Failure to build 0.27.0 (issues with gobpf/bcc)

[daurnimator]

# github.com/iovisor/gobpf/bcc
/build/go/pkg/mod/github.com/iovisor/gobpf@v0.2.0/bcc/module.go:230:132: not enough arguments in call to (_C2func_bcc_func_load)
	have (unsafe.Pointer, _Ctype_int, *_Ctype_char, *_Ctype_struct_bpf_insn, _Ctype_int, *_Ctype_char, _Ctype_uint, _Ctype_int, *_Ctype_char, _Ctype_uint, nil)
	want (unsafe.Pointer, _Ctype_int, *_Ctype_char, *_Ctype_struct_bpf_insn, _Ctype_int, *_Ctype_char, _Ctype_uint, _Ctype_int, *_Ctype_char, _Ctype_uint, *_Ctype_char, _Ctype_int)

$ pacman -Q libbcc
bcc 0.25.0-1

Upstream issue: iovisor/gobpf#314

[tpaschalis]

Hey there, thanks for the report. This seems to be another case of gobpf not yet being updated to match a recent bcc version; these new arguments were introduced in 1 and 2 which were part of v0.25. We'll be keeping an eye out on the upstream issue.

For the time being, you could either use the -tags noebpf flag to opt-out of building the ebpf_exporter on your system, or (if possible) downgrade to an older bcc version. Our build pipeline just installs libbpfcc-dev using apt and it seems to be working; are you installing bcc from source using a more recent version?

[daurnimator]

For the time being, you could either use the -tags noebpf flag to opt-out of building the ebpf_exporter on your system, or (if possible) downgrade to an older bcc version. Our build pipeline just installs libbpfcc-dev using apt and it seems to be working; are you installing bcc from source using a more recent version?

I am packaging grafana-agent for ArchLinux. We could disable ebpf, but anyone using that would suddenly either get errors, or have missing metrics.
We would not downgrade libbpfcc for all ArchLinux users for this issue.

[tpaschalis]

Oh, I see, thanks for your efforts!

The issue is that the gobpf library needs to match the exact bcc version, that's why they also suggest pinning the gobpf version to follow a single bcc release. Let's see if the upstream issue gains any traction; even then I would be hesitant to upgrade since it would be breaking for other users as well.

We're looking into a couple of alternatives for making working with bcc easier. In the meantime, while not ideal, disabling the integration could be a decent tradeoff.

Users wouldn't get errors, just missing metrics and a "the ebpf integration is not available; enabling it will do nothing" log line; maybe we should make a better job at letting them understand they'd have to go about building the Agent themselves with the matching bcc version if they want to use this specific integration.

[martinetd]

@tpaschalis the patch suggested in iovisor/gobpf#311 will keep working with older bcc versions as well, just keep using the latest gobpf.
For this case it's really just the new bcc release that changed its API without much warning, so the rest of the ecosystem needs a bit of time to catch up...

[tpaschalis]

I'm closing this as wontfix. For now we have removed the problematic bundled ebpf_exporter that was using gobpf/bcc.

If we bring this back, we should look into either using cloudflare/ebpf_exporter's release v2.0 which moves away from BCC or something based on cilium's go-ebpf to avoid such issues with static linking.