Loading…
CNCF-hosted Co-located Events Europe 2024 taking place on 19 March. This event is happening in person at Paris Expo Porte De Versailles in Paris, France.

The Sched app allows you to build your schedule, but is not a substitute for your event registration. You must be registered for KubeCon + CloudNativeCon Europe 2024, and have an All-Access pass in order to participate in the sessions.

To view the full event schedule for a specific CNCF-hosted Co-located event, you can use the right-hand navigation bar to sort and filter.

CloudNativeHacks & KCS Location: W01-W08, Hall 7 | Level 7.3 | Pavilion 7

The schedule is subject to change.
Back To Schedule
Tuesday, March 19 • 09:50 - 10:15
Lessons from Building Scalable Network Policy Enforcement with eBPF - Hemanth Malla, Datadog & Joe Stringer, Isovalent

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Tweet Share
Feedback form is now closed.


eBPF has unlocked new levels of performance and scalability for container networking. Cilium has leveraged eBPF to implement a plethora of network policy features. Kubernetes scalability has been improving with every new release, and clusters with 5k+ nodes are increasingly common. Cilium’s policy framework needs to scale for hundreds of thousands of pods, all while dealing with complex scenarios like high pod churn environments. In this talk, Cilium maintainers will share some lessons learnt from years of programming kubernetes abstractions directly into the kernel space using eBPF. You’ll learn about how cilium efficiently intercepts traffic for enforcement both at L4 and L7, tricks used by cilium to minimize CPU overhead on each node, and some design decisions that have been instrumental in squeezing high performance out of the kernel regardless of the number of pods. Finally, we’ll discuss strategies you can follow to improve debuggability of eBPF based networking datapaths.
Speakers
avatar for Joe Stringer

Joe Stringer

Isovalent
Joe is a Principal Engineer at Isovalent. He's passionate about building efficient network dataplanes, and is actively involved in the communities around Cilium (as co-maintainer), eBPF (as member of the eBPF Steering Committee) and the Linux kernel (as a contributor).
avatar for Hemanth Malla

Hemanth Malla

Senior Software Engineer, Datadog
Hemanth Malla is a Senior Software Engineer working on Kubernetes and container networking at Datadog. He is also a Cilium CNCF maintainer. Previously he worked on various distributed systems in industries like e-commerce, fintech and high frequency trading. Apart from computers... Read More →

Lessons From Building Scalable Network Policy Enforcement With eBPF pdf
Tuesday March 19, 2024 09:50 - 10:15 CET
Pavilion 7 | Level 7.3 | Room S01
  Cilium + eBPF Day, Cilium Architecture