Cilium has done a great job innovating in this. It certainly should become the standard. Something like Kubernetes Gateway API could maybe even become independent of an ingress with this. Hopefully all projects that could use low level operations like that will use ebpf (something like Crowdsec could utilise this).
@@JobStoit Indeed. I see Cilium as the leader when eBPF for networking is concerned. There are a few interesting projects related to observability and security (outside networking) as well.
@@JobStoit Gateway API is (mostly) a specification rather than implementation so have Cilium as eBPF implementation of it would be awesome. Gateway API would cover only a fraction of what Cilium does but, nevertheless, would be a great way to standardize the API while having eBPF in the background doing the hard work.
eBPF can also change the current observability landscape. Tools like Pixie (New Relic) provides great observability of the application by providing the ability to write custom scripts to get information out from the system calls. It also provides flame charts, metrics and logs without any application instrumentation. With eBPF getting adopted by more and more project, we are definitely going to see a huge change in the cloud native landscape.
Really appreciate your channel king! great content and great practical videos that is impossible to find anywhere else that helped me on multiple occasions at work!
Victor, IMHO the content you're generating is unbelievably precious, because it's on the pulse of tendencies and presenting the technology vanguard! I've no idea how deep you were able to get into Cilium, but if you were, which would be a great asset for the whole community, don't you think that it begins to turn into something like Argo stack (holistic packet/product, so to say), but of course in the context of networking/observability/security. I've been watching this project for a while now, precisely because of eBPF and I get the impression that something like this is starting to take shape. I'm sure that all of us will appreciate your opinion on the matter.
Interesting hot topic. Let me be a challenger (as usual lol); I don't think eBPF is the answer for long run, as time would come and we will hear again; stay out of kernel as you are simply a poor tenant renting my infrastructure so stay in your own tenant namespace. On the other hand, I agree that the sidecar approach ain't the answer, for the points given here plus maintainability of it as a complete application stack lcm and performance impacts as sidecar choke your app traffic, and it's scalability is not much as good as your app pod scalability where you can do horizontal, but sidecar can only scale vertically, and for that, you need to destroy and redeploy your app, what a fun lol
Not sure... Editing, animations, and other post production tasks are done by an agency. I was doing all those things myself in the past but it was very time consuming.
I used Cilium as CNI and removed Kube proxy and replaced it with Cilium the performance was much better put tried using Linkerd as service mesh but it doesn't work without iptables old technology that comes with kube proxy
I've checked Falco after you named it and it seems very interesting, do you know how it does compare to kubernetes-sigs/security-profiles-operator? The second one seemed focusing on Selinux, AppArmor and seccomp profiles deployment, while Falco seems a full featured daemonset that I should start considering for out platform
it might be really interesting know more about I know aquasec/tracee but how is it possible to use eBPF as proxy? What about eBPF in a cloud provided K8s cluster? It could be a real game changer ;)
It often takes a lot of time for tech to become mainstream. We can, for example, say the same for containers. The tech was there for a while but only after Docker came out it became widely adopted.
![I.N "HALLUCINATION" | [Stray Kids : SKZ-PLAYER]](http://i.ytimg.com/vi/n5B5q1Hwt_U/mqdefault.jpg)
What do you think about eBPF? Do you think it will replace sidecar containers?
Yes. Its already happening
Cilium has done a great job innovating in this. It certainly should become the standard. Something like Kubernetes Gateway API could maybe even become independent of an ingress with this. Hopefully all projects that could use low level operations like that will use ebpf (something like Crowdsec could utilise this).
@@JobStoit Indeed. I see Cilium as the leader when eBPF for networking is concerned. There are a few interesting projects related to observability and security (outside networking) as well.
@@JobStoit Gateway API is (mostly) a specification rather than implementation so have Cilium as eBPF implementation of it would be awesome. Gateway API would cover only a fraction of what Cilium does but, nevertheless, would be a great way to standardize the API while having eBPF in the background doing the hard work.
eBPF can also change the current observability landscape. Tools like Pixie (New Relic) provides great observability of the application by providing the ability to write custom scripts to get information out from the system calls. It also provides flame charts, metrics and logs without any application instrumentation. With eBPF getting adopted by more and more project, we are definitely going to see a huge change in the cloud native landscape.
Please, an introduction to usage and development of eBPF would be awesome!
Thanks for the whole DevOps Toolkit initiative that helps me keeping up to date with this wild ocean of the cutting edge technologies.
Happy to help!
Yes. Please explore tools for observability, security, and networking using eBPF. Thanks for making this video. Subbed as result.
