Loading…
Attending this event?
Simple
Expanded
Grid
By Venue
Cilium + eBPF Day clear filter
Tuesday, November 12
 

9:00am MST

Cilium + eBPF Day | Welcome + Opening Remarks
Tuesday November 12, 2024 9:00am - 9:05am MST
Salt Palace | Level 1 | Grand Ballroom BD
Tuesday November 12, 2024 9:00am - 9:05am MST
Salt Palace | Level 1 | Grand Ballroom BD
  Cilium + eBPF Day

9:10am MST

Confluent's Multi-Cloud Journey to Cilium: Pitfalls and Lessons Learned - Nimisha Mehta & Alvaro Aleman, Confluent
Tuesday November 12, 2024 9:10am - 9:35am MST
Salt Palace | Level 1 | Grand Ballroom BD
Confluent Cloud is a data streaming platform built on thousands of Kubernetes clusters across AWS, Azure & GCP. Confluent migrated clusters to use Cilium for its advanced security features like transparent encryption and DNS name-based network policies, along with performance, scalability & observability improvements. The main challenge was executing a live migration without disrupting stateful workloads, complicated by the risks of replacing a low-level component like the CNI. The process required meticulous planning to ensure intra-cluster connectivity during migration, while accommodating each cloud provider's unique network config. This talk shares the journey of migrating to Cilium, highlighting obstacles and lessons learned. We will explore uninstalling pre-existing CNIs, setting up Cilium & addressing cloud-specific issues to maintain connectivity. Benefits like transparent encryption, policies, and Hubble observability, along with the challenges faced, will also be discussed.
Speakers
avatar for Alvaro Aleman

Alvaro Aleman

Software Engineer, Confluent
Alvaro is a software engineer with a deep passion for infrastructure and open source. He has been working with Kubernetes since 2017 and is a maintainer of the popular controller-runtime library.
avatar for Nimisha Mehta

Nimisha Mehta

Software Engineer, Confluent
Nimisha is a Software Engineer working on Confluent's Kubernetes Platform team. Previously, she helped build Oracle Cloud’s managed Kubernetes service. Apart from learning about distributed systems and infrastructure, she enjoys volunteering, cycling & cooking.
Tuesday November 12, 2024 9:10am - 9:35am MST
Salt Palace | Level 1 | Grand Ballroom BD
  Cilium + eBPF Day, Use Cases

9:45am MST

Insightful Traffic Monitoring: Harnessing Cilium for Comprehensive Network Observability - Sudheendra Murthy & Adithya Yavanamanda, eBay
Tuesday November 12, 2024 9:45am - 10:10am MST
Salt Palace | Level 1 | Grand Ballroom BD
eBay's cloud consists of thousands of microservices running on millions of containers across hundreds of Kubernetes clusters. In this dynamic & complex cloud environment, mapping dependencies between microservices is crucial. This session delves into how eBay innovatively and scalably uses Cilium, powered by eBPF, to monitor traffic flows, generate real-time traffic events and construct a comprehensive dependency graph of microservice interactions across hundreds of K8s clusters.

The presentation will cover:
  • The innovative use of eBPF and Cilium to monitor traffic events in near real-time 
  • How traffic events are mapped to different microservices
  • The architecture and design of the scalable solution to handle the large volume data
  • The integration of OpenTelemetry for efficient traffic event stream processing
  • Key challenges and solutions in building and maintaining the dependency graph
  • Insights and lessons learned from integrating eBPF and Cilium into eBay’s infrastructure
Speakers
avatar for Adithya Yavanamanda

Adithya Yavanamanda

Software Engineer, eBay
Software engineer interested in distributed systems, currently working on securing large scale kubernetes infrastructure at eBay Inc meandering between all layers from linux kernel to distributed control planes.
avatar for Sudheendra Murthy

Sudheendra Murthy

Principal Engineer & Cloud Architect, eBay
Sudheendra is a Principal Engineer and Cloud Architect in the Cloud Infrastructure group at eBay. He has more than 14 years of experience in cloud technologies including Kubernetes, Micro-segmentation, SDN, OpenStack and designing highly scalable and performant systems.
Tuesday November 12, 2024 9:45am - 10:10am MST
Salt Palace | Level 1 | Grand Ballroom BD
  Cilium + eBPF Day, Use Cases

