eCHO news in your bi-weekly wrap up of all things eBPF and Cilium. If you want to keep up on the latest in cloud native networking, observability, and security this is your quelle

This week brings us multi cluster networking without a service mesh, hunting rootkits with eBPF, Brendan Gregg leaving Netflix, an overview of the CNCF eBPF landscape, and events diving into Cilium features like routing modes, egress gateway, and Multus. Let's 🐝 gin!

The Technical

Multi Cluster Networking with Cilium and Friends

Do you really need a service mess? uSwitch used Cilium Clustermesh to make services available across clusters

It's always DNS . . . except when it's not: A deep dive through gRPC, Kubernetes, and AWS networking

Just because it is gone doesn't mean it doesn't matter. Find out how this PR got into Cilium

Hunting Rootkits with eBPF: Detecting Linux Syscall Hooking Using Tracee

"Sophisticated attacks that use rootkits tend to target the kernel space. The lower in the stack malware lives, the more challenging it is to detect"

Extracting kprobe parameters in eBPF

"BPF_KPROBE macro can only handle functions with up to 5 parameters but I was interested in most of them" find out how to do that here

eCapture

"Capture SSL/TLS text content without CA cert by eBPF"

OpenTelemetry Auto-Instrumentation for Go

"This automatic instrumentation is based on eBPF uprobes"

🐝

The Ecosystem

Netflix End of Series 1

Brendan Gregg is leaving Netflix for "a large and unexpected opportunity" Very excited to see where he will be working on eBPF next 🍿

Security Observability with eBPF

New book out from O'Reilly. Great primer on the topic and can't wait for a longer version to come out so it gets an animal too

A brief stroll through the CNCF eBPF landscape

Great overview of the CNCF projects leveraging eBPF for networking, observability, and security. Cilium also does all three for you 😉

How to Manage Distributed Applications in Kubernetes Using Cilium and Istio

"Cilium has done a great job creating a plug-in architecture that runs on top of eBPF"

Zero trust challenges are growing - is there a light at end of the tunnel?

"eBPF enables security monitoring kernel level at scale. This transformation of conventional security methods increases security while reducing complexity"

Supercharge IAM with eBPF

Seems eBPF is being used for everything today including making IAM less bad

Zero Trust And Genesis Of Service Mesh

Service mesh for zero trust needs to be simplified with less sidecars

🐝

The How To

Cilium Tech Talk Series

Solution Architects deep dive into Egress Gateway, Kubernetes APIServer Policy Matching, and HA for FQDN on April 28th

How Meltwater migrated from the Amazon VPC CNI plugin to Cilium in K8s

Hear how Meltwater migrated 40+ teams, running 3000+ deployments, and 10000+ pods utilising more than 8000 cores and 18TB memory to Cilium on May 10th

Cilium Kubernetes CNI Provider: Part 4, IP Routing Modes (Direct and Encapsulated)

This video walks through the supported IP routing modes in Cilium. Lots of great videos from The Learning Channel now ❤️

CNCF On-Demand Webinar: Optimizing Service Mesh with eBPF

Glad to see Istio getting on the eBPF train too 🚆

Kubernetes Atlanta April Meetup: Exploring Cilium and Multus

Hear Duffie Cooley examine these topics on April 28th

🐝

The Video