eCHO news is your bi-weekly wrap up of all things eBPF and Cilium. If you want to keep up on the latest in cloud native networking, observability, and security this is your quelle

8th August 2023

When this email hits your inbox, depending on which timezone you are in, I'll be either biking or surfing in France thanks to "marketing automation". In fact, the hardest part of creating this newsletter is writing something here at the top that might be interesting to you, the reader. A lot of the difficult and tedious parts like creating multiple different versions for web and mobile, formatting content, and sending it out to everyone is handled by the "marketing platform". All I have to deal with is a slick UI and the platform takes care of the rest. That's really the power of buying into a platform, automating away the difficult and tedious parts, allowing you to focus on what really matter (in this case the content of the newsletter).

Cilium 1.14 just came out and with each release, it is becoming more clear how Cilium is becoming a a full connectivity platform from mutual authentication in the service mesh down to L2 announcements. Across infrastructure and up and down the stack, Cilium is solving networking issues and providing one connectivity story wherever your application or user may be. My favorite quote from this week actually captures this quite well "Cilium's all-in-one approach simplified the configuration and management of the cluster while delivering excellent performance and security." And the project is just picking up speed!

I've already written way too much and I still have bags to pack so let's 🐝 gin!

The Release

Cilium 1.14 – Effortless Mutual Authentication, Service Mesh, Networking Beyond Kubernetes, High-Scale Multi-Cluster, and Much More

Dive into every detail from the release ranging from mutual authentication to L2 announcements

Cilium 1.14 expands networking beyond Kubernetes, offers higher speeds

"Cilium is becoming an overall cloud-native connectivity platform" coverage from sdxcentral

VMblog Expert Interview: Isovalent on the Launch of Cilium 1.14

"Add 2 lines of YAML to your Cilium Network Policy, and that's it - your workload communication is now authorized with a mutual TLS handshake" go check out the new mutual authentication

Sortie de Cilium 1.14

"Nous allons voir ce qui me semble intéressant"

🐝

The Technical

Prevent Overlayfs Privilege Escalation on Ubuntu Kernels with Yaml (bpf)!

Stopping CVEs with Tetragon

Verifying the Verifier: eBPF Range Analysis Verification

"we have discovered new bugs in older versions and proved the soundness of range analysis in the latest version of the Linux kernel"

How eBPF Improves Observability within Kubernetes

A brief intro and BCC example

avilum/secimport

"Python runtime sandbox with eBPF and seccomp (Blocks RCE)" blog here

🐝

The Ecosystem

Cilium Graduation Public Comment Period Open

We are inching closer to graduation, add your support on the PR or mailing list

Case Study: Bloomberg

"Enforcing Efficient Network Security with Cilium" or securing financial data with network policy

Kubernetes - Migrating from Flannel and Friends to Cilium

"Cilium's all-in-one approach simplified the configuration and management of the cluster while delivering excellent performance and security"

Cilium: Empowering Kubernetes Networking and Security

A great overview of some of the things Cilium enables

Linux Kernel: eBPF verifier bug

"An adversary with CAP_BPF or CAP_SYS_ADMIN can gain arbitrary Linux kernel R/W" but if they already have those you might have other problems 😅

🐝

The How To

Install Kubernetes 1.27 with Cilium on Ubuntu

"with 3 workers and 1 master node"

🐝

The Video

CNL: Intro to Tetragon

No slides, just demo of Tetragon

Running Tetragon - an eBPF based security & observability platform on Kubernetes

Even Oracle is in on the Tetragon hype

Mutual Authentication on Cilium 1.14

The most talked about feature now has a video

Cilium 1.14 Feature: eBGP Multihop

Very similar to eBPF but not quite

Cilium 1.14 Feature: TLS Passthrough with the Cilium Gateway API

"The ability to support end-to-end encryption with TLS Passthrough"

Mentorship Session: Kernel Tracing Using eBPF

"we will primarily focus on using eBPF to dynamically instrument kernel functionality and gain deep insight on the workings of the kernel code"

🐝

The Events

Isovalent Security Summer School 2023

Zero trust and TLS Visibility Online August 10th

Cilium Virtual Workshop with Isovalent

August 16th

Cilium Workshop with Isovalent and Piros - Leuven, Belgium

September 5th

SIGCOM Workshop on eBPF and Kernel Extensions

September 10-14th in NYC. "The workshop aims to bring together experts and practitioners in the field of eBPF, end-host networking, and operating systems to discuss and present the latest advances to support and apply this cutting edge technology"

eBPF Summit

On September 13th. Register today!

Cilium Workshop with Isovalent, CamptoCamp and Exoscale - Geneva

September 14th

Cilium Workshop with Isovalent and mindcurv - Cologne

September 28

Cilium Workshop with Isovalent and Redpill Linpro - Oslo

October 17th

Cilium Workshop with Isovalent and Redpill Linpro - Stockholm

October 19th

Cilium Workshop with Isovalent and Kloia - London

November 1st

CiliumCon

Now as a full day event at KubeCon Chicago November 6th!

🐝

The Livestreams

eCHO Episode 100:

Next-gen mutual authentication in Cilium

eCHO Episode 101:

More BGP fun with Cilium