As EBPF changes the network of container

“It makes sense to have a transitional period when the booth virtual devices are supported on existing clusters until containers/subdoved based on VEVH gradually gradually gradually,” says Daniel Borkmann, co -creator of EBPF and Cilium, founding enoer in ISVALENT and Linux. To support the cilium-fired clusters Kubernetes, it is recommended to log in to the configuration on the node. Newly connected nodes can use not to use, while older nodes continue to use VETH until they are fully discarded, he says.

Using EBPF in observability and security

In addition to creating networks, EBPF is used for security, observability and other purposes. Sales The majority of these cases of use include data obtaining, not a state changes, are probably easier and easier to enact than network networks, UTT says. “It was a change in the game and truly inspiring to witness EBPF growth in these cases,” says UTT, which contributes to BPFman, a universal loader for all EBPF programs in the system.

Others also expect great future dynamics in this area. “I see that EBPF plays an important role in observability, security and compliance, probably more than a network,” says Sun, who notes that many EBPF projects related to the horizon or security or compliance is inhabited by CNCF landscapes such as Kepler, Pixie and Kubeararmor. Most of them are at the level of “quarantine”, which means that in early stages and not yet widely accepted signaling room for growth.

Leave a Comment