This talk introduces Cilium, a fast emerging open source project leveraging BPF to provide networking and security for containers. We will do a quick deep dive into BPF, possibly the most promising low level technology to address challenges in application and network security, networking, tracing, and visibility. We will discuss how BPF became capable of universally extending and instrumenting both the Linux kernel and user space applications. The introduction is followed by a concrete example of how the Cilium open source project applies BPF to solve networking, security, and load balancing for highly distributed applications. We will discuss how Cilium can be combined with orchestration systems such as Kubernetes to provide security and networking for cloud native applications.
Thomas Graf is Co-Founder & CTO at Isovalent and creator of the Cilium project. Before this, Thomas has been a Linux kernel developer at Red Hat for many years.