Kubernetes announced it is moving from iptables to nftables for better performance and scalability. But for me it’s kind of like watching history repeat itself. Cilium dropped iptables seven years ago, replacing kube-proxy entirely. The real question isn’t if the ecosystem will evolved, it’s when you want to get there. Do you wait years for incremental change, or do you take advantage of the future now?
View in browser
echo-newsletter-78

eCHO news is your bi-weekly wrap up of all things eBPF and Cilium. If you want to keep up on the latest in cloud native networking, observability, and security this is your quelle

25th March 2025

 

Kubernetes announced it is moving from iptables to nftables for better performance and scalability. But for me it’s kind of like watching history repeat itself. Cilium dropped iptables seven years ago, replacing kube-proxy entirely. The real question isn’t if the ecosystem will evolved, it’s when you want to get there. Do you wait years for incremental change, or do you take advantage of the future now?

 

This is the same point my colleague Paul made in his post eBPF Isn't About Speed. Paraphrasing "eBPF’s superpower isn’t speed, it’s that it allows you to “program” the kernel [today rather than in 7 years]. This superpower often enables large performance improvements."

 

eBPF and Cilium by extension are exciting for me because they allow you to experiment and innovate today to have the future now. The big shifts don’t happen overnight, but they do happen. The only question is when you want to be able to take advantage of them.

 

I have lots to do before KubeCon next week (DM me if you want to meet in person there) so let’s 🐝 -gin.

The Technical

Improving the eBPF tests in the kernel

eBPF Foundation funded work to improve developer experience for the subsystem

 

BPF Isn't About Speed

"it’s that it allows you to “program” the kernel. This superpower often enables large performance improvements"

 

Inside Tetragon: How eBPF Powers Process Lifecycle Monitoring

Presentation from eBPF Japan Meetup

 

Tracking bandwidth usage per process with eBPF and CGroups

using source-destination IP address pairs Github repo

 

Hello eBPF: A scheduler controlled by sound (20)

"So shouting at your computer makes your application run faster" 🤣

 

ELF and eBPF

"the backbone of how eBPF programs are packaged and loaded"

 

Reducing Cold Start Delays by 50% in Serverless and FaaS Environments with eBPF

Function initialization based on port number

 

BCC (BPF Compiler Collection) and CO-RE (Compile Once — Run Everywhere) paradigm for eBPF development

Smaller binaries with efficient startup time, what's not to like?

 

kube-vm-project/eSwitch

"A layer 2 switch for VMs powered by eBPF"

 

dfrojas/bpfluga

"an agentless eBPF observability tool written in Go that deploys, manages, and detaches eBPF programs via SSH"

 

ALEYI17/ebpf-file-monitor

"High-performance file access monitoring tool using eBPF. Captures real-time file open events with process details (PID, UID, filename, flags, and timestamps)"

 

pascalbehmenburg/ebpf-perfomant-experiment

"an experimental eBPF program that logs cpu performance events, printing the process name, pid and cpu_id"

 

yasindce1998/warmor

"eBPF-based policy enforcer that runs WASM-compiled policies to secure workloads across Linux and Windows environments"

 

benbaker76/go-profile

"A port of Brendan Gregg's eBPF profile.py application to Golang"

 

FrancoKurte/rusty-tcp

"Implementing TCP/IP in Rust leveraging eBPF/XDP"

🐝

 

The Ecosystem

Market Analysis of eBPF-Based Products

"an understanding of what eBPF-based commercial products are available today and the types of use cases they achieve which would otherwise be unavailable"

 

Wie auch der Mittelstand von eBPF profitiert

Not just for the German auto industry

 

Strobelight: Meta’s eBPF Profiler Framework for Massive Infra

"That’s a serious savings in compute, which equals a serious saving in money"

 

Episode 605 Goodbye World

Linux Unplugged discusses eBPF

🐝

 

The How To

Fast-Tracking Your Migration From Ingress to Gateway API

With the community-written tool ingress2gateway

 

Setting Up Cilium on a Kubernetes Cluster with Talos in Proxmox

Switching from Flannel to Cilium for enhanced networking

 

Enhancing your Aya program with eBPF maps

How to create, use and differentiate them

🐝

 

The Video

Lots of videos to come from KubeCon next week

🐝

 

The Events

Isovalent Discovery Workshop: A Fast-Track to Cilium for Platform Engineers

March 25th, online workshop: Get hands-on!

 

bpfconf

Invite only event on March 24-26 in Montreal

 

CiliumCon EU

April 1st in London, this is not a joke! Full schedule out now

🐝 

The Livestreams

eCHO Episode 174: Cilium Ingress to Gateway API Walkthrough

eCHO Episode 170: Cilium Metrics Review

  

eCHO Episode 175:

Tetragon 1.3/1.2 Release Review

eCHO Episode 171: Migrating and Managing VMs using eBPF

Upcoming Stream

eCHO Episode 176: KubeCon Preview

The Post of the Week

Post: Just got 92Gbps perf (on a 100G NIC) in Cilium across bare metal nodes. Yooooo WHAT?? 🔥

As always, if you’ve seen a blog post, a tool, or anything else eBPF or Cilium related that you think the rest of the community should hear about, send them my way. You can either hit reply or join the #echo-news channel on Cilium Slack. You can also find all of the past episodes on the website.

🐝

Know a friend that needs to be in the know? Forward this to them

Was this forwarded to you? Sign up today!

Written and sent by Bill Mulligan. Any feedback is welcome!

KC+CNC_NA_Headshot_241114_William_Mulligan_8154 (1)

I work for Isovalent at Cisco which is leading the eBPF-Powered Revolution in Cloud Native Networking, Observability, and Security with Cilium and Tetragon

logo-wordmark-isovalent-vertical-dark@2x
LinkedIn
Bluesky-Logo-Vector.svg-

Cisco/Isovalent, LLC, 755 Sycamore Drive, Milipitas, CA 95035, United States

Unsubscribe Manage preferences