The Release
Tetragon 1.0: Kubernetes Security Observability & Runtime Enforcement with eBPF
Kubernetes Native, Minimal Overhead, and Simplified Observability. Be sure to check out the benchmarks too
Tetragon adds visibility to Kubernetes with open-source runtime security platform
The history and where the project is headed
ITOps Times Open-Source Project of the Week: Tetragon
A quick overview of the project
eBPF: Unlocking the Kernel [OFFICIAL DOCUMENTARY]
World Premier at KubeCon and now available for binge watching
Buzzing Across Space: The Illustrated Children’s Guide to eBPF
Translating the bytecode into colorful pictures
The Technical
Securing Cilium policies with Kyverno
"Before diving in, it's crucial to clarify that this isn't intended as a production-ready guide" says everything before it goes into production
Beginner's Guide to XDP: A Journey Through Crafting XDP-Based Firewall with BCC
"As we close out this introduction to eBPF and XDP, I'm really struck by how capable and flexible these tools are"
Cilium Chronicles: Personally Navigating the Labyrinth of Kubernetes Networking
"In my humble opinion, Cilium is poised not just to be a front-runner but it’s about to drop a networking revolution on Kubernetes environment" and a walk through why
adobeSlash/cilium-kyverno
"This repository contains examples of Kyverno policies for controlling the creation of Cilium Network policies"
mtardy/mahebpf
"(For now 😼) an educational eBPF disassembler"
h4ckm310n/CVE-2022-0847-eBPF
"An eBPF program to detect attacks on CVE-2022-0847"
tks98/snoopy
"Inspect SSL/TLS traffic using eBPF"
🐝
The Ecosystem
eBPF: Unlocking the Kernel [OFFICIAL DOCUMENTARY]
World Premier at KubeCon and now available for binge watching. Yes its listed twice because it is just that good
Buzzing Across Space: The Illustrated Children’s Guide to eBPF
Translating the bytecode into colorful pictures. Yes its listed twice because I help write it #nepotism
eBPF Documentary: eBPF’s Creation Story – Unlocking The Kernel
Read Thomas's behind the scenes cut with additional material included
Cilium User Survey - September 2023
Still open for another week for any last feedback!
KubeCon points to the future of enterprise IT
"Today Cilium is the de facto building block for cloud-native network infrastructure"
How We Implemented Zero Trust in Choreo
"We leverage Cilium policies, which operate across Layer 3, 4, and 7, to manage ingress and egress traffic. This multilayer policy application provides greater flexibility and control over network traffic"
COMING SOON! Cilium Certified Associate (CCA)
New cert from the Linux Foundation
All About The New CNCF Cilium Certified Associate (CCA) Certification!
Learn how to get ready for the new cert
eBPF and OpenTelemetry Rule At KubeCon 2023 in Chicago: Observability Is King
Title says it all
Isovalent Extends Cilium’s Enterprise Networking and Security Features at KubeCon
Overview of Graduation, 1.14 release, and Tetragon 1.0
Kubernetes security remains a big challenge for enterprise developers
"Cilium has become the de facto building block for cloud-native network infrastructure"
Catch the Cilium Wave at KubeCon+CloudNativeCon Chicago
Brutal my talk didn't make the list (just joking I spoke about eBPF licensing)
Don’t Rely on eBPF Alone for Kubernetes
"I would encourage the use of existing and well-maintained and supported eBPF-based tools, instead of adopting a do-it-yourself approach"
Grafana Beyla 1.0 release: zero-code instrumentation for application telemetry using eBPF
"From these captured eBPF events, we produce OpenTelemetry spans and Rate-Errors-Duration (RED) metrics" great to see eBPF spreading in observability
Kubescape 3.0: The Result of Lessons Learned with eBPF for Security
"The rising crest of eBPF’s hype cycle is largely attributed to its capabilities to help secure applications running on Kubernetes clusters" very interesting take 😅
Showing Blocked Requests in Notebooks with Cilium Hubble
"With the use of its flow filters, Hubble allows us to see dropped outbound requests made from a Jupyter Notebook server. This provides a much better experience for our users."
The Big Interview: Thomas Graf, CTO, Isovalent, on eBPF, cloud-native networking and why Cilium is so hot right now
The vision for Cilium "all aspects of the network and of connectivity have an opportunity to be redone better"
🐝
The How To
Combining Powerful Cilium Features Together In Kubernetes
I love this blog because this leveraging of multiple features is where choosing Cilium as the connectivity layer for your platform really begins to shine
Testing Cilium Cluster Mesh installation/configuration using Helm Charts (GitOps approach) — part 1
Does what it says on the tin including a part 2
Cilium: Multi-Cluster mesh Setup Explained Part 2
Learn how to install and check Cilium Cluster Mesh
How to Use eBPF Capabilities to Navigate Kubernetes Monitoring
using BCC and BPFTrace
🐝
The Video
eBPF: Unlocking the Kernel [OFFICIAL DOCUMENTARY]
Make sure you have 30 minutes when you start it because you won't want to stop until it is finished
What is Tetragon?
High level overview of use cases
Introducing the Cilium Certified Associate Certification
Get your next badge
How VSHN Uses Metrics to Monitor Their Network Policy
"We export network metrics for auditing"
CNCF Cilium project at KubeCon 2023 Chicago
See Dan in action on the show floor
Automatically join worker nodes to an external Kubernetes Control Plane running Cilium Service Mesh
on node boot
🐝
The Events
DevOps Belfast: Cloud-native Networking, Observability, and Security with Cilium
November 21st
Cilium Workshop with Isovalent and copebit - Zürich
November 22nd
Pozvánka na 39. meetup Cloud-Native Slovensko
November 23rd in Bratislava
Cilium Workshop with Isovalent, Microsoft & Sopra Steria - Oslo
November 28th
Cilium Workshop with Isovalent, Microsoft & Sopra Steria - Trondheim
November 29th
What's new in Cilium 1.14!
Webinar on November 30th
Cilium + eBPF Day
Coming back to KubeCon Paris and the CfP is already open 😅
🐝
