eBPF is a low-level technology for running sandboxed kernel programs. Its use in Kubernetes-based applications has grown rapidly due to the revolutionary capabilities it enables, as demonstrated by Cloud Native Computing Foundation (CNCF) projects such as Cilium, Datadog, Calico, and Pixie. However, eBPF in Kubernetes also poses a number of new challenges for developers and administrators alike. These challenges include program lifecycle management issues, the widespread use of privileged pods, the lack of eBPF subsystem visibility, and problems with program cooperation.

bpfman is an open source project dedicated to making eBPF easier to secure, manage, and use. The project includes an operator that allows eBPF application developers to package programs via OCI container images and deploy them via Kubernetes CustomResourceDefinitions (CRDs) such as TcProgram s and XdpProgram s.