eCHO News 34

eCHO news is your bi-weekly wrap up of all things?eBPF ?and?Cilium . If you want to keep up on the latest in cloud native networking, observability, and security this is your?quelle

11th July 2023

Temperatures are soaring here in Berlin and most days I just want to bike down to a lake and go for a swim. Cilium 1.14 will be coming out shortly and preparations for fall conference season are in full swing so there aren't too many days to just float around.

I'll be at both KubeCon?North America ?and?China ?with Cilium talks and booths at both so if you haven't yet, make sure you get your ticket now to catch up on the latest buzz from the hive. If your company has cut back on travel budget,?eBPF Summit ?is virtual and you can sign up today. I'm going to try to find some time to go swimming later so let's ?? gin!

The Technical

Lost in transit: debugging dropped packets from negative header lengths -pwru to the rescue!

Observing Node.js processes with eBPF - A deep dive into what is (and isn't) possible in the kernel today

Introducing bpftune for lightweight, always-on auto-tuning of system behaviour - Oracle bringing auto-tuning to the kernel. Check it out on?Github ?too

Tracing Go Function Arguments in Production - ...with eBPF

Experiments with eBPF: Snitchrs - "In order to learn how to use eBPF I decided to implement Snitchrs, a simple program that shows on a map to which IPs your computer is connecting to"

Gophers & Bees - parsing Golang structures in memory with eBPF - Adding eBPF instrumentation to OpenTelemetry

Exploring eBPF and XDP: An Example - A basic example how to get started with XDP

Into eBPF: Hello World - Write a basic eBPF program

Trying Coroot, an eBPF-based observability tool for Kubernetes and more - Introduction and comparison to other eBPF based tools

TetragonでeBPFとセキュリティオブサーバビリティ入門? - Great to see Tetragon being covered in more languages ????

Catch Performance Regressions: Evolving eBPF Program - Learn how maps communicate from kernel space to user space

BRF: eBPF Runtime Fuzzer - "This paper introduces the BPF Runtime Fuzzer (BRF), a fuzzer that can satisfy the semantics and dependencies required by the verifier and the eBPF subsystem"

0xrawsec/kunai - "If you are familiar with Sysmon on Windows, you can think of Kunai as being a Sysmon equivalent for Linux"

sagarbhure/eBPFShield - "A powerful IP-intelligence and DNS monitoring tool built using eBPF!"

mrtc0/bouheki - "bouheki is KRSI(eBPF+LSM) based Linux security auditing tool"

Asphaltt/eBPF-TupleMerge - "A simplified demo of TupleMerge with pure-bpf"

??

The Ecosystem

DOP 217: Learning EBPF With Liz Rice - The latest podcast with Liz about her book

Ask me anything with Bill Mulligan from Isovalent - Listen to me talk about Cilium, eBPF, and a non-coding career in tech

From Sidecar to eBPF: Interview with Liz Rice | Chief Open Source Officer at Isovalent - One more video interview from Liz on eBPF and Cilium

Cilium CNI: A Comprehensive Deep Dive Guide for Networking and Security Enthusiasts! - Get a quick overview of all of the latest Cilium features

Discovering the Magic of Kprobe: A Fun Introduction to Kernel Probing - Learn how kprobes are like little sensors for the kernel

BPF: taking work to the IETF - Find out how to get involved in the standarization of eBPF

Cilium: Empowering Kubernetes Networking and Security - A basic intro to Cilium and what it does

??

The How To

Catch Performance in eBPF with Rust: XDP Programs - "How to create a basic eBPF XDP program in Rust"

Setup an eBPF Development Environment - Install some basic eBPF tools

??

The Events

Isovalent Security Summer School - EMEA dates: July 4, July 18, August 2. AMER: July 13, July 20, August 10

Form3: Prepare for the multi-cloud with Cilium on Kubernetes - "Join Kevin Holditch on July 12th to learn how they built a cloud agnostic, multi-cloud environment on Kubernetes with Cilium while complying to the high standards of the payment processing industry"

KCD Munich - Learn more about Cilium Service Mesh on July 18th

Cilium: Powering Observability through eBPF - Online meetup July 20th

Cilium Virtual Workshop with Isovalent - August 16th

Cilium Workshop with Isovalent, CamptoCamp and Exoscale - Geneva - September 14th

CiliumCon CfP is open - Now as a full day event at KubeCon Chicago. Register and submit today!

eBPF Summit CfP is open - CfP until July 21st and the event is September 13th

??

The Tweet of the Week