Cilium 1.0: Bringing the BPF Revolution to Kubernetes Networking and Security

Cilium 1.0: Bringing the BPF Revolution to Kubernetes Networking and Security

  • May 8, 2018
Table of Contents

Cilium 1.0: Bringing the BPF Revolution to Kubernetes Networking and Security

The last couple of months have been tremendously exciting for everyone working on Cilium and BPF. We have witnessed a fast growing community of Cilium users as well as the rapid increase of BPF usage and development with companies such as Google joining the existing already strong BPF community of engineers from Facebook, Netflix, Red Hat and many more. Possibly the strongest signal on the success of BPF has been the decisions of the Linux kernel community to replace the in-kernel implementation of iptables with BPF.

Source: cilium.io

Tags :
Share :
comments powered by Disqus

Related Posts

Sapienz: Intelligent automated software testing at scale

Sapienz: Intelligent automated software testing at scale

Shipping code updates to the Facebook app, which is used every day by hundreds of millions of people, requires extensive testing to ensure stability and performance. At Facebook’s scale, this process requires checking hundreds of important interactions across numerous types of devices and operating systems for both correctness and speed. Traditionally, this has largely been a manual test design process, during which engineers devote time and resources to designing test cases.

Read More
Performance analysis of cloud applications

Performance analysis of cloud applications

Today’s choice gives us an insight into how Google measure and analyse the performance of large user-facing services such as Gmail (from which most of the data in the paper is taken). It’s a paper in two halves. The first part of the paper demonstrates through an analysis of traffic and load patterns why the only real way to analyse production performance is using live production systems.

Read More
Google gVisor, a sandboxed container runtime

Google gVisor, a sandboxed container runtime

To that end, we’d like to introduce gVisor, a new kind of sandbox that helps provide secure isolation for containers, while being more lightweight than a virtual machine (VM). gVisor integrates with Docker and Kubernetes, making it simple and easy to run sandboxed containers in production environments.

Read More