diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 9ff16c5b1..86a20e8c0 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -1,21 +1,21 @@ -# Contributing changes to [ebpf.io](https://ebpf.io/) +# Contributing changes to [ebpf.io](https://ebpf.io/) :bee: Thanks for your help improving the project! We are open to any contribution from the community and would love to have you help us make the website better. ## Blog posts -Our blog page includes original blog posts about eBPF, as well as links to external articles hosted elsewhere. If you'd like to submit a blog post to ebpf.io please check that your article meets the following guidelines. We welcome PRs, but if you'd like to discuss a possible submission first please message us on slack in the [#ebpf-website channel])https://cilium.slack.com/archives/C03TH72HCBW) or email us [blog@ebpf.io](blog@ebpf.io). +Our blog page includes original blog posts about eBPF, as well as links to external articles hosted elsewhere. If you'd like to submit a blog post to ebpf.io please check that your article meets the following guidelines. We welcome PRs, but if you'd like to discuss a possible submission first please message us on slack in the [#ebpf-website channel])) or email us [blog@ebpf.io](blog@ebpf.io). -Please see the [full ebpf.io Blog Guidelines](https://github.com/ebpf-io/ebpf.io-website/blob/master/blog-guidelines.md), but in short: +Please see the [full ebpf.io Blog Guidelines](https://github.com/ebpf-io/ebpf.io-website/blob/master/blog-guidelines.md), but in short: -* Posts should be valuable content for the eBPF community -* Posts should not be vendor pitches, and should focus on the open source eBPF project -* Posts hosted on ebpf.io should be original content. You can submit a link to an external article instead of copying content. -* All content is contributed under the CC-BY-4.0 license +- Posts should be valuable content for the eBPF community +- Posts should not be vendor pitches, and should focus on the open source eBPF project +- Posts hosted on ebpf.io should be original content. You can submit a link to an external article instead of copying content. +- All content is contributed under the CC-BY-4.0 license -Links to posts hosted elsewhere are also given the **External** tag automatically. +Links to posts hosted elsewhere are also given the **External** tag automatically. -See the [Blog Guidelines](https://github.com/ebpf-io/ebpf.io-website/blob/master/blog-guidelines.md) for documentation on how to submit a post or external link. +See the [Blog Guidelines](https://github.com/ebpf-io/ebpf.io-website/blob/master/blog-guidelines.md) for documentation on how to submit a post or external link. ## Other changes diff --git a/GOVERNANCE.md b/GOVERNANCE.md index 04f60b843..83e632cf6 100644 --- a/GOVERNANCE.md +++ b/GOVERNANCE.md @@ -1,22 +1,22 @@ # ebpf.io Governance An [ebpf.io maintainer](MAINTAINERS.md) is a participant in the project -with the ability to commit code directly to the master repository. -Commit access grants the ability to affect the shape the architecture +with the ability to commit code directly to the master repository. +Commit access grants the ability to affect the shape the architecture and content of ebpf.io. Anyone wanting to become a maintainer should show sustained and relevant contributions to the project. ## Becoming a Maintainer -In the end the decision to grant or revoke committer privileges is -a judgment call made by the existing set of committers. People can +In the end the decision to grant or revoke committer privileges is +a judgment call made by the existing set of committers. People can become maintainers through nomination by an exisiting maintainer or self nomination. ## Maintainer Expectations -Maintainers should work to review contributions to the website as -quickly as possible so PRs don't rot. All contributions should be +Maintainers should work to review contributions to the website as +quickly as possible so PRs don't rot. All contributions should be in the interest of the eBPF community and reflect the community's interests. ## Merging Contributions diff --git a/code-of-conduct.md b/code-of-conduct.md index bf265faee..2acb9455e 100644 --- a/code-of-conduct.md +++ b/code-of-conduct.md @@ -17,23 +17,23 @@ diverse, inclusive, and healthy community. Examples of behavior that contributes to a positive environment for our community include: -* Demonstrating empathy and kindness toward other people -* Being respectful of differing opinions, viewpoints, and experiences -* Giving and gracefully accepting constructive feedback -* Accepting responsibility and apologizing to those affected by our mistakes, +- Demonstrating empathy and kindness toward other people +- Being respectful of differing opinions, viewpoints, and experiences +- Giving and gracefully accepting constructive feedback +- Accepting responsibility and apologizing to those affected by our mistakes, and learning from the experience -* Focusing on what is best not just for us as individuals, but for the +- Focusing on what is best not just for us as individuals, but for the overall community Examples of unacceptable behavior include: -* The use of sexualized language or imagery, and sexual attention or +- The use of sexualized language or imagery, and sexual attention or advances of any kind -* Trolling, insulting or derogatory comments, and personal or political attacks -* Public or private harassment -* Publishing others' private information, such as a physical or email +- Trolling, insulting or derogatory comments, and personal or political attacks +- Public or private harassment +- Publishing others' private information, such as a physical or email address, without their explicit permission -* Other conduct which could reasonably be considered inappropriate in a +- Other conduct which could reasonably be considered inappropriate in a professional setting ## Enforcement Responsibilities @@ -60,7 +60,7 @@ representative at an online or offline event. Instances of abusive, harassing, or otherwise unacceptable behavior may be reported to the community leaders responsible for enforcement at -conduct@ebpf.io. +. All complaints will be reviewed and investigated promptly and fairly. All community leaders are obligated to respect the privacy and security of the @@ -106,7 +106,7 @@ Violating these terms may lead to a permanent ban. ### 4. Permanent Ban **Community Impact**: Demonstrating a pattern of violation of community -standards, including sustained inappropriate behavior, harassment of an +standards, including sustained inappropriate behavior, harassment of an individual, or aggression toward or disparagement of classes of individuals. **Consequence**: A permanent ban from any sort of public interaction within diff --git a/content/blog-posts/2021-01-22-ebpf-updates/index.md b/content/blog-posts/2021-01-22-ebpf-updates/index.md index ed7072020..5cad660f3 100644 --- a/content/blog-posts/2021-01-22-ebpf-updates/index.md +++ b/content/blog-posts/2021-01-22-ebpf-updates/index.md @@ -27,13 +27,13 @@ issue of the eBPF Updates, and Happy New Year! Let's start with some news from companies working on and with eBPF. -{/*2020-12-20*/} +{/_2020-12-20_/} - Microsoft is working on an eBPF-based monitoring tool for Linux: -{/*2021-01-11*/} +{/_2021-01-11_/} - [_Isovalent Looks to Transform Container Networking With eBPF_](https://containerjournal.com/topics/container-networking/isovalent-container-networking-in-2021-using-ebpf/), from Mike Vizard. @@ -42,7 +42,7 @@ Let's start with some news from companies working on and with eBPF. Cilium and Isovalent. The author foresees important changes for cloud-native environments in terms of networking, security, and observability. -{/*2021-01-12*/} +{/_2021-01-12_/} - [Kubernetes Podcast - _Episode #133: Cilium, with Thomas Graf_](https://kubernetespodcast.com/episode/133-cilium/), from Craig Box and Adam Glick. @@ -55,14 +55,14 @@ Let's start with some news from companies working on and with eBPF. possible support for eBPF on Windows, follow. “Twenty-two years on, do you think you finally fixed networking?” Future will tell. -{/*2021-01-18*/} +{/_2021-01-18_/} - Optimyze.cloud [announced in a tweet](https://twitter.com/OptimyzeCloud/status/1351203905850519557) that they are working on a “_Full-system lightweight continuous profiling for Linux Kernel, C/C++, Rust, Golang, Python, JVM, PHP (with Ruby and Node planned for the future)_”, apparently based on eBPF. -{/*2021-01-18*/} +{/_2021-01-18_/} - [_Securing Containerized Environments with eBPF_](https://www.tag-cyber.com/advisory/articles/securing-containerized-environments-with-ebpf), from Adam LeWinter. @@ -76,7 +76,7 @@ Let's start with some news from companies working on and with eBPF. ### Introductory Resources -{/*2020-11-25*/} +{/_2020-11-25_/} - [_BPF: The future of configs_](https://blog.habets.se/2020/11/BPF-the-future-of-configs.html), from Thomas Habets. @@ -89,7 +89,7 @@ Let's start with some news from companies working on and with eBPF. customization of TCP parameters, and more. This is a good read to help understand what is at stake with eBPF. -{/*2020-12-11*/} +{/_2020-12-11_/} - [_Linux Networking - eBPF, XDP, DPDK, VPP - What does all that mean?