Table of Contents

eCHO 201: 2026 Networking, eBPF, and Security Predictions — Technical Notes
#

Opening: What This Episode Is Worth Keeping
#

eCHO episode 201 is not a feature launch; it is an annual predictions conversation you can cross-check against the source material. Guest Nico Vibert (Isovalent / Cisco) first “scores” the 2025 predictions post line by line, then walks through the 2026 edition’s eight predictions (2026-01-22). If you care about the intersection of cloud-native networking, runtime security, and AI agent governance, what is worth keeping is: which assertions already have official documentation behind them, and which remain Isovalent internal polls or speaker judgment—the latter are called out separately in this article.

The community side also previewed a Cilium 1.19 eCHO special (the show pointed to early February), Cilium Up and Running in print/PDF, and KubeCon Amsterdam sessions; Isovalent Labs (Labs) emphasized experiments runnable on CPU without a GPU budget. These are participation channels and do not constitute version commitments; technical judgments should still follow the blog posts and release notes.

Screen share: Isovalent blog “Networking and eBPF Predictions for 2026 and Beyond,” table of contents covering Open source scrutiny, Kubernetworker, VM on K8s, Multicloud, Nano segmentation, Cisco integration, MCP, Identity, and other sections.

2025 Predictions Retrospective: Scorekeeping, Not Fortune-Telling
#

Retrospective scores come from an Isovalent internal poll (roughly 1–10), with methodology not published—usable only as show context.

Topic	Show conclusion	Verifiable basis
eBPF on Windows	Not achieved (~1/10)	Microsoft 2021 post and ebpf-for-windows still emphasize dev mode; the 2025 post predicted GA—“not achieved” is the show’s judgment
AI + eBPF security “revolution”	Partial (~3/10)	Post title includes remain cautious; LLM-generated NetworkPolicy still prone to hallucination (speaker opinion)
eBPF startup funding soars	Partial (~6.5/10)	Title aligns with Odigos and other funding links in the post; “soaring” vs. IT spend contraction is economic judgment
Netkit quasi-immediate adoption	Not broadly achieved	Post cites ByteDance ~10% throughput gain, Meta rollout plans; “10–15%” and “kernel ≥6.8” are speaker oral remarks—the 2025 post does not mention 6.8
VM on K8s as ops model	Direction right, experience hard (~7.5/10)	Aligns with KubeVirt CNCF incubating direction
K8s networking adapts to AI (DRA)	In progress	DRA concept docs (v1.35 stable), google/dranet; “Google donated at KubeCon to CNCF” is speaker paraphrase—no verbatim source captured in this write-up

2025 slide Prediction #1: “eBPF will come to Windows.”

2025 slide Prediction #6: “Netkit will see a quasi-immediate widespread adoption”; chat asks What’s next after netkit? (speaker opinion).

Chat user @TonyNorlin hoped eBPF would reach FreeBSD by 2027—no official roadmap in sources for this session; recorded here as a community wish only.

Chat overlay: @TonyNorlin proposes 2027 eBPF on FreeBSD; slide at the same time shows 2025 Prediction #3 “Funding of eBPF startups will soar.”

2026 Predictions: Eight Themes and Evidence Boundaries
#

The h2 order below follows the 2026 post; on the show, Agent identity and MCP were discussed in swapped order.

Open Source Usage Under Scrutiny (Ingress NGINX)
#

Kubernetes officially announced Ingress NGINX retirement: best-effort maintenance through March 2026, then no security updates; the January 2026 statement cites third-party research that roughly 50% of clusters still depend on it. Migration direction is Gateway API (per the retirement post meta). On the show: F5 maintenance branch, vendor demos without giving back to the community—F5 announcement not verified in this research; the 2026 post body also does not mention F5.

2026 slide Prediction #1: “Open Source Usage goes under scrutiny (Ingress-Nginx).”

“Kubernetworker” and Certification Path
#

The post predicts the gap between platform engineers and traditional network engineers will narrow, with BGP, IPv6, overlay, mesh, encryption, and related skills driving a dedicated role. The CKNE project page states the exam is still in development (schema.org: certification exam is being developed), consistent with the post’s upcoming certification. NetDevOps → K8s networking / BPF / Cilium is a narrative path, not a normative requirement.

VM on Kubernetes: Losing Its “Innocence”
#

Rising interest does not mean overnight migration. The post’s h2 is VMs on Kubernetes lose their innocence, pointing to a virtualization networking brief; “VMware as the new mainframe” is a speaker metaphor (not verbatim in the post). KubeCon co-located VM on Kubernetes Day (hosted by Portworx) comes from subtitles—official agenda pages were not captured for confirmation in this write-up.

2026 slide Prediction #3: “VMs on Kubernetes lose their innocence.”

Multicloud Interconnect Starts to Feel Real
#

Much past “multicloud” stayed at the strategy slogan level, or was only SaaS (e.g., Office 365) plus a single IaaS; cross-cloud VPC interconnect still often relied on peering, VPN, transit, or third-party orchestration (speaker opinion). The 2026 post places the inflection on AWS and Google managed L3 connectivity and programmable APIs: AWS Interconnect, open source aws/Interconnect (OpenAPI 3.0). See also the AWS re:Invent 2025 multicloud guide. Whether Azure will ship equivalent capability remains predictive; “neocloud” (GPU/API delivery, weak control plane) has no standalone standard definition.

Nano Segmentation
#

Between macro (region/perimeter) and micro, pushing toward process-level enforcement; post keywords include Tetragon and Runtime Security. Adoption depends on policy generation, rollout, and operational cost—product details belong in Tetragon docs.

Isovalent Visibility Inside Cisco
#

The post links Cisco Live Protect and related material, claiming Cisco uses Tetragon for vulnerability mitigation. CPO “among the most strategic acquisitions” is speaker paraphrase; acquisition press release and cisco-to-acquire-isovalent body text could not be fetched in this research pass.

MCP: Use Cases and Risks Together
#

The Model Context Protocol connects AI applications to external systems. The post describes an Azure engineering team building an MCP server with Cilium + Hubble to observe traffic and generate NetworkPolicy; Nico’s October 2025 personal experiment date and large-customer PoC details are speaker oral remarks with no public repo link. Agent non-determinism → need identity + policy binding; using Tetragon to limit agent syscalls is speaker opinion, not an MCP spec requirement.

Show oral setup: VS Code Copilot → MCP server (binary/container) → reads cluster via kubeconfig; with read-only permissions the agent can combine hubble observe for traffic attribution; with write permissions it can generate NetworkPolicy locally on kind—Nico described this as close to “giving an intern root.” A more conservative enterprise path: PoC cluster + GitHub CI/CD to push policies + human approval per namespace (speaker paraphrase, no public case link). MCP was compared to a “USB-C-style” interface for agents—metaphor only, not equivalent to the USB security model.

Cilium v1.19.4 documentation tree (if the live site is odd, use GitHub):

# Confirm Hubble is enabled (v1.19.4 setup.rst)
cilium status

# Observe flows (example uses -P; see CLI reference for full flags)
hubble observe

Identity Becomes Humanoid
#

Post h2: Identity becomes humanoid, and policy has to follow—coding agents and MCP tool calls are hard to whitelist with fixed verbs/resources like traditional ServiceAccounts; if policy does not keep up, “YOLO”-style overreach is likely (qualitative argument).