eCHO news is your bi-weekly wrap up of all things eBPF and Cilium. If you want to keep up on the latest in cloud native networking, observability, and security this is your quelle

31st December 2024

As a German, one of my favorite phrases is "Zwischen den Jahren" which refers to the quiet, reflective period between Christmas and New Year's. Most companies take the whole time off and it is often used personally to pause, review achievements, and set intentions for the future. With that in mind, here are a few resources from the Cilium and eBPF communities to see what we have accomplished and predictions for the next year.

The eBPF Foundation Year Review covers the security audits, academic research, upstream development, events, and original content that the foundation funded to promote and progress the ecosystem. Meanwhile, the Cilium Annual Report covers all of the contributions to the project from development work to awards to new adopters. My favorite quote is "as companies look to consolidate their platform, Cilium has solidified its role not just as the leading CNI, but as the comprehensive networking stack for Kubernetes environments."

Looking forward to 2025, I see even greater consolidation of networking features under the Cilium stack, broader adoption of Tetragon for advanced security observability, and a deeper integration of external and legacy workloads into Kubernetes environments with the help of Cilium. If you want to dive into the details of all of those predictions, I would recommend the eCHO livestream on predictions for 2025. I've got some fireworks to set up so let’s 🐝 -gin.

The Technical

Unleashing the Kernel With eBPF

Summary of Liz Rice's talk at QCon

Tetragon-mini by Rust: eBPF-based process monitoring

Rewriting Tetragon in Rust with Github repo

Hello eBPF: Writing a Lottery Scheduler in Pure Java with bpf_for_each Support (18)

Learn to eliminate inline C code

eBPF Stateful Programs and State Synchronization Problem

Maintaining consistency across nodes

Mastering eBPF: Harnessing the Power of Kernel-Level Security and Intrusion Prevention, and Practical Insights on Detection, Attack Bypasses, and Defensive Strategies

Introduction with a variety of sample programs

davidcoles/vc5

"A horizontally scalable Direct Server Return layer 4 load balancer for Linux using XDP/eBPF"

retis-org/retis

"Tracing packets in the Linux networking stack & friends"

DualHorizon/blackpill

"A Linux kernel rootkit in Rust using a custom made type-2 hypervisor, eBPF XDP and TC programs"

🐝

The Ecosystem

Cilium Annual Report 2024

Find out everything that happened in the community over the last year and where we are heading next

The 10 top Kubernetes Podcast episodes of 2024

"One of our first episodes of 2024 was also one of our most popular. In this episode, Bill Mulligan of Isovalent, the company behind Cilium and eBPF, gives an approachable intro to these kernel technologies"

Enhancing Cloud-Native Security with Tetragon

Intro and installation

Supercharge Linux Observability with eBPF: A Modern Approach

"eBPF’s ability to trace system calls, monitor network activity, and measure performance metrics — without the overhead of traditional methods — makes it an essential tool"

🐝

The How To

Deploy a Hybrid EKS Kubernetes Cluster: Use On-Premises nodes on Amazon EKS with Cilium CNI

Bring the cloud back home to you

🐝

The Video

Go watch some fireworks tonight 🎆

🐝

The Events

DNS Troubleshooting Made Simple: Real-World Solutions with Isovalent and Cilium

January 14th, online webinar

Hybrid Cloud Security: Cilium-Powered Micro-Segmentation for VMs and Containers

January 21st, online webinar

eBPF Dev Room at FOSDEM

February 1st in Brussels

Cilium and Cisco ACI: Best of Both Worlds

February 25th, online webinar

bpfconf

CfP now open for the invite only event on March 24-26 in Montreal

CiliumCon EU

April 1st in London, this is not a joke!

🐝 

The Livestreams

eCHO Episode 164:

Year in Review

eCHO Episode 165:

Predictions for 2025