eCHO News 55
eCHO news is your bi-weekly wrap up of all things eBPF and Cilium. If you want to keep up on the latest in cloud native networking, observability, and security this is your quelle
7th May 2024
In case you missed the blog or hilarious video, Nico has a new eBook "Kubernetes Networking and Cilium for the Network Engineer" out now! It helps translate the alphabet soup of acronyms from wireless networking, data center networking, MPLS, Service Provider routing, software-defined networking, and network automation to the world of Kubernetes. It really is a book written by a network engineer for network engineers.
Sitting here writing this at DevOpsDays Berlin, I'm reminded that there is world beyond cloud native. To truly achieve Cilium's vision of becoming the standard connectivity layer for any workload, we need ways to communicate to both the applications and people outside Kubernetes. This book is a great step forward to bringing traditional network engineers into the Cilium ecosystem and towards cloud native ways of thinking, working, and operating. I've got to practice my talk one last time so let’s ?? -gin.
The Technical
Introducing The New “Kubernetes Networking and Cilium for the Network Engineer” eBook! - "A book for network engineers by a network engineer" translating from IP to ID
Benchmark results of Kubernetes network plugins (CNI) over 40Gbit/s network [2024] - "For Standard Clusters: Cilium stands out as the primary choice"
Seccomp, eBPF, and the Importance of Kernel System Call Filtering - Why you should avoid user space
How to Manage XDP/eBPF Effectively for Better DDoS Protection - A discussion of different update approaches
eBPF’s User Ring Buffer: Introducing BPF_MAP_TYPE_USER_RINGBUF - "for data transfer from user space to the kernel, rather than the other way around"
Cilium: Network Policies - Deep dive into the different types of Cilium network policies
Detect XZ Utils CVE 2024-3094 with Tetragon - "see how we can leverage Tetragon to observe anything happening on this machine" I think we will hear more and more of this
Exploring eBPF Implementation through Linux Source Code - Dive into the bits, bytes, and syscalls
??
?
The Ecosystem
Isovalent Enterprise for Tetragon 1.13: Kubernetes Identity Aware Policies, Default Rulesets, HTTP and TLS Visibility, and More! - The default rulesets are the highlight for me in the Tetragon OSS 1.1 release
Cilium’s Past Points to Its Future - "involves not just K8s and containers, but also VMs, edge, and other environments"
eBPF: Reliable Policy Setting and Enforcement - Highlighting the growing importance of eBPF for security
Cilium - Learning and Runing - em português & CILIUM - Redes e Políticas
Cisco Isovalent expands open-source security with Tetragon update - "Nothing has changed to our roadmap since the acquisition"
Isovalent Strengthens Cloud Native Security via Tetragon Enterprise Update - "The goal is to provide a missing cybersecurity piece to the cloud native puzzle"
eBPF Kubernetes Auto Instrumentation Landscape - Just a quick buzz across the projects
VMblog Expert Interview: Nico Vibert of Isovalent Discusses New eBook: Kubernetes Networking and Cilium for the Network Engineer - "Cilium is fascinating - it's become a universal cloud native networking platform"
??
领英推荐
?
The How To
Crafting new Linux schedulers with sched-ext, Rust and Ubuntu - "provides a mechanism to implement scheduling policies as eBPF programs"
Context-aware security incident response with Dynatrace Automations and Tetragon - e??PF and honeypots, what is not to like?
Kubernetes Gateway API with Cilium - Guide to configure Cilium's Gateway API
Deploy Cilium on Azure Kubernetes Service with a Star Wars Demo - and secure with L4 and L7 network policies
??
?
The Video
CNL: Tetragon in action - detect & nip Kubernetes attacks in the bud - See Paul walk through a few CTF scenarios
Introducing the "Kubernetes Networking and Cilium eBook for the Network Engineer" - If nothing else watch for the outfit, accent, and music ??
Cilium as Kubernetes Data Plane for Mission Critical Industries - Hear why Schuberg Philis chose Cilium
Kubernetes Network Policy Deep Dive - Including Cilium Layer 7 HTTP
Cilium CLI videos for Installation, Configuration, and Troubleshooting
??
?
The Events
Cloud Native & Platform Engineering Auckland - May 2024 - "Cilium in Action: Strengthening AKS with Powerful Network Management" on May 9
What's new with Isovalent Enterprise for Cilium 1.15? - Webinar on May 23
Virtual Workshop: Isovalent Enterprise for Cilium 1.15? - Virtual Workshop on May 30
???
The Tweet of the Week
Congratulations on the eBook release, Nico! It sounds like an invaluable resource for network engineers navigating the complexities of Kubernetes networking and Cilium. Your ability to bridge the gap between traditional networking and cloud-native environments is truly commendable. As someone immersed in the DevOps community at DevOpsDays Berlin, I appreciate the importance of embracing both worlds to achieve Cilium's vision. Looking forward to diving into the eBook and exploring its insights. Keep up the fantastic work!
Digital Marketing Analyst @ Sivantos
6 个月Nico's new eBook sounds like a game-changer for network engineers diving into Kubernetes! Perfect timing at DevOpsDays Berlin. ???? Bill Mulligan
Microsoft Azure MVP | Principal Consultant @ Lab3 | Pragmatic Cloud Architect | Cloud Native Enthusiast
6 个月Thank you so much Bill Mulligan for the mention, am a big fan of Cilium, and you guys are doing an awesome job ??????
Community @ Isovalent working on Cilium and eBPF
6 个月Content from: Paul Arah Alexis Ducastel B. Cameron Gain Beno?t Entzmann Hudson Coutinho Nicolas Vibert David Marshall Ahmed Muhi Ivan Koveshnikov Stephen Hoekstra Andrea Righi Jeremy C. Goran Nushkov Chris Battarbee Thomas Graf Mario Kahlhofer Simon Ammer Markus Gierlinger Austin Gadient Michael Vizard Saiyam Pathak Teodor Podobnik