eCHO News 69

eCHO news is your bi-weekly wrap up of all things eBPF and Cilium . If you want to keep up on the latest in cloud native networking, observability, and security this is your quelle

19th November 2024

How to wrap up KubeCon in two paragraphs? I could go through the announcements like Cilium being named the top multi cluster management tool by CNCF, Cilium's project journey report highlighting the accelerating growth of the project, Cilium's Joe Stringer being named the Top Committer across 200+ CNCF projects, or the eBPF Foundation's release of an audit of the eBPF verifier and a threat model for deploying eBPF into production, but those don't truly capture the essence of the event or what I learned in the hallway track.

What really excited me at KubeCon were things like chatting with the speakers at Cilium + eBPF Day using the project for everything from multicloud networking at Confluent to securing cats pictures and memes at Reddit to running robots on the edge at Sony. In the hallway track, I discovered there are way more users of Tetragon than I imagined and also how many people are migrating to Cilium because they believe it will better enable a better future for them. Most of all, it was awesome to finally put a name and a face to all the handles and IDs I interact with online the rest of the year, what a great community to be a part of! I've got to go watch all the talks I missed while at the Cilium booth so let’s ?? -gin.

The Technical

Diving into eBPF: Building a Process Tracer from Scratch! - Disappearing down the eBPF rabbit hole trying to optimize Github Actions

Writing a block I/O filter using libbpf and eBPF tracing framework - example architecture and implementation

eBPF For Humans | 01 | bpftrace - "Don’t trace/debug malicious code that way" ??

eBPF For Humans | 02 | BCC - Learn about eBPF helpers, maps, function calls, and tail calls fronted by BCC

Isovalent Enterprise for Cilium 1.16 – High-Performance Networking With Per-Flow Encryption, End-To-End Multi-Cluster Visibility, BGPV2, and BFD for BGP - Find out what all the acronyms in the above really mean

A Walk with LuaJIT - "The obvious first step is to ask your favorite AI agent - How do I write an eBPF unwinder for LuaJIT?" ??

Figuring out which helpers are available in what kernel version in eBPF - Great to see the shoutout to docs.ebpf.io

hengyoush/kyanos - "eBPF network issue analysis tool to visualize the time packets spend in the kernel"

isala404/scale-to-zero-ebpf - "Proof of concept for Implementing a scale to zero architecture with ebpf" with blog

dorser/seccomp-ebpf - "Convert seccomp profiles into eBPF programs"

CloudNativeStudyGroup/Free-Credly-Badges - Many Cilium labs to earn badges for

bihari123/naarad - "a system monitoring software based on eBPF"

??

?

The Ecosystem

Threat Model and Independent Verifier Audit Examine the Security of eBPF - Great work from the eBPF Foundation to improve and showcase the security of eBPF

Cilium Project Journey Report - See the growth of the project since joining CNCF

CNCF Tech Radar - Multicluster Application Management - "Cilium cemented its position as a technology that the community considers both the most useful and mature"

Cloud Native Computing Foundation Announces the 2024 Community Awards Winners - Congrats to Cilium maintainer Joe String being recognized as Top Committer

How JAR Embraced Cilium for Scalable, Secure Networking on EKS - "Cilium replaced everything that previously had anything to do with networking"

Standardizing eBPF: What RFC 9669 Means for Observability - How standardization will help speed up innovation with eBPF

eBPF and How Tech Giants Use It to Uplevel Observability - "it can serve as a foundational tool to emit critical data for observability and security"

How eBPF makes observability awesome - Interview with Liz on Grafana's Big Tent podcast

groundcover 2025 Predictions: eBPF and AI Revolutionize Observability, Making High-Fidelity, Proactive Insights Accessible and Cost-Effective for All - Title says it all

EBPF and the Observability Landscape With Shahar Azulay - on the PagerDuty podcast

eBPF For Humans | 00 | Intro - Why you should learn it? "It will be in demand"

Why I’m Excited About eBPF: Transforming Observability in Open Source - "we can expect to see even more open-source observability projects embracing it"

??

?

The How To

Can Your Network Policies Withstand Chaos? - Using chaos engineering to test CiliumNetworkPolicy

Homelab Kubernetes cluster with Talos, Matchbox and Cilium - Complete with L2 Announcements from a Raspberry PI

KubeCon Day 1 - Cilium/eBPF Day - How to send Tetragon events to CrowdStrike Falcon

??

?

The Video

Per Flow Selective Encryption with Isovalent Enterprise - I know the guy that built this, hi Robin

Isovalent Enterprise for Cilium: BFD for BGP - Watch just to find out what all the acronyms mean

Deploying 128 Kubernetes Clusters with Pulumi - and Cilium Cluster Mesh

??

?

The Events

Leveling up EKS Clusters with Isovalent Platform: Hands-On Workshop for Cloud Architects - Virtual Workshop on November 26/28

eBPF Runtime Security with Tetragon: Insights from v1.14 - Release webinar on November 21

What’s new with Cilium and Isovalent Enterprise for Cilium 1.16! - Release webinar on December 10

Kubernetes Traffic Engineering with Cilium: Scenarios, Diagrams, and Best Practices - Webinar on December 12

eBPF Dev Room at FOSDEM - February 1st in Brussels

???

The Post of the Week

As always, if you’ve seen a blog post, a tool, or anything else eBPF or Cilium related that you think the rest of the community should hear about, send them my way. You can either hit reply or join the #echo-news channel on Cilium Slack . You can also find all of the past episodes on the website .

??