Cilium is an open-source networking project that provides networking and security capabilities for containerized applications, microservices, and virtual machines.
Recently Cilium launched a great website about eBPF called ebpf.io. It serves a similar purpose to this list, with an introduction to eBPF.
Note: Cilium is an exciting piece of technology, and its ecosystem is constantly evolving. We'd love help from you to keep this awesome list up to date, and improve its signal-to-noise ratio in anyway we can. Please feel free to leave any feedback.
- Reference Documentation
- Cilium related projects
- Articles and Presentations
- Community Events
- Community and Contributing
- Hands on Contents
-
Website - Official website of cilium which was originally created by Isovalent.
-
Official GitHub repository - GitHub repository of the Cilium project.
-
A cookbook of installing cilium on AWS EKS - Multiple ways to install cilium in eks.
-
Cilium Certified Associate Study Guide - Study guide to help the Cilium community prepare for the CNCF's Cilium Certified Associate(CCA) Exam.
-
Cilium - The core project, Cilium, is a networking plugin for various container runtimes such as Kubernetes, Docker, and Mesos. It leverages Linux kernel features like eBPF (extended Berkeley Packet Filter) to provide fast and secure networking and load balancing for applications.
-
eBPF - Extended Berkeley Packet Filter (eBPF) is a technology that allows for dynamic, programmable packet filtering and network analysis in the Linux kernel.
-
Cilium Proxy - A high-performance HTTP, TCP, and gRPC proxy that can be automatically injected into Kubernetes pods. It provides features like load balancing, health checking, and L7 (Layer 7) visibility, helping secure and monitor application traffic.
-
Cilium Cluster Mesh - Allows you to securely connect multiple Kubernetes clusters together using encrypted tunnels. It enables seamless communication and service discovery across clusters while maintaining strong security boundaries.
-
Hubble - A network visibility and monitoring tool built by the Cilium community. It provides real-time visibility into network traffic, allowing operators to gain insights into application behavior, troubleshoot connectivity issues, and enforce network security policies.
-
Cilium Operator - A Kubernetes operator that simplifies the deployment and management of Cilium within a Kubernetes cluster. It automates tasks such as deploying Cilium agents, configuring eBPF policies, and handling upgrades.
-
Tetragon - A runtime security enforcement and observability tool.
-
Cilium Mesh - Connect Kubernetes workloads, virtual machines, and physical servers running in the cloud, on-premises, or at the edge.
-
NetworkPolicy Editor - Create, visualize, and share Kubernetes networkPolicies.
-
Prometheus & Grafana for Cilium - Collect metrics from Cilium and store them in Prometheus for analysis and alerting.
-
Cilium Helm Chart - Helm chart that can be used to deploy Cilium on Kubernetes.
-
Hubble adaptor for OpenTelemetry - Enable exporting Hubble flow data using OpenTelemetry collector.
-
Packet, where are you? - eBPF-based Linux kernel networking debugger.
-
Coroot - It turns telemetry data into actionable insights, helping you identify and resolve application issues quickly.
-
Pixie - Instant Kubernetes-Native application observability.
-
caretta - Instant K8s service dependency map, right to your Grafana.
-
Netreap - A Cilium controller implementation for Nomad.
-
Gloo Network - Enable Cilium-CNI powered by eBPF to enable networking, packet filtering and observability for modern applications.
-
Bpfilter instead of iptables for routing - Bpfilter offers a new approach to packet filtering in Linux.
-
Inter-node traffic control - Policies that are applicable to the whole cluster (non-namespaced) and provide you with the means to specify nodes as the source and target.
-
BPF and XDP Reference Guide - Guide from the Cilium project.
-
Why is the kernel community replacing iptables with BPF? - A blog post by Cilium on the the motivations behind eBPF and bpfilter, with a couple examples and links to other projects using eBPF and bpfilter.
-
Bpfilter: Linux firewall with eBPF sauce - Slides from a talk by Quentin Monnet with a background on eBPF and comparing bpfilter to iptables.
-
Cilium: Networking & Security for Containers with BPF & XDP - Also featuring a load balancer use case.
-
Cilium: Networking & Security for Containers with BPF & XDP - video.
-
Cilium: Fast IPv6 container Networking with BPF and XDP - Fast IPv6 container Networking with BPF and XDP.
-
Cilium: BPF & XDP for containers - PF & XDP for containers.
-
Learning ebpf book - Learning eBPF, published by O'Reilly! Here's where you will find a VM config for the examples.
-
eBPF log analytics in your Kubernetes cluster - Leverage Cilium's Tetragon to capture eBPF based file access logs and send it to Parseable for alerting and further analytics.
-
Introduction to Cilium - A livestream covering all things related to eBPF and Cilium presented by Isovalent's Thomas Graf & Liz Rice.
-
Cilium CNI - A Comprehensive Deep Dive Guide for Networking and Security Enthusiasts.
-
Cilium for Kubernetes networking - Why we use it and why we love it.
-
A generic introduction to Cilium - A generic introduction to Cilium.
