Join us KubeCon NA and CiliumCon 2025
Jul 01, 2025

Explore Our New eCHO Playlist Library

cover

July 01st, 2025

Author: Donia Chaiehloudj, Isovalent@Cisco

eCHO (“eBPF & Cilium Office Hours”) is our weekly live-stream where maintainers, users, and special guests pull back the curtain on all things Cilium, eBPF, Hubble, and Tetragon. Since episode #1 we’ve:

  • Shipped 180 + sessions ranging from five-minute demos to full architecture deep-dives
  • Answered live YouTube questions in real time
  • Captured every recording so you can binge-watch at your own pace.

To make the library easier to navigate we’ve created theme-based playlist - think of them as fast-track learning paths. Pick a topic, hit play, and work through the sessions in any order that fits your day. In total you’ll find 16 playlists, grouped into six themes that mirror the Cilium journey: Cilium in Production (installs and upgrades), Networking for Kubernetes (policies and datapath), Runtime Security (Tetragon), Mesh Networking (service and cluster mesh), Gateway-API & Traffic Management, All Things eBPF (development and observability), and Ecosystem & Community (releases, conferences, culture).

🚀 Cilium in Production

Running Cilium in a home lab is fun, but running it in anger across EKS, bare-metal, and on-prem clusters requires repeatable workflows and a few battle-tested tricks. The Cilium in Production playlist condenses those lessons into one place.

What you’ll learn

  • Choosing (and changing) data-plane modes on managed Kubernetes (EKS, AKS, GKE).
  • Safe blue/green upgrades with Helm and Pulumi.
  • Debugging the odd corner cases on OpenShift, vSphere, or air-gapped bare metal.
  • Real-world migration stories from Calico, Flannel, and others.

More resources

🌐 Networking for Kubernetes

Kubernetes ships with an “allow-all” networking and leaves the policy enforcement and performance tuning to your CNI. The Networking for Kubernetes playlist tackles everything from writing first NetworkPolicy to packet-level performance tuning.

What you’ll learn

  • Writing a default-deny policy and graduating to L7 HTTP and DNS rules.
  • Following a single packet through XDP, tc, and the eBPF conntracker (“Life of a Packet”).
  • Benchmarking NodePort vs Maglev vs BGP mode and knowing when to switch.
  • Pros and cons of popular CNIs and why teams migrate to Cilium.

More resources

🔀 Mesh Networking

From in-cluster L7 routing to cross-cluster fail-over, Cilium delivers mesh traffic without sidecars or iptables overhead. The two playlists below cover both layers: one for the Service Mesh inside a cluster, and one for Cluster Mesh that stretches services across clusters.

What you’ll learn

  • Stretching services across clusters with ClusterMesh fail-over.
  • Integrating Envoy, and Gateway API without iptables overhead.

More resources

🔒 Runtime Security with Tetragon

Need process-level enforcement and instant CVE detection? The Tetragon playlist shows how eBPF can hook every execve, file write, and socket call before turning them into actionable policies.

What you’ll learn

  • Building allow/deny rules at PID and binary granularity.
  • Detecting supply-chain attacks (e.g. XZ Utils CVE) in real time.
  • Capturing least-privilege baselines for production workloads.

More resources

🐝 All Things eBPF

Whether you’re writing custom programs or just want better observability, these playlists cover the kernel side of life.

What you’ll learn

  • eBPF architecture, verifier workflow, and key helper functions.
  • Building custom programs and loaders with libbpf.
  • End-to-end observability with BPFTrace, Hubble, and continuous profiling.
  • Real-world use cases beyond containers like live VM migration by Loophole labs.

More resources

🎉 Ecosystem & Community

Stay current with release overviews, conference recaps, and behind-the-scenes chats with Cilium maintainers.

What you’ll learn

  • Highlights and release notes for every Cilium, Hubble, and Tetragon release.
  • Previews and recaps from KubeCon, eBPF Summit and more.
  • Contributor AMAs, lightning talks, and behind the scenes culture stories.

More resources

👉 How to use this library

  • Choose your theme above.
  • Start the playlist episode.
  • Dive deeper with the linked blog post, hands-on lab, or downloadable eBook.

Recap

ThemePlaylistDescription
Cilium in ProductioneCHO Recaps: Cilium in the CloudsInstalling and operating Cilium on EKS, AKS and GKE.
eCHO Recaps: Deploying CiliumHelm values, upgrades and CI/CD pipelines for day-2 ops.
eCHO Recaps: Cilium with on-premise clustersBlue/green roll-outs and war stories from other CNIs (Calico, Flannel).
eCHO Recaps: Migrating to CiliumBlue/green roll-outs and war stories from other CNIs (Calico, Flannel).
Networking for KuberneteseCHO Recaps: Cilium Network PolicyFrom default-deny to L7 HTTP/DNS rules and policy tracing.
eCHO Recaps: Life of a PacketStep-by-step tour of a packet through the Linux datapath.
eCHO Recaps: CNIsComparative dives into Cilium vs Calico, Flannel and more.
Runtime SecurityeCHO Recaps: TetragonRuntime process security and real-time CVE detection.
Mesh NetworkingeCHO Recaps: Cilium Cluster MeshMulti-cluster service discovery, fail-over and global policies.
eCHO Recaps: Cilium Service MeshSidecar-less service-mesh, Envoy filters and transparent mTLS.
All things eBPFeCHO Recaps: Developing eBPF ApplicationsVerifier tricks, helper functions and user-space loaders.
eCHO Recaps: eBPF-Powered Runtime ObservabilityTracing, profiling and flow visibility with Hubble & BPFTrace.
eCHO Recaps: eBPF performanceMeasuring, benchmarking, and tuning eBPF programs.
Ecosystem & CommunityeCHO Recaps: ReleasesWhat’s new in every Cilium, Hubble and Tetragon release.
eCHO Recaps: ConferencesKey take-aways and demos from KubeCon, eBPF Summit and beyond.
eCHO Recaps: Community & CultureAMAs, contributor spotlights and behind-the-scenes stories.

📺 See you live!

  • Subscribe on YouTube and tap the bell 🔔 for stream reminders.
  • Find all the notes for each episode on HackMD.
  • Join our Slack Workspace Cilium for between episode chat.
  • Submit your episode idea or guest request on GitHub.

Happy watching and happy building with Cilium & eBPF! 🐝

Popular posts

Installing Cilium on EKS in Overlay(BYOCNI) and CNI Chaining Mode
Jul 08, 2025

Installing Cilium on EKS in Overlay(BYOCNI) and CNI Chaining Mode

Learn how to setup Cilium in EKS environments

Community
Automated Kubernetes Threat Detection with Tetragon and Azure Sentinel
Jul 01, 2025

Automated Kubernetes Threat Detection with Tetragon and Azure Sentinel

Building a Professional-Grade DevSecOps Pipeline with Tetragon eBPF Security Monitoring on Azure AKS

TechnologyCommunity
External
Simplifying Network Management with Cilium’s BGP Auto-Discovery
Jun 25, 2025

Simplifying Network Management with Cilium’s BGP Auto-Discovery

Cilium’s new BGP Auto-Discovery feature automates the process of discovering and establishing BGP peers, significantly reducing the operational complexity for large-scale environments.

Technology
External