Cilium eBPF Networking

Cilium is an open-source networking, observability, and security solution for cloud-native environments, powered by eBPF (extended Berkeley Packet Filter) technology to provide high-performance data plane operations without kernel module dependencies. Created by Thomas Graf and Daniel Borkmann in 2015, acquired by Isovalent in 2020, and graduated as a CNCF project in 2023, with over 20,000 stars as of 2026. Key features include: eBPF-based dataplane (kernel-level programmable networking without kernel modules or sidecars, enabling dynamic reconfiguration without restarts), CNI compliance (Container Network Interface plugin providing pod networking with native Kubernetes integration, supporting IPv4 and IPv6 dual-stack), service load balancing (layer 4 load balancing with maglev consistent hashing, DSR, and health checking, replacing kube-proxy entirely), network policies (layer 3, 4, and 7 policy enforcement with identity-based security using Kubernetes labels instead of IP addresses), Hubble (observability layer providing service dependency maps, flow logs, and metrics via eBPF without application changes), ClusterMesh (multi-cluster connectivity enabling pod-to-pod communication and service discovery across Kubernetes clusters), transparent encryption (WireGuard and IPsec-based encryption for node-to-node and pod-to-pod traffic), bandwidth management (per-pod rate limiting using EDT algorithm with BPF), ingress controller (layer 7 ingress with TLS termination and routing), gateway API support (full Kubernetes Gateway API implementation), and sidecar-free service mesh (optional L7 proxy capabilities without sidecar containers).