BPF (Berkeley Packet Filter) is becoming the fastest growing technology in the Linux kernel and is revolutionizing networking, security, and tracing. At the same time, the rise of container-based orchestration platforms such as Kubernetes is creating demand for routing, load-balancing & security infrastructure that is highly scalable, application-aware, and resilient. This talk introduces the open source project Cilium - a modern networking and security platform for microservices. Cilium is built on top of BPF and provides Linux native networking and security services with application protocol awareness.
Cilium works hand in hand with application proxies such as Envoy and the services management orchestration layer Istio to provide infrastructure services in a transparent manner and with minimal overhead. This talk will discuss the challenges of exposing services via APIs and the solution that Cilium provides to enforce least privilege security. Twitter: @ciliumproject Cynthia Thomas (@_techcet_) is a Technology Evangelist at Covalent IO. Her background includes working with open source cloud & networking solutions. Since 2015, she has been working on Docker and Kubernetes with CNI plugins, currently through the open source project Cilium (www.cilium.io). She is a frequent speaker at conferences and MeetUps, including ContainerCon, DevOps Days, DockerCon, Kubernetes MeetUps, and OpenStack Summits & MeetUps.