Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
KCD Lima: eBee in Peru!
Search
Liz Rice
July 23, 2025
Technology
0
150
KCD Lima: eBee in Peru!
Drawing parallels between eBPF/Cloud Native and Inca technologies
Liz Rice
July 23, 2025
Tweet
Share
More Decks by Liz Rice
See All by Liz Rice
Unleashing the kernel with eBPF
lizrice
0
250
eBPF's Abilities and Limitations: The Truth
lizrice
0
430
Simplifying multi-cloud and multi-cluster Kubernetes deployments with Cilium
lizrice
0
230
When is a Secure Connection not encrypted? And other stories
lizrice
1
91
Keeping it simple: Cilium Mesh - networking for multi-cloud Kubernetes and beyond
lizrice
1
690
How Many Proxies Do You Need
lizrice
1
160
eBPF for Security Observability
lizrice
0
1.4k
Beginner's Guide to eBPF Programming for Networking
lizrice
1
2.5k
Contributing to Open Source - what's in it for my business?
lizrice
0
72
Other Decks in Technology
See All in Technology
【Kaigi on Rails 事後勉強会LT】MeはどうしてGirlsに? 私とRubyを繋いだRail(s)
joyfrommasara
0
280
防災デジタル分野での官民共創の取り組み (2)DIT/CCとD-CERTについて
ditccsugii
0
310
20251007: What happens when multi-agent systems become larger? (CyberAgent, Inc)
ornew
1
330
物体検出モデルでシイタケの収穫時期を自動判定してみた。 #devio2025
lamaglama39
0
230
AWS Top Engineer、浮いてませんか? / As an AWS Top Engineer, Are You Out of Place?
yuj1osm
2
220
これがLambdaレス時代のChatOpsだ!実例で学ぶAmazon Q Developerカスタムアクション活用法
iwamot
PRO
8
1.1k
能登半島地震で見えた災害対応の課題と組織変革の重要性
ditccsugii
0
1k
RDS の負荷が高い場合に AWS で取りうる具体策 N 連発/a-series-of-specific-countermeasures-available-on-aws-when-rds-is-under-high-load
emiki
7
3.9k
初めてのDatabricks Apps開発
taka_aki
1
120
[Codex Meetup Japan #1] Codex-Powered Mobile Apps Development
korodroid
2
970
速習AGENTS.md:5分で精度を上げる "3ブロック" テンプレ
ismk
6
1.8k
カンファレンスに託児サポートがあるということ / Having Childcare Support at Conferences
nobu09
1
600
Featured
See All Featured
Statistics for Hackers
jakevdp
799
220k
What’s in a name? Adding method to the madness
productmarketing
PRO
24
3.7k
Connecting the Dots Between Site Speed, User Experience & Your Business [WebExpo 2025]
tammyeverts
10
600
実際に使うSQLの書き方 徹底解説 / pgcon21j-tutorial
soudai
PRO
190
55k
CSS Pre-Processors: Stylus, Less & Sass
bermonpainter
359
30k
Balancing Empowerment & Direction
lara
5
690
Evolution of real-time – Irina Nazarova, EuRuKo, 2024
irinanazarova
9
980
Put a Button on it: Removing Barriers to Going Fast.
kastner
60
4k
XXLCSS - How to scale CSS and keep your sanity
sugarenia
248
1.3M
Dealing with People You Can't Stand - Big Design 2015
cassininazir
367
27k
Intergalactic Javascript Robots from Outer Space
tanoku
273
27k
Building Applications with DynamoDB
mza
96
6.7k
Transcript
Liz Rice eBee in Peru! Chief Open Source Officer, Isovalent
at Cisco
¡Hola! Me llamo Liz 👋 • Open source and community
at Isovalent, now part of Cisco • Author Learning eBPF & Container Security • Formerly CNCF Governing Board, chair of Technical Oversight Committee • Early career writing network protocol code
This is eBee
What is ? Makes the kernel programmable
userspace kernel app event eBPF program system calls - run
custom code in the kernel
userspace kernel app eBPF program eBPF Verifier system calls -
safely run custom code in the kernel 🔍
Photo: Smishra1 CC BYSA 4.0 One day in July 2024
✅ Open Source, many contributors ✅ Field-hardened The verifier is
software too Much reduced chance of a kernel crash
Like Inca walls, eBPF is Robust Good for security Takes
skill to build
Incas built incredible things together Ayni - reciprocal work Mita
- required work on state projects Minka - work for the benefit of the community
Sometimes Incas had to make bug fixes
Incas upgraded to avoid vulnerabilities Rebuilding rope bridges every year
Photo by Marcos Venteo:
eBPF is the foundation for powerful Cloud Native tools for
networking, observability and security
Chasquis - messenger runners Fit and trained to run long
distances Relay system - up to 300km / day Incas had networking
Controls on people and goods as they passed through checkpoints
Incas had network policies
Incas had encrypted data traffic Quipus - knotted strings
Incas had observability hubble Observation points high up
Incas had security Walls Narrow staircases Gates with doors Armed
guards
Did the Incas have Tetragon?
apiVersion: cilium.io/v1alpha1 kind: TracingPolicy metadata: name: "inca" spec: kprobes: -
call: "security_file_permission" ... selectors: - matchArgs: - index: 0 operator: "Equal" values: - "/lost_city_of_inca.txt" matchActions: - action: Sigkill 🚀 process 021c177557f5 /usr/bin/cat /lost_city_of_inca.txt 📚 read 021c177557f5 /usr/bin/cat /lost_city_of_inca.txt 💥 exit 021c177557f5 /usr/bin/cat /lost_city_of_inca.txt SIGKILL Did the Incas have Tetragon?
Muchas gracias! ebpf.io cilium.io tetragon.io isovalent.com/labs
None
lizrice
joyfrommasara
ditccsugii
ornew
.jpg){kind=avatar}
lamaglama39
yuj1osm
iwamot
emiki
taka_aki
korodroid
ismk
nobu09
jakevdp
productmarketing
tammyeverts
soudai
bermonpainter
lara
irinanazarova
kastner
sugarenia
cassininazir
tanoku
mza
