Cilium (computing)

Last updated
Cilium
Original author(s) Thomas Graf,
Daniel Borkmann,
André Martins,
Madhusudan Challa [1]
Developer(s) Open source community, Isovalent, Google, Datadog, Red Hat,
Cloud Native Computing Foundation [2]
Initial releaseDecember 16, 2015;8 years ago (2015-12-16) [1]
Stable release
1.15 / 31 January 2024 (2024-01-31) [3]
Repository github.com/cilium
Written in Go, eBPF, C, C++
Operating system Linux, Windows [4]
Platform x86-64, ARM [5]
Available inEnglish
Type Cloud-native Networking, Security, Observability
License Apache License 2.0,
Dual GPL-2.0-only or BSD-2-clause for eBPF [6]
Website cilium.io

Cilium is a cloud native technology for networking, observability, and security. [1] It is based on the kernel technology eBPF, originally for better networking performance, and now leverages many additional features for different use cases. The core networking component has evolved from only providing a flat Layer 3 network for containers to including advanced networking features, like BGP and Service mesh, within a Kubernetes cluster, across multiple clusters, and connecting with the world outside Kubernetes. [1] Hubble was created as the network observability component and Tetragon was later added for security observability and runtime enforcement. [1] Cilium runs on Linux and is one of the first eBPF applications being ported to Microsoft Windows through the eBPF on Windows project. [7]

Contents

History

Evolution from Networking CNI (Container Network Interface)

Cilium began as a networking CNI [8] for container workloads. It was originally IPv6 only and supported multiple container orchestrators, like Kubernetes. The original vision for Cilium was to build an intent and identity-based high-performance container networking platform. [9] As the cloud native ecosystem expanded, Cilium added new projects and features to address new problems in the space.

The table below summarises some of the most significant milestones of this evolution:

CNCF

Cilium was accepted into the Cloud Native Computing Foundation on October 13th, 2021 as an incubation-level project. It applied to become a graduated project on October 27th 2022. [19] It became a Graduated project one year later. Cilium is one of the fastest-moving projects in the CNCF ecosystem. [30]

Adoption

Cilium has been adopted by many large-scale production users, including over 100 that have stated it publicly, [31] for example:

Cilium is the CNI for many cloud providers including Alibaba, [45] APPUiO, [46] Azure, [47] AWS, [16] DigitalOcean, [48] Exoscale, [49] Google Cloud, [15] Hetzner, [50] and Tencent Cloud. [51]

Projects Overview

Cilium

Cilium began as a container networking project. With the growth of Kubernetes and container orchestration, Cilium became a CNI, [8] providing basic things like configuring container network interfaces and Pod to Pod connectivity. From the beginning, Cilium based its networking on eBPF rather than iptables or IPVS, betting that eBPF would become the future of cloud native networking. [52]

Cilium’s eBPF based dataplane provides a simple flat Layer 3 network with the ability to span multiple clusters in either a native routing or overlay mode with Cilium Cluster Mesh. It is Layer 7-protocol aware and can enforce network policies on Layer 3 to Layer 7 and with FQDN using an identity-based security model that is decoupled from network addressing.

Cilium implements distributed load balancing for traffic between Pods and to external services, and is able to fully replace kube-proxy, [53] using XDP, socket-based load-balancing and efficient hash tables in eBPF. It also supports advanced functionality like integrated ingress and egress gateways, [54] bandwidth management, a stand-alone load balancer, and service mesh. [55]

Cilium is the first CNI to support advanced kernel features such as BBR TCP congestion control [56] and BIG TCP [57] for Kubernetes Pods. [58]

Hubble

Hubble is the observability, service map, and UI of Cilium which is shipped with the CNI. [59] [60] It can be used to observe individual network packet flows, view network policy decisions to allow or block traffic, and build up service maps showing how Kubernetes services are communicating. [61] Hubble can export this data to Prometheus, OpenTelemetry, Grafana, and Fluentd for further analysis of Layer 3/4 and Layer 7 metrics. [62]

Tetragon

Tetragon is the security observability and runtime enforcement project of Cilium. [63] Tetragon is a flexible Kubernetes-aware security observability and runtime enforcement tool that applies policy and filtering directly with eBPF. It allows users to monitor and observe the complete lifecycle of every process execution on their machine, translate policies for file monitoring, network observability, container security, and more into eBPF programs, and do synchronous monitoring, filtering, and enforcement completely in the kernel.

