Speakers
Daniel Borkmann
(Isovalent)
Martynas Pumputis
(Isovalent)
Description
With the rapid adoption of Cilium as the BPF-based datapath for Kubernetes as
well as integration into popular devops tooling such as kind [0] which allows
for running local Kubernetes clusters using Docker container 'nodes', we see
more advanced use (and corner) cases which have not yet been tackled from an
BPF and networking angle. Therefore, in this slot, we discuss on various loosely
coupled issues in the networking stack which we are working on in the context
of Cilium's BPF datapath:
- Mixed cgroup v1/v2 interference related to BPF cgroup programs
- TCP socket pacing for Pods out of the init network namespace
- Managed neighbor entries for load-balancer backends
- Wildcarded map lookups for Cilium's n-Tuple PCAP Recorder [1]
We will provide a brief overview of the use cases related to the above, and give
an outline for kernel extensions we are looking into.
[0] https://kind.sigs.k8s.io/
[1] https://cilium.io/blog/2021/05/20/cilium-110#standalonelb
| I agree to abide by the anti-harassment policy | I agree |
|---|
Primary authors
Daniel Borkmann
(Isovalent)
Martynas Pumputis
(Isovalent)
