Networking, observability, and security for Kubernetes and container networks involve substantial processing overhead. eBPF promises more efficiency, visibility, and control.
“No man is an island,” wrote John Donne. But containers certainly are. They are created as islands in and of themselves, packaged with all they need to operate independently—code, dependencies, and runtime. This autonomy is great for security but not so great for networking.
Just as a person needs community, distributed workloads depend on connections between containers to function as a whole. “In the world of distributed computing, everything goes over the network, making it the critical component for applications to work and work together,” says Bill Mulligan, head of community at Isovalent, the company behind Cilium, an open-source project that provides networking software for Kubernetes and other cloud-native environments.
However, containers have historically required virtual networking to connect workloads, relying on networks composed of software-based network adapters, switches, firewalls, load balancers, etc. that lacked in efficiency, usability, and programmability. For once, the answer is not to abstract—as virtual networks had abstracted from physical networks—but to step down a level deeper into the stack.
Explore emtech 360 for the latest advancements in Information Technology & insightful updates from industry experts!
Source : https://www.infoworld.com/article/3830687/how-ebpf-is-changing-container-networking.html