_](https://media.ccc.de/v/vnog-4-linux-networking-ebpf-xdp-dpdk-vp), from Andree Toonk. @@ -102,7 +102,7 @@ Let's start with some news from companies working on and with eBPF. from the Linux kernel. Andree also covers this topic [on his blog](https://toonk.io/tag/networking/index.html). -{/*2020-12-19*/} +{/_2020-12-19_/} - [_File Integrity Monitoring using eBPF_](https://www.devseccon.com/file-integrity-monitoring-using-ebpf-secadvent-day-19/), from Sylvain Baubeau. @@ -113,7 +113,7 @@ Let's start with some news from companies working on and with eBPF. performance overhead. eBPF addresses most of them, and provides performance and over overall improvements to the feature. -{/*2021-01-19*/} +{/_2021-01-19_/} - [_Introduction to eBPF_](https://oswalt.dev/2021/01/introduction-to-ebpf/), from Matt Oswalt. @@ -130,7 +130,7 @@ Let's start with some news from companies working on and with eBPF. ### Deep Dives -{/*2020-12-23*/} +{/_2020-12-23_/} - [Cilium documentation on _The Kubernetes Networking Guide_](https://k8s.networkop.co.uk/cni/cilium/), from Michael Kashin. @@ -143,7 +143,7 @@ Let's start with some news from companies working on and with eBPF. This is a recommended read if you want a glimpse of advanced networking with eBPF. -{/*2020-12-24*/} +{/_2020-12-24_/} - [_How to Trace Linux System Calls in Production with Minimal Impact on Performance_](https://pingcap.com/blog/how-to-trace-linux-system-calls-in-production-with-minimal-impact-on-performance), from Wenbo Zhang. @@ -301,18 +301,18 @@ or maps of maps. The enthusiasm about eBPF is strong: -{/*2020-12-19*/} +{/_2020-12-19_/} -{/*2021-01-22*/} +{/_2021-01-22_/} Below is a thread asking how to improve eBPF usability: -{/*2020-12-27*/} +{/_2020-12-27_/} diff --git a/content/blog-posts/2021-02-23-ebpf-updates/index.md b/content/blog-posts/2021-02-23-ebpf-updates/index.md index 2c9253b7d..80698639a 100644 --- a/content/blog-posts/2021-02-23-ebpf-updates/index.md +++ b/content/blog-posts/2021-02-23-ebpf-updates/index.md @@ -22,13 +22,13 @@ pancakes. ## New Resources -{/*2021-02-07*/} +{/_2021-02-07_/} Besides pancakes and Valentine's Day, early February is also marked by one of the biggest events centered on open-source: FOSDEM! This year's edition was held online, and included several presentations related to eBPF. -- [*Advanced BPF kernel features for the container age*](https://fosdem.org/2021/schedule/event/containers_ebpf_kernel/), +- [_Advanced BPF kernel features for the container age_](https://fosdem.org/2021/schedule/event/containers_ebpf_kernel/), from Daniel Borkmann. eBPF is in a unique position to efficiently process and steer packets at different steps of their travel through the stack. Cilium relies on it to @@ -40,14 +40,14 @@ held online, and included several presentations related to eBPF. Time) rate-limiting for Pods. Recommended if you want to learn more on advanced networking features entirely implemented with eBPF. -- [*hXDP: Efficient Software Packet Processing on FPGA NICs*](https://fosdem.org/2021/schedule/event/sdn_hxdp_fpga/), +- [_hXDP: Efficient Software Packet Processing on FPGA NICs_](https://fosdem.org/2021/schedule/event/sdn_hxdp_fpga/), from Marco Spaziani Brunella. hXDP is an eBPF hardware offload implementation for FPGA-based NICs. Through hardware functions, some additional compiler work, and custom optimizations, it achieves great performance. Latest work include working on a higher-end platform, and trying to implement eight processing cores instead of one. -- [*Networking Performances in the Linux Kernel, Getting the most out of the Hardware*](https://fosdem.org/2021/schedule/event/network_performance_in_kernel/), +- [_Networking Performances in the Linux Kernel, Getting the most out of the Hardware_](https://fosdem.org/2021/schedule/event/network_performance_in_kernel/), from Maxime Chevallier. Definitely centered on networking, this presentation follows the path of packets through the low-level mechanisms involved in the hardware and in the @@ -55,7 +55,7 @@ held online, and included several presentations related to eBPF. talk helps understand how XDP and AF_XDP complement the other networking components in the kernel. -- [*Monitoring MariaDB Server with bpftrace on Linux*](https://fosdem.org/2021/schedule/event/mariadb_bpftrace/), +- [_Monitoring MariaDB Server with bpftrace on Linux_](https://fosdem.org/2021/schedule/event/mariadb_bpftrace/), from Valerii Kravchuk. This presentation is both an introduction to bpftrace itself and to its application to MariaDB tracing. The objective is to add uprobes, get stack @@ -65,11 +65,11 @@ held online, and included several presentations related to eBPF. Valerii also covered the topic in [a series of posts on his blog](https://mysqlentomologist.blogspot.com/2021/01/playing-with-recent-bpftrace-and.html). -- [*Seccomp Notify on Kubernetes*](https://fosdem.org/2021/schedule/event/containers_k8s_seccomp_notify/), +- [_Seccomp Notify on Kubernetes_](https://fosdem.org/2021/schedule/event/containers_k8s_seccomp_notify/), from Alban Crequy. This talk demonstrates how to use seccomp notify to proxy some system calls—including `bpf()`— to the container manager, from an unprivileged - container. Seccomp relies on cBPF (*classic BPF*) to filter system calls and + container. Seccomp relies on cBPF (_classic BPF_) to filter system calls and take actions on them. Seccomp notify is a recent update where seccomp can return a file descriptor and hand it to another task, so that this task can analyze the data involved in the filtered system call and potentially emulate @@ -78,7 +78,7 @@ held online, and included several presentations related to eBPF. and [the `bpf()` use case](https://people.kernel.org/brauner/the-seccomp-notifier-cranking-up-the-crazy-with-bpf). -- [*Deploying eBPF, XDP & AF_XDP for Cloud Native*](https://fosdem.org/2021/schedule/event/sdn_ebpf_afxdp/), +- [_Deploying eBPF, XDP & AF_XDP for Cloud Native_](https://fosdem.org/2021/schedule/event/sdn_ebpf_afxdp/), from Dave Cremins and Gary Loughnane. As per the abstract, “_This talk will cover an introduction to AF_XDP, why it is suited to cloud native microservices, how it can be deployed today and the @@ -89,9 +89,9 @@ held online, and included several presentations related to eBPF. And then here are some resources published over the last weeks, independent from FOSDEM. -{/*2020-12-17*/} +{/_2020-12-17_/} -- [*Running eBPF and Perf in Docker for Mac*](https://petermalmgren.com/docker-mac-bpf-perf/), +- [_Running eBPF and Perf in Docker for Mac_](https://petermalmgren.com/docker-mac-bpf-perf/), from Peter Malmgren. Perf and eBPF tools are handy tools to trace processes and to pin down the origin of a performance bottleneck. Motivated by the need to identify the @@ -99,9 +99,9 @@ from FOSDEM. explains how to install the Linux headers, to compile BCC and bpftrace, and to run them in the container. -{/*2021-01-11*/} +{/_2021-01-11_/} -- [*Debugging QUIC with H2O and QLog*](https://www.fastly.com/blog/debugging-quic-with-h2o-and-qlog), +- [_Debugging QUIC with H2O and QLog_](https://www.fastly.com/blog/debugging-quic-with-h2o-and-qlog), from Toru Maesaka. The H2O HTTP server deployed by Fastly has a built-in event tracing infrastructure, powered by eBPF or DTrace depending on the platform. This @@ -110,9 +110,9 @@ from FOSDEM. server and get logs to debug and improve QUIC, a network protocol implemented in user space. -{/*2021-01-25*/} +{/_2021-01-25_/} -- [*eBPF & the future of osquery on Linux*](https://medium.com/fleetdm/ebpf-the-future-of-osquery-on-linux-c9f33726e84d) (video), +- [_eBPF & the future of osquery on Linux_](https://medium.com/fleetdm/ebpf-the-future-of-osquery-on-linux-c9f33726e84d) (video), from Zach Wasserman. Osquery has been relying on the Audit subsystem in Linux to provide system visibility, which is powerful but comes with some drawbacks. For example, it @@ -121,9 +121,9 @@ from FOSDEM. an alternative backend to collect data, circumventing these issues and coming with “a potential to dramatically increase scope of observability”. -{/*2021-01-27*/} +{/_2021-01-27_/} -- [*eBPF Tools: An Overview of Falco, Inspektor Gadget, Hubble and Cilium*](https://thenewstack.io/ebpf-tools-an-overview-of-falco-inspektor-gadget-hubble-and-cilium/), +- [_eBPF Tools: An Overview of Falco, Inspektor Gadget, Hubble and Cilium_](https://thenewstack.io/ebpf-tools-an-overview-of-falco-inspektor-gadget-hubble-and-cilium/), from Lucas Severo Alves. Here is an introduction to each of the four eBPF-based tools mentioned in the title, accompanied with example use cases. All these tools focus on @@ -131,9 +131,9 @@ from FOSDEM. landscape in the cloud, and of the different issues it addresses in terms of security, tracing, visibility, and networking. -{/*2021-02-03*/} +{/_2021-02-03_/} -- [*Datadog On eBPF*](https://www.youtube.com/watch?v=58KtGtpn0_g) (video), +- [_Datadog On eBPF_](https://www.youtube.com/watch?v=58KtGtpn0_g) (video), from Lee Avital, Guillaume Fournier and Ara Pulido. Various aspects of eBPF are covered in this presentation. After introducing the basics, Datadog discusses technical details related to their workflow: Is @@ -141,9 +141,9 @@ from FOSDEM. compilation? They also describe two of their use cases for eBPF, network monitoring and runtime security. -{/*2021-02-09*/} +{/_2021-02-09_/} -- [*A Beginner's Guide to eBPF with