Go eBPF Library

ebpf-go is a pure-Go library to interact with the eBPF subsystem in the Linux kernel. [64] It has minimal external dependencies, emphasises reliability and compatibility, and is widely deployed in production.

Pwru

pwru ("Packet, where are you?") is an eBPF-based tool for tracing network packets in the Linux kernel with advanced filtering capabilities. It allows fine-grained introspection of kernel state to facilitate debugging network connectivity issues. Under the hood, pwru attaches eBPF debugging programs to all Linux kernel functions which are responsible for processing network packets.

This gives a user finer-grained view into a packet processing in the kernel than with tcpdump, Wireshark, or more traditional tools. Also, it can show packet metadata such as network namespace, processing timestamp, internal kernel packet representation fields, and more.

Use Cases

Networking

Cilium began as a networking project and has many features that allow it to provide a consistent connectivity experience from Kubernetes workloads to virtual machines and physical servers running in the cloud, on-premises, or at the edge. Some of these include:

Observability

Being in the kernel, eBPF has complete visibility of everything that is happening on a machine. Cilium leverages this with the following features:

Security

eBPF can stop events in the kernel for security. Cilium projects leverage this through the following features:

Release timeline

Release timeline
VersionRelease dateEnd of Life dateNotes
Old version, no longer maintained: 0.931 May 201710 September 2017 https://cilium.io/blog/2017/5/31/cilium-v09-released-hello-kubernetes/
Old version, no longer maintained: 0.1024 July 201730 November 2017 https://cilium.io/blog/2017/9/29/cilium-v010-v011-released-double-the-fun-two-updates-in-one/
Old version, no longer maintained: 0.1110 September 201724 April 2018 https://cilium.io/blog/2017/9/29/cilium-v010-v011-released-double-the-fun-two-updates-in-one/
Old version, no longer maintained: 0.1230 November 201726 June 2018 https://cilium.io/blog/2017/11/7/cilium-with-kafka/
Old version, no longer maintained: 1.024 April 201823 October 2018 https://cilium.io/blog/2018/04/24/cilium-10/
Old version, no longer maintained: 1.1.026 June 201812 February 2019 https://cilium.io/blog/2018/06/26/cilium-11/
Old version, no longer maintained: 1.2.021 August 201829 April 2019 https://cilium.io/blog/2018/08/21/cilium-12/
Old version, no longer maintained: 1.3.023 October 201820 August 2019 https://cilium.io/blog/2018/10/23/cilium-13-envoy-go/
Old version, no longer maintained: 1.4.012 February 201919 February 2020 https://cilium.io/blog/2019/02/12/cilium-14/
Old version, no longer maintained: 1.5.029 April 201922 June 2020 https://cilium.io/blog/2019/04/24/cilium-15/
Old version, no longer maintained: 1.6.020 August 201910 November 2020 https://cilium.io/blog/2019/08/20/cilium-16/
Old version, no longer maintained: 1.7.019 February 202020 May 2021 https://cilium.io/blog/2020/02/18/cilium-17/
Old version, no longer maintained: 1.8.022 June 20209 December 2021 https://cilium.io/blog/2020/06/22/cilium-18/
Old version, no longer maintained: 1.9.010 November 202019 July 2022 https://cilium.io/blog/2020/11/10/cilium-19/
Old version, no longer maintained: 1.1020 May 202118 April 2023 https://cilium.io/blog/2021/05/20/cilium-110/
Old version, no longer maintained: 1.119 December 202125 July 2023 https://isovalent.com/blog/post/2021-12-release-111/
Old version, no longer maintained: 1.1219 July 202201 February 2024 https://isovalent.com/blog/post/cilium-release-112/
Old version, yet still maintained: 1.1315 February 202319 July 2022 https://isovalent.com/blog/post/cilium-release-113/
Old version, yet still maintained: 1.1425 July 202318 April 2023 https://isovalent.com/blog/post/cilium-release-114/
Old version, yet still maintained: 1.1501 February 202425 July 2023 https://isovalent.com/blog/post/cilium-1-15/
Current stable version:1.1625 July 202401 February 2024 https://isovalent.com/blog/post/cilium-1-16/
Latest preview version of a future release: 1.1701 October 2024 https://github.com/cilium/cilium/releases/tag/v1.17.0-pre.1
Legend:
Old version, not maintained
Old version, still maintained
Latest version
Latest preview version
Future release

