eCHO news is your bi-weekly wrap up of all things eBPF and Cilium. If you want to keep up on the latest in cloud native networking, observability, and security this is your quelle

11th March 2025

Service mesh has become the default "answer" to a number of problems like encryption, observability, ingress, multi-cluster, and load balancing. But do you really need one? In the case of DB Schenker, the answer was "no, let's remove it."

"With Cilium’s integrated encryption and observability features, we no longer needed a separate service mesh. We replaced a fragmented set of tools with Cilium, streamlining our operations significantly and reduced our operational overhead."

The idea of a service mesh took off because teams needed better ways to secure and manage traffic between services. But over time, it became a catch all solution, even when existing networking tools could do the job more efficiently. Writing case studies like this one for Cilium, I’m seeing more end users realize they don’t need a service mesh at all, rather just a single feature to solve their actual problem, without the complexity of another control plane. Why not make your life and network simpler? My sister is competing in the Special Olympics World Games and I've got to warm up my cheering voice so let’s 🐝 -gin.

The Technical

eBPF Arena: A Tutorial

Learn a new eBPF API that enables programs to allocate memory pages

When eBPF task->stack->pt_regs reads return garbage on the latest Linux kernels, blame Fred!

Accounting for padding in "raw” kernel stack & pt_regs lookup codes

San7o/hive-operator

"Kubernetes operator for kernel tracing of inode accesses with eBPF programs"

nomaderr/ebpf_permission_manager

"A lightweight, fast and powerful tool for managing permissions in Linux using eBPF"

pinoOgni/ebpf-samples

"This repo contains various examples to learn, explore, and experiment with eBPF"

avilum/secimport

"eBPF sandbox for Python (macOS/Linux): Secure libraries, block RCE, and enforce precise syscall control"

🐝

The Ecosystem

Case Study: Meta’s Strobelight Leverages eBPF to Reduce CPU Cycles and Server Demands by up to 20%

Saving 15,000 servers with a one character find and fix, coverage from Phoronix and The Register

Case Study: Streamlining Global Logistics with Cilium at DB Schenker

"With Cilium’s integrated encryption and observability features, we no longer needed a separate service mesh. This streamlined our architecture and reduced operational overhead"

How eBPF is changing container networking

"With strong tooling and industry-wide optimism, eBPF is well on its way to becoming the prevailing model for cloud networking"

Announcing the Beta Release of OpenTelemetry Go Auto-Instrumentation using eBPF

Great to see the use of eBPF for tracing expanding

Breaking the Chains of Kube-Proxy With Cilium

One of the top reasons that people adopt Cilium

Bridging the Gap: Kubernetes Networking for Network and Platform Engineers

New lab out now

Why eBPF Hasn't Taken Over IT Operations — Yet

Not sure I agree with all of it. You can use eBPF without writing programs, try Cilium

Why Confluent Trusts Isovalent Enterprise Platform for Kubernetes Multi-Cloud Excellence

"Before Cilium, our teams had to manage networking configurations per cloud" 💀

Supercharge Kubernetes Networking Observability using Hubble and Cilium

Including 4 key use cases

Ultimate Cilium and eBPF for Cloud Native Development

The newest book on Cilium out now

eBPF Versus Kernel Extensions

"eBPF has numerous advantages that make it a safer, more efficient option"

Cilium at KubeCon + CloudNativeCon Europe 2025 and CiliumCon

Booth, co-located event, maintainers track, keynote. Find eBee in London

🐝

The How To

Deploying MySQL InnoDB ClusterSet Across Kubernetes Clusters Using Cilium

Cluster Mesh to the rescue

Running eBPF on MacOS - Actually on Lima

A whole VM ready to play with

Create a home lab running Kubernetes multi-node cluster with Cilium as CNI

Scaling up nodes from the last blog

🐝

The Video

REVEALED - Cilium's CRUCIAL Role In Cloud Native's FUTURE

My latest interview on the Cloud Therapist Channel

Add breakpoints ANYWHERE (EVEN IN THE KERNEL)!

Intro to eBPF with Rust and Aya - Part 1

🐝

The Events

Fast-Tracking Your Journey to Kubernetes for Network Engineers

March 18th, online panel discussion

Isovalent Discovery Workshop: A Fast-Track to Cilium for Network Engineers

March 20th, online workshop: Get hands-on! 

Isovalent Discovery Workshop: A Fast-Track to Cilium for Platform Engineers

March 25th, online workshop: Get hands-on!

bpfconf

Invite only event on March 24-26 in Montreal

CiliumCon EU

April 1st in London, this is not a joke! Full schedule out now

🐝 

The Livestreams

eCHO Episode 172: Starting out with BGPv2 a new version of BGP released with Cilium 1.16

eCHO Episode 173:

Cilium 1.17 Feature Walkthrough