Put open source to work
July 16–17, 2018: Training & Tutorials
July 18–19, 2018: Conference
Portland, OR

Kernel advantages for Istio realized with Cilium

Cynthia Thomas (Google), Romain Lenglet (Cilium)
3:40pm4:10pm Tuesday, July 17, 2018
Istio
 Location: B113-114
View slides

Istio brings a myriad of options to provide routing rules, encryption, and monitoring for microservices, typically in container environments. Cilium provides accelerated network security using a modern kernel technology called BPF. Put the two together and what do you get? A distributed security solution enabling microservices traffic management, security, and monitoring while enforcing policy as close to the microservices as possible.

Cynthia Thomas and Romain Lenglet discuss the architectural and performance benefits of using Cilium with Istio and provide a demo of this BPF-based, Linux kernel technology. Cilium provides an API-aware security solution that can make a decision on every single microservice flow, with the ability to enforce protocols such as HTTP, Kafka, and gRPC. By addressing security policy at the API layer, you can enforce policy efficiently with kernel capabilities while reducing the attack surface in a microservices deployment.

Photo of Cynthia Thomas

Cynthia Thomas

Google

Cynthia Thomas is a Networking Specialist at Google Cloud. She has spent 10+ years in the networking industry, most recently with open source cloud and networking solutions. Cynthia has been an advocate of open source technologies while working on cloud-related technologies for the last 5 years. She is a frequent speaker at conferences, including DevOpsDays, DockerCon, Kubernetes meetups, and OpenStack events.

Photo of Romain Lenglet

Romain Lenglet

Cilium

Romain Lenglet is a chief architect at Covalent and a core developer of the Cilium open source project, where he focuses on integration with the Istio service mesh via Envoy proxy. His past work focused on the intersection of distributed systems and networking, architecting large-systems for YouTube at Google, Oracle Cloud at Oracle, and Nicira (acquired by VMware, now VMware NSX). Romain holds a PhD in computer science from the Institut polytechnique de Grenoble and an MBA from Santa Clara University.

Comments on this page are now closed.

Comments

Picture of Cynthia Thomas
Cynthia Thomas | NETWORKING SPECIALIST
07/23/2018 4:13pm PDT

Hi Vinay! Thanks for attending the talk. The slides are posted here: https://www.slideshare.net/techcet/kernel-advantages-for-istio-realized-with-cilium.

We will post another link for the video once it is available in a few weeks.

Vinay Kulkarni | SR. ARCHITECT
07/22/2018 12:52pm PDT

Thanks for the talk last week. Do you have the slides/video from the conference shared somewhere that I can access and review more closely?