Session + Live Q&A

Resiliency Superpowers with eBPF

eBPF is a powerful technology that allows us to run custom programs in the kernel. It’s enabling a whole new generation of tools for networking, security and observability. Let’s explore how it can help us build resilient architectures. 

This talk - with demos - considers several facets where eBPF can help, from dynamic vulnerability patching, through super-fast load balancing, to multi-cluster networking. You’ll also see how eBPF enables the observability we need to diagnose what’s happening when things go wrong.

Main Takeaways

1 Hear about what eBPF is and how it uses the Linux Kernel.

2 Learn how eBPF deals with networking issues, dynamic vulnerability patching, load balancing, multicluster networking, observability, and others.


Liz, what is the focus of your work these days?

About a year ago, I joined a company called Isovalent. They are specialists in a technology called eBPF, and the company behind a project called Cilium, which uses eBPF for Kubernetes-based networking, security and observability. I'd been really interested in eBPF for a few years now. eBPF needs support within the Linux kernel, and when I first came across it, nobody was using new enough kernels in the wild in real production usage. But that's changed now, and eBPF is available to everyone. Over the last, let's say, couple of years, I've turned my focus more and more towards eBPF, and that's where I'm very much focused now. We can use eBPF to dynamically change the way the Linux kernel behaves and use that for all kinds of observation and securing and even changing the way that things behave. We don't have to make any changes at all to applications. It's all handled within the kernel and that's really revolutionary. So that's what I'm focused on.

It's nice. And then, what is the motivation for your talk?

I'm in the resiliency track, and so we're going to look at some of the resiliency superpowers of eBPF, how we can leverage eBPF to create more resilient networks, to help us with security resiliency and fast load balancing, multiclass networking. There's all sorts of ways that we can apply eBPF to help us build a more resilient deployment, and that's what I'll be speaking about.

How would you describe the persona and the level of the target audience?

I always like to have some demos and there might be a little bit of code. I try to make it accessible to anybody who isn't frightened of seeing a little bit of code or command line. I won't anticipate everyone having any in-depth knowledge at all. You don't even really need to know the difference between user space and kernel, I will explain that to the audience. So I think it will be interesting to anyone who's maybe got a little bit of networking experience, understands what we mean when we say something like load balancing or multicluster. And we'll take it from there.

And what do you want these people to walk away with from your presentation?

I hope they'll leave with even a fraction of the excitement that I have for eBPF, and that would be a success from my point of view.


Speaker

Liz Rice

Chief Open Source Officer @Isovalent

Liz Rice is Chief Open Source Officer with cloud native networking and security specialists Isovalent, creators of the Cilium eBPF-based networking project. She is chair of the CNCF's Technical Oversight Committee, and was Co-Chair of KubeCon...

Read more

Date

Tuesday Apr 5 / 10:35AM BST (50 minutes)

Location

Windsor, 5th flr.

Track

Resilient Architectures

Topics

eBPF

Add to Calendar

Add to calendar

Share

From the same track

Session + Live Q&A Resilient Systems

Practical Resilience - The Core Stuff

Tuesday Apr 5 / 02:55PM BST

This panel will aim to explore, share ideas and provide pragmatic insight around some key areas related to designing, running and maintaining resilient architectures.

Liz Rice

Chief Open Source Officer @Isovalent

Christina Yakomin

Senior Site Reliability Engineering Specialist @Vanguard_Group

Jason Barto

Principal Solutions Architect @AWS

Kai Waehner

Field CTO @Confluentinc

Session + Live Q&A Resilient Systems

How to Test Your Fault Isolation Boundaries in the Cloud

Tuesday Apr 5 / 04:10PM BST

Will my system keep working when a server fails? When a data center goes offline? When a service dependency is unavailable?Availability calculations for redundant components require that those components are independent and autonomous of each other. But modern day systems are complex, exhibiting...

Jason Barto

Principal Solutions Architect @AWS

Session + Live Q&A Resilient Systems

Resilient Real-Time Data Streaming Across the Edge and Hybrid Cloud

Tuesday Apr 5 / 05:25PM BST

Hybrid cloud architectures are the new black for most companies. A cloud-first strategy is evident for many new enterprise architectures, but some use cases require resiliency across edge sites and multiple cloud regions. Data streaming with the Apache Kafka ecosystem is a perfect technology for...

Kai Waehner

Field CTO @Confluentinc

UNCONFERENCE + Live Q&A

Unconference: Resilient Architectures

Tuesday Apr 5 / 11:50AM BST

Details coming soon.

Session + Live Q&A Resilient Systems

The Scientific Method for Testing System Resilience

Tuesday Apr 5 / 01:40PM BST

Do you remember the Scientific Method from elementary school science class? It's time to dust off that knowledge and use it to your advantage to test your IT systems! In this session, you'll be re-introduced to the Scientific Method, and learn how Vanguard's software engineers and IT...

Christina Yakomin

Senior Site Reliability Engineering Specialist @Vanguard_Group

View full Schedule