eBPF Foundation just launched its second CfP for Academic Research Awards. What makes eBPF exciting for me isn’t just what it can do today, I want to see where it will go in its second decade. As a platform, it’s dynamic and growing, but we’re still just scratching the surface of what a programmable kernel substrate can enable across systems engineering, security, distributed computing, and more. Academic research isn’t about incremental improvements. It’s about pioneering new ideas and use cases, technical, formal, practical, theoretical, that will shape what eBPF becomes. From verifier advancements to new runtime abstractions, from scalable enforcement to embedded we’re looking to fund work that pushes the boundaries of what is possible. I'll be speaking at Dutch Cloud Native Day on Thursday about how this type of research will shape the future of cloud native and still need to finish my slides so let’s 🐝 -gin.
View in browser
echo-newsletter-85

eCHO news is your bi-weekly wrap up of all things eBPF and Cilium. If you want to keep up on the latest in cloud native networking, observability, and security this is your quelle

1st July 2025

 

eBPF Foundation just launched its second CfP for Academic Research Awards. What makes eBPF exciting for me isn’t just what it can do today, I want to see where it will go in its second decade. As a platform, it’s dynamic and growing, but we’re still just scratching the surface of what a programmable kernel substrate can enable across systems engineering, security, distributed computing, and more.

Academic research isn’t about incremental improvements. It’s about pioneering new ideas and use cases, technical, formal, practical, theoretical, that will shape what eBPF becomes. From verifier advancements to new runtime abstractions, from scalable enforcement to embedded we’re looking to fund work that pushes the boundaries of what is possible.

 

I'll be speaking at Dutch Cloud Native Day on Thursday about how this type of research will shape the future of cloud native and still need to finish my slides so let’s 🐝 -gin.

The Technical

Breaking Boundaries: Implementing the Enigma Machine in eBPF

The only thing tougher to crack than the eBPF verifier

 

Reading Between the Bytes: Inspecting Compiled eBPF with bpftool, readelf & llvm-objdump

Go from source code to kernel execution

 

Implementing fast TCP fingerprinting with eBPF

Two parts from idea to implementation

 

Networking with eBPF: From Fundamentals to Advanced Applications

Helping you sort out tc, xdp, maps, and more

 

Understanding Network Packet Offsets & Safe Parsing in eBPF

Extract protocol fields from raw packets at kernel speed

 

The Complete eBPF Function Reference: A Comprehensive Guide to libbpf Functions

Complete with parameters, return types, use cases, and practical explanations

 

Building a Real-Time Process Monitor with eBPF and Go

Trace every process execution, extract metadata, and forward to user space

 

Simplifying Network Management with Cilium’s BGP Auto-Discovery Feature

"Represents a significant step forward for production Kubernetes networking"

 

Gthulhu/Gthulhu

Optimize cloud native workloads using sched_ext for different scenarios

 

SeasX/SeasPerf

eBPF Observability for PHP

 

ALEYI17/InfraSight

A modular eBPF-based observability platform for Linux and Kubernetes

 

stelb/antrea2cilium

Live migration from antrea to cilium

 

bugsfixing/XDP-fastDNSC

XDP/eBPF based fast DNS-Caching service

 

sameehj/ebpf-mcp

MCP-compatible server that exposes structured, AI-safe access to eBPF

 

Kazedaa/eBAF

eBPF Based Ad Firewall for Spotify

 

famidok/Blackhole

XDP-based blacklist filtering such as IPs, ports, and interfaces using eBPF maps

🐝

 

The Ecosystem

Case Study: ECCO

"Storage costs were reduced by 50%, while latency for critical operations dropped by 33%. Modular deployment capabilities allowed ECCO Data & AI to address issues incrementally, avoiding disruptions to existing workflows"

 

Kernel-level container insights: Utilizing eBPF with Cilium, Tetragon, and SBOMs for security

eBPF and SBOM combined to debug and understand a security incident

 

Trace Packets with pwru: Advanced eBPF Debugging for Networking

"pwru gives you X-ray vision into the Linux kernel’s networking stack"

 

Using Cilium as a Kubernetes Load Balancer: A Powerful Alternative to MetalLB

"Cilium is a step forward in building smarter, more integrated Kubernetes networking" along with how to do in on Rafay

🐝

 

The How To

Simplifying Network Management with Cilium’s BGP Auto-Discovery

Discover BGP peers without providing the peer IP explicitly

 

Installing Cilium on EKS in ENI Mode

"recommended installation method for Amazon EKS clusters"

 

Still More on Gateway API. The HTTP Route

including adding TLS

 

Building a Professional-Grade DevSecOps Pipeline with Tetragon eBPF Security Monitoring on Azure AKS

Shift left with Tetragon

🐝

 

The Video

Qué es Cilium y por qué todos lo usan en Kubernetes

Red, Seguridad y eBPF explicados en español

 

AKS Me Anything: Neha Aggarwal: Episode 7 (Azure Kubernetes Service)

The benefits of Azure CNI overlay powered by Cilium, and recent feature releases

🐝

 

The Events

Kubernetes Summer School, Session 1: Load Balancer - Delivering Data to Your Cluster

Hands-on workshop Summer Series, July 22nd 

 

Kubernetes Summer School, Session 2: Gateway API - Routing Data Into Your Cluster

Hands-on workshop Summer Series, July 31st

 

Kubernetes Summer School, Session 3: Hubble - Seeing Data Within Your Cluster

Hands-on workshop Summer Series, August 12th

 

Kubernetes Summer School, Session 4: Egress Gateway - Managing Data Out of Your Cluster

Hands-on workshop Summer Series, August 21st

 

CiliumCon

November 10th in Atlanta

 

SIGCOMM 2025 eBPF Workshop

September 8-11th in Coimbra

🐝 

The Livestreams

eCHO Episode 185:

Cilium, Gateway API, and GAMMA!

eCHO Episode 185: Cilium, Gateway API, and GAMMA!

  

eCHO Episode 186:

Cilium with GENEVE

eCHO Episode 186: Cilium with GENEVE

Upcoming Stream

eCHO Episode 187: TBD

The Post of the Week

Skeet: eBPF is SO CLOSE to what an actually useful, secure microkernel should be.  In a perfect world, processes can submit eBPF for the specific capabilities they need. Instead of syscalls, your process gets a global array of function pointers.

As always, if you’ve seen a blog post, a tool, or anything else eBPF or Cilium related that you think the rest of the community should hear about, send them my way. You can either hit reply or join the #echo-news channel on Cilium Slack. You can also find all of the past episodes on the website.

🐝

KC+CNC_NA_Headshot_241114_William_Mulligan_8154 (1)

I work for Isovalent at Cisco which is leading the eBPF-Powered Revolution in Cloud Native Networking, Observability, and Security with Cilium and Tetragon

logo-wordmark-isovalent-vertical-dark@2x
LinkedIn
X

Cisco/Isovalent, LLC, 755 Sycamore Drive, Milipitas, CA 95035, United States

Unsubscribe Manage preferences