Support windows

The chart below visualises the period for which each Cilium community maintained release is/was supported:

Cilium (computing)

Community

Cilium's official website lists online forums, messaging platforms, and in-person meetups for the Cilium user and developer community.

Conferences

Conferences dedicated to Cilium development in the past have included:

Annual Report

The Cilium community releases an annual report to cover how the community developed over the course of the year:

See also

Related Research Articles

seccomp is a computer security facility in the Linux kernel. seccomp allows a process to make a one-way transition into a "secure" state where it cannot make any system calls except exit , sigreturn , read and write to already-open file descriptors. Should it attempt any other system calls, the kernel will either just log the event or terminate the process with SIGKILL or SIGSYS. In this sense, it does not virtualize the system's resources but isolates the process from them entirely.

<span class="mw-page-title-main">Oracle Linux</span> Linux distribution by Oracle

Oracle Linux is a Linux distribution packaged and freely distributed by Oracle, available partially under the GNU General Public License since late 2006. It is compiled from Red Hat Enterprise Linux (RHEL) source code, replacing Red Hat branding with Oracle's. It is also used by Oracle Cloud and Oracle Engineered Systems such as Oracle Exadata and others.

The Berkeley Packet Filter is a network tap and packet filter which permits computer network packets to be captured and filtered at the operating system level. It provides a raw interface to data link layers, permitting raw link-layer packets to be sent and received, and allows a userspace process to supply a filter program that specifies which packets it wants to receive. For example, a tcpdump process may want to receive only packets that initiate a TCP connection. BPF returns only packets that pass the filter that the process supplies. This avoids copying unwanted packets from the operating system kernel to the process, greatly improving performance. The filter program is in the form of instructions for a virtual machine, which are interpreted, or compiled into machine code by a just-in-time (JIT) mechanism and executed, in the kernel.

<span class="mw-page-title-main">OpenShift</span> Cloud computing software

OpenShift is a family of containerization software products developed by Red Hat. Its flagship product is the OpenShift Container Platform — a hybrid cloud platform as a service built around Linux containers orchestrated and managed by Kubernetes on a foundation of Red Hat Enterprise Linux. The family's other products provide this platform through different environments: OKD serves as the community-driven upstream, Several deployment methods are available including self-managed, cloud native under ROSA, ARO and RHOIC on AWS, Azure, and IBM Cloud respectively, OpenShift Online as software as a service, and OpenShift Dedicated as a managed service.

Docker is a set of platform as a service (PaaS) products that use OS-level virtualization to deliver software in packages called containers. The service has both free and premium tiers. The software that hosts the containers is called Docker Engine. It was first released in 2013 and is developed by Docker, Inc.

Kubernetes is an open-source container orchestration system for automating software deployment, scaling, and management. Originally designed by Google, the project is now maintained by a worldwide community of contributors, and the trademark is held by the Cloud Native Computing Foundation.

<span class="mw-page-title-main">Mirantis</span> Cloud computing software and services company

Mirantis Inc. is a Campbell, California, based B2B open source cloud computing software and services company. Its primary container and cloud management products, part of the Mirantis Cloud Native Platform suite of products, are Mirantis Container Cloud and Mirantis Kubernetes Engine. The company focuses on the development and support of container and cloud infrastructure management platforms based on Kubernetes and OpenStack. The company was founded in 1999 by Alex Freedland and Boris Renski. It was one of the founding members of the OpenStack Foundation, a non-profit corporate entity established in September, 2012 to promote OpenStack software and its community. Mirantis has been an active member of the Cloud Native Computing Foundation since 2016.

