eCHO news is your bi-weekly wrap up of all things eBPF and Cilium. If you want to keep up on the latest in cloud native networking, observability, and security this is your quelle

24th September 2024

You know a technology is growing in popularity when people start porting their favorite game to it. eBPF has just hit two big milestones with both snake and DOOM

moving into the kernel. These projects are not only just playful demonstrations; they showcase the versatility and power of eBPF in executing complex tasks within the kernel. As more developers explore the capabilities (and limitations) of eBPF, the technology itself is also pushed to progress.

The DOOM port was presented at Linux Plumbers Conference last week and is a perfect example of this co-evolution from experimentation with games. Check out the recording for all of the details, but in it the author discusses which problems they ran into, what they could do to overcome them, and changes that could be contributed back to upstream - exactly how any open source technology evolves to meet end user demands. Being Turning Complete or running DOOM aren't what companies are trying to do with eBPF, but they both do help both showcase the power of the technology and inspire more people to get involved in the innovation. What game would you like to see on eBPF next? I've got a game of DOOM to win so let’s 🐝 -gin.

The Technical

Hello eBPF: Writing a Linux scheduler in Java with eBPF (15)

using sched-ext to implement two different Linux schedulers

Noisy Neighbor Detection with eBPF

using continuous, low-overhead instrumentation of the Linux scheduler and coverage from InfoQ

What Insights Can eBPF Provide into Real-Time SSL/TLS Encrypted Traffic and How?

SSL/TLS encrypted traffic observation and analysis with only 0.2µs of overhead

Loops and Iterators in eBPF

Which of the 5+ different ways to loop will you use?

eBPF Probes and You: Navigating the kernel source for tracing

Learn to find the right probe for your use case with ftrace

Writing eBPF Kprobe Program with Rust Aya

Simple walk through with argument handling

Can eBPF Detect Redis Message Patterns Before They Become Problems?

Identify and troubleshoot performance issues with eBPF

eBPF Load Balancer

Learn to write one from scratch

nullswan/bpfsnitch

"Real-time network & syscall monitoring tool for Linux and Kubernetes clusters"

amiremohamadi/bpfsnake

"snake in bpftrace" bringing back your favorite Nokia 3310 game

scottgerring/minderbinder

"Use eBPF to inject chaos into local processes" with launch blog post

edgecase1/ebpf-can

"eBPF program to filter CAN frames on XDP"

🐝

The Ecosystem

Why eBPF is critical and how it’s getting better

Great coverage of eBPF Summit and where eBPF is heading next

eBPF Summit 2024 Provides a Data-Driven Revolution

Why eBPF and a short summary of the summit

eBPF - Cilium on FHIR® - A Star Wars Story

Find out who Anakin really is

Enhancing Security in the Cloud-Edge-IoT Continuum with ICOS

Research project leveraging both Cilium and Tetragon

What is the whole buzz around eBPF?

Quick intro with some jokes

Tetragon eBPF for Kubernetes: The Verdict Is Out

"embedding their policy engine in the eBPF code" makes all the difference

Observability With eBPF

Intro and best practices

Introduction to eBPF

with overview of different ways to run logic in the kernel

Introduction to eBPF and Cilium

Short history and importance

Introducing The eBPF Agent: A New, No-Code Approach for Cloud-Native Observability

Broadcom turning to eBPF for observability

🐝

The How To

Kubernetes Traffic Control: Ingress vs. Gateway API

Install Cilium with Gateway API support and set up a simple HTTPRoute

EP10 (Deep Dive) - How To Migrate From Flannel CNI to Cilium CNI

"migrating is a smart move for scaling and securing your Kubernetes clusters"

Kubernetes Debugging with Tetragon

Get up and running with Vagrant and VirtualBox

FQDN Filtering in AKS: Enhancing Security with Advanced Container Networking Services (ACNS)

brought to you by Cilium

Créer 511 clusters Kubernetes interconnectés avec Cilium Cluster Mesh (Partie 4)

Create and connect many EKS clusters

🐝

The Video

eBPF Summit 2024

Catch up on any or all of the talks that you missed

eBPF Programming Part 5 - DIY Firewall using eBPF

and leveraging XDP

An Introduction to eBPF for Network Security Engineers

From kernel to code to Hypershield

🐝

The Events

Linux Plumbers Conference - eBPF Track

I missed calling out this great conference in the last newsletter so let me highlight it now and tell you to go check out the presentations and recordings

Cilium + eBPF Day

See you in Salt Lake! Schedule is out now!

🐝 

The Livestreams

eCHO Episode 153:

eBPF Summit 2024 CTF Walkthrough

eCHO Episode 154: Exploring Tetragon's Kubernetes Identity-aware policies