Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
KCD Lima: eBee in Peru!
Search
Liz Rice
July 23, 2025
Technology
0
150
KCD Lima: eBee in Peru!
Drawing parallels between eBPF/Cloud Native and Inca technologies
Liz Rice
July 23, 2025
Tweet
Share
More Decks by Liz Rice
See All by Liz Rice
Building a cloud native business on open source
lizrice
0
190
Unleashing the kernel with eBPF
lizrice
0
270
eBPF's Abilities and Limitations: The Truth
lizrice
0
430
Simplifying multi-cloud and multi-cluster Kubernetes deployments with Cilium
lizrice
0
230
When is a Secure Connection not encrypted? And other stories
lizrice
1
92
Keeping it simple: Cilium Mesh - networking for multi-cloud Kubernetes and beyond
lizrice
1
700
How Many Proxies Do You Need
lizrice
1
160
eBPF for Security Observability
lizrice
0
1.4k
Beginner's Guide to eBPF Programming for Networking
lizrice
1
2.5k
Other Decks in Technology
See All in Technology
NLPコロキウム20251022_超効率化への挑戦: LLM 1bit量子化のロードマップ
yumaichikawa
3
520
SCONE - 動画配信の帯域を最適化する新プロトコル
kazuho
1
390
AI時代の開発を加速する組織づくり - ブログでは書けなかったリアル
hiro8ma
2
320
webpack依存からの脱却!快適フロントエンド開発をViteで実現する #vuefes
bengo4com
4
3.5k
クラウドとリアルの融合により、製造業はどう変わるのか?〜クラスメソッドの製造業への取組と共に〜
hamadakoji
0
440
OTEPsで知るOpenTelemetryの未来 / Observability Conference Tokyo 2025
arthur1
0
270
【SORACOM UG Explorer 2025】さらなる10年へ ~ SORACOM MVC 発表
soracom
PRO
0
150
AI時代におけるデータの重要性 ~データマネジメントの第一歩~
ryoichi_ota
0
720
DSPy入門
tomehirata
1
190
会社を支える Pythonという言語戦略 ~なぜPythonを主要言語にしているのか?~
curekoshimizu
3
840
AI AgentをLangflowでサクッと作って、1日働かせてみた!
yano13
1
160
オブザーバビリティと育てた ID管理・認証認可基盤の歩み / The Journey of an ID Management, Authentication, and Authorization Platform Nurtured with Observability
kaminashi
1
740
Featured
See All Featured
Building Applications with DynamoDB
mza
96
6.7k
Done Done
chrislema
185
16k
Responsive Adventures: Dirty Tricks From The Dark Corners of Front-End
smashingmag
253
22k
"I'm Feeling Lucky" - Building Great Search Experiences for Today's Users (#IAC19)
danielanewman
230
22k
Principles of Awesome APIs and How to Build Them.
keavy
127
17k
A better future with KSS
kneath
239
18k
StorybookのUI Testing Handbookを読んだ
zakiyama
31
6.2k
10 Git Anti Patterns You Should be Aware of
lemiorhan
PRO
658
61k
A Tale of Four Properties
chriscoyier
161
23k
Rails Girls Zürich Keynote
gr2m
95
14k
The Success of Rails: Ensuring Growth for the Next 100 Years
eileencodes
46
7.7k
jQuery: Nuts, Bolts and Bling
dougneiner
65
7.9k
Transcript
Liz Rice eBee in Peru! Chief Open Source Officer, Isovalent
at Cisco
¡Hola! Me llamo Liz 👋 • Open source and community
at Isovalent, now part of Cisco • Author Learning eBPF & Container Security • Formerly CNCF Governing Board, chair of Technical Oversight Committee • Early career writing network protocol code
This is eBee
What is ? Makes the kernel programmable
userspace kernel app event eBPF program system calls - run
custom code in the kernel
userspace kernel app eBPF program eBPF Verifier system calls -
safely run custom code in the kernel 🔍
Photo: Smishra1 CC BYSA 4.0 One day in July 2024
✅ Open Source, many contributors ✅ Field-hardened The verifier is
software too Much reduced chance of a kernel crash
Like Inca walls, eBPF is Robust Good for security Takes
skill to build
Incas built incredible things together Ayni - reciprocal work Mita
- required work on state projects Minka - work for the benefit of the community
Sometimes Incas had to make bug fixes
Incas upgraded to avoid vulnerabilities Rebuilding rope bridges every year
Photo by Marcos Venteo:
eBPF is the foundation for powerful Cloud Native tools for
networking, observability and security
Chasquis - messenger runners Fit and trained to run long
distances Relay system - up to 300km / day Incas had networking
Controls on people and goods as they passed through checkpoints
Incas had network policies
Incas had encrypted data traffic Quipus - knotted strings
Incas had observability hubble Observation points high up
Incas had security Walls Narrow staircases Gates with doors Armed
guards
Did the Incas have Tetragon?
apiVersion: cilium.io/v1alpha1 kind: TracingPolicy metadata: name: "inca" spec: kprobes: -
call: "security_file_permission" ... selectors: - matchArgs: - index: 0 operator: "Equal" values: - "/lost_city_of_inca.txt" matchActions: - action: Sigkill 🚀 process 021c177557f5 /usr/bin/cat /lost_city_of_inca.txt 📚 read 021c177557f5 /usr/bin/cat /lost_city_of_inca.txt 💥 exit 021c177557f5 /usr/bin/cat /lost_city_of_inca.txt SIGKILL Did the Incas have Tetragon?
Muchas gracias! ebpf.io cilium.io tetragon.io isovalent.com/labs
None