Debian 9 bcc-tools安装教程

环境准备

系统环境

Debian 9(Debian GNU/Linux 9.6 (stretch),Linux debian 4.9.0-8-amd64)。

远程配置

安装启动sshd服务,开启用户远程许可(本教程直接采用root)。

1
$ apt-get install ssh

1
$ systemctl enable sshd && systemctl start sshd
1
2
3
$ vi /etc/ssh/sshd_config
#PermitRootLogin prohibit-password改为如下所示:
PermitRootLogin yes
1
$ systemctl restart sshd

镜像源配置

采用国内开源镜像,如网易源、清华源等。

1
2
3
4
5
6
7
8
9
$ cat /etc/apt/sources.list
deb http://mirrors.163.com/debian/ stretch main non-free contrib
deb http://mirrors.163.com/debian/ stretch-updates main non-free contrib
deb http://mirrors.163.com/debian/ stretch-backports main non-free contrib
deb-src http://mirrors.163.com/debian/ stretch main non-free contrib
deb-src http://mirrors.163.com/debian/ stretch-backports main non-free contrib
deb-src http://mirrors.163.com/debian/ stretch-updates main non-free contrib
deb http://mirrors.163.com/debian-security/ stretch/updates main non-free contrib
deb-src http://mirrors.163.com/debian-security/ stretch/updates main non-free contrib

内核信息核对

一般,内核版本应大于4.1,同时满足以下flags,如有需要进行内核升级。

1
2
3
4
5
6
7
8
9
10
11
$ cat /boot/config-<kernel-version> | grep ……
CONFIG_BPF=y
CONFIG_BPF_SYSCALL=y
# [optional, for tc filters]
CONFIG_NET_CLS_BPF=m
# [optional, for tc actions]
CONFIG_NET_ACT_BPF=m
CONFIG_BPF_JIT=y
CONFIG_HAVE_BPF_JIT=y
# [optional, for kprobes]
CONFIG_BPF_EVENTS=y

其中,debian 9.6中无CONFIG_HAVE_BPF_JIT=y的flag,对安装无影响,可按需选择重新编译内核。
下面的flags要求主要用于运行networking示例:

1
2
3
4
5
CONFIG_NET_SCH_SFQ=m
CONFIG_NET_ACT_POLICE=m
CONFIG_NET_ACT_GACT=m
CONFIG_DUMMY=m
CONFIG_VXLAN=m

依赖包安装

1
$ sudo apt-get -y install debhelper cmake libllvm6.0 llvm-6.0-dev libclang-6.0-dev build-essential git libelf-dev bison flex libedit-dev clang-format-3.8 python python-netaddr python-pyroute2 luajit libluajit-5.1-dev arping iperf netperf ethtool devscripts zlib1g-dev libfl-dev libelf-dev
1
$ sudo apt-get -y install linux-headers-$(uname -r)

Sudo配置(root权限可忽略)

1
$ apt-get -y install sudo
1
2
3
4
5
$ vi /etc/sudoers
#添加如下内容
build-user ALL = (ALL) NOPASSWD: ALL

build-user ALL = (ALL) ALL

编译安装

1
$ cd <preferred development directory>
1
$ git clone https://github.com/iovisor/bcc.git
1
$ mkdir bcc/build
1
$ cd bcc/build
1
$ cmake .. -DCMAKE_INSTALL_PREFIX=/usr
1
$ make
1
$ sudo make install

make过程中会显示一些错误信息,对结果影响不大,完成100%的编译即可。

运行使用

所有软件均默认安装/usr/share/bcc,使用软件均在/usr/share/bcc/tools,使用方法如下:

1
$ /usr/share/bcc/tools/opensnoop

参考文章