Cloud Security Podcast

eBPF - Kubernetes Network Security without the Blind Sides!

Nov 30, 2023

The podcast explores the challenges of network security in managed Kubernetes environments and the benefits of using tools like eBPF and Cilium. It discusses the initial approach to networking in Kubernetes and the need for the next generation of networking tools. The chapter also explores how eBPF revolutionized the kernel field and the network security capabilities of Cilium. It discusses the process of graduating a project within the CNCF and the importance of having a company backing an open source project. The speakers engage in a light-hearted conversation, sharing their personal interests and aspirations.

23:23

Creator website

AI Summary

Highlights

AI Chapters

Episode notes

Podcast summary created with Snipd AI

Quick takeaways

Cilium, an open-source project developed by Isovalent, provides comprehensive network security solutions for Kubernetes deployments, addressing limitations in built-in security capabilities.

The graduation of Cilium as a Cloud Native Computing Foundation (CNCF) project signifies its maturity and recognition, with widespread adoption by cloud service providers and essential functionalities in Kubernetes deployments.

Deep dives

The Importance of Network Security in Kubernetes

In this podcast episode, Thomas Graf, the CTO of Isogueland, discusses the significance of network security in the context of Kubernetes. He highlights the limitations of the built-in network security capabilities of managed Kubernetes environments and introduces the open-source project called Selium, which was developed by Isogueland. Graf explains that Selium offers solutions for network segmentation, encryption, and mutual authentication, providing a more comprehensive and identity-based approach to network security. He also emphasizes the need for organizations to integrate their Kubernetes infrastructure with existing on-premise or cloud-based networks, and how Selium's egress gateway simplifies this process. Overall, the episode emphasizes the importance of considering network security as an essential component of Kubernetes deployments.

Cilium Use Cases and Security Pillars

01:15

Introduction

4min

Traditional Networking in Kubernetes

4min

eBPF and Cilium: Revolutionizing Kernel and Network Security

8min

Graduating a Project within CNCF

5min

Discussion on Personal Interests, Superpowers, and Global Challenges

2min

eBPF is recent graduate in the CNCF family and this means that the world of Cloud and Kubernetes, networking looks very different with more security capabilities. Cilium the project from Isovalent has been gaining traction for network security for kubernetes as blindsides have been called out in the managed kubernetes deployments. This episode was recorded at KubeCon NA with Thomas Graf from Isovalent to share what the blindsides are and why eBPF provides better network security capability for kubernetes deployments of any scale.

Guest Socials: Thomas's Linkedin ⁠(⁠@ThomasGraf⁠⁠)⁠

Podcast Twitter - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠@CloudSecPod⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠

If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:

- ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security Newsletter ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠

- ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security BootCamp⁠⁠⁠

Questions asked:

(00:00) Introduction

(03:42) A bit about Thomas

(04:11) Traditional Networking in Kubernetes

(06:52) What is Cilium?

(07:52) What is eBPF?

(08:46) What do people use Cilium for?