eCHO News 58

eCHO news is your bi-weekly wrap up of all things eBPF and Cilium. If you want to keep up on the latest in cloud native networking, observability, and security this is your quelle

18th June 2024

Two big pieces of news this week, Linus has finally agreed to allow writing CPU schedulers with eBPF and Elastic is donating their eBPF based profiler to OpenTelemetry. Both of these remind me of a quote from an earlier article about the former "the BPF juggernaut has, thus far, managed to overcome just about every objection that it has encountered". I love the term juggernaut because I think it really captures the momentum behind eBPF now. 

In the eBPF documentary, when eBPF was finally merged into the kernel Thomas realized "This means we can rebuild everything better. What should we rebuild first?" We are now past the what should we rebuild first phase, championed by projects like Cilium, and well into the rebuilding everything better part. I'm continually amazed by all of the innovate new projects, products, and companies coming out of the eBPF ecosystem and seeing it all continue to blossom. What are you going to rebuild next with eBPF? Let me know and I'll add it to the next newsletter. I've got some eBPF Summit CfPs to review so let’s 🐝 -gin.

The Technical

Learned it the hard way: Don’t use Cilium’s default Pod CIDR - "This incident taught us the importance of methodically troubleshooting network issues" interesting post mortem

Profiling Libraries With eBPF: Detecting Zero-Day Exploits and Backdoors - Deep dive into how to (and not) use eBPF for security

DINT: Fast In-Kernel Distributed Transactions with eBPF - "DINT even achieves up to 2.6× higher throughput than using a DPDK-based kernel-bypass stack"

An Applied Introduction to eBPF with Go - Talk to blog conversation with intro and a few examples

eBPF cheatsheet - Quick scripts

4rivappa/kube-trace-nfs - "eBPF-Based NFS Telemetry Exporter for Kubernetes"

tarsal-oss/kflowd - "Kernel-based Process Monitoring on Linux Endpoints for File System, TCP and UDP Networking Events and optionally DNS and HTTP Application Messages via eBPF Subsystem"

🐝

The Ecosystem

What Good Governance Looks Like (My Experience as an LFX Mentee for Cilium) - Find out how Katie worked with me to improve Cilium's governance documentation

Case Study: Sicredi - "Cilium is a critical piece of software that gives us the ability to have more and more microservices, enabling new business capabilities. Cilium provides us with a great network that is capable of handling scale."

Case Study: PostFinance - "What I like the most about Cilium at the moment is all of the potential it has. It integrates well into the whole cloud native landscape and adds features like ingress and Gateway API support to round out our Kubernetes platform"

A Practical Guide to eBPF Licensing: Or How I Learned to Stop Worrying and Love the GPL - Find out how to think about licensing your Linux kernel eBPF programs 

Extensible scheduler class to be merged for 6.11 - eBPF now coming for CPU scheduling

Elastic Contributes its Continuous Profiling Agent to OpenTelemetry - "a vendor-agnostic eBPF-based profiling agent removes the need to rely on proprietary agents to collect profiling telemetry"

🐝

The How To

How to Deploy Cilium and Egress Gateway in Azure Kubernetes Service (AKS) - Choose the IP your pods reach the outside world on

AKS & Cilium, une histoire d’amour ? - (Re-)introduction à Cilium, déployer

Créer 511 clusters Kubernetes interconnectés avec Cilium Cluster Mesh (Partie 1) - Connecting cluster in French

Transparent Proxy Implementation using eBPF and Go - "eBPF presents a powerful solution for network interception and forwarding"

Can you run Tetragon on HashiCorp Nomad? — Part 1 - "Of course you can! And I’m going to show you how"

Magical ability to peek inside running Kubernetes Cluster - "My experience setting up and using Tetragon"

EKS Anywhere, jiving with Cilium OSS and BGP Load Balancer - "there we have it., a full Cilium experience without Kube-proxy and BGP based load-balancing along with Ingress and TLS"

Aya Rust tutorial Part Four XDP Hello World - Print on package received

Usando Cilium no WSL - Criando um ambiente de teste do Cilium no WSL

🐝

The Video

CuistOps - Découverte de Cilium Tetragon (et comparaison avec Falco) - Tetragon vs Falco en français

Getting Started with eBPF for Security - Good intro just missed trying out Tetragon 😉

Cloud DeMISTified: Kubernetes Networking with Cilium Demo - Cables2Clouds Podcasts try out the Isovalent Cilium labs

🐝

The Events

Networking Security Workshop series (in German) - Session 2: June 25

Cloud Network and Security 2nd MeetUp - Intro to eBPF in Munich on June 18th

Hive Mind Mingle at SecurityCon in Seattle - June 26

Observing and Securing Kubernetes Workloads with Cilium, Hubble, and Tetragon - Conference workshop in Nuremberg on November 19th

eBPF Summit - September 11th! Registration and CfP now open

Cilium + eBPF Day

CfP open until July 14th

🐝 

The Tweet of the Week

As always, if you’ve seen a blog post, a tool, or anything else eBPF or Cilium related that you think the rest of the community should hear about, send them my way. You can either hit reply or join the #echo-news channel on Cilium Slack. You can also find all of the past episodes on the website.

🐝