The Technical
Connecting your Kubernetes island to your network with Cilium BGP
Learn the power and flexibility Cilium's BGP can bring to your network - and pitfalls to watch out for
The Secure Path Forward for eBPF runtime: Challenges and Innovations
"we'll navigate through the complexities of securing eBPF, addressing open questions and the challenges they pose to system architects and developers alike" - a great overview
navarrothiago/upf-bpf
"An In-Kernel Solution Based on BPF/XDP for 5G UPF"
alegrey91/harpoon
"Trace syscalls of user-defined functions, using eBPF π"
alibaba/kubeskoop
"KubeSkoop automatic construct network traffic graph of Pod in the Kubernetes cluster, monitoring and analysis of the kernel's critical path by eBPF, to resolve most of Kubernetes cluster network problems"
ackerschoice/bpfhacks
"eBPF hacks"
π
The Ecosystem
Case Study: ilionx
Learn how Cilium helped them replace two additional tools in their network security stack
Buzzing Across Space: The Illustrated Children's Guide to eBPF
My co-author Quentin wrote up the backstory of how the book came to bee
It is time to let go on your service mesh dream
"We could smoothly transition away from our existing service mesh by thoroughly understanding Cilium's identity model, setting up encryption, and leveraging the Gateway API for control"
eBPF: The Key Technology to Observability
A deep dive into why eBPF needs to replace traditional APM tools
Tetragon 1.0 Promises a New Era of Kubernetes Security and Observability
"As Tetragon continues to evolve, it appears set to remain a powerful and efficient tool for Kubernetes security by offering a unique combination of deep observability and minimal performance impact"
EBPF-Based Security Solutions: Exploring Weaknesses And Mitigation Techniques
1 and 2 can be mitigated by switching to Tetragon and 3 is make sure you keep things up to date
π
The How To
Tutorial: Deploying Red Hat OpenShift with Cilium
"Cilium has been available in the Red Hat Ecosystem Catalog since 2021, as well as being certified as a Certified OpenShift CNI Plug-in" find out how to deploy it
Isovalent, Azure Linux, and Azure Kubernetes Service come together
Learn how to install, migrate, and/or upgrade your AKS clusters to Azure CNI powered by Cilium
Cilium: ENI Prefix Delegation in EKS
Learn how to overcome IP address limitations
Cilium: The IPAM conundrum-AKS
Check which applications, services, and pods are using which IP addresses and triage issues
Cilium: Fixed IP allocation vs. Prefix delegation in AKS
Comparing Overlay and VNet for IP allocation in Azure
π
The Video
Setting Up a Cybersecurity Honeypot with Tetragon to Trigger Canary Tokens
Follow along video from the blog post
Using Tetragon With Your Existing Kubernetes Container Network Interface
Hint: it doesn't need to be Cilium
π
The Events
Linux Plumbers Conference
All the talks, slides, and live stream and up on the website. So much cool stuff coming out of the community!
Cilium Workshop with Isovalent, Microsoft & Sopra Steria - Oslo
November 28th
Cilium Workshop with Isovalent, Microsoft & Sopra Steria - Trondheim
November 29th
What's new in Cilium 1.14!
Webinar on November 30th
Tetragon 1.0 has Landed: Whatβs New and Exciting in Kubernetes Security?
Webinar on December 7th
Cilium 1.14 Release
Hands-on virtual workshop on December 14th
Cilium Workshop with Isovalent & Redpill Linpro - Copenhagen
January 11th
Cilium Workshop with Isovalent and Sue - Geldermalsen
January 25th
Cilium + eBPF Day
Coming back to KubeCon Paris and the CfP closes on December 3rd π
Let me know if you need help
π
