Challenges with the traditional network stack Packet flow in the kernel with XDP The mechanics of XDP programs How to build a simple XDP program Conclusion References

Introduced me to Lima (Lima: Linux virtual machines (on macOS, in most cases))

Great post overviewing BPF and some programming advice for it.

eBPF is a power horse you don't really need to care about (unless you want to)

Built with eBPF & OpenTelemetry - Applications are instrumented using well-known, battle-tested open source observability technologies

[https://github.com/Gui774ume/krie](https://github.com/Gui774ume/krie) > KRIe is a research project that aims to detect Linux Kernel exploits with eBPF. KRIe is far from being a bulletproof strategy: from eBPF related limitations to post exploitation detections that might rely on a compromised kernel to emit security events, it is clear that a motivated attacker will eventually be able to bypass it. That being said, the goal of the project is to make attackers' lives harder and ultimately prevent out-of-the-box exploits from working on a vulnerable kernel.

Another kubernetes observability tool ;)

Rather deep talk

Nice overview of eBPF

Very nice summary about eBPF.

Catching up with eBPF events

Some eBPF promo if you are still not convinced ;)

The screenshots speak for themselves, but the key take away for us was, L4LB XDP at the driver layer with a majority of HTTP traffic (~90% of our traffic is HTTP requests) saves us an unbelievable amount of CPUs needed to handle our production traffic.

A take on eBPF, but what I have found mostly interesting is host proxies vs sidecars

nifty tool

This is a video that really got me looking into bpf more deeply