Bill Mulligan – eBPF Foundation: a decade into cloud native, what did we get right—and what has to change for the next ten years? In this talk, we rewind to the early KubeCon days, trace the evolution from racked servers to Kubernetes, and dive into why centralized control planes struggle at today’s scale. Then we look ahead: distributed intelligence with eBPF, sidecar-less service meshes, smarter observability, and kernel-level security.
If you run clusters, ship microservices, or care about cost/latency/reliability, this is your playbook for the second decade of cloud native.
⏱️ Chapters
00:00 Intro: 10 years of cloud native
00:36 First KubeCon story (Copenhagen) & early Kubernetes pain
01:14 From hardware → virtualization → IaaS/PaaS → cloud native
02:02 Why orchestration mattered: automate the toil
02:40 Wardley Maps primer: evolution from genesis → commodity
03:28 2017 worldview vs reality (serverless, Kubernetes adoption)
04:18 Cloud-native practices: microservices, declarative APIs, loose coupling
05:10 The blind spot: centralized control bottlenecks
06:02 Real-world meltdown: API server, agents, crash loops
07:10 Feedback loops, latency, cost—and eventual consistency limits
08:05 The pivot: distributed intelligence close to the data
08:40 Networking: sidecar-less service mesh with Cilium
09:35 DDoS mitigation at the NIC with eBPF/XDP (why CPU stays calm)
10:20 Load balancing wins: eBPF vs IPVS efficiency
10:52 Observability: cut the bill, keep the signals (kernel-level filters)
11:36 Hubble & fast network debugging (seconds, not days)
12:10 Security: kernel-level enforcement vs SIM round-trips
12:56 Filtering at source to avoid alert floods and self-DoS
13:35 Summary: kernel analysis, early filtering, instant action
14:05 The next map: cloud as commodity, Kubernetes mainstream, eBPF rising
14:56 Prediction: “cloud native” becomes yesterday’s baseline—intelligent infra is next
15:40 Q&A prompt & wrap
What you’ll learn
How we moved from racks to Kubernetes and why orchestration won
Why centralized control strains under scale, latency, and consistency
The rise of eBPF for networking, observability, and runtime security
Sidecar-less service mesh benefits with Cilium
Cost-savvy observability: filter at the kernel, not the SIEM
Kernel-level enforcement to stop attacks instantly
A practical lens (Wardley Maps) to reason about what becomes a commodity next
If you’ve wrestled with API server timeouts, ballooning telemetry bills, or noisy security alerts—this will help you rethink where decisions get made.
🔔 Subscribe for deep-dive Shorts on Kubernetes, eBPF patterns, Cilium tips, and real-world SRE workflows.
💬 What’s your biggest bottleneck today: networking, observability, or security? Comment below and I’ll tackle it in a follow-up.
Информация по комментариям в разработке