## North-South Load Balancing of Kubernetes Services with eBPF/XDP Martynas Pumputis (Isovalent) eBPF Summit  ![Image](

## Accelerate Service Mesh Network with ebpf Luyao Zhong ## Agenda • TCP/IP stack overhead in service mesh • Background knowledge of eBPF - Independent solution to bypass TCP/IP stack • Performance jpg) ## ebpf Background Knowledge ## Loader & Verification Architecture  https://ebpf.io/what-is-ebpf/ ## ebpf Background Background Knowledge map • Share collected information • Accessed from eBPF programs as well as from applications in user space • Map type O HASHMAP O SOCKHASH: Hold socket as value Istio Meetup China

## eBPF Summit October 28, 2020 ## Debugging Go in production using eBPF  i'm Zain  What are we going com/pixie-labs/pixie https://blog.pixielabs.ai/ebpf ## Some related projects https://github.com/kinvolk/inspector-gadget sysdig https://github.com/draios/sysdig/wiki/eBPF

## Traffic Control the Rabbit(MQ) with Rust using RedBPF eBPF Summit ## I n This Talk • Different “types” of BPF programs • Write BPF programs in Rust • Add new feature in RedBPF • Use BPF maps to most importantly, I love Rust! - For networking, RedBPF supports XDP and SocketFilter programs, however... ## Traffic Control for Real • XDP doesn’t seem would work (full TCP packet hasn’t been constructed

## Accelerate Istio-CNI with ebpf Xu Yizhou & Guo Ruijing ## Agenda • Istio-CNI • tcp/ip stack overhead between sidecar and service • Background knowledge of ebpf • Acceleration for Inbound/Outbound/Envoy [Image](/uploads/documents/5/a/b/b/5abb1b8f1b8f9d74adba9f84c56cea7a/p5_1.jpg) ## ebpf Background Knowledge ## Prog type • ebpf provide various programs type for different purpose - We choose SOCK_OPS & BPF_PROG_TYPE_SCHED_CLS, BPF_PROG_TYPE_SCHED_ACT, BPF_PROG_TYPE_TRACEPOINT, BPF_PROG_TYPE_XDP, BPF_PROG_TYPE_PERF_EVENT, BPF_PROG_TYPE_CGROUP_SKB, BPF_PROG_TYPE_CGROUP_SOCK,

## eBPF at LINE's Private Cloud eBPF Summit ## LINE • Messaging & many family services • 185 million global MAU • 3Tbps+ network traffic in total ## LINE  IaaS ## V erda and XDP Based L4 Load Balancer Service • Part of our private cloud service since 2017 • 5100 private, 760 acceleration using XDP (jp) https://engineering.linecorp.com/ja/blog/intern2019-report-infra/ https://www.janog.gr.jp/meeting/janog45/application/files/3815/7952/0335/009_srv6xdp_saito.pdf • UDP and

how to troubleshoot Cilium in different deployment modes. BPF and XDP Reference Guide : Provides a technical deep dive of BPF and XDP technology, primarily focused at developers. API Reference : Details Operations Istio Other Orchestrators Concepts Component Overview Terminology Networking Network Security eBPF Datapath Kubernetes Integration Multi-Cluster (Cluster Mesh) Getting Help FAQ Slack GitHub Security Required Kernel Versions for Advanced Features Key-Value store clang+LLVM iproute2 Firewall Rules Mounted eBPF filesystem Privileges Upgrade Guide Running pre-flight check (Required) Upgrading Cilium Version Specific

how to troubleshoot Cilium in different deployment modes. BPF and XDP Reference Guide : Provides a technical deep dive of eBPF and XDP technology, primarily focused at developers. API Reference : Details Operations Istio Other Orchestrators Concepts Component Overview Terminology Networking Network Security eBPF Datapath Observability Kubernetes Integration Multi-Cluster (Cluster Mesh) Getting Help FAQ Slack Required Kernel Versions for Advanced Features Key-Value store clang+LLVM iproute2 Firewall Rules Mounted eBPF filesystem Privileges Upgrade Guide Running pre-flight check (Required) Upgrading Cilium Version Specific

https://cilium.io https://github.com/cilium cilium是 kubernetes 的 CNI 网络解决方案，创新采用了 eBPF datapath，为 kubernetes 网络和 linux 社区的 eBPF 发展，启动了最要的推动作用。 截止 2021.10 ， cilium github 项目已有 9.3K star，Contributors 316位 网络解决方案 2019.8 cilium 1.6 发布 kube proxy replacement 2019.11 cilium–hubble 发布 cilium 1.8 发布 开始出现 XDP 的 service 负载均衡，极大提升性能 2020.8 google正式采纳 cilium 作为 GKE产品的网络方案 截止2021.10, cilium 合入了 AWS、AKS、GKE、Alibaba 网络数据包的“转发延时” • 不同场景下，不同程度地提升了 网络数据包的“吞吐量” • 不同场景下，不同程度地降低了 转发数据包所需的“CPU开销” ## eBPF 简介 eBPF 技术 在 Linux kernel 3.19 开始被引入，可在用户态进行 eBPF 程序编程，编译后，动态加载到内核指定的 hook 点上，以 VM 方式安全运行，其能通过 map 存储结构存储数据，能通过 map 同用户态程序

Simple Precise Process Confinement with eBPF and KRSI eBPF Summit ## bpfbox at a Glance ▶ bpfbox is a novel process confinement mechanism for Linux using eBPF ▶ Users write per-application policy in a/7/c/ba7c57cbfa53ff2a90045cb7d548fb18/p3_4.jpg) TOMOYO ▶ Can we do any better? ## eBPF Changes the Game eBPF enables: ▶ Fine-grained system introspection ▶ Integration of cross-layer state (kprobes framework ▶ Kernelspace components are all eBPF ▶ LSM probes (KRSI), kprobes, uprobes, tracepoints ▶ Under 2000 source lines of kernelspace code Thanks to eBPF, bpfbox is light-weight, flexible, and production-safe