Lightning Talk #1: How to build a Service Mesh without Sidecars using eBPF & Cilium - Thomas Graf, IsovalenteBPF is a powerful Linux kernel technology that is used in several CNCF projects to provide faster networking, new security applications, and deeper observability. In this talk, we explore how eBPF, using the Cilium project, allows you to build a service mesh entirely without sidecars while still relying on proven Envoy proxy technology. We will look at how moving service mesh functionality into the kernel using eBPF leads to massive performance gains and simplification of the overall model while remaining compatible with existing control planes. Service mesh will become invisible at the kernel level similar to how namespaces, the foundation of containers, are invisible today. The sidecar-free model unlocks a simpler architecture, performance gains, scalability advantages, and even more transparency to applications. Together, we will look at the new architecture, compare performance numbers, and run through a demo.
Lightning Talk #2:Clearing the confusion about eBPF and service mesh - Yuval Kohavi, Solo.ioeBPF is an exciting technology that allows developers to extend the capabilities of the Linux Kernel without modifying the Kernel itself. Getting access to powerful Kernel capabilities can be extremely powerful, especially in networking, but what is the responsibility of this layer when it comes to service mesh? In this talk we discuss the importance of separation of layers, where eBPF fits for service mesh (and where it doesn't), and how to best optimize the service mesh architecture and experience for the real problems users have: security, observability, flexible policy enforcement, and overall traffic management.
Click here to view captioning/translation in the MeetingPlay platform!