Modern cloud-native systems operate on dynamic, distributed infrastructure where containers frequently launch and terminate, services interact across clusters, and conventional networking assumptions falter. Originally, Linux networking was developed around unchanging IP addresses and straightforward rule processing, which is unsuitable for scaling in Kubernetes environments. Adjusting the Linux kernel to meet these requirements is slow and risky for most organizations.
The Extended Berkeley Packet Filter (eBPF) is a Linux kernel innovation that allows secure execution of sandboxed programs within the kernel without altering the kernel’s source code or adding kernel modules. Cilium, an open-source networking platform utilizing eBPF, ensures connectivity, security, and observation of workload interactions within Kubernetes and other distributed systems.
Bill Mulligan, a Cilium ecosystem maintainer and a team member at Isovalent, the company behind Cilium, joins Gregor Vand in this episode to delve into eBPF’s inner workings, Cilium’s popularity in Kubernetes networking, and how programmable kernels are changing the future of cloud-native infrastructure.
Gregor Vand, a security-focused technologist formerly serving as a CTO in cybersecurity, cyber insurance, and general software engineering, is based in Singapore and can be contacted through vand.hk or LinkedIn.
Please click here to see the transcript of this episode.
Sponsors
Guardsquare
In mobile application security, ‘good enough’ carries risk. Guardsquare employs sophisticated, multi-layered code hardening, automated runtime application self-protection, and mobile application security testing, along with real-time threat monitoring, to deliver top-tier mobile app security. Learn more about Guardsquare’s comprehensive mobile app protection for Android and iOS at www.guardsquare.com.
Retool
If you’re leading an engineering team, you recognize this cycle. While your team focuses on product development, operations request a dashboard. Marketing needs an admin panel, and finance requires a custom workflow as requests accumulate. Consequently, people create their own solutions, shadow IT emerges, and you end up managing tools held together with makeshift solutions.
Retool changes this cycle. Their AI AppGen platform provides a controlled environment for teams to develop needed tools securely. Typing a request for a customer admin panel managing Postgres accounts will produce a ready-to-use app with appropriate permissions.
Reduce the burden of shadow IT cleanup by exploring how Retool enables teams to build without chaos by visiting retool.com/se daily. A more efficient approach to internal tools is available, courtesy of Retool.