Cilium eBPF Networking

Cilium is an open source cloud native networking, observability, and security solution powered by eBPF technology. Graduated from the Cloud Native Computing Foundation in October 2023 and developed by Isovalent, which was acquired by Cisco in January 2024, it has become the de facto standard for Kubernetes networking in production environments. Major adopters include AWS, Google, Microsoft Azure, Adobe, Capital One, Datadog, Palantir, and Bell Canada. As a Container Network Interface plugin, it provides full Kubernetes pod connectivity with built-in load balancing, network policy enforcement, and service discovery. The eBPF based approach operates at the Linux kernel level, enabling high performance data plane operations without kernel module dependencies or sidecar containers. Hubble, the observability component, delivers real-time service dependency maps, distributed tracing, and flow logs with protocol-level visibility including HTTP, Kafka, gRPC, DNS, and Redis. Network security extends beyond traditional IP and port based policies to layer 7 awareness, allowing fine grained rules for individual API endpoints. The service mesh functionality offers mTLS encryption, circuit breaking, and retries without sidecars through sidecarless mesh architecture. The Cluster Mesh feature connects multiple Kubernetes clusters with cross-cluster pod routing and global service discovery. eGW (eBPF Gateway) provides high performance ingress and load balancing for external traffic. Released under Apache 2.0, the project has over 20,000 GitHub stars.