The Technical
BBR-based congestion control for Kubernetes Pods
"Using a real-world adaptive video streaming use case they will compare two different network conditions comparing BBR-based congestion control to Linux' default CUBIC for Pods"
leodido/traffico
"traffico is a collection of tools to shape traffic on a network using traffic control tc(8)" Interesting to see finally see some of what Leo and Lorenzo are getting up to
Tracing TLS Traffic — eBPF style
"Once the probe is deployed, it is able to essentially access plain-text information before its encrypted and sent down the pipe." Make sure your systems are up to date
Tastes Great! Less Filling! High Performance and Accurate Training Data Collection for Self-Driving Database Management Systems
eBPF is making databases more manageable by capturing training data for machine learning and improving performance. There is a video too
Bypassing eBPF-based Security Enforcement Tools
"The techniques and limitations described in this blog post are not exclusive to Tetragon, affecting other monitoring solutions that use similar system call detection rules. Although by no means exhaustive, I hope that the techniques presented will inspire both teams to improve and keep the cat-and-mouse engaging for some time."
Pixie: an X-ray Machine for Kubernetes Traffic
Learn how Pixie uses eBPF for observability
🐝
The Ecosystem
eBPF, sidecars, and the future of the service mesh
Sidecar(less) heats up! "Yet I can’t help but remember arguments in 2007 on why Physical Servers were and would always be far superior to VMs, that virt was and would only be for test dev. Every breakthrough technology appears to have fatal flaws that seemingly justify old models." - Neela Jacques
Symbiote: A New, Nearly-Impossible-to-Detect Linux Threat
"Symbiote utilizes BPF to hide malicious network traffic on an infected machine" eBPFception
What's new in Inspektor Gadget v0.5.0?
Big updates to this eBPF based tool from Kinvolk especially around user experience and making it easier to discover new tools. Check it out!
Managing Distributed Applications in Kubernetes Using Cilium and Istio with Helm and Operator for Deployment
Favorite line: "the single most important takeaway we’d like to leave you with is…
You need to plan your deployments before you start spinning up your K8s clusters"
Monitoring Extreme-Scale Apache Kafka Using eBPF at New Relic
"New Relic runs one of the larger Apache Kafka® installations in the world, ingesting circa 125 petabytes a month, or approximately three billion data points per minute" pretty mind blowing numbers
ContainIQ with Matthew Lenhard
SE Daily podcast about how ContainIQ leverages eBPF for Application Performance Monitoring
Cilium CNI & SKS
Exoscale SKS now supports Cilium. At this point, I'm not sure if there are many clouds that don't 🤔
🐝
The How To
Integrating Kubernetes into Traditional Infrastructure with HA Egress Gateway
Learn how to integrating Kubernetes workloads into more traditional environments and firewalls using a static IP for egress
Dual-stack home K8s cluster with Cilium
IPv6 is almost (maybe) here. Learn how to set up an IPv6 cluster using Cilium
Port of Kubernetes v1.24.1 to illumos and Multus CNI
Learn about Multus for multiple network interfaces with Cilium
🐝
The Events
Creating a Community with Cilium
See how the Cilium community was built with Liz Rice and Thomas Graf on June 15th. I really love all the events from Equinix Metal ❤️
eBPF at Open Source Summit
Multiple talks including "Building an eBPF Swiss Army Knife", "Powering Observability with Simple, Sharable, EBPF Programs", "Build, Run, and Share Your First EBPF Program in 5 Minutes", and "Create Your First EBPF Program to Monitor Your System" June 21-24
🐝
