The Technical
Securing Constellation’s Kubernetes data in transit - network encryption with Cilium
"Our CNI solution of choice is Cilium. It combines great performance with transparent network encryption"
Catch Performance Regressions: Benchmark eBPF Program
Learn to benchmark both eBPF and userspace applications
Detecting BPFDoor Backdoor Variants Abusing BPF Filters
"Because BPFDoor needs root privileges to work, the reverse shell it opens is also privileged" moral of the story don't let hackers get privilege
NatiSand: Native Code Sandboxing for JavaScript Runtimes
"leverages Landlock, eBPF, and Seccomp to control the filesystem, Inter-Process Communication (IPC), and network resources available to binary programs and shared libraries" also on Github
grafana/ebpf-autoinstrument
"eBPF-based autoinstrumentation of HTTP and HTTPS services"
littlejo/cilium-eks-cookbook
"Multiple ways to install cilium in eks"
seifrajhi/awesome-cilium
"A curated list of awesome projects related to cilium"
🐝
The Ecosystem
Unleashing the Power of Cilium CNI to Propel Trendyol’s Performance Up to 40%!
"Cilium has proven to be a changer for Trendyol’s Kubernetes clusters. With its advanced capabilities in networking, observability, and security, Cilium has met our expectations, outperforming previous CNIs."
From IP to identity: making cattle out of pets in cloud native
"Across clusters, observability, service mesh, and extending beyond Kubernetes, Cilium is able to provide a consistent management experience because it treats identity as a first class citizen in its platform"
How to monitor Kubernetes network and security events with Hubble and Grafana
"Think of it like a telescope for your network" my favorite quote about Hubble
eBPF in IETF protocols
"Once the IETF BPF working group has finished the standardization of the basics of eBPF the IETF should start to discuss the utilization of eBPF inside various Internet protocols"
Use the new eBPF-based sensor for Defender for Endpoint on Linux
Even Microsoft is buying into eBPF
Using eBPF in unprivileged Pods
Might want to dive into closing the BPF map permission loophole before diving too deep into this one
Deep application visibility, powered by eBPF
Another security start up leveraging eBPF
Comparing Networking Solutions for Kubernetes: Cilium vs. Calico vs. Flannel
"Cilium, with its eBPF-powered network architecture, provides advanced networking and security features and excels in offering deep network visibility"
K8s & Cilium Study Guide
Resources for the CKA networking part
🐝
The How To
Cilium Learning Tracks
Pick from tracks for cloud network engineers, security professionals, platform engineers, platform ops (service mesh), and cloud architects
Hubble Series (Part 2): Cilium Hubble for the Enterprise
Get a preview of Timescape to teleport across time in your infrastructure
Tutorial: Deploying Isovalent Enterprise for Cilium from Azure Marketplace using ARM Templates and Azure CLI
An extremely in depth how to
Mutual Authentication with Cilium
The first hands on mutual auth lab
Grafana Network Observability + Hubble Demo
Video turning eBPF bytecode into pretty graphs
Mon été avec Cilium et EKS (Partie 2)
"nous allons voir comment installer Cilium avec helm"
Cilium BGP Graceful Restart
Learn how how the datapath continues to forward traffic during Agent restart, so there is no traffic disruption in this video
Cilium 1.14 Feature: Envoy as a Daemonset
"Envoy can now be deployed as a DaemonSet instead of embedded inside Cilium"
Cilium Custom BGP Timers
This video shows you to customize BGP timers with Cilium
WireGuard Improvement in 1.14 - Support for L7 Policies
See how WireGuard can work with L7 policies
🐝
The Events
Isovalent Security Summer School
Virtual - EMEA date: August 2. AMER: August 10
Cilium Virtual Workshop with Isovalent
August 16th
Cilium Workshop with Isovalent and Piros - Leuven, Belgium
September 5th
Cilium Workshop with Isovalent, CamptoCamp and Exoscale - Geneva
September 14th
Cilium Workshop with Isovalent and Redpill Linpro - Oslo
October 17th
Cilium Workshop with Isovalent and Redpill Linpro - Stockholm
October 19th
CiliumCon CfP is open
Now as a full day event at KubeCon Chicago November 6th. Submit today!
eBPF Summit
On September 13th. Register today!
🐝
