eBPF has unlocked new levels of performance and scalability for container networking. Cilium has leveraged eBPF to implement a plethora of network policy features. Kubernetes scalability has been improving with every new release, and clusters with 5k+ nodes are increasingly common. Cilium’s policy framework needs to scale for hundreds of thousands of pods, all while dealing with complex scenarios like high pod churn environments.

In this talk, Cilium maintainers will share some lessons learnt from years of programming kubernetes abstractions directly into the kernel space using eBPF. You’ll learn about how cilium efficiently intercepts traffic for enforcement both at L4 and L7, tricks used by cilium to minimize CPU overhead on each node, and some design decisions that have been instrumental in squeezing high performance out of the kernel regardless of the number of pods. Finally, we’ll discuss strategies you can follow to improve debuggability of eBPF based networking datapaths.