10:15am MST

Sponsored Keynote: eBPF: Now Turing Complete! - Liz Rice, Isovalent, now part of Cisco
Tuesday November 12, 2024 10:15am - 10:20am MST
Salt Palace | Level 1 | Grand Ballroom BD
Conway’s Game of Life is well known in computer science as a Turing complete zero-player game. In this keynote you’ll see Game of Life implemented in eBPF, and explore what this means for the evolution of eBPF as a powerful platform for infrastructure tools.
Speakers
avatar for Liz Rice

Liz Rice

Chief Open Source Officer, Isovalent, now a part of Cisco
Liz Rice is Chief Open Source Officer at Isovalent, the creators of the Cilium project, and now part of Cisco. Currently on the boards of the CNCF and OpenUK, she was chair of the CNCF's Technical Oversight Committee 2019-2022, and Co-Chair of KubeCon + CloudNativeCon in 2018. She... Read More →
Tuesday November 12, 2024 10:15am - 10:20am MST
Salt Palace | Level 1 | Grand Ballroom BD
  Cilium + eBPF Day

10:40am MST

eBPF for Creating Least Privileged Policies; What Do I Need to Know to Prepare for the Next CVEs? - Natalia Reka Ivanko & John Fastabend, Isovalent, now part of Cisco
Tuesday November 12, 2024 10:40am - 11:05am MST
Salt Palace | Level 1 | Grand Ballroom BD
Least privilege is a very old concept that is well understood and already implemented in the cloud native landscape by Security Teams. It is often encountered when they deploy an application and will be asked: what privileges does this workload require? Join John and Natalia to learn how eBPF allows to implement least privileged policies by injecting code inline into the kernel and keeping the application overhead minimal! This will be a fun talk which evaluates eBPF-based least privileged policies against a list of known CVEs by showing a live demo. We will show how eBPF can be used to implement the least privileged principle by monitoring every process and system call execution, networking and file access, or even stack traces combining this data to create a known ordering and making the attacker's job immensely harder. We will finish by explaining where this technology shines and where we are continuing to improve to block the next generation of security attacks.
Speakers
JF
avatar for Natalia Reka Ivanko

Natalia Reka Ivanko

Sr. Product Manager, Isovalent, now part of Cisco
Natalia Ivanko is a Sr. Product Manager at Isovalent, and now part of Cisco, leading an eBPF-based Runtime Security Product, Tetragon. She has been  previously a Security Engineer with a strong background in Linux, Container and Cloud Security. Passionate about building things that... Read More →
Tuesday November 12, 2024 10:40am - 11:05am MST
Salt Palace | Level 1 | Grand Ballroom BD
  Cilium + eBPF Day, Benefits of eBPF

11:15am MST

Reinventing Seccomp for Fun and Profiles - Amit Schendel, ARMO & Dor Serero, Microsoft
Tuesday November 12, 2024 11:15am - 11:40am MST
Salt Palace | Level 1 | Grand Ballroom BD
Seccomp has long been a critical security feature in the Linux kernel, as a powerful tool for access control. With the emergence of eBPF, the landscape of kernel security has started evolving rapidly. It offers opportunities for improving and extending security policies. In this talk we will show how to achieve some of seccomp's capabilities and extend them using eBPF and KRSI in security use cases. The talk will give an overview of Seccomp in general and in Kubernetes, focus on its importance in securing containerized workloads. We will review applicable eBPF capabilities, showing how it changes the way we can inspect and filter syscalls at runtime. We will introduce KRSI and LSM, showing how they can enhance kernel security. The session will end with a demo of our PoC that leverages eBPF and KRSI to create a modern alternative to seccomp. Illustrating a real-world option, will provide attendees with practical knowledge on how to reinvent Seccomp for enhanced security.
Speakers
avatar for Amit Schendel

