Is eBPF The End Of Kubernetes Sidecar Containers?
Vložit
- čas přidán 12. 06. 2024
- eBPF might be the next big thing in Kubernetes. In this video, we'll take a look at what eBPF is, how it works, and how it can be used to replace sidecar containers.
#ebpf #kubernetes #k8s
▬▬▬▬▬▬ 😳 Sponsor 😳 ▬▬▬▬▬▬
🔗 Datree: datree.io
Consider joining the channel: / devopstoolkit
▬▬▬▬▬▬ 💰 Sponsoships 💰 ▬▬▬▬▬▬
If you are interested in sponsoring this channel, please use calendly.com/vfarcic/meet to book a timeslot that suits you, and we'll go over the details. Or feel free to contact me over Twitter or LinkedIn (see below).
▬▬▬▬▬▬ 👋 Contact me 👋 ▬▬▬▬▬▬
➡ Twitter: / vfarcic
➡ LinkedIn: / viktorfarcic
▬▬▬▬▬▬ 🚀 Other Channels 🚀 ▬▬▬▬▬▬
🎤 Podcast: www.devopsparadox.com/
💬 Live streams: / devopsparadox
▬▬▬▬▬▬ ⏱ Timecodes ⏱ ▬▬▬▬▬▬
00:00 What is eBPF?
01:20 Datree (sponsor)
02:06 What is eBPF? (cont.) - Věda a technologie
What do you think about eBPF? Do you think it will replace sidecar containers?
Yes. Its already happening
Cilium has done a great job innovating in this. It certainly should become the standard. Something like Kubernetes Gateway API could maybe even become independent of an ingress with this. Hopefully all projects that could use low level operations like that will use ebpf (something like Crowdsec could utilise this).
@@JobStoit Indeed. I see Cilium as the leader when eBPF for networking is concerned. There are a few interesting projects related to observability and security (outside networking) as well.
@@JobStoit Gateway API is (mostly) a specification rather than implementation so have Cilium as eBPF implementation of it would be awesome. Gateway API would cover only a fraction of what Cilium does but, nevertheless, would be a great way to standardize the API while having eBPF in the background doing the hard work.
eBPF can also change the current observability landscape. Tools like Pixie (New Relic) provides great observability of the application by providing the ability to write custom scripts to get information out from the system calls. It also provides flame charts, metrics and logs without any application instrumentation. With eBPF getting adopted by more and more project, we are definitely going to see a huge change in the cloud native landscape.
Please, an introduction to usage and development of eBPF would be awesome!
Thanks for the whole DevOps Toolkit initiative that helps me keeping up to date with this wild ocean of the cutting edge technologies.
Happy to help!
Maybe you could compare existing tools for various functions within K8S and demonstrate advantage of those based on eBPF?
Yes. Please explore tools for observability, security, and networking using eBPF. Thanks for making this video. Subbed as result.
Yes please we want to see a step by step demo of the eBPF!!
Really appreciate your channel king! great content and great practical videos that is impossible to find anywhere else that helped me on multiple occasions at work!
eBPF is certainly a great kernel feature. Can now customize the kernel without patching it.
Love ur videos so clear and easy to understand
Great session as always Viktor! 👍
Great technology. Thanks for the review!
Of course do videos about tools that implement ebpf
Welcome back to Solaris :)
Would be really nice to see some practical examples how it works. Thanks for another great video!
Great explanation, thank you 👍
Yes, Please do a video on how to leverage eBPF.
Will do
+1
awesome, looking forward for more !
Istio with eBPF would be great. Thanks!
Thank you. This is really interesting. Would love to see the demo.
The next two videos will be about tools that are based on eBPF but solve different problems.
@@DevOpsToolkit can’t wait 👍
Please explore the eBPF tools and make more videos on this topic.
Victor, IMHO the content you're generating is unbelievably precious, because it's on the pulse of tendencies and presenting the technology vanguard!
I've no idea how deep you were able to get into Cilium, but if you were, which would be a great asset for the whole community, don't you think that it begins to turn into something like Argo stack (holistic packet/product, so to say), but of course in the context of networking/observability/security. I've been watching this project for a while now, precisely because of eBPF and I get the impression that something like this is starting to take shape. I'm sure that all of us will appreciate your opinion on the matter.
Cilium is coming next week 🙂
Great! Keep up the amazing work! 🙂
Thanks for your attitude and attention!
Cilium was just released: czcams.com/video/sfhRFtYbuyo/video.html
Viktor, you're magnificent! Can't wait to see it. Thank you!!!
Would love to see a practical video on how Cilium and other tools leverage eBPF !
Cilium is fucking amazing
Yes, please i would like a demo of ebpf
Calico and Cilium head to head.
Here's Cilium: czcams.com/video/sfhRFtYbuyo/video.html. Falco is coming later...
Yes. Please!
Interesting hot topic. Let me be a challenger (as usual lol); I don't think eBPF is the answer for long run, as time would come and we will hear again; stay out of kernel as you are simply a poor tenant renting my infrastructure so stay in your own tenant namespace. On the other hand, I agree that the sidecar approach ain't the answer, for the points given here plus maintainability of it as a complete application stack lcm and performance impacts as sidecar choke your app traffic, and it's scalability is not much as good as your app pod scalability where you can do horizontal, but sidecar can only scale vertically, and for that, you need to destroy and redeploy your app, what a fun lol
Really appreciate your effort. nice content as usual. What application you use to create the animated digram ?
Not sure... Editing, animations, and other post production tasks are done by an agency. I was doing all those things myself in the past but it was very time consuming.
I've checked Falco after you named it and it seems very interesting, do you know how it does compare to kubernetes-sigs/security-profiles-operator?
The second one seemed focusing on Selinux, AppArmor and seccomp profiles deployment, while Falco seems a full featured daemonset that I should start considering for out platform
I hope to release a video about Falco in near future.
Would definitely like to see you do some vids on those programs using EBPF
I have Cilium installed. I can say that my K8s on Libvirt is using more CPU, I can hear more often my laptop's fan.
it might be really interesting know more about
I know aquasec/tracee but how is it possible to use eBPF as proxy?
What about eBPF in a cloud provided K8s cluster?
It could be a real game changer ;)
I have at least two ebpf tools already scheduled for upcoming weeks :) One of those will be about networking (proxy) an another about observability.
I used Cilium as CNI and removed Kube proxy and replaced it with Cilium the performance was much better put tried using Linkerd as service mesh but it doesn't work without iptables old technology that comes with kube proxy
Yeah. If you need a service mesh, you should not remove anything like Kube proxy or you should check whether service mesh offered by cilium is enough.
Of course we'd like you to review the tools 😆, who else better than you?
Istio with eBPF please
Cilium, falco yes please.
Cilium was just released: czcams.com/video/sfhRFtYbuyo/video.html
Falco was just released as well (czcams.com/video/0tBSKRvH3xo/video.html).
I just dont understand why it took 30 years for people start loving eBPF. This is old stuff from the 90s
It often takes a lot of time for tech to become mainstream. We can, for example, say the same for containers. The tech was there for a while but only after Docker came out it became widely adopted.
@@DevOpsToolkit Now imagine Singularity containers and HPC tech. When this becomes mainstream, we gonna see a 10x improvement in latency
i hate when people read from script, its so obvious