Envoy Mesh Acceleration: From Iptables to Fully BPF
Offered By: CNCF [Cloud Native Computing Foundation] via YouTube
Course Description
Overview
Explore Envoy mesh acceleration techniques in this conference talk that transitions from iptables to fully BPF-based solutions. Delve into the challenges of transparent traffic hijacking and its impact on system performance. Examine current solutions, including Cilium and lightweight approaches, and understand how iptables redirections affect sockmap match results for inbound and outbound traffic. Discover a novel iptables-free solution that utilizes eBPF for traffic direction, provides transparent outbound traffic redirection, and offers an integrated control plane for Daemonset deployment. Learn about eBPF architecture, sockmap implementation, and performance improvements in this comprehensive exploration of service mesh acceleration techniques.
Syllabus
Intro
Istio Architecture
Agenda
Pod Initialization
Iptables Rules
Traffic hijacking
Envoy VirtualOutbound
What is eBPF?
Cilium
eBPF Architecture
eBPF Hello World
TCP Inbound
eBPF Map
Smart DNS Proxying
UDP Outbound
Sockmap
eBPF Prog
Duplicate Sock Key
Linux kernel Patch
Deploy
Performance
Taught by
CNCF [Cloud Native Computing Foundation]
Related Courses
Kubernetes: MicroservicesLinkedIn Learning Kubernetes: Microservices
LinkedIn Learning Sidecar Proxy Pros and Cons - Explained by Example
Hussein Nasser via YouTube What Is Service Mesh and How to Get Started With It - Mirantis Labs Tech Talks
Mirantis via YouTube Understanding Microservices with Distributed Tracing
Strange Loop Conference via YouTube