Presenters
Source
Psyllium’s Decade of Dominance: From Container Conundrums to Infrastructure Language 🚀
Ten years ago, the world of tech was buzzing with the rise of containers, and with them, a new set of networking and security puzzles. Enter Psyllium, a project that embarked on a mission to fundamentally revolutionize container networking. Thomas, a pivotal figure in its journey, recently shared the incredible story of Psyllium’s evolution – a tale filled with challenges, breakthroughs, and a vision that continues to expand.
The Genesis: Taming the Container Networking Beast 🦁
The advent of technologies like Docker presented a massive shift. Suddenly, connecting and securing these isolated environments became a critical hurdle. The Psyllium team, armed with their expertise in virtualization networking and Open vSwitch, saw this as an opportunity. Their initial, laser-focused goal? To build a superior solution for Docker networking, one that was more robust, scalable, and inherently secure.
The Long Road from “Ping” to Production 🛣️
What started as what might have seemed like a straightforward project quickly revealed itself to be a marathon, not a sprint. The journey from the very first lines of code to a production-ready solution took years, far exceeding initial optimistic timelines. Thomas fondly recalls the early days, celebrating the simple yet monumental achievement of getting “ping between two containers” to work. The ambition was high, perhaps even a little naive, with early thoughts of immediately impressing major tech giants.
One of the most significant early hurdles was a bold architectural choice: an IPv6-only initial design. While forward-thinking, this decision meant a substantial nine-month effort was required to integrate IPv4 support. This vividly illustrates the critical trade-off between architectural purity and the pragmatic need for broad market adoption. It took multiple years for enterprise customers to truly unlock and benefit from Psyllium, a testament to the high bar for changing fundamental networking layers.
Navigating Architectural Crossroads: Service Mesh and Kubernetes’ Reign 👑
As Kubernetes rapidly matured, the emergence of sophisticated service meshes like Istio presented a new set of complex questions. For two years, the Psyllium team engaged in deep discussions, weighing the pros and cons of a complete pivot to a service mesh model versus a more gradual integration. The ultimate decision was to embrace service mesh principles, such as mutual authentication, without a complete architectural overhaul. Thomas highlights this as one of the most challenging, yet profoundly impactful, decisions made.
In stark contrast, a key architectural decision that proved to be a masterstroke was their unwavering commitment to Kubernetes as the default API and architectural foundation. This sharp focus, at a time when the Docker and Kubernetes ecosystems were still vying for dominance, was incredibly prescient. It not only shaped Psyllium’s trajectory but also laid the groundwork for numerous commercial offerings built upon its principles.
Beyond Networking: eBPF as an “Infrastructure Language” 🗣️
Psyllium’s evolution has dramatically outgrown its initial networking focus. The underlying technology, eBPF, has transformed into something far more powerful: an “infrastructure language.” This means eBPF can now be applied across networking, security, and observability domains. A particularly exciting development is its application in securing Cisco equipment – think switches, routers, and firewalls! This demonstrates eBPF’s incredible potential to mitigate vulnerabilities in Linux-based infrastructure at an industry-wide scale, with even further applications on the horizon for IoT devices.
Key Takeaways and the Road Ahead 💡
As we look back at this incredible journey, several core lessons emerge:
- Unwavering Open Source Commitment: Thomas stresses that success in open source, especially when building commercial products, requires a 100% commitment to the open-source model.
- The Power of Incremental Traction: Even during moments of doubt, incremental milestones and validation – like Google’s adoption for GKE – provided the crucial momentum to keep pushing forward.
- A Flourishing eBPF Ecosystem: The rapid growth of eBPF, with projects like Tetragone leading the charge, signals a long-term movement brimming with innovation potential.
- eBPF: Abstracting the OS: eBPF is fundamentally changing how we view the operating system, transforming it into a cloud-native and container-aware entity. It abstracts away complexities and unlocks new functionalities, such as advanced scheduling.
- Simplifying User Experience is Crucial: A major focus for the future is making eBPF easier to use, thereby lowering the barrier to entry for a much wider audience.
- Adaptation is Non-Negotiable: To remain relevant, Psyllium must continuously innovate, especially in burgeoning areas like AI infrastructure, to avoid becoming obsolete.
Looking Back, Moving Forward ✨
Reflecting on the past decade, Thomas offers a poignant piece of advice to his younger self: “trust your gut feeling and don’t worry too much.” Perhaps the most surprising revelation of the journey has been the widespread adoption of Kubernetes and the CNCF ecosystem, even within traditionally “boring enterprises.” This has revealed a clear blueprint for modern infrastructure.
Despite numerous hurdles – from intense architectural debates to the slow initial adoption – the future for Psyllium and eBPF looks incredibly bright. Fueled by a vibrant community and a relentless drive for innovation, the journey continues. The session concluded with a fun invitation for users to share their most “funny or strange” Psyllium deployments, a testament to the project’s adaptability and the community’s boundless creativity!