Kubernetes Network Policy Enforcement in XDP without IP Translation
Offered By: Linux Foundation via YouTube
Course Description
Overview
Explore Kubernetes network policy enforcement using XDP without IP translation in this conference talk by Hong Chang and Xiaoning Ding. Delve into the intricacies of Kubernetes networking, network policies, and policy enforcement techniques. Learn about IP-based and label-based policy approaches, examining their pros, cons, and limitations. Discover how to generate data, implement policy bitmaps, and utilize eBPF for efficient policy enforcement. Gain insights into traffic instrumentation and judgment methods for label-based policies. Conclude with a brief overview of additional technical details to enhance your understanding of advanced Kubernetes networking concepts.
Syllabus
Intro
Kubernetes Networking
Network Policies
Policy Enforcement By IPTables
Generate Data - IP based
Policy Bitmap
eBPF Data and Algorithm (Example)
IP Based Policy: Pros and Cons
Label Based Policy: Brief
Label Based Policy: Understand Data
Label Based Policy: Traffic Instrument
Label Based Policy: Traffic Judgement
Label Based Policy: Benefits and Limitation
A Glance of some Details
Taught by
Linux Foundation
Tags
Related Courses
Unimog - The Cloudflare Kernel Layer 4 Load BalancerHussein Nasser via YouTube Containers at Facebook - Advanced Linux, Btrfs, and Systemd Implementation
ChariotSolutions via YouTube Cilium - Kernel Native Security and DDOS Mitigation for Microservices with BPF
Docker via YouTube XDP/BPF in RDMA - RXE Implementation
Linux Foundation via YouTube XDP Metadata for TX
Linux Foundation via YouTube