The Technical
Is Cilium a Good Option for Kubernetes on Bare Metal?
"Cilium has emerged as a critical CNI plugin for bare metal"
Lets understand Kprobes & Kretprobes
Learn how to attach eBPF programs at entry or return points
Introducing TCP-in-UDP solution
Make sure packets are not being modified by the network with eBPF
How Cycode Optimized CI/MON eBPF Agent to Handle Thousands of Events/sec
Filter data, choose maps and programs wisely, monitor programs, and more
Unlocking Kernel Power: How eBPF Transforms Linux’s Capabilities
"eBPF exemplifies how programmability can empower scalable, secure systems"
BeePL: Correct-by-compilation kernel extensions
A domain-specific language for eBPF with a formally verified type system
Secure Deployment of eBPF Programs Made Manifest
Adding a manifest and proof of logging in a transparency log for eBPF programs
Shared Socket: Enhancing Kubernetes Pod Communication with eBPF
60% increase in throughput and 38% reduction in latency
Ant Group's Cloup Workload Protection Platform (Ant CWPP) Built with Kata Containers and eBPF
"eBPF has changed the implementation of security solutions" becoming a standard?
Using eBPF to debug eBPF
Diving into compilation errors
CNI Migration Post-mortem: Flannel to Cilium on Talos
"Six hours into what should have been a 30-minute CNI migration" this will be good
Debugging eBPF verifier: Best Practices for High-Performance Kernel Programming
Overcome complexity limits with tail calls, maps, helpers, and more
eBPF Observability: The Universal Encapsulation Principle
See how different applications track data with eBPF
eBPF: Handling events in Userspace
See how different projects do it
isovalent/cilium-up-and-running
Manifests, scripts, and configurations from the O'Reilly book Cilium Up and Running
kakao/kubectl-cilium
A kubectl plugin to monitor Cilium BPF map pressure and detect eviction risks
d-e-s-o/bpflint
Linting functionality for BPF C programs
madhavan-21/kernalKoala
L4 network monitor that uses tc to trace ingress and egress traffic in real time
alex-ilgayev/MCPSpy
MCP Monitoring with eBPF
Internet-Architecture-and-Security/PacketScope
A general-purpose protocol stack analysis and debugging tool based on eBPF
eunomia-bpf/MCPtrace
An MCP server using eBPF to trace your kernel with bpftrace
multikernel/kernelscript
A modern, type-safe, domain-specific programming language for eBPF development
markopetrovi/eBPFLuanti
Protect Luanti servers from packet-based abuse with eBPF/XDP
Collect real-time system events on Windows for Digital Forensics and Response
🐝
The Ecosystem
Case Study: SuperNetflow – Reinventing Network Observability with eBPF
“eBPF gave us the ability to process network traffic with the same principles as P4 programmable switches – but entirely in software, with better flexibility, cost efficiency, and scalability.”
Help Us Map The State of Kubernetes Networking
Help out Nico by filling out the a census for Kubernetes networking
Unleashing the Power of eBPF Capabilities for Linux Endpoint Security
"....makes eBPF a key component of modern endpoint protection"
Goodbye to iptables: A Quick Dive into GKE's Dataplane V2
Yes, GKE Dataplane V2 is just Cilium in a trench coat
🔍 Unlocking Cloud-Native Power with Cilium and eBPF
Map Cilium features to personas
From kube-proxy to eBPF (Cilium)
"it’s pretty clear: Cilium powered by eBPF outperforms kube-proxy"
Kernel-Level Defense: How Radware Uses eBPF to Stop Volumetric Web DDoS Attacks
Taking L7 context and embedding it in the kernel
How Upwind Uses eBPF to Bring Real-Time Security to Cloud-Native Environments
"eBPF isn’t just a feature – it’s foundational"
🐝
The How To
Kubernetes - Installing Cilium CNI
in a k3s cluster
Certified Kubernetes Security Specialist Study Guide for Cilium
Implement pod-to-pod encryption with Cilium for the CKS
Restrict access to the IMDS endpoint on Azure Kubernetes Service with Cilium
Find problems with Hubble, fix them with Cilium network policies
Your First eBPF Program
Trace sys_enter_execve to see process execution on the system
Uncovering Pod to Pod Traffic in Kubernetes Using Cilium and Hubble
See the service map go live in minikube
🐝
The Video
High Security Cluster Operations with Cilium and Kyverno
From Cloud Native Zurich
Cisco Live Protect - Tetragon Powered CVE Mitigation for Nexus Switches
See Tetragon on a 9000 series switch with Splunk
Emerging Kubernetes tools and learning strategies
"I really like Cilium and Isovalent. A tool I'm keeping an eye on is Tetragon"
🐝
The Events
CiliumCon
November 10th in Atlanta
SIGCOMM 2025 eBPF Workshop
September 8-11th in Coimbra
Cilium in Action: Kubernetes Security & Insight
New virtual training from LF Training on September 15th
🐝