Isovalent’s Commitment to Upstream Goes Beyond Just Commits

Isovalent, the original creators of the CNCF graduated project Cilium, has always emphasized its open source engagement as a core pillar. As well as contributing to widely adopted projects like Cilium, the Linux Kernel, and more (as you’ll read about in this blog), Isonauts (Isovalent team members) are dedicated to continually bettering the open source communities by directly participating in various boards, committees, and organizations. In this fashion, a strong cycle of keeping up to date with new technologies and development provides a valuable positive feedback loop for keeping Cilium a strong project.

Let’s meet some of the Isonauts and learn about how they participate in open source communities. 

Isonauts and their participation in the community

Liz Rice – CNCF and OpenUK

Liz Rice is a familiar face around the CNCF. Aside from championing Cilium, she’s been involved with the CNCF early on – she was a KubeCon co-chair back in 2018, then served as the chair of the Technical Oversight Committee, and currently sits on the Governing Board. She is also on the board of OpenUK. OpenUK is a non-profit organization with the goal of promoting collaboration, the health, and use of open technologies within the United Kingdom.

If you’re not familiar with the Cloud Native Computing Foundation (CNCF), it is the neutral steward of the cloud native infrastructure projects that have been vital to the success of Kubernetes, Cilium, and other widely adopted projects. As with the Linux Foundation (LF) protecting Linux from being under the direct control of any one vendor, the CNCF maintains the same vision and goal of balancing the interests of contributors, end users, and an ecosystem of vendors. Liz, Chief Open Source Officer at Isovalent, helps the CNCF maintain this vision, which also benefits Cilium, one of the most popular projects in the ecosystem and the fastest-growing CNI! 

Daniel Borkman – eBPF and Linux

Cilium has been built upon open source from the beginning. One of Isovalent’s founding engineers, Daniel Borkmann, has been an active contributor to the Linux Kernel (with a focus on eBPF and networking subsystems) for over a decade (!). He has been involved in eBPF since its inception – you can learn more about the story of eBPF’s creation in the eBPF Documentary – and Cilium since the start. With Cilium leveraging eBPF at its core, it’s important to have a deep understanding, however it is also important to contribute back to eBPF. Isonauts have found a balance of helping contribute new features to eBPF, and leveraging these new capabilities to advance Cilium.

In his own words, “With technical projects like the Linux kernel but also Cilium, it is awesome to see so many smart people working towards a common goal. While everyone has different use cases and backgrounds, this diversity helps to move the project forward.” Open source contributions allow for people who are interested in related technologies and projects to get involved and learn instead of being hidden behind closed-source enterprise products, and having various technical backgrounds help contribute to creative solutions.

Besides being deeply technical, as a prominent figure in the BPF world, Daniel often assists with pushing projects forward through the education and engagement side of the community. This is the “glue work” that often goes unnoticed, which is why, at Isovalent, there is that given bandwidth outside of general job role functions for engaging with the community, aligned to the individual’s own preferences and interests. Beyond just Linux code contributions (for example, helping land netkit in the kernel), Daniel and other Isonauts are heavily involved in community initiatives, such as the Linux Plumbers’ Conference, which helps get others engaged in the Linux project.

Mahé Tardy – SIG-Security

Mahé Tardy is a Security Engineer on Cilium’s Tetragon project and has been a member of Kubernetes for roughly three years, focusing on security. Mahé originally started getting involved since he had a background as a security researcher and slowly got more involved over the years.

Kubernetes SIG security generally tries to make the project more secure by writing/using tools, writing security documentation, and doing assessments (for example, Mahé’s last contribution). It provides a place for security enthusiasts to gather and share, contributing back to Kubernetes through cross Special Interest Group (SIG) collaboration.

Also, being heavily involved in the Tetragon project, engaging with the community, and having this Kubernetes security knowledge helps steer the project toward helping end users. In his own words, “I love being able to share what I’m working with and show it to the world in conferences and such. Being involved in the Kubernetes community builds bridges with Isonauts who are also doing this, and it always helps me be aware of the new stuff.”

