What is Cilium?
Cilium is an open source project to provide networking, security, and observability for cloud native environments such as Kubernetes clusters and other container orchestration platforms.
At the foundation of Cilium is a new Linux kernel technology called eBPF, which enables the dynamic insertion of powerful security, visibility, and networking control logic into the Linux kernel. eBPF is used to provide high-performance networking, multi-cluster and multi-cloud capabilities, advanced load balancing, transparent encryption, extensive network security capabilities, transparent observability, and much more.
Use Cases
Networking
Observability
Architecture
Cilium comprises four key components: the Cilium agent, the Cilium client command line tool, the Cilium operator, and the Cilium CNI plugin. The agent, running on all cluster nodes, configures networking, load balancing, policies, and monitoring via Kubernetes or APIs that describe networking, service load-balancing, network policies, and visibility & monitoring requirements. The client tool, bundled with the agent, inspects and manages the local agent's status, offering direct access to eBPF maps. The operator centrally manages cluster tasks, handling them collectively rather than per node. The CNI plugin, invoked by Kubernetes during pod scheduling or termination, interacts with the node's Cilium API to configure necessary datapaths for networking, load balancing, and network policies.
Get Hands-On With Cilium
Documentation & Tutorials
Quickly get started with Cilium. Read the documentation or use our interactive tutorial in a live environment.
![Interactive Labs]()
Interactive Labs
Deep dive into Cilium and its features with labs provided by companies within the Cilium ecosystem
We are proud to be a CNCF Graduation level project
Learn about Cilium & eBPF
10min Introduction to Cilium
Liz Rice and Thomas Graf answer the most popular questions about Cilium, its creation and the problems it solves
The Future of eBPF based Networking and Security
eBPF Summit 2020, Thomas Graf, Cilium Co-Creator, CTO & Co-Founder Isovalent
Understanding Cilium Network Performance
Explore the performance characteristics of Cilium based on extensive benchmarks
Related Projects
Hubble
Hubble is a fully distributed networking and security observability platform for cloud native workloads. Hubble is open source software and built on top of Cilium and eBPF to enable deep visibility into the communication and behavior of services as well as the networking infrastructure in a completely transparent manner.
Learn more
Tetragon
Tetragon is a flexible Kubernetes-aware security observability and runtime enforcement tool that applies policy and filtering directly with eBPF, allowing for reduced observation overhead, tracking of any process, and real-time enforcement of policies.
Learn more
Network Policy Editor
Over the years, we have learned a lot about the common challenges while working with many of you in the Cilium community implementing Kubernetes Network Policy. Networkpolicy.io is a free tool to assist you in your journey to assist you with Kubernetes NetworkPolicy.
Learn more
eBPF Library for Go
eBPF is a pure Go library that provides utilities for loading, compiling, and debugging eBPF programs. It has minimal external dependencies and is intended to be used in long running processes.
Learn moreAWS picks Cilium for Networking & Security on EKS Anywhere
Building a Secure and Maintainable PaaS
How Datadog uses Cilium
Kubernetes Network Policies in Action with Cilium