What a week at KubeCon! Networking suddenly feels cool again in distributed systems, and a few themes really stood out to me. The big headline because of how widely it is deployed was the retirement retirement of Ingress NGINX. Luckily, Dean's s got a great guide for transitioning to Cilium Ingress or Gateway API.
View in browser
echo-newsletter 95

eCHO news is your bi-weekly wrap up of all things eBPF and Cilium. If you want to keep up on the latest in cloud native networking, observability, and security this is your quelle

18th November 2025

 

What a week at KubeCon! Networking suddenly feels cool again in distributed systems, and a few themes really stood out to me. The big headline because of how widely it is deployed was the retirement retirement of Ingress NGINX. Luckily, Dean's s got a great guide for transitioning to Cilium Ingress or Gateway API.

 

IPv6 Kubernetes was the other hot topic, with both ESnet and TikTok discussing how Cilium helped them push past IPv4 on bare metal and cloud providers respectively. I loved the technical detail of both talks with real numbers, real pain, real solutions.

 

Finally, looking to the future of cloud native networking there was the donation of 

DRANET on the keynote stage to support AI/ML workloads (had to mention it somewhere I guess ๐Ÿ˜…) and back to the future with improving VM networking on Kubernetes with netkit (making VMs as fast as containers as fast as host). I've got some jet lag to sleep off so letโ€™s ๐Ÿ -gin.

The Technical

Safely managing Cilium network policies in Kubernetes: Testing and simulation techniques

like audit mode, default-deny toggles, and L7 allow-all scaffolding

 

An eBPF Loophole: Using XDP for Egress Traffic

to 12x the performance of iptables

 

Use node initialization taints on Azure Kubernetes Service with Cilium

to use Ciliumโ€™s agent-not-ready taint functionality

 

The GPU Observability Gap: Why We Need eBPF on GPU devices

Using PTX injection to enable direct hooking of GPU threads

 

Magic kernel functions for BPF

Call kfuncs without manually passing complex context data

 

Tracing MongoDB Queries with eBPF: From Syscalls to Latency Insights

"simple experiment to track MongoDB query times quickly became a deep dive into how clients, drivers, and the kernel interact" ๐Ÿ˜… Github repo

 

tecki/ebpfcat

A Python-base EBPF code generator

 

aurva-io/AIOstack

AI runtime inventory: discover shadow AI, trace LLM calls via eBPF

 

dynatrace-oss/ebpf-dump

A Kubernetes operator that logs and forwards all HTTP requests over TCP/IPv4 using an eBPF program to intercept traffic

๐Ÿ

 

The Ecosystem

Navigating the Ingress-nginx Archival: Why Now Is the Time to Move to Cilium

with support for both ingress and Gateway API

 

State of Kubernetes Networking Report 2025

Respondents reported using on average 6 networking tools, find out what they are 

 

Introducing eBPF Host Routing: High performance AI networking with Azure CNI powered by Cilium

"eBPF host routing improves transactions per second by around 27% as compared to legacy host routing"

 

A Practical Introduction to eBPF: Observing the Linux Kernel in Real Time

Intro and overview of key concepts

 

eBPF made easy!

Explained by a blood glucose analogy

๐Ÿ

 

The How To

Cilium Cluster Mesh Sandbox Using KIND

To experiment with cross-cluster service failover and multi-cluster security

 

Supercharge EKS Networking with Cilium eBPF

by switching away from the VPC CNI

 

Migrate ArgoCD to Cilium Ingress

away from Ingress NGINX

 

Bootstrapping Rancherโ€™s RKE2 Kubernetes Cluster on a Podman VM with Cilium CNI and MetalLB LoadBalancer

all inside a Podman VM on a Mac

๐Ÿ

 

The Video

DENOG17 - Forwarding packets at scale - Building a Cloud Data Plane using eBPF/XDP

Hetzner's journey from an Open vSwitch dataplane to eBPF/XDP

 

Interview with Rafael David Tinoco, Senior Software Engineer at Garnet

with demos of Jibril

 

Breaking Boundaries: Multi-cluster with Cilium cluster mesh โ€” XConf India 2025

with a live demo from Thoughtworks

๐Ÿ

 

The Events

eBPF Summit 2025: Hackathon Edition

Submissions open Oct 13โ€“Nov 30. Got questions? Join the Office Hours on Nov 25 at 4pm GMT.

 

Linux Plumbers Conference

eBPF track schedule out now. Ping me if you want to share some sushi there

 

eBPF Dev Room at FOSDEM

CfP open until December 1st

 

CiliumCon EU

Can't wait for some stroopwafels

๐Ÿ 

The Livestreams

eCHO Episode 198: Post KubeCon + CloudNativeCon Wrap-Up

eCHO Episode 198: Post KubeCon + CloudNativeCon Wrap-Up

  

Upcoming on Nov 21: eCHO Episode 199: Cilium at UBS

eCHO Episode 199: Cilium at UBS

The Post of the Week

Had fun sharing about TikTok's journey to rollout Cilium IPv6-only in production. Cilium now supports encapsulation over IPv6. It's been a long journey and glad to be part of this amazing community! ๐Ÿš€ Slides from today's talk: https://sched.co/27FbS cc Joseph Pallamidessi

As always, if youโ€™ve seen a blog post, a tool, or anything else eBPF or Cilium related that you think the rest of the community should hear about, send them my way. You can either hit reply or join the #echo-news channel on Cilium Slack. You can also find all of the past episodes on the website.

๐Ÿ

To make sure you keep getting these emails, please add bill@isovalent.com to your address book or otherwise mark me as a permitted sender.

 

Know a friend that needs to be in the know? Forward this to them

Was this forwarded to you? Sign up today!

Written and sent by Bill Mulligan. Any feedback is welcome!

KC+CNC_NA_Headshot_241114_William_Mulligan_8154 (1)

I work for Isovalent at Cisco which is leading the eBPF-Powered Revolution in Cloud Native Networking, Observability, and Security with Cilium and Tetragon

logo-wordmark-isovalent-vertical-dark@2x
LinkedIn
Bluesky_Logo.svg

Cisco/Isovalent, LLC, 755 Sycamore Drive, Milipitas, CA 95035, United States

Unsubscribe Manage preferences