eCHO News 54

eCHO news is your bi-weekly wrap up of all things eBPF and Cilium. If you want to keep up on the latest in cloud native networking, observability, and security this is your quelle

23rd April 2024

At Open Source Summit, it came to my attention that as of last month, eBPF is now 10 years old. In the past decade, eBPF has grown from incremental improvements to the original Berkley Packet Filter to one of most active areas of kernel development. This velocity is driven by all of the real world use cases that eBPF solves. eBPF now does everything from fixing HID hardware on the fly to redesigning kernel scheduling enabling faster gaming to being the core of Cisco’s “most consequential security product” - and that’s just the last two weeks. This flexibility and ability to solve bugs, slow downs, vulnerabilities, and many other problems at the infrastructure layer highlight why eBPF is starting to become the defining infrastructure technology of this decade (especially if you sprinkle some AI on it like Hypershield).

But software moves quickly, how is eBPF going to be as relevant in a decade as it is now? The community. As people find more interesting use cases for eBPF and solve a problem for a particular community, it draws that community into the eBPF orbit. To mention two examples how eBPF is drawing in more and more ecosystems, SIGCOMM is hosting the 2nd workshop on eBPF (and the eBPF Foundation has research funding) for academics and Johannes is writing a Java library for eBPF. Each of these alone represents a massive community to bring ideas and innovation into eBPF. Let’s 🐝 -gin with the next decade of eBPF!

The Technical

Hello eBPF: XDP-based Packet Filter (9) - "Using XDP and eBPF, we can create a partial packet filter that is easily extended into a firewall. The filtering overhead is low"

keisku/gmon - "An eBPF tool monitoring a goroutine"

elastic/otel-profiling-agent - "the profiling host agent from the Elastic Universal Profiling private repo"

🐝

The Ecosystem

Case Study: WS02 - "To us, Cilium is a single solution that covers a large number of our platform feature requirements. It provided all the network level functionality, all of the observability requirements, as well as the service mesh functionality”

Case Study: G Data CyberDefense - "Cilium helped reduce the mental overhead and helped speed up our development process so that we can bring new features to customers faster"

2nd Workshop on eBPF and Kernel Extensions - SIGCOMM Sydney 2024, CfP now open

Cisco Hypershield: Reimagining Security - "Tesseract Security Agent form factor provides complete visibility into a workload’s actions via eBPF"

Powered by eBPF Technology, KubeSense Pioneers the Future of Observability Beyond Agent-Based Tools - Another observability vendor replatforming on top of eBPF

Cisco Completes Acquisition of Isovalent to Define the Future of Multicloud Networking and Security - Same team, different company. Excited to be a part of Ciscovalent!

Aflevering 50: Networking Secrets: Exploring eBPF, CNI, and Service Mesh Technology - De Nederlandse Kubernetes Podcast talks with Dan and Nico

udev-hid-bpf To Help Enable HID-BPF Use Rather Than Kernel Drivers To Fix HID Hardware - "the tooling to fix HID devices using eBPF"

Elastic Universal Profiling agent, a continuous profiling solution, is now open source - Blog post for the above repo. Great to see more eBPF projects in the open!

🐝

The How To

Tetragon on AKS - Installation and enabling DNS, TLS, process, file, and HTTP visibility

Dual Stack on AKS with Cilium - When you can't choose between IPv4 and IPv6

Unveiling the Simplicity of Cluster Mesh for Kubernetes Deployments - "A whirlwind tour of multicluster networking traffic management with Cilium, served up with a dose of honey"

🐝

The Video

How to Install Tetragon on Kubernetes ll Swift Start Guide - From Helm chart to policy check in a minute

How to See Events in the Tetragon CLI ll Swift Start Guide - Observe tcp_connect, tcp_close, and kfuncs for a TCP connection

Cilium #eBPF - laboratório hands on, instalando o rodando uma aplicação do #starwars - Video mostrando a Cilium

Cilium Hubble Exporter - Write Hubble flows to a file for later consumption as logs - while supporting file rotation, size limits, filters, and field masks

🐝

The Events

Kubernetes Networking and Security with Cilium - In-person meetup with Liz Rice in London on April 23rd 

Putting the "Om" in Compliance: Zen and the Art of Cilium Enterprise - In-person meetup in London on April 25th

Cloud Native Live: Tetragon in action - detect and nip Kubernetes attacks in the bud - CNCF livestream on April 24th

🐝

The Tweet of the Week

As always, if you’ve seen a blog post, a tool, or anything else eBPF or Cilium related that you think the rest of the community should hear about, send them my way. You can either hit reply or join the #echo-news channel on Cilium Slack. You can also find all of the past episodes on the website.

🐝