<span class="mw-page-title-main">Dan Kohn</span> American entrepreneur (1972–2020)

Dan Kohn was an American serial entrepreneur and nonprofit executive who led the Linux Foundation's Public Health initiative. He was the executive director at Cloud Native Computing Foundation (CNCF), which sustains and integrates open source cloud software including Kubernetes and Fluentd, through 2020. The first company he founded, NetMarket, conducted the first secure commercial transaction on the web in 1994.

Container Linux is a discontinued open-source lightweight operating system based on the Linux kernel and designed for providing infrastructure for clustered deployments. One of its focuses was scalability. As an operating system, Container Linux provided only the minimal functionality required for deploying applications inside software containers, together with built-in mechanisms for service discovery and configuration sharing.

TiDB is an open-source NewSQL database that supports Hybrid Transactional and Analytical Processing (HTAP) workloads. Designed to be MySQL compatible, it is developed and supported primarily by PingCAP and licensed under Apache 2.0. It is also available as a paid product. TiDB drew its initial design inspiration from Google's Spanner and F1 papers.

XDP is an eBPF-based high-performance data path used to send and receive network packets at high rates by bypassing most of the operating system networking stack. It is merged in the Linux kernel since version 4.8. This implementation is licensed under GPL. Large technology firms including Amazon, Google and Intel support its development. Microsoft released their free and open source implementation XDP for Windows in May 2022. It is licensed under MIT License.

Kubeflow is an open-source platform for machine learning and MLOps on Kubernetes introduced by Google. The different stages in a typical machine learning lifecycle are represented with different software components in Kubeflow, including model development (Kubeflow Notebooks), model training (Kubeflow Pipelines,Kubeflow Training Operator), model serving (KServe), and automated machine learning (Katib).

In software architecture, a service mesh is a dedicated infrastructure layer for facilitating service-to-service communications between services or microservices using a proxy.

Cloud native computing is an approach in software development that utilizes cloud computing to "build and run scalable applications in modern, dynamic environments such as public, private, and hybrid clouds". These technologies, such as containers, microservices, serverless functions, cloud native processors and immutable infrastructure, deployed via declarative code are common elements of this architectural style. Cloud native technologies focus on minimizing users' operational burden.

The Cloud Native Computing Foundation (CNCF) is a Linux Foundation project that was started in 2015 to help advance container technology and align the tech industry around its evolution.

A cloud-native network function (CNF) is a software-implementation of a function, or application, traditionally performed on a physical device, but which runs inside Linux containers. The features that differ CNFs from VNFs, one of the components of network function virtualization, is the approach in their orchestration.

Open Service Mesh (OSM) was a free and open source cloud native service mesh developed by Microsoft that ran on Kubernetes.

io_uring is a Linux kernel system call interface for storage device asynchronous I/O operations addressing performance issues with similar interfaces provided by functions like read /write or aio_read /aio_write etc. for operations on data accessed by file descriptors.

<span class="mw-page-title-main">Azure Linux</span> Microsoft open source operating system

Azure Linux, previously known as CBL-Mariner, is a free and open-source Linux distribution that Microsoft has developed. It is the base container OS for Microsoft Azure services and the graphical component of WSL 2.

eBPF Safe dynamic programs and tools

eBPF is a technology that can run programs in a privileged context such as the operating system kernel. It is the successor to the Berkeley Packet Filter filtering mechanism in Linux and is also used in non-networking parts of the Linux kernel as well.

