Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
KCD Lima: eBee in Peru!
Search
Liz Rice
July 23, 2025
Technology
0
130
KCD Lima: eBee in Peru!
Drawing parallels between eBPF/Cloud Native and Inca technologies
Liz Rice
July 23, 2025
Tweet
Share
More Decks by Liz Rice
See All by Liz Rice
Unleashing the kernel with eBPF
lizrice
0
230
eBPF's Abilities and Limitations: The Truth
lizrice
0
410
Simplifying multi-cloud and multi-cluster Kubernetes deployments with Cilium
lizrice
0
220
When is a Secure Connection not encrypted? And other stories
lizrice
1
89
Keeping it simple: Cilium Mesh - networking for multi-cloud Kubernetes and beyond
lizrice
1
670
How Many Proxies Do You Need
lizrice
1
150
eBPF for Security Observability
lizrice
0
1.4k
Beginner's Guide to eBPF Programming for Networking
lizrice
1
2.5k
Contributing to Open Source - what's in it for my business?
lizrice
0
66
Other Decks in Technology
See All in Technology
AIに目を奪われすぎて、周りの困っている人間が見えなくなっていませんか?
cap120
1
620
専門分化が進む分業下でもユーザーが本当に欲しかったものを追求するプロダクトマネジメント/Focus on real user needs despite deep specialization and division of labor
moriyuya
1
1.3k
相互運用可能な学修歴クレデンシャルに向けた標準技術と国際動向
fujie
0
250
UDDのススメ - 拡張版 -
maguroalternative
1
520
猫でもわかるQ_CLI(CDK開発編)+ちょっとだけKiro
kentapapa
0
3.5k
AIに頼りすぎない新人育成術
cuebic9bic
3
300
Instant Apps Eulogy
cyrilmottier
1
110
S3 Glacier のデータを Athena からクエリしようとしたらどうなるのか/try-to-query-s3-glacier-from-athena
emiki
0
220
マルチプロダクト×マルチテナントを支えるモジュラモノリスを中心としたアソビューのアーキテクチャ
disc99
1
520
Backlog AI アシスタントが切り開く未来
vvatanabe
1
130
AIエージェントを現場で使う / 2025.08.07 著者陣に聞く!現場で活用するためのAIエージェント実践入門(Findyランチセッション)
smiyawaki0820
6
1k
家族の思い出を形にする 〜 1秒動画の生成を支えるインフラアーキテクチャ
ojima_h
3
1.1k
Featured
See All Featured
[RailsConf 2023 Opening Keynote] The Magic of Rails
eileencodes
29
9.6k
XXLCSS - How to scale CSS and keep your sanity
sugarenia
248
1.3M
How To Stay Up To Date on Web Technology
chriscoyier
790
250k
It's Worth the Effort
3n
185
28k
Sharpening the Axe: The Primacy of Toolmaking
bcantrill
44
2.4k
Docker and Python
trallard
45
3.5k
Testing 201, or: Great Expectations
jmmastey
45
7.6k
The Power of CSS Pseudo Elements
geoffreycrofte
77
5.9k
Scaling GitHub
holman
461
140k
Why Our Code Smells
bkeepers
PRO
337
57k
No one is an island. Learnings from fostering a developers community.
thoeni
21
3.4k
Making Projects Easy
brettharned
117
6.3k
Transcript
Liz Rice eBee in Peru! Chief Open Source Officer, Isovalent
at Cisco
¡Hola! Me llamo Liz 👋 • Open source and community
at Isovalent, now part of Cisco • Author Learning eBPF & Container Security • Formerly CNCF Governing Board, chair of Technical Oversight Committee • Early career writing network protocol code
This is eBee
What is ? Makes the kernel programmable
userspace kernel app event eBPF program system calls - run
custom code in the kernel
userspace kernel app eBPF program eBPF Verifier system calls -
safely run custom code in the kernel 🔍
Photo: Smishra1 CC BYSA 4.0 One day in July 2024
✅ Open Source, many contributors ✅ Field-hardened The verifier is
software too Much reduced chance of a kernel crash
Like Inca walls, eBPF is Robust Good for security Takes
skill to build
Incas built incredible things together Ayni - reciprocal work Mita
- required work on state projects Minka - work for the benefit of the community
Sometimes Incas had to make bug fixes
Incas upgraded to avoid vulnerabilities Rebuilding rope bridges every year
Photo by Marcos Venteo:
eBPF is the foundation for powerful Cloud Native tools for
networking, observability and security
Chasquis - messenger runners Fit and trained to run long
distances Relay system - up to 300km / day Incas had networking
Controls on people and goods as they passed through checkpoints
Incas had network policies
Incas had encrypted data traffic Quipus - knotted strings
Incas had observability hubble Observation points high up
Incas had security Walls Narrow staircases Gates with doors Armed
guards
Did the Incas have Tetragon?
apiVersion: cilium.io/v1alpha1 kind: TracingPolicy metadata: name: "inca" spec: kprobes: -
call: "security_file_permission" ... selectors: - matchArgs: - index: 0 operator: "Equal" values: - "/lost_city_of_inca.txt" matchActions: - action: Sigkill 🚀 process 021c177557f5 /usr/bin/cat /lost_city_of_inca.txt 📚 read 021c177557f5 /usr/bin/cat /lost_city_of_inca.txt 💥 exit 021c177557f5 /usr/bin/cat /lost_city_of_inca.txt SIGKILL Did the Incas have Tetragon?
Muchas gracias! ebpf.io cilium.io tetragon.io isovalent.com/labs
None
lizrice
cap120
moriyuya
fujie
maguroalternative
kentapapa
cuebic9bic
cyrilmottier
emiki
disc99
vvatanabe
smiyawaki0820
ojima_h
eileencodes
sugarenia
chriscoyier
3n
bcantrill
trallard
jmmastey
geoffreycrofte
holman
bkeepers
thoeni
brettharned
