Zwischen den Jahren, where I have a lot of time to reflect (and eat cookies). Looking back on 2025 through the lens of the Cilium Annual Report and the eBPF Foundation Year in Review, it’s clear that while Cilium is celebrating its tenth year as a mature industry leader, the eBPF Foundation is focused on the foundational stewardship needed to carry the entire ecosystem through its next decade of growth.
View in browser
echo-newsletter 98

eCHO news is your bi-weekly wrap up of all things eBPF and Cilium. If you want to keep up on the latest in cloud native networking, observability, and security this is your quelle

30th December 2025

 

Zwischen den Jahren, where I have a lot of time to reflect (and eat cookies). Looking back on 2025 through the lens of the Cilium Annual Report and the eBPF Foundation Year in Review, it’s clear that while Cilium is celebrating its tenth year as a mature industry leader, the eBPF Foundation is focused on the foundational stewardship needed to carry the entire ecosystem through its next decade of growth.

 

As it turns double digits, we can call Cilium the industry standard for cloud native networking and it is also positioned to tackle the big problems for the next decade from AI data plane demands to enabling seamless networking between containers and virtual machines to IPv6 only clusters. Now the second largest CNCF project, behind only Kubernetes, Cilium’s next decade will be about continuing to build on that production proven maturity.

 

The eBPF Foundation is focused on the foundational stewardship needed to carry the entire ecosystem through its next decade of growth. By funding cutting edge academic research and developer conferences and launching a global meetup and fellowship program, the Foundation is moving the ecosystem towards long term sustainability. We also published 7 case studies and a white paper that highlight gains, like Meta reducing CPU cycles by 20%, to show the power of the technology. I've got some cross country skiing to do so let’s 🐝 -gin.

The Technical

Dynamic Runtime Policies in eBPF Using Bitmasks

Block operations by default, only unlocked by an authorized parent invoking a child

 

eBPF-CipherTrace: Cryptographic Visibility for the Quantum Era

Find out if you are quantum ready with eBPF

 

h0x0er/ebpf-cover

Highlights eBPF-code covered by verifier

 

micromize-dev/micromize

Detect and break the post-exploit kill chain for applications, leveraging BPF LSM

 

ruota/Metric-Net-Agent

Count TCP and UDP events per process and exports as Prometheus metrics

 

JackySu/Avislya

eBPF + Rust to filter out polluted DNS packets caused by Great Firewall

 

GHOryy5/AINFTP

eBPF network reflex that bypasses the kernel to route gradients at the NIC level

 

NabilMouzouna/cilium-tetragon-zero-trust

Zero Trust network and runtime security on Kubernetes with Cilium, Tetragon, Hubble, and L7 policies

 

ankitkpandey1/aetherless

Serverless orchestrator with 15ms cold starts using eBPF/XDP networking

 

AhmedAldeek/eBPF-aware-ABR

Research project exploring eBPF-aware Adaptive Bitrate video streaming

 

m4rba4s/Aegis-eBPF

High-Performance XDP Firewall & Traffic Analyzer written in Rust

 

mentat-is/slurp-ebpf

Minimal gulp agent to collect traces from eBPF

 

ozansz/xgotop

Realtime Go runtime visualization

 

patos-ufscar/scx_mus

Custom Linux scheduler to optimize container prioritization in Kubernetes

🐝

 

The Ecosystem

Cilium Annual Report 2025

A year of progress, a decade of innovation, all the updates from the past 12 months

 

Community Built! Results from eBPF Summit: Hackathon Edition 2025

Find out who won from 549 participants

 

Submit your questions for Cilium's founders and maintainers

A special episode 200 of eCHO is coming up on January 9, submit your AMA questions or see if you can stump the maintainers!

 

Best of 2025: eBPF: The Silent Power Behind Cloud Native’s Next Phase

"I’d argue eBPF is going to define Cloud Native 2.0"

 

12 eBPF-Powered CLI Utilities That Every Modern Linux Sysadmin Should Master

For when top, strace, and tcpdump fail you

 

Troubleshooting Cilium network policies: Four common pitfalls

How they appear in workloads, why they happen, and how to fix them

 

How eBPF Transformed Kubernetes Networking

See numbers behind switching out kube-proxy for Cilium

 

Zero-Instrumentation LLM Agent Observability with eBPF — cut your LLM costs and close the semantic gap

Bridging agent level intent and system level effect

🐝

 

The How To

Building an eBPF-based Firewall with LPM Trie–Based IP Range Matching

using eBPF maps

 

From ingress-nginx to Gateway API (with Cilium)

"as I’m already using the Cilium, it feels like a natural and undramatic choice for me"

 

Next-Gen Datacenter Networking: Unifying Arista Fabric with Cilium CNI

From spine-leaf to IS-IS for VTEP to VRF-based network segmentation

 

Deploy a Highly Available Kubernetes Cluster on Rocky Linux 10 using kubeadm and Cilium

using 7 nodes

🐝

 

The Video

Learn about IPv6 features in Cilium 1.18 in a video series (Part 1, Part 2, Part 3)

 

All the talks from Linux Plumbers Conference are now up

🐝

 

The Events

eBPF Dev Room at FOSDEM

Schedule out now!

 

Holiday virtual eBee Quest

Have downtime over the holidays? Discover the World of Cilium through labs & challenges

 

CiliumCon EU

Can't wait for some stroopwafels

🐝 

The Livestreams

eCHO Episode 199: eBPF Summit Hackathon Edition

eCHO Episode 199: eBPF Summit Hackathon Edition

  

Upcoming on Jan 9: eCHO Episode 200: Celebrating a Decade of Cilium

eCHO Episode 200: Celebrating a Decade of Cilium

The Post of the Week

Observability, data provenance, eBPF formal verification, eBPF on mobile devices, the System Security Group @ Orange Research dedicated its entire energy among the year to topics that may look far from the current AI spotlight. No models to fine-tune here, no agents to deploy, just kernels and data to reason about to make systems observable, reliable, secure, and trustworthy. It is always a pleasure to work with our PhD candidates, whose expertise, passion, and scientific rigor are critical for advancing the fundamental principles that underpin system security.

As always, if you’ve seen a blog post, a tool, or anything else eBPF or Cilium related that you think the rest of the community should hear about, send them my way. You can either hit reply or join the #echo-news channel on Cilium Slack. You can also find all of the past episodes on the website.

🐝

To make sure you keep getting these emails, please add bill@isovalent.com to your address book or otherwise mark me as a permitted sender.

 

Know a friend that needs to be in the know? Forward this to them

Was this forwarded to you? Sign up today!

Written and sent by Bill Mulligan. Any feedback is welcome!

LF_KCCNC_headshot_251113_Bill_Mulligan_9686

I work for Isovalent at Cisco which is leading the eBPF-Powered Revolution in Cloud Native Networking, Observability, and Security with Cilium and Tetragon

logo-wordmark-isovalent-vertical-dark@2x
LinkedIn
Bluesky_Logo.svg

Cisco/Isovalent, LLC, 755 Sycamore Drive, Milipitas, CA 95035, United States

Unsubscribe Manage preferences