One of my most popular posts this week was about Canonical deciding to integrate Cilium as the default CNI for their LTS Kubernetes distribution. Its kind of crazy looking back. When I joined Isovalent three years ago, there was no CNI standardization across the industry.
View in browser
echo-newsletter-80

eCHO news is your bi-weekly wrap up of all things eBPF and Cilium. If you want to keep up on the latest in cloud native networking, observability, and security this is your quelle

22nd April 2025

 

One of my most popular posts this week was about Canonical deciding to integrate Cilium as the default CNI for their LTS Kubernetes distribution. Its kind of crazy looking back. When I joined Isovalent three years ago, there was no CNI standardization across the industry.

 

Now, on the other hand, it’s getting hard to find a major Kubernetes distro that doesn’t ship with Cilium. Whether you’re running on cloud, on-prem, or at the edge, chances are your network traffic is flowing through eBPF. Cilium went from the cool eBPF project to the default choice across the ecosystem. I think it is because it feels like a platform. Observability? Built in. Security? First, not bolted on. Scale? Of course. I'm currently biking across the Pyrenees and have my own mountains to scale so let’s 🐝 -gin.

The Technical

How Netflix Accurately Attributes eBPF Flow Logs

By accurately attributing flow IP addresses to workload identities

 

BPF From Scratch In Rust

"No getting roundhouse kicked in the face by the verifier" 🤣

 

Research Update: Isolated Execution Environment for eBPF

eBPF Foundation funded research advancing the state of the art

 

BPF or How I Learned to Stop Worrying and Love the Kernel

History with kernel program and user space loader

 

75 Billion IoT Devices and Counting—But Who’s Watching Them?

eBPF on Raspberry Pi, side effects and results

 

qpoint-io/qtap

"eBPF agent that captures pre-encrypted network traffic, providing rich context about egress connections and their originating processes"

 

Aviral2642/kernelghost

"a next-generation offensive security framework that combines stealthy eBPF-based rootkit capabilities with advanced hypervisor escape techniques"

 

ShinoLeah/eHook

"A Simple uprobe Hook Framework"

 

pouriyajamshidi/flat

"Measure UDP and TCP connection latency for IPv4 and IPv6 using eBPF and Go"

🐝

 

The Ecosystem

Tetragon User Story: Why This Social Networking Company Made Tetragon a Default for their Kubernetes Clusters

"Tetragon has become the baseline of our security observability strategy"

 

KubeCon Europe 2025 Wrap-Up

I always love to hear Nico's personal perspective on the event

 

Observability startup Groundcover bags $35M in new funding to take on Datadog

Congrats to the team, love how they are bringing eBPF to observability

 

eBPF/XDP vs. P4 vs. DPDK: The Ultimate SmackDown!

"XDP can drop 26 million packets per second per core with commodity hardware"

🐝

 

The How To

Cilium: Up and Running

New O'Reilly book coming out, signup to hear when the raw chapters come out

 

Dual-Stack: Global Service Sharing Rancher RKE2 With Cilium on Proxmox

Enabling Cilium Cluster Mesh between two RKE2 clusters

 

Certified Kubernetes Security Specialist (CKS) — Part 3 — Cilium Network Policies

How to pass your CKS

 

Best practices for network policies in Azure Kubernetes Service (AKS)

"Anatomy of the Cilium Network Policy"

🐝

 

The Video

Cilium: Scaling and Securing Kubernetes Networking with eBPF

Open at Microsoft had me on the talk about Cilium

 

Cilium Maintainers Track from KubeCon

Hear the latest community updates and how Google and DB Schenker use Cilium

🐝

 

The Events

Meet the Isovalent Platform: Connect, Secure, and Scale Kubernetes

April 29th, online webinar 

 

SIGCOMM 2025 eBPF Workshop

September 8-11th in Coimbra

🐝 

The Livestreams

eCHO Episode 176: Kubecon + CloudNativeCon Europe and CiliumCon Preview!

eCHO Episode 176:  Kubecon + CloudNativeCon Europe and CiliumCon Preview!

  

eCHO Episode 177:

KubeCon + CloudNativeCon Europe and CiliumCon Wrap-up!

eCHO Episode 177: KubeCon + CloudNativeCon Europe and CiliumCon Wrap-up!

Upcoming Stream

eCHO Episode 178: TBD

The Post of the Week

The hashtag#CNCF landscape is growing, and we should be proud of that! But for newbies, it’s like walking into IKEA without a map. Luckily, by using Cilium, hashtag#Hubble, and hashtag#Tetragon, you can skip half the aisles and still leave with everything you need 🐝 💙

As always, if you’ve seen a blog post, a tool, or anything else eBPF or Cilium related that you think the rest of the community should hear about, send them my way. You can either hit reply or join the #echo-news channel on Cilium Slack. You can also find all of the past episodes on the website.

🐝

To make sure you keep getting these emails, please add bill@isovalent.com to your address book or otherwise mark me as a permitted sender.

 

Know a friend that needs to be in the know? Forward this to them

Was this forwarded to you? Sign up today!

Written and sent by Bill Mulligan. Any feedback is welcome!

KC+CNC_NA_Headshot_241114_William_Mulligan_8154 (1)

I work for Isovalent at Cisco which is leading the eBPF-Powered Revolution in Cloud Native Networking, Observability, and Security with Cilium and Tetragon

logo-wordmark-isovalent-vertical-dark@2x
LinkedIn
X

Cisco/Isovalent, LLC, 755 Sycamore Drive, Milipitas, CA 95035, United States

Unsubscribe Manage preferences