Datadog
Observability platform for metrics, logs, and traces
Open-Source Projects
Discover top open-source software, updated regularly with real-world adoption signals.
Discover top open-source software, updated regularly with real-world adoption signals.
eBPF-based networking, observability, and security for Kubernetes
Cilium delivers high-performance networking, deep observability, and identity-based security for cloud-native workloads using eBPF technology to replace traditional kernel networking components.
Cilium is a CNCF graduated project that provides networking, observability, and security for Kubernetes environments through an eBPF-based dataplane. It offers a flat Layer 3 network capable of spanning multiple clusters via native routing or overlay modes, with L7-protocol awareness and identity-based security policies decoupled from network addressing.
Built on eBPF—a Linux kernel technology that dynamically inserts bytecode at network IO, socket, and tracepoint integration points—Cilium delivers efficient, flexible infrastructure logic. It implements distributed load balancing using eBPF hash tables for near-unlimited scale, fully replacing kube-proxy. Advanced features include integrated ingress/egress gateways, bandwidth management, service mesh capabilities, and comprehensive network visibility.
Cilium supports overlay networking (VXLAN/Geneve), native routing with cloud router integration, and flexible routing via L2 neighbor discovery or BGP. Load balancing operates at both east-west (socket-level connection rewriting) and north-south (XDP, L4 with DSR and Maglev hashing) layers. The project maintains three stable minor releases, distributes AMD64 and AArch64 images, and includes SBOM artifacts starting from version 1.13.0.
When teams consider Cilium, these hosted platforms usually appear on the same shortlist.
Looking for a hosted option? These are the services engineering teams benchmark against before choosing open source.
Kubernetes CNI with kube-proxy Replacement
Achieve scalable, low-latency service networking using socket-level load balancing and efficient eBPF hash tables instead of traditional per-packet NAT.
Multi-Cluster Networking
Span flat Layer 3 networks across multiple Kubernetes clusters using native routing or overlay modes with automated route learning via BGP or L2 discovery.
Identity-Based Security Enforcement
Implement L3-L7 network policies based on workload identity rather than IP addresses, enabling portable security rules across dynamic cloud environments.
High-Throughput Ingress Gateway
Handle north-south traffic at scale using XDP acceleration, L4 load balancing with Direct Server Return, and Maglev consistent hashing for external service access.
Cilium requires a modern Linux kernel with eBPF support. Specific version requirements depend on the features enabled; consult the official documentation for detailed compatibility matrices.
Yes, Cilium can fully replace kube-proxy by implementing distributed load balancing at the socket level using eBPF, eliminating per-packet NAT overhead and enabling better scalability.
Cilium supports overlay networking (VXLAN/Geneve), native routing with cloud provider integration, and flexible routing using L2 neighbor discovery or BGP for layer 3 boundaries.
Identity-based security enforces policies based on workload identity rather than IP addresses, allowing rules to remain valid as pods move or scale across the cluster without address changes.
Cilium distributes container images for both AMD64 and AArch64 architectures, with Software Bill of Materials (SBOM) included starting from version 1.13.0.
Project at a glance
ActiveLast synced 4 days ago