Go*](https://web.archive.org/web/20210216233137/https://files.gotocon.com/uploads/slides/conference_39/1688/original/Beginners%20guide%20to%20eBPF%20with%20Go.pdf) (PDF), +- [_A Beginner's Guide to eBPF with Go_](https://web.archive.org/web/20210216233137/https://files.gotocon.com/uploads/slides/conference_39/1688/original/Beginners%20guide%20to%20eBPF%20with%20Go.pdf) (PDF), from Liz Rice. Learn how to program with eBPF and Go with this accessible tutorial. After a reminder of the basics of eBPF, this presentation focuses on a simple tracing @@ -151,9 +151,9 @@ from FOSDEM. program with eBPF and the libbpfgo Go bindings for the libbpf C library, before showing how to recreate the bpftrace command previously introduced. -{/*2021-02-15*/} +{/_2021-02-15_/} -- [*Using eBPF to uncover in-memory loading*](https://blog.tofile.dev/2021/02/15/ebpf-01.html), +- [_Using eBPF to uncover in-memory loading_](https://blog.tofile.dev/2021/02/15/ebpf-01.html), from Pat H. Tracing with eBPF can be adapted to nearly any use case. In this post, programs are attached to trace the calls to `dup2()`, `write()` and `read()`, @@ -219,9 +219,9 @@ from FOSDEM. ### Podcasts -{/*2021-01-28*/} +{/_2021-01-28_/} -- [*Break Things on Purpose* | Mikolaj Pawlikowski, Engineering Lead at Bloomberg](https://www.gremlin.com/blog/podcast-break-things-on-purpose-mikolaj-pawlikowski-engineering-lead-at-bloomberg/#ebpf), +- [_Break Things on Purpose_ | Mikolaj Pawlikowski, Engineering Lead at Bloomberg](https://www.gremlin.com/blog/podcast-break-things-on-purpose-mikolaj-pawlikowski-engineering-lead-at-bloomberg/#ebpf), interview from Jason Yee and Pat Higgins. Centered on Chaos Engineering, this episode mentions eBPF as “a game changer” in terms of visibility. The technology uses small code snippets, has a low @@ -231,26 +231,26 @@ from FOSDEM. Members of the Cilium community have been very active, and contributed to several podcasts on eBPF and Cilium over the last weeks: -{/*2021-02-02*/} +{/_2021-02-02_/} -- [Software Engineering Daily - *Cilium: Programmable Linux Networking with Dan Wendlant and Thomas Graf*](https://softwareengineeringdaily.com/2021/02/02/cilium-programmable-linux-networking-with-dan-wendlant-and-thomas-graf/), interview from Jeff Meyerson. +- [Software Engineering Daily - _Cilium: Programmable Linux Networking with Dan Wendlant and Thomas Graf_](https://softwareengineeringdaily.com/2021/02/02/cilium-programmable-linux-networking-with-dan-wendlant-and-thomas-graf/), interview from Jeff Meyerson. Virtual machines, and then containers, have led to important changes on how applications are managed. In response, Thomas explains, network processing and policing had to evolve. eBPF, and Cilium which builds on top of it, bring comprehensive networking, visibility, and security at scale to clusters. -{/*2021-02-02*/} +{/_2021-02-02_/} -- [Software Engineering Radio, Episode 445 - *Thomas Graf on eBPF (extended Berkeley Packet Filter)*](https://www.se-radio.net/2021/02/episode-445-thomas-graf-on-ebpf-extended-berkeley-packet-filter/), +- [Software Engineering Radio, Episode 445 - _Thomas Graf on eBPF (extended Berkeley Packet Filter)_](https://www.se-radio.net/2021/02/episode-445-thomas-graf-on-ebpf-extended-berkeley-packet-filter/), interview from Justin Beyer. This episode focuses on eBPF itself, and explains how the technology can help with network processing to safely implement packet routing and network policies. Learn how eBPF interacts with elements such as namespaces, cgroups, or TCP congestion. -{/*2021-02-08*/} +{/_2021-02-08_/} -- [DiscoPosse Podcast, Episode 153 - *Kubernetes Networking and Security, and Building Business on Open Source with Isovalent Founder, Thomas Graf*](https://discopossepodcast.com/ep-153-kubernetes-networking-and-security-and-building-business-on-open-source-with-isovalent-founder-thomas-graf/), +- [DiscoPosse Podcast, Episode 153 - _Kubernetes Networking and Security, and Building Business on Open Source with Isovalent Founder, Thomas Graf_](https://discopossepodcast.com/ep-153-kubernetes-networking-and-security-and-building-business-on-open-source-with-isovalent-founder-thomas-graf/), interview from Eric Wright. Thomas comes back on the evolution on Linux networking and on some of the new challenges to solve in cloud deployments. He explains how eBPF is in a unique @@ -260,9 +260,9 @@ several podcasts on eBPF and Cilium over the last weeks: networking and the cloud infrastructure at large, and explains how Isovalent builds its product on top of the Cilium open source project. -{/*2021-02-10*/} +{/_2021-02-10_/} -- [The Weekly Squeak - *eBPF Cloud Native computing with Neela Jacques of Isovalent*](https://www.youtube.com/watch?t=439&v=QrKt8PhAkiE), +- [The Weekly Squeak - _eBPF Cloud Native computing with Neela Jacques of Isovalent_](https://www.youtube.com/watch?t=439&v=QrKt8PhAkiE), interview from Chris Chinchilla. By operating from inside the kernel, eBPF offers unprecedented capabilities in terms of tracing and network processing. This allows Cilium and then @@ -396,7 +396,7 @@ But both limits were changed1 in **The complexity limit was raised to one million verified instructions**. As for the maximum limit of instructions, it simply disappeared, meaning that the size of program is now limited by the complexity induced by their verification. -There is still a *de facto* hard limit at one million instructions, for a +There is still a _de facto_ hard limit at one million instructions, for a program that would have a single logical branch (no “if” and comparisons anywhere). In practice, such program would be of little interest. Programs have branches, their verification is more complex, and their allowance for diff --git a/content/blog-posts/2021-05-04-ebpf-updates/index.md b/content/blog-posts/2021-05-04-ebpf-updates/index.md index 0ce354c11..20e4ec98c 100644 --- a/content/blog-posts/2021-05-04-ebpf-updates/index.md +++ b/content/blog-posts/2021-05-04-ebpf-updates/index.md @@ -24,11 +24,11 @@ Updates! ## Important News -{/*2021-04-12*/} +{/_2021-04-12_/} - [Cilium applies to become a CNCF project](https://github.com/cncf/toc/pull/637). The Cilium Community has sent a proposal to move the project into the CNCF - (*Cloud Native Computing Foundation*) at the Incubation level. If the + (_Cloud Native Computing Foundation_) at the Incubation level. If the proposal is accepted, there should be very little change to development models or governance, already fully open and following open-source best practice. Why do this? A number of users looking to build large projects on @@ -41,9 +41,9 @@ Updates! At the same time, the project is finalizing its version 1.10, for which it just tagged a [release candidate](https://github.com/cilium/cilium/releases/tag/v1.10.0-rc1). -{/*2021-02-24*/} +{/_2021-02-24_/} -- [*Sysdig contributes Falco's kernel module, eBPF probe, and libraries to the CNCF*](https://sysdig.com/blog/sysdig-contributes-falco-kernel-ebpf-cncf/). +- [_Sysdig contributes Falco's kernel module, eBPF probe, and libraries to the CNCF_](https://sysdig.com/blog/sysdig-contributes-falco-kernel-ebpf-cncf/). This contribution is a commitment provide and keep those components as open source. The kernel module and eBPF probe component are roughly equivalent, and implement a system call capture framework in the Linux kernel, used by @@ -62,9 +62,9 @@ Updates! [raised a $188 million Series F](https://news.crunchbase.com/news/sysdigs-valuation-hits-1-19b-after-188m-series-f/) at a $1.19 billion valuation. -{/*2021-04-29*/} +{/_2021-04-29_/} -- [*Microsoft acquires Kinvolk*](https://kinvolk.io/blog/2021/04/microsoft-acquires-kinvolk/). +- [_Microsoft acquires Kinvolk_](https://kinvolk.io/blog/2021/04/microsoft-acquires-kinvolk/). Launched in 2015, Kinvolk has been working on open source projects such as the Flatcar Container Linux distribution, Lokomotive, or Inspektor Gadget. The latter is a suite of eBPF-based tools for debugging and inspecting @@ -73,20 +73,20 @@ Updates! referenced later in this document). The company is joining the Azure team, congratulations and best of luck for the future! -{/*2021-04-06*/} +{/_2021-04-06_/} -- [*LPC 2021 Networking and BPF Track CFP*](https://lore.kernel.org/bpf/6d225920-9ecc-ef24-2bf8-848ca86c7fb0@iogearbox.net), +- [_LPC 2021 Networking and BPF Track CFP_](https://lore.kernel.org/bpf/6d225920-9ecc-ef24-2bf8-848ca86c7fb0@iogearbox.net), on the development mailing list for eBPF. Just like the previous editions, the next Linux Plumbers Conference will have - a *Networking and BPF* track. The call for participation is open until the + a _Networking and BPF_ track. The call for participation is open until the **13th of August**. The conference itself was initially due to take place in Dublin, Ireland, from the 27th to the 29th of September 2021, but the organizers [recently announced](https://www.linuxplumbersconf.org/blog/2021/index.php/2021/04/30/linux-plumbers-goes-fully-virtual/) that it will be a fully virtual event instead. -{/*2021-02-24*/} +{/_2021-02-24_/} -- [*libbpf: the road to v1.0*](https://lore.kernel.org/bpf/CAEf4BzZ+jJs7-HtjVLzcevmGf78PHxEsrk66FwKvy6FCsiU=nQ@mail.gmail.com/), +- [_libbpf: the road to v1.0_](https://lore.kernel.org/bpf/CAEf4BzZ+jJs7-HtjVLzcevmGf78PHxEsrk66FwKvy6FCsiU=nQ@mail.gmail.com/), from Andrii Nakryiko. From a very basic library wrapping around the `bpf()` system call, libbpf has become the reference for handling eBPF objects and has grown to support all @@ -96,7 +96,7 @@ Updates! announcement email also contains a link to a [file on Google Docs](https://docs.google.com/document/d/1UyjTZuPFWiPFyKk1tV5an11_iaRuec6U-ZESZ54nNTY/edit) to contribute and discuss ideas for this milestone. -- [*eCHO - eBPF & Cilium Office Hours*](https://github.com/isovalent/echo). +- [_eCHO - eBPF & Cilium Office Hours_](https://github.com/isovalent/echo). This is a new series of livestream episodes about, you guessed it, eBPF and Cilium. The first three episodes have aired already: @@ -113,9 +113,9 @@ Updates! ### Introductory Material -{/*2021-03-16*/} +{/_2021-03-16_/} -- [*eBPF and Kubernetes - What's the Deal?