References

  1. 1 2 3 4 5 "The Cilium Story - Why We Created Cilium - Thomas Graf, Isovalent, CiliumCon EU 2023". YouTube . 10 June 2023. Retrieved 7 July 2023.
  2. "Announcing the Cilium annual report". CNCF . 26 January 2023. Retrieved 7 July 2023.
  3. "Cilium Stable Releases". GitHub . 10 February 2023. Retrieved 10 February 2023.
  4. "Getting Linux based eBPF programs to run with eBPF for Windows". cloudblogs.microsoft.com. 7 July 2023. Retrieved 7 July 2023.
  5. "Supported Architectures for Cilium". GitHub . 7 July 2023. Retrieved 7 July 2023.
  6. "Cilium License". GitHub . 7 July 2023. Retrieved 7 July 2023.
  7. "ebpf for windows on GitHub". GitHub . Retrieved 10 July 2023.
  8. 1 2 "CNI". cni.dev. Retrieved 10 July 2023.
  9. 1 2 "Cilium Fast IPV6 Container Networking with BPF and XDP". Slideshare . 28 May 2016. Retrieved 24 August 2016.
  10. "Cilium Initial Commit". GitHub . 16 December 2015. Retrieved 10 July 2023.
  11. "Network Policy added to Cilium". GitHub . 28 May 2016. Retrieved 10 July 2023.
  12. "ebpf-go Initial Commit". GitHub . 29 August 2017. Retrieved 24 August 2016.
  13. "Cilium 1.0 Advances Container Networking With Improved Security". eWeek.com. 24 April 2018. Retrieved 13 July 2023.
  14. "Announcing Hubble - Network, Service & Security Observability for Kubernetes". Cilium.io. 19 November 2019. Retrieved 24 August 2016.
  15. 1 2 "New GKE Dataplane V2 increases security and visibility for containers". Google Cloud Platform . 20 August 2020. Retrieved 10 July 2023.
  16. 1 2 "AWS Picks Cilium As Networking And Security Layer". tfir.io. 13 September 2021. Retrieved 10 July 2023.
  17. "pwru Initial Commit". GitHub . 12 October 2021. Retrieved 10 July 2023.
  18. "Going from Packet Where Aren't You to pwru". Cilium.io. 8 February 2023. Retrieved 10 July 2023.
  19. 1 2 "Cilium joins CNCF as an incubating project". CNCF . 13 October 2021. Retrieved 10 July 2023.
  20. "Cilium 1.12 Adds Cilium Service Mesh And Other New Features For Enterprise Kubernetes". tfir.io. 21 July 2022. Retrieved 10 July 2023.
  21. "Tetragon – eBPF-based Security Observability & Runtime Enforcement". Isovalent.com. 16 May 2022. Retrieved 10 July 2023.
  22. "Tetragon – eBPF-based Security Observability & Runtime Enforcement". thenewstack.io. 16 July 2022. Retrieved 10 July 2023.
  23. Bansal, Deepak (2022-12-05). "Microsoft and Isovalent partner to bring next generation eBPF dataplane for cloud-native applications in Azure". Microsoft Azure Blog. Retrieved 2024-02-06.
  24. Ke, Deepak Bansal, Qi (2023-06-22). "Azure CNI with Cilium: Most scalable and performant container networking in the Cloud". Microsoft Azure Blog. Retrieved 2024-02-06.{{cite web}}: CS1 maint: multiple names: authors list (link)
  25. "Cilium Mesh – One Mesh to Connect Them All". Isovalent.com. 19 May 2022. Retrieved 10 July 2023.
  26. "Isovalent's Cilium Mesh bridges gap between Kubernetes and legacy workloads". siliconangle.com. 5 May 2023. Retrieved 10 July 2023.
  27. "Isovalent introduces Isovalent Cilium Mesh to Securely Connect Networks Across On-Prem, Edge, and Cloud". finance.yahoo.com. 17 April 2023. Retrieved 10 July 2023.
  28. 1 2 "CiliumCon Europe 2023". Linux Foundation . Retrieved 10 July 2023.
  29. https://www.cncf.io/announcements/2023/10/11/cloud-native-computing-foundation-announces-cilium-graduation/
  30. "A look at the 2022 velocity of CNCF, Linux Foundation, and top 30 open source projects". Cloud Native Computing Foundation . 11 January 2023. Retrieved 10 July 2023.
