Back to glossary

Cilium

An open-source project that provides eBPF-based networking, security, and observability for cloud-native environments.

Categorycloud

Overview

Cilium is a next-generation CNI plugin that leverages eBPF (Extended Berkeley Packet Filter) in the Linux kernel. This allows it to provide high-performance networking and security without the overhead of traditional tools like iptables.

Key Features

  • eBPF Performance: Extremely fast packet processing and load balancing.
  • Identity-Based Security: Security policies are based on pod labels (identity) rather than IP addresses.
  • Hubble: A powerful observability tool built on top of Cilium that provides deep visibility into network traffic.
  • Service Mesh Features: Can perform many service mesh tasks (like load balancing and encryption) at the kernel level without sidecars.

Importance

Cilium is rapidly becoming the preferred choice for high-scale, security-conscious Kubernetes deployments.

Related Terms

CNI (Container Network Interface)Observability