Life Without Sidecars - Is eBPF's Promise Too Good to Be True?

The speaker argues that the sidecar model is the right model for the service mesh and provides advantages in resource consumption, maintenance, and security. They also suggest exploring the use of ebpf in cloud native networking.

• Sidecars have advantages in resource consumption, maintenance, and security compared to multi-tenant proxies
• Popular beliefs about sidecars wasting resources and introducing extra latency are not entirely true
• The speaker suggests exploring the use of ebpf in cloud native networking

The speaker describes the operational problems experienced with a multi-tenant proxy and the increased blast radius if it goes down, leading them to believe that the sidecar model is a better option for security and maintenance.

The recent popularity of eBPF has triggered a number of discussions of whether this technology will revolutionize the service mesh space. The promise of all the benefits that a service mesh can bring to your cloud-native infrastructure at a fraction of the performance and operational cost seems tantalizing. eBPF is said to be the tool that can help us build a native and highly efficient service mesh implementation and free us from the sidecar model. Could this all be true? In this talk, Zahari will go down the rabbit hole and try to explore what is and is not possible with an eBPF-powered service mesh. Are proxies really going away and if yes what does that really mean for the security, resilience, and operational complexity of your infrastructure?