Explore Our New eCHO Playlist Library
July 01st, 2025
Author: Donia Chaiehloudj, Isovalent@Cisco
eCHO (“eBPF & Cilium Office Hours”) is our weekly live-stream where maintainers, users, and special guests pull back the curtain on all things Cilium, eBPF, Hubble, and Tetragon. Since episode #1 we’ve:
- Shipped 180 + sessions ranging from five-minute demos to full architecture deep-dives
- Answered live YouTube questions in real time
- Captured every recording so you can binge-watch at your own pace.
To make the library easier to navigate we’ve created theme-based playlist - think of them as fast-track learning paths. Pick a topic, hit play, and work through the sessions in any order that fits your day. In total you’ll find 16 playlists, grouped into six themes that mirror the Cilium journey: Cilium in Production (installs and upgrades), Networking for Kubernetes (policies and datapath), Runtime Security (Tetragon), Mesh Networking (service and cluster mesh), Gateway-API & Traffic Management, All Things eBPF (development and observability), and Ecosystem & Community (releases, conferences, culture).
🚀 Cilium in Production
Running Cilium in a home lab is fun, but running it in anger across EKS, bare-metal, and on-prem clusters requires repeatable workflows and a few battle-tested tricks. The Cilium in Production playlist condenses those lessons into one place.
What you’ll learn
- Choosing (and changing) data-plane modes on managed Kubernetes (EKS, AKS, GKE).
- Safe blue/green upgrades with Helm and Pulumi.
- Debugging the odd corner cases on OpenShift, vSphere, or air-gapped bare metal.
- Real-world migration stories from Calico, Flannel, and others.
More resources
- Hands-on lab: Install Cilium on EKS – spin up a sandbox in minutes.
- Book: Cilium Up and Running
🌐 Networking for Kubernetes
Kubernetes ships with an “allow-all” networking and leaves the policy enforcement and performance tuning to your CNI. The Networking for Kubernetes playlist tackles everything from writing first NetworkPolicy to packet-level performance tuning.
What you’ll learn
- Writing a default-deny policy and graduating to L7 HTTP and DNS rules.
- Following a single packet through XDP, tc, and the eBPF conntracker (“Life of a Packet”).
- Benchmarking NodePort vs Maglev vs BGP mode and knowing when to switch.
- Pros and cons of popular CNIs and why teams migrate to Cilium.
More resources
- Hands-on lab: Isovalent Enterprise for Cilium: Network Policies
- eBook: Kubernetes Networking and Cilium for the Network Engineer
🔀 Mesh Networking
From in-cluster L7 routing to cross-cluster fail-over, Cilium delivers mesh traffic without sidecars or iptables overhead. The two playlists below cover both layers: one for the Service Mesh inside a cluster, and one for Cluster Mesh that stretches services across clusters.
What you’ll learn
- Stretching services across clusters with ClusterMesh fail-over.
- Integrating Envoy, and Gateway API without iptables overhead.
More resources
- Hands-on lab: Cilium Cluster Mesh Lab, Cilium Gateway API
- Blog post: Cilium Mesh - One Mesh to Connect Them All
🔒 Runtime Security with Tetragon
Need process-level enforcement and instant CVE detection? The Tetragon playlist shows how eBPF can hook every execve,
file write, and socket call before turning them into actionable policies.
What you’ll learn
- Building allow/deny rules at PID and binary granularity.
- Detecting supply-chain attacks (e.g. XZ Utils CVE) in real time.
- Capturing least-privilege baselines for production workloads.
More resources
- Hands-on lab: Tetragon Getting Started
- Blog post: Detecting the XZ Utils CVE with Tetragon
- Doc: Quick-start guide — docs.tetragon.io
🐝 All Things eBPF
Whether you’re writing custom programs or just want better observability, these playlists cover the kernel side of life.
What you’ll learn
- eBPF architecture, verifier workflow, and key helper functions.
- Building custom programs and loaders with libbpf.
- End-to-end observability with BPFTrace, Hubble, and continuous profiling.
- Real-world use cases beyond containers like live VM migration by Loophole labs.
More resources
- Hands-on lab: Getting started with eBPF
- Book: Learning eBPF, O'Reilly book by Liz Rice
🎉 Ecosystem & Community
Stay current with release overviews, conference recaps, and behind-the-scenes chats with Cilium maintainers.
What you’ll learn
- Highlights and release notes for every Cilium, Hubble, and Tetragon release.
- Previews and recaps from KubeCon, eBPF Summit and more.
- Contributor AMAs, lightning talks, and behind the scenes culture stories.
More resources
- Blog posts:
👉 How to use this library
- Choose your theme above.
- Start the playlist episode.
- Dive deeper with the linked blog post, hands-on lab, or downloadable eBook.
Recap
| Theme | Playlist | Description |
|---|---|---|
| Cilium in Production | eCHO Recaps: Cilium in the Clouds | Installing and operating Cilium on EKS, AKS and GKE. |
| eCHO Recaps: Deploying Cilium | Helm values, upgrades and CI/CD pipelines for day-2 ops. | |
| eCHO Recaps: Cilium with on-premise clusters | Blue/green roll-outs and war stories from other CNIs (Calico, Flannel). | |
| eCHO Recaps: Migrating to Cilium | Blue/green roll-outs and war stories from other CNIs (Calico, Flannel). | |
| Networking for Kubernetes | eCHO Recaps: Cilium Network Policy | From default-deny to L7 HTTP/DNS rules and policy tracing. |
| eCHO Recaps: Life of a Packet | Step-by-step tour of a packet through the Linux datapath. | |
| eCHO Recaps: CNIs | Comparative dives into Cilium vs Calico, Flannel and more. | |
| Runtime Security | eCHO Recaps: Tetragon | Runtime process security and real-time CVE detection. |
| Mesh Networking | eCHO Recaps: Cilium Cluster Mesh | Multi-cluster service discovery, fail-over and global policies. |
| eCHO Recaps: Cilium Service Mesh | Sidecar-less service-mesh, Envoy filters and transparent mTLS. | |
| All things eBPF | eCHO Recaps: Developing eBPF Applications | Verifier tricks, helper functions and user-space loaders. |
| eCHO Recaps: eBPF-Powered Runtime Observability | Tracing, profiling and flow visibility with Hubble & BPFTrace. | |
| eCHO Recaps: eBPF performance | Measuring, benchmarking, and tuning eBPF programs. | |
| Ecosystem & Community | eCHO Recaps: Releases | What’s new in every Cilium, Hubble and Tetragon release. |
| eCHO Recaps: Conferences | Key take-aways and demos from KubeCon, eBPF Summit and beyond. | |
| eCHO Recaps: Community & Culture | AMAs, contributor spotlights and behind-the-scenes stories. |
📺 See you live!
- Subscribe on YouTube and tap the bell 🔔 for stream reminders.
- Find all the notes for each episode on HackMD.
- Join our Slack Workspace Cilium for between episode chat.
- Submit your episode idea or guest request on GitHub.
Happy watching and happy building with Cilium & eBPF! 🐝
