Event Details

Please note: All times listed below are in Central Time Zone

<< Go back
Improve performance and security for containers using Kuryr and Cilium
Container Infrastructure

Cilium is on open source project which implements Kubernetes network policies and provides container network security by using eBPF and XDP packet filtering in the Linux kernel. Kuryr is the OpenStack project that enables native Neutron-based networking in Kubernetes. In this talk we will describe the work that we've done to provide Cilium as CNI plugin and  how we used Kuryr to integrate it into OpenStack. We will demonstrate how to deploy and configure a Kubernetes cluster using the Cilium-Kuryr integration. We will explain how Cilium provides L7 network policies  and its "native routing" mode, where it just allows any routing daemon to route the traffic. We will illustrate Cilium's features using concrete examples. Thanks to native packet filtering Cilium boosts performance, we will show tests results to measure how Cilium improves throughput compared to other CNI plugins. 


What can I expect to learn?

They should expect to gain more understanding of container networking and to become familiar with Kuryr and Cilium.

Wednesday, November 14, 1:40pm-2:20pm (12:40pm - 1:20pm UTC)
Hall 7 - Level 2 - 7.2b / Budapest
View video
Difficulty Level: Intermediate
Tags: Technical Docker Kubernetes Kuryr Neutron OpenStack OpenSUSE
Rossella Sblendido
SUSE
Rossella leads the team that takes care of SDN and NFV in SUSE. She is involved in OpenStack since Essex. She had been core reviewer for Neutron for several releases and she’s now a member of the Technical Steering Committee of OPNFV and part of the Technical Advisory Committee of the Linux Foundation Networking Fund. FULL PROFILE
Michal Rostecki
Software Engineer
Michal Rostecki is contributing to Cilium on daily basis, sometimes to Kubernetes and several projects related to containers and networking. He had been a core reviewer for OpenStack Kolla project. FULL PROFILE