been around for a long time – and, thanks to the FSF, will hopefully will be freely available for a long time.

The ‘Pragmatic Paranoia’ chapter is all about dealing with everyone’s imperfections. The first three topics (Design by Contract, Dead programs tell no lies, assertive programming) all help with the building of correct software. The ‘How to Balance Resources’ topic is all about resource management and how it interacts with scope and exceptions. The final topic ‘Don’t Outrun Your Headlights’ advocates taking small steps – to avoid taking on tasks that are impossible to estimate.

The ‘Bend or Break’ chapter is all about aiming for flexible code and avoiding the creation of fragile code. In particular it discusses decoupling, building upon this book’s Easier to Change principle. It has a tip, Avoid Global Data and I really think that the related principle Parameterise from Above should have been discussed. In the Juggling the Real World topic the ability to be responsive to external change / events covers finite state machines, the Observer pattern, Publish/Subscribe and, Reactive Programming and Streams. So there are plenty of things to learn from this chapter. The Transforming Programming topic raises command-line pipelines and the importance of approaching some problems as a case of taking input data, transforming it, and then outputting it – either at the Unix command-line or in an Elixir program using the |> operator. The Inheritance Tax topic is no fan of inheritance and discusses alternatives. I was surprised that the SOLID acronym wasn’t discussed. Finally, it looks at the role of configuration for flexibility.

The ‘Concurrency’ chapter discusses temporal coupling and the role of time in software architectures – ‘Concurrent and Parallel code used to be exotic. Now it is required’. It discusses Actors and Processes and Blackboards as potential solutions.

The ‘While You Are Coding’ chapter is a selection of 8 topics and 38 tips on coding and is packed full of useful advice. Amongst other things it covers refactoring, testing, and security.

The ‘Before the Project’ chapter discusses requirements and how developers can glean requirements for a project from the users and then build on and refine that information. It also gives advice on how to solve seemingly impossible puzzles. One topic, ‘Working Together’ advocates Pair Programming for the production of higher quality software. The final topic covers the essence of Agile software development.

The final chapter, ‘Pragmatic Projects’, is about the bigger picture and how tips from this book can be applied to a project. In its ‘Pragmatic Starter Kit’ topic it covers three critical things – Version Control, Regression Testing and automation of Building and Testing. The ‘Delight Your Users’ topic reinforces the need for developers to be exposed to many aspects of the customer’s organisation.

The Postface of this book reflects on the responsibility of software developers to have a moral compass and ask “Have I protected the user?” and “Would I use this myself?”. It then concludes with : “It’s Your Life. Share It. Celebrate it. Build it. AND HAVE FUN!”

To conclude, this is an interesting compilation of short essays on Software Development. Well worth reading.

Notes: 

More fields may be available via dynamicdata ..