*](https://www.youtube.com/watch?v=ZyT4JB0Ugk8) (video), +- [_eBPF and Kubernetes - What's the Deal?_](https://www.youtube.com/watch?v=ZyT4JB0Ugk8) (video), from Dawid Ziółkowski. eBPF can greatly improve networking for environment running with Kubernetes. After providing some elements of historical context, this presentation @@ -123,9 +123,9 @@ Updates! introduces eBPF and Cilium, and explains how to leverage these tools to improve routing, observability, and network policies in clusters. -{/*2021-03-04*/} +{/_2021-03-04_/} -- [*Getting Started with eBPF and Go*](https://networkop.co.uk/post/2021-03-ebpf-intro/), +- [_Getting Started with eBPF and Go_](https://networkop.co.uk/post/2021-03-ebpf-intro/), from Michael Kashin. Have you tried working with Go and eBPF, and are you getting confused by the multiple libraries offering to help manage the programs and the maps? @@ -137,10 +137,10 @@ Updates! [xdp-xconnect](https://github.com/networkop/xdp-xconnect), cross-connects different Linux interfaces and redirects packets with XDP. -{/*Keep below the other eBPF/GO*/} -{/*2021-03-18*/} +{/_Keep below the other eBPF/GO_/} +{/_2021-03-18_/} -- [*Getting started with bpf and libbpfgo*](https://www.grant.pizza/blog/libbpf-beginners-part-one/), +- [_Getting started with bpf and libbpfgo_](https://www.grant.pizza/blog/libbpf-beginners-part-one/), from Grant Seltzer. Another approach to writing a simple program and managing it in user space with Go, this time with the libbpfgo library which wraps around libbpf, and @@ -148,9 +148,9 @@ Updates! ### In the Industry -{/*2021-03-15*/} +{/_2021-03-15_/} -- [*Liz Rice: Following the ‘Superpower’ Promise of eBPF*](https://thenewstack.io/liz-rice-following-the-superpower-promise-of-ebpf/) +- [_Liz Rice: Following the ‘Superpower’ Promise of eBPF_](https://thenewstack.io/liz-rice-following-the-superpower-promise-of-ebpf/) from Liz Rice. The chair of the CNCF's Technical Oversight Committee recently joined Isovalent to work on Cilium, described as “the most widely deployed eBPF @@ -158,18 +158,18 @@ Updates! decision, and explains in what sense “eBPF is another transformational technology”, like Docker has been. -{/*2021-02-24*/} +{/_2021-02-24_/} -- [*fledge.io brings eBPF to multi-cloud and edge*](https://www.fledge.io/2021/02/24/fledge-io-brings-ebpf-to-multi-cloud-and-edge/) +- [_fledge.io brings eBPF to multi-cloud and edge_](https://www.fledge.io/2021/02/24/fledge-io-brings-ebpf-to-multi-cloud-and-edge/) from Pramodh Mallipatna. The solution proposes to help define, deploy, and manage geo-distributed applications that span multi-cloud and edge environments. It now uses eBPF programs to monitor the local CPU, disk, and network resources, as well as to gather and present richer application information in real time. -{/*2021-02-25*/} +{/_2021-02-25_/} -- [*Linux Kernel insights with eBPF*](https://community.netdata.cloud/t/linux-kernel-insights-with-ebpf/992?hss_channel=tw-734637019306033152), +- [_Linux Kernel insights with eBPF_](https://community.netdata.cloud/t/linux-kernel-insights-with-ebpf/992?hss_channel=tw-734637019306033152), from Manos Saratsis. Netdata is already using eBPF to some extent, but has more plans to leverage the technology and provide a variety of charts to visualize metrics on all @@ -179,41 +179,41 @@ Updates! [released a few weeks later](https://www.netdata.cloud/blog/release-1-30-0/), seems to contain some of these changes. -{/*2021-03*/} +{/_2021-03_/} - [eBPF Integration for Pyroscope](https://pyroscope.io/docs/ebpf/). Pyroscope, an open source continuous profiling platform, has got some integration with eBPF to provide efficient CPU profiling of the applications and the system itself. -{/*2021-04-12*/} +{/_2021-04-12_/} -- [*Using eBPF and immudb to audit executed commands on a Linux server*](https://www.codenotary.com/blog/ebpf-linux-immudb/). +- [_Using eBPF and immudb to audit executed commands on a Linux server_](https://www.codenotary.com/blog/ebpf-linux-immudb/). CodeNotary explains how to load an eBPF program with bpftrace to attach on uretprobes to capture shell commands, and to insert the collected data tamper-proof in immudb, the open source immutable database solution developed by the company. -{/*2021-04-23*/} +{/_2021-04-23_/} -- [*New Relic : What Is eBPF and Why Does It Matter for Observability?*](https://www.marketscreener.com/quote/stock/NEW-RELIC-INC-19157128/news/New-Relic-nbsp-What-Is-eBPF-and-Why-Does-It-Matter-for-Observability-33050648/). +- [_New Relic : What Is eBPF and Why Does It Matter for Observability?_](https://www.marketscreener.com/quote/stock/NEW-RELIC-INC-19157128/news/New-Relic-nbsp-What-Is-eBPF-and-Why-Does-It-Matter-for-Observability-33050648/). This introduction to eBPF includes a basic overview of its functioning, advantages, and limitations, as well as an overview of the main tools based on eBPF. New Relic concludes by presenting how Pixie, its open source observability platform for Kubernetes, leverages eBPF to extract richer information. -{/*2021-05-04*/} +{/_2021-05-04_/} -- [*Gathering insights on Kubernetes applications, services, and network traffic with Pixie*](https://aws.amazon.com/blogs/opensource/gathering-insights-on-kubernetes-applications-services-and-network-traffic-with-pixie/). +- [_Gathering insights on Kubernetes applications, services, and network traffic with Pixie_](https://aws.amazon.com/blogs/opensource/gathering-insights-on-kubernetes-applications-services-and-network-traffic-with-pixie/). Directly related to the previous item, Pixie is also the object of a new partnership between New Relic and AWS, and even applied to join the CNCF. ### Deep Dives -{/*2021-03-04*/} +{/_2021-03-04_/} -- [*BPF meets io_uring*](https://lwn.net/Articles/847951/), +- [_BPF meets io_uring_](https://lwn.net/Articles/847951/), from Jonathan Corbet. This article from LWN.net comments an RFC submitted to [the io-uring mailing list](https://lore.kernel.org/io-uring/cover.1613563964.git.asml.silence@gmail.com/t/#u) @@ -223,9 +223,9 @@ Updates! previous operations in the ring, such as submitting other I/O operations or processing the next file in a list. -{/*2021-04-13*/} +{/_2021-04-13_/} -- [*Comparing SystemTap and bpftrace*](https://lwn.net/Articles/852112/), +- [_Comparing SystemTap and bpftrace_](https://lwn.net/Articles/852112/), from Emanuele Rocca. SystemTap and bpftrace are tools to dynamically instrument the kernel or user applications on Linux. While bpftrace uses eBPF programs, SystemTap is @@ -235,9 +235,9 @@ Updates! modules is ultimately more powerful, but eBPF makes for a faster and easier-to-use tracing tool. -{/*2021-04-22*/} +{/_2021-04-22_/} -- [*Toward signed BPF programs*](https://lwn.net/SubscriberLink/853489/2916fbd97c95c700/), +- [_Toward signed BPF programs_](https://lwn.net/SubscriberLink/853489/2916fbd97c95c700/), from Jonathan Corbet. Another LWN.net article, this time on a recent proposal sent by Alexei Starovoitov in order to introduce support for signed eBPF programs, so that @@ -249,9 +249,9 @@ Updates! load other eBPF programs from within the kernel. The work is still in progress. -{/*2021-03-11*/} +{/_2021-03-11_/} -- [*What is vmlinux.h?*](https://www.grant.pizza/blog/vmlinux-header/), +- [_What is vmlinux.h?