Opening the Black Box: Understanding and Troubleshooting Calico’s eBPF Data Plane

Troubleshooting Kubernetes issues is hard enough in a standard Linux environment using well-proven tools. It’s even harder with the novel and ever more popular eBPF data planes. Some of the standard tools like iptables-save or conntrack no longer help, as they were built for the legacy environment based on Linux network stack and iptables. However, eBPF bypasses large parts of the node’s host network namespace for better performance and scalability. In this session, Tomas will show how to inspect and troubleshoot the eBPF mode of Calico Open Source, one of the most widely adopted container networking and security solutions, to help users better understand the eBPF mode. This will give users the skills to dive in and diagnose issues in their Kubernetes deployments. It will also help the community to contribute code to the Calico Open Source project.