Cilium: Open-source eBPF-based networking, security, observability

Cilium is an open-source, cloud-native solution that leverages eBPF technology in the Linux kernel to provide, secure, and monitor network connectivity between workloads.

What is eBPF?

eBPF is a technology originating from the Linux kernel that allows sandboxed programs to run in a privileged context, such as the operating system kernel. It extends the kernel’s capabilities safely and efficiently without modifying the kernel source code or loading kernel modules.

Cilium features

Cilium offers a flat Layer 3 network extending across multiple clusters, supporting native routing and overlay modes. It knows Layer 7 protocols and can enforce network policies from Layer 3 to Layer 7 using an identity-based security model decoupled of network addressing.

Cilium provides distributed load balancing for traffic between pods and to external services, capable of replacing kube-proxy by using eBPF hash tables for nearly unlimited scalability. It also supports advanced features such as integrated ingress and egress gateways, bandwidth management, and service mesh, and offers comprehensive network and security visibility and monitoring.

Cilium is available for free on GitHub.

Must read:

• 20 free cybersecurity tools you might have missed
• 15 open-source cybersecurity tools you’ll wish you’d known earlier
• 20 essential open-source cybersecurity tools that save you time