Yes. Please cover some more eBPF tools. This is an awesome cgannel for DevOps
Really appreciate your channel king! great content and great practical videos that is impossible to find anywhere else that helped me on multiple occasions at work!
Maybe you could compare existing tools for various functions within K8S and demonstrate advantage of those based on eBPF?
Great session as always Viktor! 👍
Great technology. Thanks for the review!
Of course do videos about tools that implement ebpf
Yes please we want to see a step by step demo of the eBPF!!
Love ur videos so clear and easy to understand
Thank you. This is really interesting. Would love to see the demo.
The next two videos will be about tools that are based on eBPF but solve different problems.
@@DevOpsToolkit can’t wait 👍
Would be really nice to see some practical examples how it works. Thanks for another great video!
Yes, Please do a video on how to leverage eBPF.
Will do
+1
Istio with eBPF would be great. Thanks!
eBPF is certainly a great kernel feature. Can now customize the kernel without patching it.
Victor, IMHO the content you're generating is unbelievably precious, because it's on the pulse of tendencies and presenting the technology vanguard!
I've no idea how deep you were able to get into Cilium, but if you were, which would be a great asset for the whole community, don't you think that it begins to turn into something like Argo stack (holistic packet/product, so to say), but of course in the context of networking/observability/security. I've been watching this project for a while now, precisely because of eBPF and I get the impression that something like this is starting to take shape. I'm sure that all of us will appreciate your opinion on the matter.
Cilium is coming next week 🙂
Great! Keep up the amazing work! 🙂
Thanks for your attitude and attention!
Cilium was just released: ruclips.net/video/sfhRFtYbuyo/видео.html
Viktor, you're magnificent! Can't wait to see it. Thank you!!!
Would love to see a practical video on how Cilium and other tools leverage eBPF !
awesome, looking forward for more !
Please explore the eBPF tools and make more videos on this topic.
Welcome back to Solaris :)
Yes, please i would like a demo of ebpf
Yes. Please!
Calico and Cilium head to head.
Here's Cilium: ruclips.net/video/sfhRFtYbuyo/видео.html. Falco is coming later...
Great explanation, thank you 👍
Interesting hot topic. Let me be a challenger (as usual lol); I don't think eBPF is the answer for long run, as time would come and we will hear again; stay out of kernel as you are simply a poor tenant renting my infrastructure so stay in your own tenant namespace. On the other hand, I agree that the sidecar approach ain't the answer, for the points given here plus maintainability of it as a complete application stack lcm and performance impacts as sidecar choke your app traffic, and it's scalability is not much as good as your app pod scalability where you can do horizontal, but sidecar can only scale vertically, and for that, you need to destroy and redeploy your app, what a fun lol
Cilium is fucking amazing
Would definitely like to see you do some vids on those programs using EBPF
I have Cilium installed. I can say that my K8s on Libvirt is using more CPU, I can hear more often my laptop's fan.
Really appreciate your effort. nice content as usual. What application you use to create the animated digram ?
Not sure... Editing, animations, and other post production tasks are done by an agency. I was doing all those things myself in the past but it was very time consuming.
I used Cilium as CNI and removed Kube proxy and replaced it with Cilium the performance was much better put tried using Linkerd as service mesh but it doesn't work without iptables old technology that comes with kube proxy
Yeah. If you need a service mesh, you should not remove anything like Kube proxy or you should check whether service mesh offered by cilium is enough.
I've checked Falco after you named it and it seems very interesting, do you know how it does compare to kubernetes-sigs/security-profiles-operator?
The second one seemed focusing on Selinux, AppArmor and seccomp profiles deployment, while Falco seems a full featured daemonset that I should start considering for out platform
I hope to release a video about Falco in near future.
it might be really interesting know more about
I know aquasec/tracee but how is it possible to use eBPF as proxy?
What about eBPF in a cloud provided K8s cluster?
It could be a real game changer ;)
I have at least two ebpf tools already scheduled for upcoming weeks :) One of those will be about networking (proxy) an another about observability.
Cilium, falco yes please.
Cilium was just released: ruclips.net/video/sfhRFtYbuyo/видео.html
Falco was just released as well (ruclips.net/video/0tBSKRvH3xo/видео.html).
Istio with eBPF please
Of course we'd like you to review the tools 😆, who else better than you?
I just dont understand why it took 30 years for people start loving eBPF. This is old stuff from the 90s
It often takes a lot of time for tech to become mainstream. We can, for example, say the same for containers. The tech was there for a while but only after Docker came out it became widely adopted.
@@DevOpsToolkit Now imagine Singularity containers and HPC tech. When this becomes mainstream, we gonna see a 10x improvement in latency
i hate when people read from script, its so obvious