Profile avatar
breakawaybilly.bsky.social
Cloud Native networking, observability, and security with Cilium, eBPF, and Isovalent Newsletter cilium.io/newsletter
1,885 posts 952 followers 388 following
Prolific Poster
Conversation Starter
Posts 32 Comments 18

🐝 eCHO News Episode 76 🐝 eBPF for Windows Intro Is Your CNI Good Enough? isogo.to/echo-news-76 Content: @mostlynerdless.de @kaspernissen.xyz @littlejo.bsky.social @gerardsamuel.me @brancz.com @lizrice.com

submitted 6 days ago • 1 comment

"Service mesh" has become the default "answer" to a number of problems like encryption, observability, ingress, multi-cluster, and load balancing. But the reality is, in many cases it is fitting the solution to the problem. Before adding another abstraction maybe consider do you need it?

submitted 10 days ago • 1 comment

Prevents files from being created inside /etc/test/ using Linux Security Module (LSM) eBPF

submitted 11 days ago • 0 comments

7 key lessons we’ve learned on our path to building a high-performance, robust eBPF sensor 👀 1. Filter Data as Soon as Possible 2. Choose Program Types Wisely 3. Choose Map Types Wisely https://buff.ly/4i2PLqc

submitted 11 days ago • 1 comment

How do you capture packet statistics even under heavy traffic with several million packets per second without packet loss? eBPF 🐝 From Dinko Korunic

submitted 12 days ago • 0 comments

I wonder if there is a technical challenge to allow people to get notifications for thread comments on bsky/linkedin/x/whatever You see an interesting thread and want to follow it, but you can't. Feels bonkers

submitted 12 days ago • 1 comment

Love the title 😂 and all the reasons they switched: "Amazon VPC CNI did not provide Node to Node encryption and network security policies we wanted. This requirement was mandatory for our customers and so we decided to switch." Hear this story all the time

submitted 13 days ago • 0 comments

eBPF can be a firehose of data. The real value of it lies in the aggregation, analysis, and actions that you can do with that data. Flooding users with logs and events doesn’t solve problems. Surfacing insights does. That’s why the most impactful eBPF powered tools aren’t just collecting data.

submitted 13 days ago • 0 comments

Stumbled onto this on Reddit..I mean, these are good questions 🤣

submitted 14 days ago • 2 comments

I was reflecting on Lin Sun saying "Service mesh is disappearing". As a member of both the Istio and CNCF Technical Oversight Committees, she has a unique perspective on how the ecosystem developed and where it is going. www.linkedin.com/feed/update/...

submitted 14 days ago • 2 comments

When something looks off, you don’t want to be scrambling to figure out how to capture system memory. LEMON is a Linux memory dump tool built on eBPF, that allows dumping a system's memory without a kernel module, forensic readiness without operational friction.

submitted 14 days ago • 0 comments

eBPF is part of the infrastructure security landscape WASM is part of the application security landscape Therefor: Don't try to solve your infrastructure security problem with WASM. Don't try to solve your application security problem with eBPF.

submitted 15 days ago • 0 comments

A CLI tool that helps you generate the initial project setup for developing eBPF programs using the Cilium eBPF library including program.bpf.c, main.go, vmlinux.h, and Makefile

submitted 17 days ago • 0 comments

Fuzzing the kernel for concurrency scheduling with eBPF and Java From @mostlynerdless.de

submitted 18 days ago • 0 comments

Cool to see more hands on labs about eBPF popping up 🐝 Its a step-by-step guide to creating eBPF programs from buzzwords to hello-honey

submitted 18 days ago • 0 comments

Making this PR was a bittersweet milestone for me. No longer needing to explain the foundational technology behind Cilium signifies eBPF's evolution from a cutting-edge kernel technology to an integral but well-known component of the project. https://buff.ly/3Q5wSGX

submitted 18 days ago • 1 comment

With Valentine's Day coming up, I made a few cards to help the community show their love through Cilium and eBPF 🐝 Feel feel to share with your loved one or create your own ❤️

submitted 19 days ago • 0 comments

12 years of support for @cilium.io when the project is only 9 years old. Where do you think Cilium will be when it goes out of support? canonical.com/blog/12-year...

submitted 19 days ago • 0 comments

I've added talk recordings to my list of eBPF papers, when available. That's 33 videos of ~20min discussing various aspects and use cases of #eBPF! pchaigno.github.io/bpf/2025/01/...

submitted 20 days ago • 0 comments

Talking with team implementing network policy, 80-90% of red teamers and actual attackers can be stopped with two simple rules: Default deny ingress – If they can’t get in, they can’t start Default deny egress – If they do get in, they can't take things back out

submitted 20 days ago • 0 comments

VXLAN implementation in eBPF. Not because we couldn't but because we could. VXLAN is usually something you leave to hardware or the kernel’s networking stack, but eBPF lets you bypass all that, cutting out CPU overhead and making it faster. github.com/unikzforce/w...

submitted 20 days ago • 0 comments

🐝 eCHO News Episode 75 🐝 Bytedance eBPF Case Study Confluent on Cilium isogo.to/echo-news-75 Content: @passcod.nz @brancz.com @neumanndaniel.bsky.social @tnorlin.se @tanelpoder.com @littlejo-jo1.bsky.social @sdxcentral.bsky.social

submitted 20 days ago • 1 comment

"Unix-sniffer is an ebpf based cli tool that allows you to monitor different type of messages sent over unix sockets, including ancillary message format"

submitted 20 days ago • 0 comments

In a recent conversation, John Howard and I discussed the impact of eBPF on the cloud native ecosystem. His comparison of it to Rust sparked a good analogy in my head. He likened its influence to the way Rust has transformed modern programming, safer, faster, and more flexible than older languages

submitted 21 days ago • 0 comments

My talk from FOSDEM is now online. If you want to save yourself 25 minutes, here is my key point: find the specific challenge you solve and highlight that. fosdem.org/2025/schedul...

submitted 21 days ago • 0 comments

"Hubble is my favorite feature for the observability you get. No other CNI has anything similar"

submitted 21 days ago • 1 comment

"Simple root privilege escalation detection using eBPF 🐝"

submitted 25 days ago • 0 comments

cgroups:Containers = eBPF:Cloud Native cgroups and namespaces were foundational kernel concepts that sparked the container revolution, shaping the cloud native landscape we see today.

submitted 26 days ago • 1 comment

🐝 Release Announcement 🐝 We are excited to announce the Cilium 1.17.0 release! A total of 2761 new commits have been contributed to this release by a growing community of over 880 developers and over 20,800 GitHub stars! github.com/cilium/ciliu...

submitted 27 days ago • 0 comments

No joke, I'll be co-chairing CiliumCon in London on April 1st. Schedule covers everything from scaling Cilium to 10,000 bare metal nodes to deep diving into Multi-Cluster Services API. Sounds like just my cup of tea! www.credly.com/badges/7fb96...

submitted 26 days ago • 0 comments

20% reductions in CPU usage and millions or even billions (depending on your scale 😅) in reduced infrastructure costs. We’re entering an era where software efficiency matters just as much as software functionality and eBPF is helping unlock that future. https://buff.ly/4hDRTEt?

submitted 26 days ago • 0 comments

Traditional code signing approaches don't work well with eBPF programs due to their unique loading process, which involves essential modifications that traditional signatures can't accommodate. Cong Wang's solution is a new two-phase eBPF program signing approach wangcong.org/2025-02-02-t...

submitted 27 days ago • 0 comments