Observability#

Cilium's observability stack is built on eBPF, enabling fine-grained visibility into network interactions, protocols, and runtime application behaviors. By integrating directly with Kubernetes, Cilium provides context-rich and identity-aware observability features, enhancing the monitoring, debugging, and security analysis of microservice applications.

../_images/detective-bee.png

Explore the Observability journey on the map!#

eBPF-Powered Observability#

Metrics & Tracing:#

Cilium exports a rich set of metrics and tracing data, compatible with leading observability platforms like Prometheus and Grafana. This allows for the detailed monitoring of network performance, service latency, and error rates, enabling teams to quickly identify and address issues.

Monitor Network Performance
Track packet flow rates, latency, error rates, and more to ensure the network is performing optimally.
Trace Service Interactions
Detailed traces of service-to-service calls help identify latency issues and optimize service response times.
Export and Alert
Export data and set up alerts for abnormal patterns or performance issues, enabling proactive issue resolution before they impact users.

Service Map#

Visualize real-time service-to-service interactions within your Kubernetes cluster, providing a graphical representation of network flows and dependencies. The service map helps in identifying communication patterns, dependencies, and potential bottlenecks, facilitating a better understanding of application behavior.

Understand Application Architecture
Quickly grasp how microservices are interconnected, aiding in both new developer onboarding and architectural planning.
Identify Bottlenecks and Dependencies
By leveraging eBPF, Spot potential performance bottlenecks and tightly coupled services that could impact application resilience and scalability.
Troubleshoot Connectivity Issues
Hubble UI helps pinpoint where traffic and policy implementations occur, streamlining the troubleshooting process.

Identity-aware Network Flow Logs:#

Go beyond traditional IP-based logging with Cilium's identity-aware flow logs. By tagging flows with Kubernetes pod and service identities, Cilium provides detailed context for each network interaction, including allowed and denied connections, DNS queries, and policy verdicts. This level of detail is invaluable for security analysis and compliance auditing.

Context-rich Logging
By associating network flows with Kubernetes identities (e.g., pod names, service names), Cilium offers more meaningful insights than IP-based logs.
Security Analytics
Easily audit which services are communicating, detect anomalous patterns, and verify that network policies are enforced as expected.

Advanced Network Protocol Visibility:#

Cilium offers deep visibility into application-level protocols such as HTTP, gRPC, and Kafka. This allows for the inspection of protocol-specific metrics, request paths, and response codes, providing insights into application performance and user experience.

Protocol-specific Metrics
Obtain metrics tailored to the protocols your applications use, such as HTTP request rates, gRPC call information, or Kafka message statistics.
Application-level Troubleshooting
Address issues at the application layer by inspecting request paths, response codes, and other protocol-specific attributes.
Optimize End User Experience
Use detailed protocol insights to refine application interactions, reduce latencies, and improve overall service quality.

Observability Resources#