CNCF-hosted Co-located Events Europe 2024 taking place on 19 March. This event is happening in person at Paris Expo Porte De Versailles in Paris, France. The Sched app allows you to build your schedule, but is not a substitute for your event registration. You must be registered for KubeCon + CloudNativeCon Europe 2024, and have an All-Access pass in order to participate in the sessions.
To view the full event schedule for a specific CNCF-hosted Co-located event, you can use the right-hand navigation bar to sort and filter.
Network proxies have one thing in common - they push data from one side to the other. If the proxy doesn't access the data, then we can delegate the task of moving it between sockets to the operating system. In Linux, applications can move data in batches between sockets using the splice() syscall. However, this isn't the only method available! Linux network stack also offers an alternative API to transfer packets between sockets, called sockmap, which leverages the eBPF technology. In fact, your systems might be already using sockmap. This is what powers the transparent L7 filtering and socket-level policy enforcement in Cilium. In this talk we will go over the fundamentals of sockmap API, its evolution and features, as well as its internal design. We'll also explore the existing caveats and limitations. By the end, you should have a clear understanding of what it takes to use the sockmap API or, if you are a Cilium user, what role sockmap plays in your existing K8S cluster.
Jakub is a contributor to the networking and BPF subsystems in the Linux kernel. He is also a co-maintainer of the Linux BPF L7 framework, aka sockmap. At Cloudflare he is part of the team which delivers Linux kernels into production.