Amit Schendel

Sr. Security Researcher, ARMO
Passionate about security research and low-level programming with a focus on kernel drivers (Windows & Linux). Proficient in C++, Python, and Go. Excited about tackling complex challenges at the intersection of cybersecurity, system-level development and cloud technologies.
avatar for Dor Serero

Dor Serero

Principal Software Engineer, Microsoft
Dor Serero is a Principal Software Engineer at Microsoft. Dor is passionate about distributed systems and security. Outside of work, you can find Dor spending time with his wife and two daughters or holding a video game controller.
Tuesday November 12, 2024 11:15am - 11:40am MST
Salt Palace | Level 1 | Grand Ballroom BD
  Cilium + eBPF Day, Use Cases

11:50am MST

Panel: Exploring eBPF Use Cases in Cloud-Native Security - Oshrat Nir, ARMO; Anna Kapuścińska, Isovalent, now part of Cisco; Whitney Lee, CNCF Ambassador; Maya Singh, Microsoft; Cortney Nickerson, Kubeshop
Tuesday November 12, 2024 11:50am - 12:25pm MST
Salt Palace | Level 1 | Grand Ballroom BD
Cloud-native security requires a shift in mindset. Workloads are ephemeral, the attack surface has grown and with it, the complexities. eBPF has emerged as a powerful technology, enabling deep visibility and dynamic security capabilities within the Linux kernel. This panel will explore use cases in which eBPF enhances cloud-native security. We will explore how eBPF can be leveraged to perform real-time monitoring, threat detection, and mitigation across containerized applications and microservices. Our expert panelists will share insights on using eBPF for network security, application profiling, anomaly detection, and enforcing security policies at the kernel level. Additionally, we will discuss the integration of eBPF with popular cloud-native tools and platforms, showcasing practical implementations.
Speakers
avatar for Whitney Lee

Whitney Lee

CNCF Ambassador
Whitney is a lovable goofball and a CNCF Ambassador who enjoys understanding and using tools in the cloud native landscape. Creative and driven, Whitney recently pivoted from an art-related career to one in tech. You can catch her lightboard streaming show ⚡️ Enlightning on her... Read More →
avatar for Anna Kapuścińska

Anna Kapuścińska

Software Engineer, Isovalent, now part of Cisco
Anna is a software engineer at Isovalent, focusing on eBPF-based observability and security. Her previous roles span the industry: she wore both developer and SRE hats, and worked in AdTech, FinTech, public healthcare, end-user SaaS company and a hosting provider. On good weather... Read More →
avatar for Oshrat Nir

Oshrat Nir

Developer Advocate, ARMO
Oshrat Nir is the Developer Advocate at ARMO, where she helps customers adopt Kubernetes security. She has over 20 years of IT experience, including roles at Amdocs and Giant Swarm. She is a big believer in transparency and community, and she loves telling stories. She excels at bridging... Read More →
avatar for Maya Singh

Maya Singh

Product Manager, Microsoft
Maya is a Product Manager at Microsoft who is passionate about data driven product development. With experience in financial services and Ed-tech she is excited to now delve into all things open source. Maya holds a Bachelor's degree in Biomedical Engineering and an MBA, both from... Read More →
avatar for Cortney Nickerson

Cortney Nickerson

Developer Advocate at Kubeshop, Kubeshop
Cortney is a Developer Advocate at Kubeshop and a co-organizer of the CNCF Bilbao Community. Initially, a non-techie turned tech lover, she began her career as employee number 7 at a DevSecOps startup (acquired by DataDog) and wrote the newsletter and other content for the Data on... Read More →
Tuesday November 12, 2024 11:50am - 12:25pm MST
Salt Palace | Level 1 | Grand Ballroom BD
  Cilium + eBPF Day, Benefits of eBPF