Nick Young – Gateway API

Nick Young is the Tech Lead of the Cilium Service Mesh team at Isovalent and has been a Gateway API Maintainer for almost five years. He’s also been involved in the open source landscape around various projects – a WG-LTS contributor, previous maintainer and tech lead of Contour, founding member of the Envoy Gateway, to name a few.

The Gateway API is the next generation of Kubernetes Ingress, Load Balancing, and Service Mesh APIs. Initially, it was designed to be generic, expressive, extensible, and role-oriented. There’s an impressive overlap between Gateway API and Cilium – Cilium handles Ingress, Load Balancing, and Service Mesh, and so being involved in both produces a synergistic effect. With the release of v1.1, the Gateway API has rapidly gained traction over the last few years. Helping contribute to a SIG (Special Interest Group) under Kubernetes ensures that “effort spent on software isn’t thrown away when a particular company pivots and that the software we build is useful for many people, not just a few.”

Furthermore, with Service Mesh being at the forefront of the cloud native landscape for the last few years, Cilium has been able to approach use cases differently, pushing change architecturally around the ecosystem. With the GAMMA initiative in Gateway API being moved to standard channel, service meshes are still on the rise as being a valuable infrastructure tool. As a maintainer and team lead, Nick brings seasoned knowledge around the networking ecosystem to Cilium, and leads a team that has an open mindset in trying out different solutions.

Casey Callendrello – CNI Maintainer

Casey is the Tech Lead for the network policy team at Isovalent. In addition to Cilium, Casey has been the primary maintainer of the CNI project since 2016, a project spun out from from his time at CoreOS. For those not familiar with the CNI Project, it is a cornerstone of the Kubernetes ecosystem; the protocol is used by hundreds of different network plugins and formalizes the specs for interacting with the networking interface in Linux containers. 

The CNI is a requirement to allow networking in your Kubernetes cluster. With the Cilium CNI being the leading and first graduated CNI in the CNCF landscape, Casey has been bringing guidance and expertise to help the CNI ecosystem develop. “The project is 99% communication, 1% coding. And yet, without working on the project’s code, I wouldn’t be able to lead”.  In this feedback loop, the alignment helps the Cilium CNI improve, but maintainers like Casey also help push the CNI project forward. However, it’s not just code contributions that push a project forward.  

Duffie Cooley – CNCF TOC (Technical Oversight Committee)

Duffie joined the ecosystem way back in 2017 during his time at CoreOS. He began by answering questions and helping folks in the #kubernetes-users slack channel and working with enterprises on architecting platforms using Tectonic. From there, he went on to work with the amazing folks behind Heptio and continued to educate and enable folks with projects like TGIK – a weekly Kubernetes podcast. Once he joined us at Isovalent, he continued that work with eCHO office hours and by being a host for the eBPF Summit.  

In 2021, Duffie joined the CNCF Technical Oversight Committee and has been working to help redefine the work of graduating projects and define the technical direction. He and the rest of the committee evaluate projects for inclusion in the CNCF and further help those projects move to incubation and graduation. He is generous with his time and is always interested in hearing what folks are interested in and bringing his experience and ideas to the conversation.

Open-source projects are better for the community

Open-source projects are better for the community as a whole. They enable knowledge sharing and expand the base of contributors. They validate features, explore use cases from end-users while getting active feedback, and make projects more robust; companies come and go, but the technological infrastructure often outlasts them. Personally, I’ve been fortunate to have worked with great thought leaders at Isovalent who have helped me and others contribute to open source projects. 

They often say that contributing to open source projects is a second job. Not just the coding but showing up to meetings, attending conferences, and participating on boards is just a subset of what open source maintainers engage in. Many times, talking to maintainers, it is often repeated that open source projects don’t get enough resources, despite the fact that so many products and companies are built on top of the hard work of the community. And these are just a few of the projects that we contribute to (bpftool, Tinkerbell, rbpf, to name a few). For the size of Isovalent, it’s pretty impressive to see the ratio of commits that we have under our belt in the CNCF ecosystem, and how engaged we are with the various communities and boards. As Isovalent transitions to become a part of Cisco, Isonauts will continue to dedicate our passions and commitment to upstream projects.