_](https://www.grant.pizza/blog/vmlinux-header/), from Grant Seltzer. The vmlinux.h header is generated automatically and contains BTF information about the kernel itself. Modern eBPF programs may use this information to @@ -259,12 +259,12 @@ Updates! [CO-RE](https://ebpf.io/blog/ebpf-updates-2020-12#did-you-know-co-re) being one of them. -{/*2021-02-18/20*/} +{/_2021-02-18/20_/} - [DevConf.CZ 2021](https://www.devconf.info/cz/) ([Schedule](https://devconfcz2021.sched.com/)) hosted several talks related to eBPF, some of which are summarized below. - Sadly I could not find the videos *and* slides for all presentations. - - [*eBPF Iterators*](https://devconfcz2021.sched.com/event/gmK5/ebpf-iterators) + Sadly I could not find the videos _and_ slides for all presentations. + - [_eBPF Iterators_](https://devconfcz2021.sched.com/event/gmK5/ebpf-iterators) ([slides](https://static.sched.com/hosted_files/devconfcz2021/60/bpf-iterators.pdf)), from Jiri Olsa. This is possibly the only document on eBPF iterators we have at the @@ -277,13 +277,13 @@ Updates! and attach some iterators at boot time, so that listing eBPF programs and maps is available at all times. BCC tools, bpftrace, bpftool, and perf all have support for iterators (at various degrees of progress). - - [*Capturing network traffic in an eXpress Data Path*](https://devconfcz2021.sched.com/event/gmNT/capturing-network-traffic-in-an-express-data-path) + - [_Capturing network traffic in an eXpress Data Path_](https://devconfcz2021.sched.com/event/gmNT/capturing-network-traffic-in-an-express-data-path) ([slides](https://static.sched.com/hosted_files/devconfcz2021/ab/Capturing-network-traffic-in-an-eXpress-Data-Path.pdf)), from Eelco Chaudron. How to inspect network packet with an XDP program attached to the interface, when only the `XDP_PASS` return code will pass packets to the stack and lead them to a path where tcpdump can see them? To answer this - question, xdpdump was developed. It relies on the *fentry* and *fexit* + question, xdpdump was developed. It relies on the _fentry_ and _fexit_ hooks that eBPF programs can use to attach to the entry and the exit of functions, including other eBPF programs, and inspects the packets before and after they are processed by the XDP program. The tool provides a @@ -292,11 +292,11 @@ Updates! changes, with new filters to show packets for which the XDP program returned a specific action code or packets coming from a specific interface queue. - - [*Always present type information thanks to BPF: BTF*](https://devconfcz2021.sched.com/event/gmLF/always-present-type-information-thanks-to-bpf-btf), + - [_Always present type information thanks to BPF: BTF_](https://devconfcz2021.sched.com/event/gmLF/always-present-type-information-thanks-to-bpf-btf), ([video](https://www.youtube.com/watch?v=fX6_xHldTjU&list=PLU1vS0speL2YQ9WXMnY-glVErAIsTsSAl&index=16), [slides](http://vger.kernel.org/~acme/bpf/devconf.cz-2021-Always-present-type-information-thanks-to-BPF-BTF/)), from Arnaldo Melo. - Recent eBPF features increasingly use BTF (*BPF Type Information*, a + Recent eBPF features increasingly use BTF (_BPF Type Information_, a format for storing debug information). But BTF is generic enough to be used by other applications as well. This presentation focuses on BTF and on the kind of kernel information it can help retrieve. Pahole, a tool @@ -307,9 +307,9 @@ Updates! of use cases, from pretty-printing type information to extracting relevant tokens for kernel live patching. -{/*2021-03-22*/} +{/_2021-03-22_/} -- [*The Cost of BPF Tail Calls*](https://pchaigno.github.io/ebpf/2021/03/22/cost-bpf-tail-calls.html), +- [_The Cost of BPF Tail Calls_](https://pchaigno.github.io/ebpf/2021/03/22/cost-bpf-tail-calls.html), from Paul Chaignon. In order to better understand the overhead related to tail calls in eBPF programs (long jumps from one program to another, with no coming back), Paul @@ -319,9 +319,9 @@ Updates! reintroduced some overhead. The post, nearly a scientific report, contains more details on the methodology and results. -{/*2021-02-25*/} +{/_2021-02-25_/} -- [*Exploring a New Detection Evasion Technique on Linux*](https://codemuch.tech/2021/02/25/exploring-linux-evasion/), +- [_Exploring a New Detection Evasion Technique on Linux_](https://codemuch.tech/2021/02/25/exploring-linux-evasion/), from Alan Cao. One of the use case for application monitoring with eBPF is to ensure the security of the system and to detect any mischievous process. Over the years, @@ -333,9 +333,9 @@ Updates! the same time as itself, which would likely indicate a tentative to monitor. Limitations and possible mitigations are included in the post. -{/*2021-04-01*/} +{/_2021-04-01_/} -- [*Examining Problematic Memory in C/C++ Applications with BPF, perf, and Memcheck*](https://doordash.engineering/2021/04/01/examining-problematic-memory-with-bpf-perf-and-memcheck/), +- [_Examining Problematic Memory in C/C++ Applications with BPF, perf, and Memcheck_](https://doordash.engineering/2021/04/01/examining-problematic-memory-with-bpf-perf-and-memcheck/), from Filip Busic. This long post goes way beyond what one usually finds in introductions and tutorials. It explains how to simply trace memory leaks in applications with @@ -346,9 +346,9 @@ Updates! read and to learn from. At last, a variety of example use cases, often involving flame graphs, show how to help troubleshoot memory issues. -{/*2021-04-09*/} +{/_2021-04-09_/} -- [*Extending systemd Security Features with eBPF*](https://kinvolk.io/blog/2021/04/extending-systemd-security-features-with-ebpf/), +- [_Extending systemd Security Features with eBPF_](https://kinvolk.io/blog/2021/04/extending-systemd-security-features-with-ebpf/), from Mauricio Vásquez Bernal. Two new systemd properties implemented through eBPF programs are in development, leveraging the oncoming support for eBPF programs written in C @@ -357,7 +357,7 @@ Updates! The first one restricts the file system types that processes in a systemd unit can access. Setting `RestrictFileSystems=ext4`, for example, will prevent the processes to interact with the tmpfs, thanks to a program - attached to the eBPF LSM (*Linux Security Module*) and running on all + attached to the eBPF LSM (_Linux Security Module_) and running on all attempts to open files. The program checks for the presence of the magic number associated to the file system in a dedicated eBPF map. @@ -366,9 +366,9 @@ Updates! not associated to one of the authorized interfaces listed in the dedicated eBPF map. -{/*2021-04-22*/} +{/_2021-04-22_/} -- [*Using eBPF in Flatcar Container Linux*](https://kinvolk.io/blog/2021/04/using-ebpf-in-flatcar-container-linux/), +- [_Using eBPF in Flatcar Container Linux_](https://kinvolk.io/blog/2021/04/using-ebpf-in-flatcar-container-linux/), from Mauricio Vásquez Bernal. Some specific kernel options must be enabled at compilation to enable all of the eBPF features. This post describes a few of them, all enabled in the @@ -376,9 +376,9 @@ Updates! `CONFIG_IKHEADERS`, `CONFIG_DEBUG_INFO_BTF`, and `CONFIG_BPF_LSM` mean and what features they activate. -{/*2021-04-27*/} +{/_2021-04-27_/} -- [*Reverse debugging at scale*](https://engineering.fb.com/2021/04/27/developer-tools/reverse-debugging/), +- [_Reverse debugging at scale_](https://engineering.fb.com/2021/04/27/developer-tools/reverse-debugging/), from Walter Erquinigo, David Carrillo-Cisneros, and Alston Tang. These engineers from Facebook explain how they deployed a solution to record CPU activity on their (many) servers, to be able to extract information when @@ -389,9 +389,9 @@ Updates! extraction. The best solution they found was to use an eBPF program attached to a kprobe to trigger the copy. -{/*2020-11-04*/} +{/_2020-11-04_/} -- [*BPF binaries: BTF, CO-RE, and the future of BPF perf tools*](http://www.brendangregg.com/blog/2020-11-04/bpf-co-re-btf-libbpf.html), +- [_BPF binaries: BTF, CO-RE, and the future of BPF perf tools_](http://www.brendangregg.com/blog/2020-11-04/bpf-co-re-btf-libbpf.html), from Brendan Gregg. _Catching up: This post is from November 2020, which does not really correspond to the time frame otherwise covered in this issue, but I missed it @@ -400,15 +400,15 @@ Updates! existing eBPF-based tracing tools. In particular, it announces that the Python bindings used with the BCC tools should be considered as deprecated, and that libbpf should be preferred instead to build and manage these - programs. This does *not* mean that BCC itself is deprecated: the project is + programs. This does _not_ mean that BCC itself is deprecated: the project is simply transitioning to libbpf-based tools and abandoning the Python wrappers in newer tracing utilities. ### Academic Works -- [*BMC: Accelerating Memcached using Safe In-kernel Caching and Pre-stack Processing*](https://www.usenix.org/conference/nsdi21/presentation/ghigoff) +- [_BMC: Accelerating Memcached using Safe In-kernel Caching and Pre-stack Processing_](https://www.usenix.org/conference/nsdi21/presentation/ghigoff) ([PDF](https://www.usenix.org/system/files/nsdi21-ghigoff.pdf)), - from Yoann Ghigoff *et al.* + from Yoann Ghigoff _et al._ Published at NSDI '21 (USENIX), this paper introduces BMC, the _BPF Memcached Cache_, a first-level in-kernel cache relying on XDP to accelerate Memcached. It improves the response time, by avoiding costly traversals of the network @@ -454,7 +454,7 @@ Updates! project contains a Python-based generator to produce eBPF code on-the-fly! - The [sonde-rs](https://github.com/wasmerio/sonde-rs) library provides a way - to compile USDT (*Userland Statically Defined Tracing*) probes into Rust + to compile USDT (_Userland Statically Defined Tracing_) probes into Rust applications, so that they can be traced with any tools supporting those probes, including for example BCC tools or bpftrace. @@ -500,11 +500,11 @@ down the changes into categories. some similarities with eBPF helper functions, which are compiled as part of the kernel and can be called from eBPF programs. But instead of writing dedicated functions, this is about calling pre-existing function from the - kernel. This does not apply to *any* function: a list of allowed functions is + kernel. This does not apply to _any_ function: a list of allowed functions is maintained in the kernel for each eBPF program type. A crucial difference with eBPF helpers is that kernel functions that can be - called are *not* bounded to a fixed ABI contract. This means that they remain + called are _not_ bounded to a fixed ABI