 All right. Good morning, everybody. Welcome to EBPF and Cilium Day. My name is Thomas Graf. I'm co-founder and CTO of iSurveillance, but I think more importantly, I was among the founding team when we wrote the first lines of Cilium and for this keynote today, I figured why don't we look back on the original vision of why we created Cilium and see, well, how much of what we pitched back then in our first presentations, how much of that actually became true? So when we first talked about Cilium was at Lynxcon in Toronto in 2016 and we refer to it as fast IPv6 networking using EBPF and these were the four pillars that we essentially presented. So we said it has to be scalable because containers, right? We can no longer to think about VMs. We looked at policy and addressing extensible, because back then user space networking was the thing and was taking over. So can we bring back kernel relevance and can we be as extensible in the kernel as we can in user space networking? Simplicity and performance because of course we want packets to move fast. Policy, we just heard a ton about in the last talk. So how do we get to identity-based policy? That was what we pitched. Hey, we can no longer talk about IPs and ports. We need to talk about identities and make this really, really scalable and users don't want to define policies with IPs. They want to define policies with metadata, pod labels, container labels, namespaces and so on. We talked about extensibility and if we look at this slide, this is how we thought about this. Well, let's bring in EBPF or BPF. We still called it BPF back then and this is still exactly how Cilium looks today, right? We have a BPF chain that essentially allows us to generate bytecode and that does everything that Cilium does down in the kernel. So that was the slide on how do we make this extensible with BPF. But BPF is not just extensibility, it's also a tremendously good engine for visibility because we have these perforing buffers and BPF maps so we can extract observability from the data path, from what is running in the kernel into user space and guess what? This is what led to Hubble and this is how Hubble looks today. We have shiny dashboards, metrics, service maps, all of that based on this foundation of EBPF. It looks a little bit better today than the diagram we had back in 2016. Today we can actually show actual dashboards. We also wanted to make the network invisible because networking should really be invisible. We don't really want to care about networking. Usually when we care about networking is when it's down. So how can we make it invisible? And this was the slide back then. This was really written from a context of having done networking for virtual machines and all of this. How can we do this for containers and Kubernetes and really make it simple? So flat layer 3 networking, there were a couple of solutions among them Calico which had introduced this concept and they definitely got it right. I think that's the way we all take this for granted. Believe it or not, that's not how we used to do networking in the past. You had to take a class on how to do subnet, addressing and all of that to even get two ports to connect to each other. No concept of networks, a pod or a container shouldn't be having to be assigned to networks. We didn't quite 100% stay true to this. You can now do multi-networking with Syllium as well. But the core concept of Syllium is one flat layer 3 network and everybody can talk to everybody and then you take policy to segment what you want. We also want to have policy separate away from addressing. And many of you, maybe most of you, maybe all of you actually say, well, that's the only way to go. But that's also not how networking used to be. We used to have addressing and policy tightly coupled. And if you wanted to change policy, sometimes you had to move a VM into a different subnet and have to do renumbering and readdressing with Kubernetes and how what we're used today. None of that is ever a problem. Like we have these decoupled. There is an addressing layer and there's a policy layer and you're completely separate. And of course there is performance and we found ways to, so this is not from the 2016 talk. This is a little bit later on. We found ways to bypass IP tables, which was a big source of a lot of performance overhead. I've even got it to the point of pod networking, being faster than host networking, which was an interesting milestone because we were able to bypass a lot of the IP tables overhead. So that was the 2016-2017 vision. Let's look ahead a little bit. Like where do we want to be? Because clearly we've achieved quite a lot from what we originally set ourselves up to. Where do we want to be in a couple of years? So in 2017, we were of course not thinking about AI. So is it AI? Is it AI networking? I don't even know how that could look like. So let's forget about that part. 2017, the mission was very simple. Yes, let's see a couple of thumbs up. Let's keep AI on the S. 2017, the mission was very, very simple. Bring EBPF to Kubernetes and become the best possible CNI. That was essentially a mission division that we're still driving towards that. But let's extend it a little bit because we want to bring Cilium essentially to the rest of the world as well. So the simplicity, the scale, security, not requiring dozen different tools. We want to bring that to outside of Kubernetes, for your VMs, for your servers, for your Edge, for your multi-cloud connectivity. You should be thinking about just Cilium when you think connectivity, how to do that securely, how to do that scalable, whether it's for containers, for Kubernetes, for a bunch of servers, for VMs. Cilium, that's our vision for the future should become the standard or the next generation networking layer. So pretty simple. And I hope that matches what you all are looking for as well. Please continue giving us feedback. If you don't agree with the vision, come talk to me outside. We can debate it. Definitely interested to hear what you think about where we should be going. Thank you very much. And I think we have a couple of minutes for questions as well. I'm not sure. No, all right. No questions. You can meet me outside for questions. Thank you very much.