What’s the deal with eBPF?
Why has it got our engineers so damn excited?
What does it mean for security?
Why are we hosting sessions on it?
And where can you learn more about it?
In our inaugural interview for ‘WTF is on TV?’ Container Solutions’ Editor-in-chief Charles Humble talks to Liz Rice, Chief Open Source Officer at Isovalent about her forthcoming WTFinar with Christopher M Luciano exploring eBPF and Cilium. They discuss her goals for the webinar and the intended audience, how eBPF is useful both for end users and kernel developers, and where eBPF and Cilium intersect.
eBPF is a technology that makes the Linux kernel programmable without developers needing to resort to adding additional modules or modifying the kernel source code itself. At a high level it is a lightweight, sandboxed virtual machine (VM) which runs Berkeley Packet Filter (BPF) bytecode in response to events attached to the code path.
As such eBPF can fundamentally change how services such as observability, security, and networking are delivered. It also provides a mechanism for making the implementation of user-supplied code safer, more convenient, and better-performing.
What else? Well, it only runs safe code, and it delivers endless possibilities for tools to be created.
Lucas Severo Alves, a Cloud Native engineer at Container Solutions introduces it to us and shares the top reasons you should give eBPF a chance.
He goes on to explore some tools that have been built on top of it: eBPF Cloud Native Tools: An Overview of Falco, Inspektor Gadget, Hubble, and Cilium.
For even more insight, check out Liz Rice’s live demo recorded during the WTF is SRE? conference on how eBPF is setting the world alight.
Ready for more? Register for the much-awaited upcoming webinar WTF are eBPF & Cilium? on 20 January 2022.