contract. This means that they remain free to evolve, even if this breaks existing eBPF programs. BTF is what makes this possible. diff --git a/content/blog-posts/2023-08-16-ebpf-for-security/index.md b/content/blog-posts/2023-08-16-ebpf-for-security/index.md index d17267a29..92abc1f28 100644 --- a/content/blog-posts/2023-08-16-ebpf-for-security/index.md +++ b/content/blog-posts/2023-08-16-ebpf-for-security/index.md @@ -1,8 +1,10 @@ --- + date: '2023-08-16T11:36:00.000Z' title: 'EBPF For Security: Evolution Or Revolution?' ogImage: ogimage.jpeg description: "Explore eBPF's rise as a pivotal tool for Linux kernel security. Learn about its transition from a network packet filter to a powerful tool for tracing and analysing system activity, and its transformative role in modern cloud and internet security" -externalUrl: 'https://www.sjultra.com/ebpf-for-security' +externalUrl: '' categories: + - Technology diff --git a/content/blog-posts/2023-09-12-what-is-next-for-observability/index.md b/content/blog-posts/2023-09-12-what-is-next-for-observability/index.md index 0061dcc82..4d3eaa3ce 100644 --- a/content/blog-posts/2023-09-12-what-is-next-for-observability/index.md +++ b/content/blog-posts/2023-09-12-what-is-next-for-observability/index.md @@ -1,8 +1,10 @@ --- + date: '2023-09-12T11:36:00.000Z' title: 'What is next for observability?' ogImage: ogimage.webp description: 'Dive into the future of observability! Explore its evolution, the challenges of microservices, and the significance of tools like eBPF and Cilium' -externalUrl: 'https://www.infoworld.com/article/3706048/what-s-next-for-observability.html' +externalUrl: '' categories: + - Technology diff --git a/content/blog-posts/2023-09-13-changes-to-ebpf/index.md b/content/blog-posts/2023-09-13-changes-to-ebpf/index.md index c22c7621b..239560346 100644 --- a/content/blog-posts/2023-09-13-changes-to-ebpf/index.md +++ b/content/blog-posts/2023-09-13-changes-to-ebpf/index.md @@ -1,8 +1,10 @@ --- + date: '2023-09-13T11:36:00.000Z' title: 'Latest eBPF Advances Are Harbingers of Major Changes to IT' ogImage: ogimage.webp description: 'This post explores the latest eBPF advancements and its impact in IT. It also discusses the eBPF Summit, Microsoft intent to introduce eBPF in Windows, and the broader implications of eBPF in enhancing software performance by running applications closer to the kernel' -externalUrl: 'https://devops.com/latest-ebpf-advances-are-harbingers-of-major-changes-to-it' +externalUrl: '' categories: + - Technology diff --git a/content/blog-posts/2023-09-13-grafana-beyla/index.md b/content/blog-posts/2023-09-13-grafana-beyla/index.md index eb1bad4d4..a3fb5bf8a 100644 --- a/content/blog-posts/2023-09-13-grafana-beyla/index.md +++ b/content/blog-posts/2023-09-13-grafana-beyla/index.md @@ -1,9 +1,11 @@ --- + date: '2023-09-13T11:36:00.000Z' title: 'Introducing Grafana Beyla: open source ebpf auto-instrumentation for application observability' ogImage: ogimage.png description: 'Grafana announces Beyla, an open-source eBPF auto-instrumentation tool, designed to improve application observability. Learn how to set up and configure Grafana Beyla with Grafana Cloud' -externalUrl: 'https://grafana.com/blog/2023/09/13/grafana-beyla-open-source-ebpf-auto-instrumentation' +externalUrl: '' categories: + - Technology - How-To diff --git a/content/blog-posts/2023-09-15-infoq-grafana-beyla/index.md b/content/blog-posts/2023-09-15-infoq-grafana-beyla/index.md index c107bd500..e715d3b0a 100644 --- a/content/blog-posts/2023-09-15-infoq-grafana-beyla/index.md +++ b/content/blog-posts/2023-09-15-infoq-grafana-beyla/index.md @@ -1,8 +1,10 @@ --- + date: '2023-09-15T11:36:00.000Z' title: 'Grafana Beyla Provides Auto-Instrumented Observability through eBPF' ogImage: ogimage.webp description: 'Grafana introduces "Grafana Beyla," an open-source eBPF auto-instrumentation tool. Beyla reports span information and RED metrics for Linux HTTP/S and gRPC services without necessitating code modifications' -externalUrl: 'https://www.infoq.com/news/2023/09/grafana-beyla-observability' +externalUrl: '' categories: + - Technology diff --git a/content/blog-posts/2023-09-21-not-your-grandpa-packet-filter/index.md b/content/blog-posts/2023-09-21-not-your-grandpa-packet-filter/index.md index 864916a9d..6c3a40c3a 100644 --- a/content/blog-posts/2023-09-21-not-your-grandpa-packet-filter/index.md +++ b/content/blog-posts/2023-09-21-not-your-grandpa-packet-filter/index.md @@ -1,8 +1,10 @@ --- + date: '2023-09-21T11:36:00.000Z' title: 'Not Your Grandpa’s Packet Filter: eBPF in Cloud-Native Networking' ogImage: ogimage.webp description: 'This article explores how eBPF has evolved from a simple packet filter into a general-purpose compute engine within the kernel, and how it adds functionality, flexibility and performance to a decades-old technology' -externalUrl: 'https://cloudnativenow.com/topics/not-your-grandpas-packet-filter-ebpf-in-cloud-native-networking' +externalUrl: '' categories: + - Technology diff --git a/content/blog-posts/2023-09-22-network-observability/index.md b/content/blog-posts/2023-09-22-network-observability/index.md index 7db45e6fe..de10fcd5a 100644 --- a/content/blog-posts/2023-09-22-network-observability/index.md +++ b/content/blog-posts/2023-09-22-network-observability/index.md @@ -1,8 +1,10 @@ --- + date: '2023-09-21T11:36:00.000Z' title: 'Using eBPF for Network Observability' ogImage: ogimage.png description: 'Explore how eBPF enhances network observability by monitoring network behavior and linking it to internal workload activities' -externalUrl: 'https://www.spyderbat.com/blog/using-ebpf-for-network-observability' +externalUrl: '' categories: + - Technology diff --git a/content/events/2025-ebpf-summit-hackathon/hackathon-2025-event.png b/content/events/2025-ebpf-summit-hackathon/hackathon-2025-event.png new file mode 100644 index 000000000..3564e02ac Binary files /dev/null and b/content/events/2025-ebpf-summit-hackathon/hackathon-2025-event.png differ diff --git a/content/events/2025-ebpf-summit-hackathon/index.md b/content/events/2025-ebpf-summit-hackathon/index.md new file mode 100644 index 000000000..c3289aa67 --- /dev/null +++ b/content/events/2025-ebpf-summit-hackathon/index.md @@ -0,0 +1,13 @@ +--- +date: '2025-10-06T00:00:00.000Z' +place: 'Online' +title: 'eBPF Summit 2025: Hackathon Edition' +description: 'A global open source hackathon to build, explore, and contribute with eBPF. Join developers, tinkerers, and open source enthusiasts from all backgrounds to get hands-on with this cutting-edge kernel technology.' +linkUrl: '/summit-2025/' +ogImage: hackathon-2025-event.png +type: Hackathon +conference: eBPF Summit +region: Online +isFeatured: true +tags: ['hackathon', 'ebpf', 'open-source', 'remote', 'async'] +--- diff --git a/src/components/pages/project-landscape/project-card/project-card.jsx b/src/components/pages/project-landscape/project-card/project-card.jsx index 1bb058e80..716e912f1 100644 --- a/src/components/pages/project-landscape/project-card/project-card.jsx +++ b/src/components/pages/project-landscape/project-card/project-card.jsx @@ -62,9 +62,9 @@ import skywalkingLogo from './logos/skywalking.png'; import sysinternalsLogo from './logos/sysinternals.svg'; import tetragonLogo from './logos/tetragon.svg'; import traceeLogo from './logos/tracee.svg'; +import trayceLogo from './logos/trayce.svg'; import vc5Logo from './logos/vc5.svg'; import wachyLogo from './logos/wachy.png'; -import trayceLogo from './logos/trayce.svg'; // Global hover modal manager const createHoverModalManager = () => { diff --git a/src/components/pages/summit-2024/hero/hero.jsx b/src/components/pages/summit-2024/hero/hero.jsx index 689f96355..d8db0544e 100644 --- a/src/components/pages/summit-2024/hero/hero.jsx +++ b/src/components/pages/summit-2024/hero/hero.jsx @@ -3,33 +3,32 @@ import PropTypes from 'prop-types'; import React from 'react'; import Button from 'components/shared/button'; +import DevPostIcon from 'icons/devpost.inline.svg'; import SlackIcon from 'icons/slack.inline.svg'; import illustration from './images/illustration.svg'; const icons = { slack: SlackIcon, + devpost: DevPostIcon, }; -const ctaButtons = [ - { - title: 'Watch the recordings on YouTube', - theme: 'orange', - onclick: null, - url: 'https://www.youtube.com/playlist?list=PLDg_GiBbAx-m7yn_FYcc41PNrgtxlISBK', - }, - { - onClick: null, - url: 'https://ebpf.io/slack', - title: 'Join the summit slack', - theme: 'gray', - iconName: 'slack', - target: '_blank', - }, -]; +const ctaButtons = []; -const Hero = ({ date, title, time, description }) => ( -
+const DEFAULT_ILLUSTRATION_CLASS = + 'absolute right-8 top-24 h-auto w-[624px] lg:static lg:mt-12 lg:w-full'; + +const Hero = ({ + date, + title, + time, + description, + ctaButtons: overrideButtons = ctaButtons, + illustrationUrl, + illustrationClassName, + rootClassName, +}) => ( +
@@ -54,7 +53,7 @@ const Hero = ({ date, title, time, description }) => ( dangerouslySetInnerHTML={{ __html: description }} />
- {ctaButtons.map(({ title, url, theme, iconName, target }, index) => { + {overrideButtons.map(({ title, url, theme, iconName, target }, index) => { const Icon = icons[iconName]; return ( @@ -74,8 +73,8 @@ const Hero = ({ date, title, time, description }) => (
Illustration ( + +
+
    +
  1. + + 1 + +

