eCHO News 11
eCHO news in your bi-weekly wrap up of all things?eBPF ?and?Cilium . If you want to keep up on the latest in cloud native networking, observability, and security this is your?quelle ?
When cloud native and Kubernetes began, the advice was that it was only for stateless workloads. For me, the technology really began to "cross the chasm " when it began to host stateful workloads and support more niche use cases, like IoT. I think we are beginning to see that with eBPF now with projects around both storage and IoT launching this week. While they are still in their infancy, they bode well for what is to come. We also just closed the CfP for?eBPF Summit ?and there are a lot more exciting projects coming out, don't miss out!
On the Cilium side of the house, we are also seeing a lot of maturity with the release of 1.12 this week. All the press from the release can be found in a special section below.?My favorite quote ?from the community was "Cilium 1.12 is a game changer. I think I will convert to Cilium as my default CNI no matter the size of the project. Ingress controller, service mesh, topology aware hints." Pretty soon it will be no one got fired for choosing Cilium.?Let's ?? gin!
The Technical
xrp-project/XRP - "In-Kernel Storage Functions with eBPF" skipping the kernel storage stack to improve performance
Aya: your tRusty eBPF companion - "Aya is a library that makes it possible to write eBPF programs fully in Rust" check the post for the details and how Deepfence uses it
Exein-io/pulsar - "A highly modular and blazing fast runtime security framework for the IoT, powered by eBPF" you can read the?open sourcing blog too
citronneur/blindssl - "Disable SSL certificate verification for all binaries that use libssl" but requires dynamic linking with libssl
quarkslab/peetch - "peetch is a collection of tools aimed at experimenting with different aspects of eBPF to bypass TLS protocol protections"
rafaeldtinoco/drafts - "For anyone trying to find a very simple skeleton/draft to use for coding eBPF in golang. It generates a static binary you can distribute to any distro (and any kernel version)"
??
The Ecosystem
Cilium Service Mesh - To sidecar or not to sidecar, that is the question (with a choice of control plane). Read up to learn where Cilium Service Mesh is headed next?
Introduction to Parca - Part 1 - "Parca is our open source, always-on eBPF-based continuous profiler" learn how it works and what it does in the article
What Is eBPF? A Guide To Improved Observability & Telemetry - Splunk is in on the eBPF game now too with?Flowmill
Detecting and Capturing Kernel Modules with Tracee and eBPF - The blog post to follow their talk. Stop rootkits before they happen
Leveraging eBPF for Linux Runtime Security - "eBPF and AuditD do share some common capabilities. Nevertheless, AuditD falls far short of eBPF for system-level visibility into modern cloud environments"
eBPF and API Security with Traceable - "eBPF-based data collection has the ability to show deep API traffic data (request/response headers and bodies/payloads) for both North-South and East-West traffic" eBPF moving up the stack
??
The How To
Tracing a packet journey using Linux tracepoints, perf and eBPF - Learn how to trace a ping packet journey across network interfaces and namespaces
Kubernetes Networking with Cilium CNI and OKE on Oracle Cloud - "Why Cilium, you ask? For one, my team mate Sherwood Zern has been talking about it for quite a while. In fact, he hasn’t stopped talking about it." ??
Using eBPF with Fluent Bit and Tracee - "The goal is to focus on that “first mile” observability of getting the eBPF information into Fluent Bit to send to various integrations we support" seems eBPF is becoming table stakes for observability
My first impressions of Cilium - "It was smooth and everything worked the first time. It is an extraordinary and cutting-edge CNI" Love to hear it!
领英推荐
??
The Release
The Events
eBPF Summit - Back for the third year and we are putting together a great program (I know at least two eBPF maintainers will be speaking) CfP is now closes and it will be a very tough choice for us ??
Isovalent Cilium Enterprise and Cilium 1.12: Features and Updates Webinar - Get hands on with the Cilium 1.12 Release with Cilium co-founder Thomas Graf August 4th
Cilium and eBPF @ Open Source Summit - A broad variety of talks from a Cilium workshops and talk on service mesh to eBPF for beginners and privilege escalation September 13-16th in Dublin
eBPF @ Black Hat USA - eBPF hitting the stage at BlackHat August 6-11th covering?Kernel Exploits ,?Rootkits , and?securing Windows
??
The Tweet of the Week
As always, if you’ve seen a blog post, a tool, or anything else eBPF or Cilium related that you think the rest of the community should hear about, send them my way. You can either hit reply or join the #echo-news channel on?Cilium Slack .
??