Opening the Black Box: Understanding and Troubleshooting Calico’s eBPF Data Plane

Troubleshooting Kubernetes issues is hard enough in a standard Linux environment using well-proven tools. It’s even harder with the novel and ever more popular eBPF data planes. Some of the standard tools like iptables-save or conntrack no longer help, as they were built for the legacy environment based on Linux network stack and iptables. However, eBPF bypasses large parts of the node’s host network namespace for better performance and scalability. In this session, Tomas will show how to inspect and troubleshoot the eBPF mode of Calico Open Source, one of the most widely adopted container networking and security solutions, to help users better understand the eBPF mode. This will give users the skills to dive in and diagnose issues in their Kubernetes deployments. It will also help the community to contribute code to the Calico Open Source project.


About the speaker

Tomas Hruby Sr. Software Engineer, Tigera

Tomas is a Senior Software Engineer at Tigera, working as a founding developer of the Calico eBPF dataplane. Before joining Tigera in 2019, worked as an engineer in network storage and network observability domains. He worked as a researcher at Vrije Universiteit Amsterdam in Andy Tanenbaum's group and obtained PhD by defending thesis "On the Design of Reliable and Scalable Networked Systems".