    + Sign up on{' '} + + DevPost + +

    +
    2. +
  2. + + 2 + +

    Choose your track and start building

    +
    3. +
  3. + + 3 + +

    + Submit your project by November 30, 2025 +

    +
    4. +
  4. + + 4 + +

    + Join Slack #ebpf-summit for help or team-matching +

    +
    5. +
+ +
+ + +

+ Workshops and office hours available throughout the event. +

+
+
+ +); + +JoinPanel.propTypes = { + devpostUrl: PropTypes.string.isRequired, + slackUrl: PropTypes.string.isRequired, +}; + +export default JoinPanel; diff --git a/src/components/pages/summit-2025/judges/images/bill-mulligan.jpeg b/src/components/pages/summit-2025/judges/images/bill-mulligan.jpeg new file mode 100644 index 000000000..d12decc66 Binary files /dev/null and b/src/components/pages/summit-2025/judges/images/bill-mulligan.jpeg differ diff --git a/src/components/pages/summit-2025/judges/images/constanze-b-oedig.png b/src/components/pages/summit-2025/judges/images/constanze-b-oedig.png new file mode 100644 index 000000000..52241a052 Binary files /dev/null and b/src/components/pages/summit-2025/judges/images/constanze-b-oedig.png differ diff --git a/src/components/pages/summit-2025/judges/images/daniel-borkman.jpeg b/src/components/pages/summit-2025/judges/images/daniel-borkman.jpeg new file mode 100644 index 000000000..16cb6b5c5 Binary files /dev/null and b/src/components/pages/summit-2025/judges/images/daniel-borkman.jpeg differ diff --git a/src/components/pages/summit-2025/judges/images/duffie-cooley.jpg b/src/components/pages/summit-2025/judges/images/duffie-cooley.jpg new file mode 100644 index 000000000..e0b12c5c5 Binary files /dev/null and b/src/components/pages/summit-2025/judges/images/duffie-cooley.jpg differ diff --git a/src/components/pages/summit-2025/judges/images/dylan-reimerink.png b/src/components/pages/summit-2025/judges/images/dylan-reimerink.png new file mode 100644 index 000000000..1afc70139 Binary files /dev/null and b/src/components/pages/summit-2025/judges/images/dylan-reimerink.png differ diff --git a/src/components/pages/summit-2025/judges/images/joe-stringer.jpeg b/src/components/pages/summit-2025/judges/images/joe-stringer.jpeg new file mode 100644 index 000000000..3df91e85a Binary files /dev/null and b/src/components/pages/summit-2025/judges/images/joe-stringer.jpeg differ diff --git a/src/components/pages/summit-2025/judges/images/john-fastabend.png b/src/components/pages/summit-2025/judges/images/john-fastabend.png new file mode 100644 index 000000000..5c1fc5fe7 Binary files /dev/null and b/src/components/pages/summit-2025/judges/images/john-fastabend.png differ diff --git a/src/components/pages/summit-2025/judges/images/liz-rice.png b/src/components/pages/summit-2025/judges/images/liz-rice.png new file mode 100644 index 000000000..4ffd2f55d Binary files /dev/null and b/src/components/pages/summit-2025/judges/images/liz-rice.png differ diff --git a/src/components/pages/summit-2025/judges/images/neha-aggarwal.png b/src/components/pages/summit-2025/judges/images/neha-aggarwal.png new file mode 100644 index 000000000..9185417cb Binary files /dev/null and b/src/components/pages/summit-2025/judges/images/neha-aggarwal.png differ diff --git a/src/components/pages/summit-2025/judges/images/nimisha-mehta.png b/src/components/pages/summit-2025/judges/images/nimisha-mehta.png new file mode 100644 index 000000000..8a25dae20 Binary files /dev/null and b/src/components/pages/summit-2025/judges/images/nimisha-mehta.png differ diff --git a/src/components/pages/summit-2025/judges/images/teodor-podobnik.png b/src/components/pages/summit-2025/judges/images/teodor-podobnik.png new file mode 100644 index 000000000..b7511ac9c Binary files /dev/null and b/src/components/pages/summit-2025/judges/images/teodor-podobnik.png differ diff --git a/src/components/pages/summit-2025/judges/judges.jsx b/src/components/pages/summit-2025/judges/judges.jsx new file mode 100644 index 000000000..bd6ee411f --- /dev/null +++ b/src/components/pages/summit-2025/judges/judges.jsx @@ -0,0 +1,147 @@ +import { StaticImage } from 'gatsby-plugin-image'; +import PropTypes from 'prop-types'; +import React from 'react'; + +const avatars = { + 'Liz Rice': ( + + ), + 'Daniel Borkman': ( + + ), + 'Bill Mulligan': ( + + ), + 'Dylan Reimerink': ( + + ), + 'Duffie Cooley': ( + + ), + 'John Fastabend': ( + + ), + 'Joe Stringer': ( + + ), + 'Constanze b. Roedig': ( + + ), + 'Nimisha Mehta': ( + + ), + 'Neha Aggarwal': ( + + ), + 'Teodor (Janez) Podobnik': ( + + ), +}; + +const Judges = ({ title, items }) => ( +
+
+

{title}

+
+ {items.map(({ name, position }, index) => ( +
+ {avatars[name]} +

{name}

+ + {position} + +
+ ))} +
+
+
+); + +Judges.propTypes = { + title: PropTypes.string.isRequired, + items: PropTypes.arrayOf( + PropTypes.shape({ + name: PropTypes.string.isRequired, + position: PropTypes.string.isRequired, + }) + ).isRequired, +}; + +export default Judges; diff --git a/src/components/pages/summit-2025/prizes-panel/prizes-panel.jsx b/src/components/pages/summit-2025/prizes-panel/prizes-panel.jsx new file mode 100644 index 000000000..afd4bda6d --- /dev/null +++ b/src/components/pages/summit-2025/prizes-panel/prizes-panel.jsx @@ -0,0 +1,68 @@ +import React from 'react'; + +import GradientPanel from 'components/shared/gradient-panel/gradient-panel'; + +const PrizesPanel = () => ( + +
+
+
+ 🏆 +
+
+

Credly Badge

+

+ “eBPF Summit: Hackathon Edition 2025 Winner” delivered by Isovalent at Cisco +

+
+
+ +
+
+ 🐧 +
+
+

Linux Certification

+

50% Voucher offered by the CNCF

+
+
+ +
+
+ 📚 +
+
+

eBPF and Cilium eBooks

+

Digital learning resources

+
+
+ +
+
+ 🎁 +
+
+

eBPF Hackathon Swag Kit

+

Exclusive merchandise and goodies

+
+
+ +
+
+ 📺 +
+
+

eCHO Livestream Presentation

+

+ Opportunity to present your submission on the eCHO Livestream at a mutually-agreed date +