  31. "Who is using Cilium?". GitHub . Retrieved 10 July 2023.
  32. "Datadog". Cloud Native Computing Foundation . 2022-10-11. Retrieved 2023-07-12.
  33. "Tales from an eBPF Program's Murder Mystery - Hemanth Malla & Guillaume Fournier, Datadog". YouTube . 2022-10-11. Retrieved 2023-07-12.
  34. "Case Study: Ascend". Cloud Native Computing Foundation . Retrieved 10 July 2023.
  35. "Why eBPF is changing the telco networking space – Daniel Bernier, Bell Canada". YouTube . 21 August 2021. Retrieved 10 July 2023.
  36. "Leveraging Cilium and SRv6 for Telco Networking - Daniel Bernier, Bell Canada". YouTube . 19 May 2022. Retrieved 10 July 2023.
  37. "Cosmonic User Story: Running Cilium on Nomad for Wasm Workloads". Cilium.io. 18 Jan 2023. Retrieved 10 July 2023.
  38. "Cosmonic Open Source Project Integrates Nomad and Cilium". CloudNativeNow.com. 26 May 2023. Retrieved 10 July 2023.
  39. "The Cosmonic Open Source Project Combines Cilium And Nomad". Opensourceforu.com. 30 May 2023. Retrieved 10 July 2023.
  40. "IKEA Private Cloud, eBPF Based Networking, Load Balancing, and Observability with Cilium". YouTube . 19 May 2022. Retrieved 13 July 2023.
  41. "eBPF, a road to invisible network: S&P Global's Network Transformation Journey - Guru Ramamoorthy". YouTube . 4 October 2022. Retrieved 10 July 2023.
  42. "eBPF & Cilium at Sky – Sebastian Duff, Anthony Comtois, Jospeh Samuel [sic], Sky". YouTube . 20 August 2021. Retrieved 10 July 2023.
  43. "Designing and Securing a Multi-Tenant Runtime Environment at the New York Times - Ahmed Bebars". YouTube . 20 April 2023. Retrieved 10 July 2023.
  44. "User Story - How Trip.com uses Cilium". Cilium.io. 5 February 2020. Retrieved 10 July 2023.
  45. "Cilium High Performance Cloud Native Network". Alibaba Cloud . Retrieved 10 July 2023.
  46. "Partnership with Isovalent". appuio.ch. 16 December 2021. Retrieved 10 July 2023.
  47. "General availability: Azure CNI powered by Cilium". Microsoft Azure . 30 May 2023. Retrieved 10 July 2023.
  48. "From Managed Kubernetes to App Platform: 1.5 Years of Cilium Usage at DigitalOcean" (PDF). ebpf.io. 28 October 2020. Retrieved 10 July 2023.
  49. "Cilium CNI & SKS". changelog.exoscale.com. 3 June 2022. Retrieved 10 July 2023.
  50. "Performance Testing Cilium Ingress at Hetzner Cloud". cilium.io. 5 January 2023. Retrieved 10 July 2023.
  51. "Tencent Cloud TKE-based on Cilium unified hybrid cloud container network". segmentfault.com. 1 July 2021. Retrieved 10 July 2023.
  52. "Why is the kernel community replacing iptables with BPF?". linux.com. 23 April 2018. Retrieved 10 July 2023.
  53. "Kubernetes Without kube-proxy". docs.cilium.io. Retrieved 10 July 2023.
  54. "Egress Gateway". docs.cilium.io. Retrieved 10 July 2023.
  55. "Cilium 1.12 GA: Cilium Service Mesh and other major new features for enterprise Kubernetes". Cloud Native Computing Foundation . 13 July 2022. Retrieved 10 July 2023.
  56. Cardwell, Neal; Cheng, Yuchung; Gunn, C. Stephen; Yeganeh, Soheil Hassas; Jacobson, Van (2016). "BBR: Congestion-Based Congestion Control". ACM Queue. 14, September–October: 20–53.
  57. "tcp: BIG TCP implementation [LWN.net]". lwn.net. Retrieved 2023-07-12.
  58. 100Gbit/S Clusters With Cilium: Building Tomorrows Networking- Daniel Borkmann & Nikolay Aleksandrov , retrieved 2023-07-12
  59. "Hubble on Github". GitHub . Retrieved 10 July 2023.
  60. "Hubble Series (Part 1): Re-introducing Hubble". Isovalent.com. 5 June 2023. Retrieved 10 July 2023.
  61. "Service Map & Hubble UI". docs.cilium.io. Retrieved 10 July 2023.
