Building Better Platforms With eBPF-Powered Cilium

Guest: Thomas Graf (LinkedIn)
Company: Isovalent (Twitter)

In this episode of TFiR: Newsroom, Swapnil Bhartiya sits down with Thomas Graf, Co-Founder and CTO at Isovalent, to talk about the status of Cilium, the Cloud Native Computing Foundation (CNCF) project, as well as interesting findings from the recently published Cilium Annual Report.

Key highlights of this video interview:

Cilium is well-known as a container networking interface (CNI) plugin, which provides the networking portion of Kubernetes. More than just a CNI, it covers load balancing, policy, security, runtime security, and service mesh. It has quickly grown into a platform of an ecosystem based on the extended Berkeley packet filter (eBPF) tooling that provides a variety of different values around networking, security, and observability.
What makes the Cilium ecosystem unique: 1) it is specifically built for the platform engineering persona, and 2) its use of eBPF, the kernel-level technology that allows it to do things better, faster, and more efficiently.
The project started out with a team of 333 engineers writing code. Today, it has over 500 code contributors and over 14,000 users in Slack chatting about Cilium and eBPF, and how they solve networking and security challenges.
Areas of focus this year: 1) bringing all the eBPF knowledge that they applied to networking into Tetragon in order to solve runtime security from an observability and enforcement perspective; 2) adding ingress support to Cilium in the Gateway API, and essentially continue working with the upstream community to standardize the intent language, the API, and how to configure a service mesh; and 3) listening to their users on the on-prem networking side and helping enterprises figure out how to connect their existing infrastructure with this new cloud-native world.
Enterprises are struggling with migrating more workloads from on-prem settings into the cloud, e.g., they can only move the stateless portions of the apps, but some of the databases need to stay. It’s dramatically more complex for enterprises that are not in a position to simply rewrite all of their apps.
The Cilium Annual Report focuses on how the community sees Cilium, how many people are using it, which features are being used, how many contributors are there, how many different companies are working on it, and how the project has evolved in solving different use cases for different users. Part of the objective is to recognize who are actually doing the contributions so that the effort continues and that the vendors and individual engineers continue to feel comfortable and motivated to work on the project and implement user requests.
Most notable findings from the Annual Report: 1) faster than anticipated rise of Kubernetes outside of the clouds. Today, 70% of Cilium usage includes at least an on-prem aspect, e.g., how to connect the infrastructure that’s not in the cloud yet or how to connect with cloud-native workloads; and 2) how quickly Cilium has gained a foothold on the service mesh side, i.e., running an initial survey to having production users all in one year.

This summary was written by Camille Gregory.

You may also like

LF Energy leads digitalization efforts to tackle decarbonization challenges

Carbon Data Specification Consortium helps drive climate solutions with carbon data standardization

Tackle data complexity with Hasura v3

Acorn Labs’ GPTScript aims to redefine coding for AI applications

Kubernetes is not for the weakhearted, so we are trying to simplify it | Sudeep Goswami

Salt Security sheds light on security risks of LLMs