1:30pm MST

Scaling Network Policy Enforcement Beyond the Cluster Boundary with Cilium - Hemanth Malla & Maxime Visonneau, Datadog
Tuesday November 12, 2024 1:30pm - 1:55pm MST
Salt Palace | Level 1 | Grand Ballroom BD
To keep up with infrastructure growth, companies around the world are managing an increasing number of kubernetes clusters. Enforcing kubernetes native network policy at scale is already hard enough within a single cluster. Extending this to multiple clusters is even more challenging. Depending on the shape of your infrastructure, your cross-cluster policy requirements may be unique, and there’s no one-size-fits-all configuration. In this talk, we’ll dive deep into how different solutions work in cilium to understand sources of potential bottlenecks. We’ll discuss Clustermesh, KVstoremesh, DNS-based FQDN policy and a custom variant of KVstoremesh Datadog leverages while meshing at scale. Specifically, we’ll discuss how factors like the number of pods, identities and pod churn will impact scalability and time to policy enforcement. Join us if you’re curious about understanding the latest in cross-cluster policy and leave with actionable insights you can apply to your infrastructure.
Speakers
avatar for Hemanth Malla

Hemanth Malla

Senior Software Engineer, Datadog
Hemanth Malla is a Senior Software Engineer working on Kubernetes and container networking at Datadog. He is also a Cilium CNCF maintainer. Previously he worked on various distributed systems in industries like e-commerce, fintech and high frequency trading. Apart from computers... Read More →
avatar for Maxime Visonneau

Maxime Visonneau

Engineering Manager, Datadog
Maxime is an experienced systems and software engineer known for his passion in building robust infrastructures for small to large businesses. Having successfully led his startup to acquisition by Twitter in 2021. He is currently leading teams at Datadog where he brings a wealth of... Read More →
Tuesday November 12, 2024 1:30pm - 1:55pm MST
Salt Palace | Level 1 | Grand Ballroom BD
  Cilium + eBPF Day, Cilium Architecture

2:05pm MST

How to Use XDP and eBPF to Accelerate IPSec Throughput by 400% - Ryan Drew, Isovalent, now part of Cisco
Tuesday November 12, 2024 2:05pm - 2:30pm MST
Salt Palace | Level 1 | Grand Ballroom BD
The techniques used to increase IPSec network performance are often kept as secrets because they act as a competitive advantage and a lucrative product offering. This talk transparently presents a technique for massively boosting IPSec performance that is simple to implement (less than 200 lines of C), and based entirely on open-source work. An early Proof of Concept (POC) implementation showed an increase in p99 throughput by 412%! This talk will take a deep-dive into how it all works, covering: the implementation, the pros and cons of the design, and an analysis of benchmark results. As transparent encryption becomes more crucial for securing data in transit, we hope this talk will enable users required to use IPSec for compliance or infrastructure reasons to learn how to speed up their network without having to compromise their security.
Speakers
avatar for Ryan Drew

Ryan Drew

Software Developer, Isovalent, now part of Cisco
Ryan Drew is a Performance and Scale engineer at Isovalent, based out of the United States in Colorado. He has a passion for learning and building amazing technologies and collaborating with his colleagues to help make a positive impact.
Tuesday November 12, 2024 2:05pm - 2:30pm MST
Salt Palace | Level 1 | Grand Ballroom BD
  Cilium + eBPF Day, Cilium Architecture

3:20pm MST

Hubble Beyond Cilium - Anubhab Majumdar & Mathew Merrick, Microsoft
Tuesday November 12, 2024 3:20pm - 3:45pm MST
Salt Palace | Level 1 | Grand Ballroom BD
Hubble is a great solution for finding and fixing network problems in a Kubernetes cluster. However, we noticed that one of the main barriers for people to use Hubble is its dependency on Cilium as the dataplane. In this talk, we'll demonstrate how to decouple Hubble from Cilium, and use Hubble as a powerful Observability/metrics platform on top of any custom data plane. We will show you how to make Hubble work with any data source you want, without changing any code in Hubble. We'll show you an example of one such open source project called Retina and compare how key features work with both Cilium and custom CNI. In a live demo, we will show that you can get the same experience with Hubble regardless of what CNI you use.
Speakers
avatar for Anubhab Majumdar

Anubhab Majumdar

Software Engineer II, Microsoft
Software engineer in the Azure Container Networking team; previously with VMware Tanzu team
avatar for Mathew Merrick