-
A podcast interviewing Thomas Graf - Ivan Pepelnjak interviewing Thomas, October 2016, on eBPF, P4, XDP and Cilium.
-
How eBPF Streamlines the Service Mesh - Explore how eBPF allows us to streamline the service mesh, making the data plane more efficient and easier to deploy.
-
From Amazon VPC CNI to Cilium with Zero Downtime - Migrate to Cilium from Amazon VPC CNI with Zero Downtime.
-
Cilium CNI and OKE on Oracle Cloud - Kubernetes Networking with Cilium CNI and OKE on Oracle Cloud.
-
Cilium in Azure Kubernetes Service (AKS) - Configure Azure CNI Powered by Cilium in Azure Kubernetes Service (AKS).
-
eCHO News NEWSLETTER - eCHO news in a bi-weekly wrap up of all things eBPF and Cilium.
-
Exploring eBPF and XDP - An Example - A basic example how to get started with XDP.
-
eBPF - Rethinking the Linux Kernel - eBPF JavaScript-like capabilities to the Linux Kernel.
-
Learn how Tetragon can stop CVEs with YAML - Prevent Overlayfs Privilege Escalation on Ubuntu Kernels with Yaml (bpf).
-
Cilium + Istio - A Quick Tour of Cilium 1.14 with Istio.
-
Cilium: Decoding the packet path with Security Groups for Pods in EKS - Decoding the packet path with Security Groups for Pods in EKS.
-
Cilium mutual auth … DIY - A quick run-through on setting up cilium, mtls on a self-managed kubernetes cluster.
-
Istio Service Mesh with ALB in EKS - Install Cilium in a BYOCNI mode seamlessly and thus leverage #ebpf functionality as compared to iptables.
-
Kubernetes LoadBalance service using Cilium BGP control plane - A walk through the process of creating Cilium based support for Load Balancer Services in a minimal K3s Kubernetes cluster.
-
eBPF-based networking with Cilium - What is it and what can it do?.
-
Deploying Red Hat OpenShift with Cilium - Given that OpenShift is pretty ubiquitous in private clouds (especially in financial organizations) and that Cilium is on its way to become ubiquitous, this tutorial on deploying Cilium and Red Hat OpenShift will be handy for many.
-
Setting up EKS Amazon Clusters, adding Cilium to projects using Terraform and Helm, supporting GitOps, and using Karpenter for efficient resource utilization and cost savings - Architecting for Resilience: Crafting Opinionated EKS Clusters with Karpenter & Cilium Cluster Mesh.
-
Kubernetes Gateway API with Cilium - This article provides guidance on how to effectively configure Cilium for setting up the Gateway API in Kubernetes environments.
-
How to migrate from Red Hat OpenShiftSDN/OVN-Kubernetes to Cilium - A step-by-step process of migrating from the traditional OpenShiftSDN (default CNI pre-4.12) or OVN-Kubernetes (default CNI from 4.12) to Cilium, exploring the advantages and considerations along the way.
-
Setup basic L4 Load Balancing with Cilium CNI and Ubuiqiti Edge Router - Setting up basic L4 Load Balancing with Cilium CNI and Ubuiqiti Edge Router.
-
CiliumCon - CiliumCon is a full-day co-located event for Cilium users, contributors, and new community members.
-
Isovalent Security Summer School 2023 - Virtual Security Summer School where you can level up your skills with hands-on labs. Learn how Cilium, Tetragon, and Hubble help improve Kubernetes security.
-
Isovalent's cilium related events - Events featuring diverse voices, innovative companies and big ideas.
-
Slack channel - For live conversation and quick questions, join the Cilium Slack workspace.
-
Twitter - Follow Cilium on Twitter for the latest news and announcements.
-
YouTube - Watch the videos from the Cilium and eBPF Communities.
-
Contributors - Contributions to main.
-
Isovalent library for Cilium - You can find Videos
Case studies
,Blogs
,Books
,Labs
andAnalyst Reports
. -
Cilium Learning Tracks - Pick from tracks for cloud network engineers, security professionals, platform engineers, platform ops (service mesh), and cloud architects.
-
K0S Cilium Playground - A full bash based k0s Cilium Clustermesh enabled playground.
-
Podcast: Kubernetes Unpacked Podcast - Kubernetes Unpacked 022: Kubernetes Networking And Abstraction With Cilium And eBPF.
-
From Zero to Cluster Mesh: Installing and Configuring Cilium CNI on Kubernetes - How to install and configure the Cilium CNI (Container Network Interface) and enable its advanced cluster mesh feature across Kubernetes clusters in different availability zones!.
-
Cilium and SPIRE integration - Tutorials about Cilium and SPIRE integration.
-
Cilium Network policies Library - Community curated list of System and Network policy templates for the KubeArmor and Cilium.
-
Kyverno policies for Cilium Network Policies - Examples of Kyverno policies for controlling the creation of Cilium Network policies.
Contributions welcome! Read the contribution guidelines first.