[eCHO News] Episode #91: Cilium User Survey. $100k eBPF Foundation Research Grants

eCHO news is your bi-weekly wrap up of all things eBPF and Cilium. If you want to keep up on the latest in cloud native networking, observability, and security this is your quelle

23rd September 2025

Containers are here to stay, VMs are here to stay, making them play nicely together is also going to be here to stay. With many companies currently looking to replatform their VMs, now is a crucial time to figure out this interoperability story and networking will be the key component tying it all together.

Nutanix is one of the companies enabling this transition and they chose Cilium because “We want customers to have control between deploying on VMs or Kubernetes and be able to seamlessly cross that boundary. Cilium makes it easy for users to see traffic flows and define network policies between VMs and Kubernetes clusters running in the same environment.” Cilium is not just running cutting edge AI workloads, it is also driving the modernization applications that have been around since before I was born. I've got to pump up my bike tires before my next race so let’s 🐝 -gin.

The Technical

Linux Networking: Packet processing with XDP & eBPF on Azure

From parsing packet headers to generating flame graphs

From Queries to Exfiltration: E2E DNS Security Monitoring with Cilium and ELK

With Hubble providing real-time flow visibility at L3/L4/L7

Fingerprinting the Internet: Blocking Bots and Internet Scanners with eBPF

Making it harder for automated clients to masquerade as legitimate traffic

Let’s Observe a Simple Function in Your Program with uProbes

The basics of making an uProbe and uRetProbe with bpftrace

Exploring Cilium For Security Feature Demo and Observability

Cost savings and security increases all seen in Hubble

Custom OOM Killers with eBPF

Letting eBPF play God with processes

Creating a Linux “Yogurt-phone” — with netkit and a grain of eBPF

Let eBPF be your string

Part 3: Cilium CNI - Advanced Networking and Load Balancing

"32% latency reduction and 37% less CPU usage is significant"

Enhance your Infrastructure with eBPF
See how eBPF is transforming gaming studios

Safely Buzzing Through Syscalls: Introduction to Observability in Kubernetes using eBPF and Rust

Learn to count sheep sleep in Kubernetes

preetpalbugs/linux-ebpf-profiler

A real time Linux file open profiler using eBPF

onzack/hubble-observer

A small observability component that monitors network flows within Cilium

varun-r-mallya/python-bpf

Python Frontend to LLVM IR for eBPF programs in Pure Python

🐝

The Ecosystem

eBPF Foundation Awards $100,000 in Research Grants to Advance eBPF Safety and Efficiency

Research projects to improve eBPF programmability, runtime safety, and datacenter energy efficiency through verifier-cooperative instrumentation and QoS-aware power management

Case Study: Refactoring Nutanix Kubernetes Platform for a Consistent Experience with Cilium

"Operations are much simpler since implementing Cilium"

eBPF: The Silent Power Behind Cloud Native’s Next Phase
"eBPF will be just as foundational for the next decade of innovation as Kubernetes"

Third eBPF Workshop

All the papers and slides from SIGCOMM

GKE network interface at 10: From core connectivity to the AI backbone

"Recognizing this potential, Google Cloud embraced Cilium which represented a significant leap in GKE's CNI capabilities"

Announcing Gateway API Support for DigitalOcean Kubernetes

Powered by Cilium

eBPF: Supercharge Your Linux System Without Breaking It

Intro and a few examples

🐝

The How To

Root Cause Analysis with eBPF: A Practical Guide for SREs and Linux Engineers

Or getting started with BCC

How eBPF Works Under the Hood (Without the Scary Jargon)

Write, compile, verify, attach, results

How to Enable Cilium Cluster Mesh in Nutanix Kubernetes Platform

and unify networking and service discovery across the clusters

🐝

The Video

eBPF, Fishy Book Covers, and Open Source Security with Liz Rice

eBPF is becoming the future of cloud native security

Interview with Karim Traiaia, Co-Founder of Kerno
"eBPF opened a whole new world that wasn't possible before"

FLOSS Weekly Episode 847: Tom Herbert and XDP2

The network is the computer

🐝

The Events

CiliumCon NA

November 10th in Atlanta. Schedule out now

Container & Kubernetes Defense feat. eBPF

Training course in Zurich December 9-11

CiliumCon EU

CfP now open for Amsterdam

🐝

The Livestreams

eCHO Episode 194:

Tetragon Everywhere

Upcoming (Oct. 3) - eCHO Episode 195: Clang-free: runtime config for Cilium & eBPF

The Post of the Week

👏 Congratulations to Associate Professor Ryan (Peng) Huang and his team in CSE for securing a 2025 research grant from the eBPF Foundation to advance safer and more flexible Linux kernel programming. His project — Verifier-Cooperative Instrumentation — introduces EPASS, a framework that blends static verification with runtime checks to reduce false rejections of safe eBPF programs while preserving strong safety guarantees.

As always, if you’ve seen a blog post, a tool, or anything else eBPF or Cilium related that you think the rest of the community should hear about, send them my way. You can either hit reply or join the #echo-news channel on Cilium Slack. You can also find all of the past episodes on the website.

🐝

To make sure you keep getting these emails, please add bill@isovalent.com to your address book or otherwise mark me as a permitted sender.

Know a friend that needs to be in the know? Forward this to them

Was this forwarded to you? Sign up today!

Written and sent by Bill Mulligan. Any feedback is welcome!

KC+CNC_NA_Headshot_241114_William_Mulligan_8154 (1)

I work for Isovalent at Cisco which is leading the eBPF-Powered Revolution in Cloud Native Networking, Observability, and Security with Cilium and Tetragon