Mathew Merrick

Software Engineer II, Microsoft
Software Engineer on the Azure Container Networking team.
Tuesday November 12, 2024 3:20pm - 3:45pm MST
Salt Palace | Level 1 | Grand Ballroom BD
  Cilium + eBPF Day, Benefits of eBPF

3:55pm MST

Lessons Learned Migrating to Modern Multi-Platform eBPF Programs - Dave Tucker, Red Hat
Tuesday November 12, 2024 3:55pm - 4:20pm MST
Salt Palace | Level 1 | Grand Ballroom BD
Kepler needed to migrate its old eBPF probes developed with BCC to probes that were compiled ahead of time. Maybe you do too? While performing this migration we were able to use some modern features of eBPF, the cilium/ebpf Go library, and bpf2go to make our probes multi-platform. Kepler (Kubernetes-based Efficient Power Level Exporter) is a CNCF project focused on measuring the environmental impact of software. At its core, Kepler uses eBPF to gather metrics from the Linux Kernel, which feed into an ML model that estimates power consumption for processes, VMs, and Pods. By the end of this session, you’ll gain a deeper understanding of eBPF, practical insights into its application in power consumption monitoring, and strategies for modernizing existing eBPF programs. Join us to learn from our experience and take away actionable best practices for your own projects!
Speakers
avatar for Dave Tucker

Dave Tucker

Sr. Principal Software Engineer, Red Hat
Dave is a long-time networking nerd, turned software engineer at the dawn of Software Defined Networking (SDN). A passionate Rustacean who currently helps to maintain Aya - a pure Rust eBPF library - alongside the Rust Compiler's BPF target, which allows users to program in Rust as... Read More →
Tuesday November 12, 2024 3:55pm - 4:20pm MST
Salt Palace | Level 1 | Grand Ballroom BD
  Cilium + eBPF Day, Benefits of eBPF

4:30pm MST

So You Want to Write Memory with eBPF? - Nikola Grcevski, Grafana Labs & Mike Dame, Google
Tuesday November 12, 2024 4:30pm - 4:55pm MST
Salt Palace | Level 1 | Grand Ballroom BD
A lot of eBPF programs fall into the category of observing the Linux system, i.e the kernel, system libraries or user-space programs. For the purpose of observing the system, we mostly rely on reading memory with eBPF, either kernel or user-space memory. However, sometimes various eBPF use cases require writing memory, for example propagating W3C context for various application protocols. This talk focuses on our journey to implement W3C trace context propagation with eBPF at various levels of the protocol stack. We explore what memory write eBPF APIs are available to us today, along with their implications to system security, stability, required permissions and implementation difficulty. We’ll present two working solutions with their pros and cons, a lot of dead ends, as well as explore what a new approach might look like by leveraging the “BPF arena” feature in kernel 6.9.
Speakers
avatar for Mike Dame

Mike Dame

Software Engineer, Google
Software engineer working on OpenTelemetry and Kubernetes
avatar for Nikola Grcevski

Nikola Grcevski

Nikola Grcevski, Grafana Labs
Nikola Grcevski has worked as a software engineer for more than 20 years, mostly in the field of compilers, managed runtimes and performance optimization. Most recently he's working on low level application instrumentation with eBPF at Grafana Labs.
Tuesday November 12, 2024 4:30pm - 4:55pm MST
Salt Palace | Level 1 | Grand Ballroom BD
  Cilium + eBPF Day, eBPF Internals

5:00pm MST

⚡ Lightning Talk: Don't Get Blown up! Avoiding Configuration Gotchas for Tetragon Newbies - Pratik Lotia, Reddit
Tuesday November 12, 2024 5:00pm - 5:10pm MST
Salt Palace | Level 1 | Grand Ballroom BD
This talk will dive into five common configuration pitfalls that beginners encounter when using Tetragon for runtime observability on their workloads. We'll explore the implications of each gotcha and provide clear steps to avoid them. The talk will also cover best practices for configuring Tetragon in a Kubernetes environment.
Speakers
avatar for Pratik Lotia