+
+
+
+ +); + +export default PrizesPanel; diff --git a/src/components/pages/summit-2025/summit-header/summit-header.jsx b/src/components/pages/summit-2025/summit-header/summit-header.jsx new file mode 100644 index 000000000..c5e6a9f86 --- /dev/null +++ b/src/components/pages/summit-2025/summit-header/summit-header.jsx @@ -0,0 +1,126 @@ +/* eslint-disable import/no-extraneous-dependencies */ +import { Popover, Transition } from '@headlessui/react'; +import { Bars3Icon, XMarkIcon } from '@heroicons/react/24/outline'; +import PropTypes from 'prop-types'; +import React, { Fragment } from 'react'; + +import Button from 'components/shared/button'; +import Link from 'components/shared/link'; +import Logo from 'images/logo.inline.svg'; + +const SummitHeader = ({ navigation, devpostUrl }) => { + const closeMenu = (e) => { + e.stopPropagation(); + }; + return ( +
+ + {({ open }) => ( + <> +
+ +
+ + + +
+
+
+ +
+
+ + Close menu + +
+
+
+ {navigation.map((item) => ( + + {item.name} + + ))} +
+
+ +
+
+ + + + )} + +
+ ); +}; + +SummitHeader.propTypes = { + navigation: PropTypes.array.isRequired, + devpostUrl: PropTypes.string.isRequired, +}; + +export default SummitHeader; diff --git a/src/components/pages/summit-2025/summit-layout/summit-layout.jsx b/src/components/pages/summit-2025/summit-layout/summit-layout.jsx new file mode 100644 index 000000000..b4a884953 --- /dev/null +++ b/src/components/pages/summit-2025/summit-layout/summit-layout.jsx @@ -0,0 +1,21 @@ +import PropTypes from 'prop-types'; +import React from 'react'; + +import SummitHeader from 'components/pages/summit-2025/summit-header/summit-header'; +import SummitFooter from 'components/shared/summit-footer'; + +const SummitLayout = ({ children, navigation, devpostUrl }) => ( +
+ +
{children}
+ +
+); + +SummitLayout.propTypes = { + children: PropTypes.node.isRequired, + navigation: PropTypes.array.isRequired, + devpostUrl: PropTypes.string.isRequired, +}; + +export default SummitLayout; diff --git a/src/components/shared/gradient-panel/gradient-panel.jsx b/src/components/shared/gradient-panel/gradient-panel.jsx new file mode 100644 index 000000000..5e6decd99 --- /dev/null +++ b/src/components/shared/gradient-panel/gradient-panel.jsx @@ -0,0 +1,23 @@ +import PropTypes from 'prop-types'; +import React from 'react'; + +const GradientPanel = ({ title, subtitle, children }) => ( +
+ {title &&

{title}

} + {subtitle &&

{subtitle}

} +
{children}
+
+); + +GradientPanel.propTypes = { + title: PropTypes.string, + subtitle: PropTypes.string, + children: PropTypes.node.isRequired, +}; + +GradientPanel.defaultProps = { + title: null, + subtitle: null, +}; + +export default GradientPanel; diff --git a/src/data/shared/summit-2025-navigation.js b/src/data/shared/summit-2025-navigation.js new file mode 100644 index 000000000..c4c13aca3 --- /dev/null +++ b/src/data/shared/summit-2025-navigation.js @@ -0,0 +1,9 @@ +export const navigation = [ + { name: 'About', href: '/summit-2025/#about' }, + { name: 'Tracks', href: '/summit-2025/#tracks' }, + { name: 'Join', href: '/summit-2025/#join' }, + { name: 'Resources', href: '/summit-2025/#resources' }, +]; + +export const devpostUrl = 'https://ebpf-summit-2025.devpost.com/'; +export const slackUrl = 'https://ebpf.io/slack'; diff --git a/src/icons/devpost.inline.svg b/src/icons/devpost.inline.svg new file mode 100644 index 000000000..bedfb2faf --- /dev/null +++ b/src/icons/devpost.inline.svg @@ -0,0 +1,6 @@ + + + + + + diff --git a/src/pages/summit-2025.jsx b/src/pages/summit-2025.jsx new file mode 100644 index 000000000..d2d75b7a4 --- /dev/null +++ b/src/pages/summit-2025.jsx @@ -0,0 +1,283 @@ +import React from 'react'; + +import Hero from 'components/pages/summit-2024/hero'; +import ConnectingIcon from 'components/pages/summit-2024/information/images/connecting.inline.svg'; +import SharingIcon from 'components/pages/summit-2024/information/images/sharing.inline.svg'; +import TrendingIcon from 'components/pages/summit-2024/information/images/trending.inline.svg'; +import LastYear from 'components/pages/summit-2024/last-year'; +import JoinPanel from 'components/pages/summit-2025/join-panel/join-panel'; +import Judges from 'components/pages/summit-2025/judges/judges'; +import PrizesPanel from 'components/pages/summit-2025/prizes-panel/prizes-panel'; +import SummitLayout from 'components/pages/summit-2025/summit-layout/summit-layout'; +import Button from 'components/shared/button'; +import SEO from 'components/shared/seo'; +import { navigation, devpostUrl, slackUrl } from 'data/shared/summit-2025-navigation'; + +const ogImage = '/images/social-preview-ebpf-summit.jpg'; + +// Hackathon edition content for 2025 +const hero = { + date: 'October 6 – November 30, 2025', + title: 'eBPF Summit 2025: Hackathon Edition', + time: 'Remote, async, open to all skill levels', + description: '

A global open source hackathon to build, explore, and contribute with eBPF.

', + ctaButtons: [ + { + title: 'Join on DevPost', + url: devpostUrl, + theme: 'orange', + iconName: 'devpost', + target: '_blank', + }, + { title: 'Join the Slack', url: slackUrl, theme: 'gray', iconName: 'slack', target: '_blank' }, + ], + // custom hero illustration (served from /static/images) + illustrationUrl: '/images/hackathon-hero.png', + illustrationClassName: + 'absolute right-8 top-24 h-auto w-[520px] lg:static lg:mt-12 lg:w-[80%] lg:max-w-[520px]', + rootClassName: 'pb-24 lg:pb-16', +}; + +// Update last year section to point to resources instead of YouTube CTA +const lastYear = { + title: 'Highlights from Past Events', + description: + 'Looking for inspiration? Explore talks, demos, and case studies from previous eBPF Summit editions.', + link: { + url: '/resources', + title: 'Resources', + }, + items: [ + { number: '2024', unit: 'Summit', textColor: 'black', numberColor: 'orange' }, + { number: '2023', unit: 'Summit', textColor: 'white', numberColor: 'white' }, + { number: 'Labs', unit: 'and Docs', textColor: 'white', numberColor: 'orange' }, + { number: 'Books', unit: 'and Guides', textColor: 'black', numberColor: 'orange' }, + ], +}; + +const Summit2025 = () => ( + + + {/* Section 3: About */} +
+
+

About the Hackathon

+
+

+ eBPF Summit: Hackathon Edition invites developers, tinkerers, and open source + enthusiasts from all backgrounds to get hands-on with this cutting-edge kernel + technology that's being used to build the future of cloud native networking, + observability, and security. +

+
+
+
+ +

Connecting Contributors

+

+ The hackathon brings together eBPF developers, operators, advocates, and first-time + contributors from around the world — to collaborate, build, and learn from each other. +

+
+
+ +

Building in the Open

+

+ From early ideas to production-ready tools, this event is about making progress in + public — with support, feedback, and community energy. +

+
+
+ +

Expanding Use Cases

+

+ Explore how eBPF powers the next generation of security, networking, and observability + — and help push its boundaries by trying new integrations, policies, and workflows. +

+
+
+ + {/* About eBPF Summit section */} +
+

About eBPF Summit

+
+

+ Since 2020, eBPF Summit has gathered the eBPF community together for a virtual summit + that explores and celebrates the open source eBPF ecosystem. With everything from deep + dives to hands-on challenges, eBPF Summit brings together everyone building, using, or + interested in using eBPF as a platform. This year we're doing something different + by hosting this eBPF Hackathon! +

+
+
+ +
+
+ +
+
+

Schedule at a glance

+
+
+
+ Registration Period +
+
+ Open now +
+
+
+
+ Submission Period +
+
+ Monday, 13 October – Sunday, 30 November +
+
+
+
Judging Period
+
+ Monday, 1 December – Monday, 15 December +
+
+
+
+ Winners Announcement +
+
+ Around Wednesday, 17 December +
+
+
+
+
+
+ +
+
+
+ + {/* Section 4: Tracks */} +
+
+

Tracks

+
+
+
+ 🧩 +
+

+ Tools & Projects Using eBPF or Contributing to Cilium +

+

+ Build or enhance tools using eBPF that aren't based on Isovalent projects. Make + direct contributions to Cilium, Tetragon, Hubble, or related tooling and docs. +

+
+
+
+ 🔍 +
+

Using Cilium Technologies in Original Ways

+

+ Use Cilium technologies in creative or practical scenarios to solve real problems. +

+
+
+
+ 🌱 +
+

eBPF Starter Track (Beginner-Friendly)

+

+ A low-pressure track for newcomers to learn, experiment, and share beginner-level eBPF + or Cilium work. +

+
+
+
+
+ + {/* Section 5: Prizes */} +
+
+ +
+
+ + {/* Section 6: Join */} +
+
+ +
+
+ + {/* Section 7: Judges */} +
+ +
+ + {/* Section 8: Highlights & Resources */} + {/*
+
+

Highlights from Past Events and Resources

+

Looking for inspiration?

+ +
+
*/} + + +); + +// eslint-disable-next-line react/prop-types +export const Head = ({ location: { pathname } }) => { + const pageMetadata = { + title: 'eBPF Summit 2025: Hackathon Edition', + description: + 'Join the eBPF Summit 2025: Hackathon Edition — a global open source hackathon running Oct 13 – Nov 30, 2025.', + image: ogImage, + pathname, + }; + return ; +}; + +export default Summit2025; diff --git a/static/images/hackathon-2025-event.png b/static/images/hackathon-2025-event.png new file mode 100644 index 000000000..0a289d9a4 --- /dev/null +++ b/static/images/hackathon-2025-event.png @@ -0,0 +1 @@ +data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAADUlEQVR42mNkYPhfDwAChwGA60e6kgAAAABJRU5ErkJggg== diff --git a/static/images/hackathon-hero.png b/static/images/hackathon-hero.png new file mode 100644 index 000000000..4da6cd7ef Binary files /dev/null and b/static/images/hackathon-hero.png differ