Envoy Mesh Acceleration: From Iptables to Fully BPF
Offered By: CNCF [Cloud Native Computing Foundation] via YouTube
Course Description
Overview
Explore Envoy mesh acceleration techniques in this conference talk that transitions from iptables to fully BPF-based solutions. Delve into the challenges of transparent traffic hijacking and its impact on system performance. Examine current solutions, including Cilium and lightweight approaches, and understand how iptables redirections affect sockmap match results for inbound and outbound traffic. Discover a novel iptables-free solution that utilizes eBPF for traffic direction, provides transparent outbound traffic redirection, and offers an integrated control plane for Daemonset deployment. Learn about eBPF architecture, sockmap implementation, and performance improvements in this comprehensive exploration of service mesh acceleration techniques.
Syllabus
Intro
Istio Architecture
Agenda
Pod Initialization
Iptables Rules
Traffic hijacking
Envoy VirtualOutbound
What is eBPF?
Cilium
eBPF Architecture
eBPF Hello World
TCP Inbound
eBPF Map
Smart DNS Proxying
UDP Outbound
Sockmap
eBPF Prog
Duplicate Sock Key
Linux kernel Patch
Deploy
Performance
Taught by
CNCF [Cloud Native Computing Foundation]
Related Courses
Analyzing Postgres Performance Problems Using Perf and eBPFMicrosoft via YouTube Citus Con - An Event for Postgres - Americas Livestream
Microsoft via YouTube EBPF - The Next Power Tool of SREs
USENIX via YouTube Kernel Tracing With EBPF
media.ccc.de via YouTube Building Observability for 99% Developers
Docker via YouTube