  62. "Monitoring & Metrics". docs.cilium.io. Retrieved 10 July 2023.
  63. "Tetragon on Github". GitHub . Retrieved 10 July 2023.
  64. "ebpf-go on Github". GitHub . Retrieved 10 July 2023.
  65. "Securing Your Kubernetes Cluster: Cilium and Network Policies". learncloudnative.com. 14 June 2023. Retrieved 10 July 2023.
  66. "Layer 4 Load Balancer". cilium.io. Retrieved 10 July 2023.
  67. "Maglev: A Fast and Reliable Software Network Load Balancer". research.google.com. Retrieved 10 July 2023.
  68. "Cilium 1.9: Maglev, Deny Policies, VM Support, OpenShift, Hubble mTLS, Bandwidth Manager, eBPF Node-Local Redirect, Datapath Optimizations, and more". cilium.io. Retrieved 2023-07-12.
  69. "Cilium 1.8: XDP Load Balancing, Cluster-wide Flow Visibility, Host Network Policy, Native GKE & Azure modes, Session Affinity, CRD-mode Scalability, Policy Audit mode, ..." cilium.io. Retrieved 2023-07-12.
  70. "Cluster Mesh". cilium.io. Retrieved 10 July 2023.
  71. "Bandwidth And Latency Optimization". cilium.io. Retrieved 10 July 2023.
  72. "kube-proxy replacement". cilium.io. Retrieved 10 July 2023.
  73. "BGP". cilium.io. Retrieved 10 July 2023.
  74. "Egress Gateway". cilium.io. Retrieved 10 July 2023.
  75. "Cilium Service Mesh". cilium.io. Retrieved 10 July 2023.
  76. "Redefining service mesh with Cilium". medium.com. 31 July 2022. Retrieved 10 July 2023.
  77. "Gateway API". cilium.io. Retrieved 10 July 2023.
  78. "Cloud Native Telco Day Europe 2022: Leveraging Cilium and SRv6 for Telco Net..." cloudnativetelcodayeu22.sched.com. Retrieved 2023-07-12.
  79. "Accelerate network performance with Cilium BBR - Isovalent". isovalent.com. Retrieved 2023-07-12.
  80. "Cilium 1.12 - Ingress, Multi-Cluster, Service Mesh, External Workloads, ..." isovalent.com. Retrieved 2023-07-12.
  81. "Tuning Guide — Cilium 1.15.0-dev documentation". docs.cilium.io. Retrieved 2023-07-12.
  82. "Cilium Mesh - One Mesh to Connect Them All - Isovalent". isovalent.com. Retrieved 2023-07-12.
  83. "Cilium Mesh: A new way to extend Kubernetes benefits across on-premises and cloud networking". techrepublic.com. 26 May 2023. Retrieved 2023-07-12.
  84. "Service Map". cilium.io. Retrieved 10 July 2023.
  85. "Identity-Aware L3/L4/DNS Network Flow Logs". cilium.io. Retrieved 10 July 2023.
  86. "Advanced Network Protocol Visibility". cilium.io. Retrieved 10 July 2023.
  87. "Metrics & Tracing Export". cilium.io. Retrieved 10 July 2023.
  88. "Transparent Encryption". cilium.io. Retrieved 10 July 2023.
  89. "Advanced Network Policy". cilium.io. Retrieved 10 July 2023.
  90. "Runtime Enforcement". cilium.io. Retrieved 10 July 2023.
  91. "Tetragon - eBPF-based Security Observability & Runtime Enforcement - Isovalent". isovalent.com. Retrieved 2023-07-12.
  92. "KubeCon + CloudNativeCon Europe". Linux Foundation Events. Retrieved 2023-07-12.
  93. "CiliumCon North America 2023". events.linuxfoundation.com. Retrieved 11 July 2023.
  94. "KubeCon + CloudNativeCon North America". Linux Foundation Events. Retrieved 2023-07-12.
  95. "Cilium + eBPF Day Europe". Linux Foundation Events. Retrieved 2024-06-07.
  96. "KubeCon + CloudNativeCon Europe". Linux Foundation Events. Retrieved 2024-06-07.
  97. "Cilium + eBPF Day". LF Events. Retrieved 2024-10-30.
  98. "KubeCon + CloudNativeCon North America". LF Events. Retrieved 2024-10-30.
  99. "Announcing the Cilium annual report". CNCF. 2023-01-26. Retrieved 2024-02-06.
  100. "Cilium's 2023 annual report". CNCF. 2023-12-21. Retrieved 2024-02-06.