What is Cilium?#

Cilium is an open-source, cloud-native software for enhancing network connectivity, security, and observability between workloads. Powered by the revolutionary eBPF (extended Berkeley Packet Filter) technology, Cilium introduces an innovative approach to networking by embedding logic and control directly within the Linux kernel. Best known as a Container Networking Interface (CNI), Cilium is the foundation behind secure and observable connectivity at both network and service mesh levels inside Kubernetes and beyond.

Created by the founders of Isovalent in 2016, Cilium has become a CNCF (Cloud Native Computing Foundation) graduated project and the de-facto standard for Kubernetes networking. Embraced by leading cloud providersβ€”Google (GKE, Anthos), Amazon (EKS-A), and Microsoft (AKS)β€”Cilium is trusted by platform engineering teams worldwide, including industry giants like Adobe, Bell Canada, and IKEA.

Identity-Based Policies
Utilize Kubernetes metadata (pod names, labels, etc) to define security policies, enabling microsegmentation and least privilege access across services.
Performance Optimizations
eBPF-powered high throughput and low latency by optimizing packet forwarding paths, minimizing context switches, and reducing packet processing overhead.
Transparent Encryption
Support for encrypting network traffic using IPSec or WireGuard, ensuring data in transit is secure between nodes in the cluster.

Architecture Overview#

Cilium architecture integrates deeply with Kubernetes, leveraging eBPF for efficient network management and monitoring across nodes, facilitated by a comprehensive toolset including agents, CLI, and operator components, with Hubble providing advanced visibility and analytics.

Bringing out the eBPF Superpowers
At the core of Cilium's functionality, eBPF enables dynamic insertion of powerful networking and security capabilities directly into the Linux kernel. This allows for packet filtering, network monitoring, and policy enforcement to be performed efficiently without changing existing kernel code, significantly improving performance and scalability of network operations.
The Standard for Cloud-Native Networking
Cilium is the standard for Kubernetes networking and security with policy enforcement, service mesh capabilities, and enhanced visibility through Hubble, which collectively provide a scalable, secure, and observable networking foundation for containerized environments.
Hubble Insights and Observability
Hubble is the observability layer of Cilium, bringing out insights from network events and metrics directly from the data plane, enabling real-time network visibility and security monitoring. Get a comprehensive view of network flows, service dependencies, and performance metrics across the cluster, accessible via a CLI, graphical UI, and a relay component that aggregates data for cluster-wide insights.

Try it out#

Find the right journey and explore the Cilium hands-on labs at your own pace!

Cloud Network Engineer
The Cloud Network Engineer journey takes you through labs featuring BGP, IPv6, Egress Gateway, BIG TCP, as well as Multi Homing.
SecOps Engineer
The SecOps Engineer journey takes you through labs featuring Network Policies, Runtime Security with Tetragon, TLS Visibility, Transparent Encryption, Mutual Authentication, Host Firewall, and Egress Gateway.
Platform Ops
The Platform Ops journey takes you through labs featuring Gateway API, Cluster Mesh, Network Policies, and Connectivity Visibility.

Use Cases#

Service Mesh
Cilium Service Mesh, sidecar free & proxyless.
Kube-proxy Replacement
Replace iptables with eBPF.
High-performance CNI
Scalable and consistent cloud-native networking.
Advanced Network Protocol Visibility
Workload communication at the protocol level.
Transparent Encryption
Encrypt all node-to-node traffic.

Why Cilium?#

eBPF-based Networking, Observability, Security The shift to microservices architecture has introduced complexities in workload connectivity, security, and observability. Cilium confronts these challenges head-on, offering a cloud-native solution that's both agile and robust. By moving beyond traditional IP-based approaches, Cilium leverages eBPF to provide granular control and security across layer 3 (L3), layer 4 (L4), and layer 7 (L7) ensuring seamless operation in dynamic Linux containerized environments.

Open-Source at Our Core Isovalent, the creators and maintainers behind Cilium, brings expertise to the open-source cloud-native ecosystem. With Cilium, Isovalent are proudly building a solution that's not just about leveraging eBPF's technical advantages but also about embracing the cloud-native paradigm β€” ensuring scalability, security, and efficiency across modernized multi-cloud environments.

Open-Source by Design
As a CNCF graduated project, Cilium sets the standard for Kubernetes networking, enjoying widespread adoption and support.
Cloud-Native Flexibility
Cilium's architecture ensures seamless operation across different cloud environments, eliminating vendor lock-in.
Production-Ready Benchmarks
From advanced networking and firewalling to encryption and load-balancing, Cilium meets the rigorous demands of cloud-native production operations.

Case Studies#

Performance Testing Cilium Ingress
Company: Hetzner Cloud
Zero Trust Networking at Scale (20k+ VCPUs, 100+ Dev Teams)
Telecommunications Industry
Reducing Kubernetes Tool Sprawl
Company: Tietoevry
Avoiding cloud vendor lock-in with Kubernetes and Cilium
Company: Form3
Some Assembly Required: IKEA Private Cloud
Company: IKEA