Pratik Lotia

Senior Cloud Security Engineer, Reddit
Pratik Lotia is an infrastructure security engineer at Reddit, where he is responsible for building tools and processes for implementing security best practices for cloud native environments. He has extensive experience working on security projects for public & private clouds and... Read More →
Tuesday November 12, 2024 5:00pm - 5:10pm MST
Salt Palace | Level 1 | Grand Ballroom BD
  Cilium + eBPF Day, Use Cases

5:15pm MST

⚡ Lightning Talk: Applying Cilium at Edge with KubeEdge - Tomoya Fujita, Sony Corporation of America
Tuesday November 12, 2024 5:15pm - 5:25pm MST
Salt Palace | Level 1 | Grand Ballroom BD
Applications at edge environment can be platform dependent, complicated and distributed in regions, and the number of devices significantly increases. Our final goal is to create the infrastructure that can be applied to the entire environment crossing over the cloud and edge in common. Working with KubeEdge and Cilium, we are now successfully able to use Cilium with KubeEdge hosted nodes at edge environment. This means, enabling wireguard VPN with Cilium can provide the transparent network connectivity with the nodes running in the cloud infrastructure, so that edge nodes running at edge environment just appear to be a member of cluster system but with edge autonomy feature provided by KubeEdge. We would like to share our technical insights and experience with using Cilium at edge with KubeEdge, and what are the future development and contribution with Cilium community.
Speakers
avatar for Tomoya Fujita

Tomoya Fujita

Senior Staff Software Engineer, Sony Corporation of America
Software Engineer, Sony Corporation of America System software architect and developer in Sony Corporation R&D Center. A member of ROS(Robot Operating System) TSC(Technical Steering Committee): https://index.ros.org/doc/ros2/Governance/ Github: https://github.com/fujitatomoya
Tuesday November 12, 2024 5:15pm - 5:25pm MST
Salt Palace | Level 1 | Grand Ballroom BD
  Cilium + eBPF Day, Use Cases

5:25pm MST

Cilium + eBPF Day | Closing Remarks
Tuesday November 12, 2024 5:25pm - 5:30pm MST
Salt Palace | Level 1 | Grand Ballroom BD
Tuesday November 12, 2024 5:25pm - 5:30pm MST
Salt Palace | Level 1 | Grand Ballroom BD
  Cilium + eBPF Day
 
Share Modal

Share this link via

Or copy link

Filter sessions
Apply filters to sessions.
Monday, November 11
Tuesday, November 12
Hyatt | Level 2 | Salt Lake Ballroom A
Hyatt | Level 2 | Salt Lake Ballroom B
Salt Palace | Level 1 | 151 A-G
Salt Palace | Level 1 | Grand Ballroom AC
Salt Palace | Level 1 | Grand Ballroom BD
Salt Palace | Level 1 | Grand Ballroom EGI
Salt Palace | Level 1 | Grand Ballroom FHJ
Salt Palace | Level 2 | 250 A-C
Salt Palace | Level 2 | 250 D-F
Salt Palace | Level 2 | 251 A-F
Salt Palace | Level 2 | 254 A-C
Salt Palace | Level 2 | 255 BC
Salt Palace | Level 2 | 255 EF
Salt Palace | Level 3 | 355
  • AppDeveloperCon
  • ArgoCon
  • BackstageCon
  • Breaks
  • Cilium + eBPF Day
  • Cloud Native AI + Kubernetes Day
  • Cloud Native StartupFest
  • Cloud Native University
  • Data on Kubernetes Day
  • EnvoyCon
  • Istio Day
  • Kubernetes on Edge Day
  • Observability Day
  • OpenFeature Summit
  • OpenTofu Day
  • Platform Engineering Day
  • WasmCon
  • Content Experience Level
  • Advanced
  • Any
  • Beginner
  • Intermediate
  • Event + Breaks
  • AppDeveloperCon
  • ArgoCon
  • BackstageCon
  • Cilium + eBPF Day
  • Cloud Native + Kubernetes AI Day
  • Cloud Native StartupFest
  • Cloud Native University
  • Data on Kubernetes Day
  • EnvoyCon
  • Istio Day
  • Kubernetes on Edge Day
  • Observability Day
  • OpenFeature Summit
  • OpenTofu Day
  • Platform Engineering Day
  • WasmCon