Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
KCD Lima: eBee in Peru!
Search
Liz Rice
July 23, 2025
Technology
200
0
Share
KCD Lima: eBee in Peru!
Drawing parallels between eBPF/Cloud Native and Inca technologies
Liz Rice
July 23, 2025
More Decks by Liz Rice
See All by Liz Rice
Building a cloud native business on open source
lizrice
0
240
Unleashing the kernel with eBPF
lizrice
0
340
eBPF's Abilities and Limitations: The Truth
lizrice
0
490
Simplifying multi-cloud and multi-cluster Kubernetes deployments with Cilium
lizrice
0
260
When is a Secure Connection not encrypted? And other stories
lizrice
1
120
Keeping it simple: Cilium Mesh - networking for multi-cloud Kubernetes and beyond
lizrice
1
760
How Many Proxies Do You Need
lizrice
1
180
eBPF for Security Observability
lizrice
0
1.6k
Beginner's Guide to eBPF Programming for Networking
lizrice
1
2.6k
Other Decks in Technology
See All in Technology
OCI技術資料 : ロード・バランサ 概要 - FLB・NLB共通
ocise
4
28k
【関西電力KOI×VOLTMIND 生成AIハッカソン】空間AIブレイン ~⼤阪おばちゃんフィジカルAIに続く道~
tanakaseiya
0
180
最大のアウトプット術は問題を作ること
ryoaccount
0
320
あるアーキテクチャ決定と その結果/architecture-decision-and-its-result
hanhan1978
2
540
AI前提とはどういうことか
daisuketakeda
0
150
スクラムを支える内部品質の話
iij_pr
0
320
ZOZOTOWNリプレイスでのSkills導入までの流れとこれから
zozotech
PRO
4
3.1k
Zero Data Loss Autonomous Recovery Service サービス概要
oracle4engineer
PRO
4
13k
解剖"React Native"
hacusk
0
120
Cortex Code君、今日から内製化支援担当ね。
coco_se
0
300
Babylon.js Japan Activities (2026/4)
limes2018
0
190
Databricks Lakebaseを用いたAIエージェント連携
daiki_akimoto_nttd
0
170
Featured
See All Featured
Paper Plane
katiecoart
PRO
1
49k
Navigating the Design Leadership Dip - Product Design Week Design Leaders+ Conference 2024
apolaine
0
260
Applied NLP in the Age of Generative AI
inesmontani
PRO
4
2.2k
Navigating Team Friction
lara
192
16k
A Modern Web Designer's Workflow
chriscoyier
698
190k
Improving Core Web Vitals using Speculation Rules API
sergeychernyshev
21
1.4k
Statistics for Hackers
jakevdp
799
230k
Save Time (by Creating Custom Rails Generators)
garrettdimon
PRO
32
2.7k
Believing is Seeing
oripsolob
1
110
Creating an realtime collaboration tool: Agile Flush - .NET Oxford
marcduiker
35
2.4k
Practical Orchestrator
shlominoach
191
11k
職位にかかわらず全員がリーダーシップを発揮するチーム作り / Building a team where everyone can demonstrate leadership regardless of position
madoxten
62
53k
Transcript
Liz Rice eBee in Peru! Chief Open Source Officer, Isovalent
at Cisco
¡Hola! Me llamo Liz 👋 • Open source and community
at Isovalent, now part of Cisco • Author Learning eBPF & Container Security • Formerly CNCF Governing Board, chair of Technical Oversight Committee • Early career writing network protocol code
This is eBee
What is ? Makes the kernel programmable
userspace kernel app event eBPF program system calls - run
custom code in the kernel
userspace kernel app eBPF program eBPF Verifier system calls -
safely run custom code in the kernel 🔍
Photo: Smishra1 CC BYSA 4.0 One day in July 2024
✅ Open Source, many contributors ✅ Field-hardened The verifier is
software too Much reduced chance of a kernel crash
Like Inca walls, eBPF is Robust Good for security Takes
skill to build
Incas built incredible things together Ayni - reciprocal work Mita
- required work on state projects Minka - work for the benefit of the community
Sometimes Incas had to make bug fixes
Incas upgraded to avoid vulnerabilities Rebuilding rope bridges every year
Photo by Marcos Venteo:
eBPF is the foundation for powerful Cloud Native tools for
networking, observability and security
Chasquis - messenger runners Fit and trained to run long
distances Relay system - up to 300km / day Incas had networking
Controls on people and goods as they passed through checkpoints
Incas had network policies
Incas had encrypted data traffic Quipus - knotted strings
Incas had observability hubble Observation points high up
Incas had security Walls Narrow staircases Gates with doors Armed
guards
Did the Incas have Tetragon?
apiVersion: cilium.io/v1alpha1 kind: TracingPolicy metadata: name: "inca" spec: kprobes: -
call: "security_file_permission" ... selectors: - matchArgs: - index: 0 operator: "Equal" values: - "/lost_city_of_inca.txt" matchActions: - action: Sigkill 🚀 process 021c177557f5 /usr/bin/cat /lost_city_of_inca.txt 📚 read 021c177557f5 /usr/bin/cat /lost_city_of_inca.txt 💥 exit 021c177557f5 /usr/bin/cat /lost_city_of_inca.txt SIGKILL Did the Incas have Tetragon?
Muchas gracias! ebpf.io cilium.io tetragon.io isovalent.com/labs
None
lizrice
ocise
tanakaseiya
ryoaccount
hanhan1978
daisuketakeda
iij_pr
zozotech
oracle4engineer
hacusk
coco_se
limes2018
daiki_akimoto_nttd
katiecoart
apolaine
inesmontani
lara
chriscoyier
sergeychernyshev
jakevdp
garrettdimon
oripsolob
marcduiker
shlominoach
madoxten
