Popular posts

Tetragon 1.0: Kubernetes Security Observability & Runtime Enforcement with eBPF
Oct 31, 2023

Tetragon 1.0: Kubernetes Security Observability & Runtime Enforcement with eBPF

Cilium Tetragon 1.0 has arrived! marking a significant stride in Kubernetes security and observability, offering low-overhead, eBPF-driven runtime enforcement and monitoring

Technology
External
How DB Schenker Migrated from Calico to Cilium
Sep 07, 2023

How DB Schenker Migrated from Calico to Cilium

Learn how DB Schneker migrated their Kubernetes platform CNI from Calico to Cilium

CommunityTechnology
Unleashing the Power of Cilium CNI to Propel Trendyol’s Performance Up to 40%
Jul 26, 2023

Unleashing the Power of Cilium CNI to Propel Trendyol’s Performance Up to 40%

Explore the reasons why Trendyol chose Cilium and the value they received from it

Community
External

All posts

Jul 01, 2019

CVE-2019-13119: Policy bypass via nested encapsulation

On May 25 2019, a security relevant bug has been reported to us via the documented security disclosure channel. It was soon identified that multiple vendors are affected by this vulnerability. This lead to an embargo period which is being lifted today. The bug allows, under certain circumstances, to bypass network security policies. See below for details on the vulnerability and the mitigation.

Technology
Jun 24, 2019

License change and lack of attribution of Cilium eBPF code in Calico project

As with everything we do, we are fully transparent. As it becomes obvious that a simple resolution in this matter is not possible, we follow open source best practices and choose a public forum for the sake of transparency. It was brought to our attention that some of the new eBPF code committed to the Calico repository is violating the license of source code in the Cilium repository.

Community
Cilium User Survey March 2019 - The Results
May 03, 2019

Cilium User Survey March 2019 - The Results

Back in March we have asked our users to provide feedback via our first ever user survey. Many of you have responded and the results are in!

Community
Cilium 1.5: Scaling to 5k nodes and 100k pods, BPF-based SNAT, and Rolling Key Updates for Transparent Encryption
Apr 29, 2019

Cilium 1.5: Scaling to 5k nodes and 100k pods, BPF-based SNAT, and Rolling Key Updates for Transparent Encryption

We are excited to announce the Cilium 1.5 release. Cilium 1.5 is the first release where we primarily focused on scalability with respect to number of nodes, pods and services. Our goal was to scale to 5k nodes, 20k pods and 10k services. We went well past that goal with the 1.5 release and are now officially supporting 5k nodes, 100k pods and 20k services. Along the way, we learned a lot, some expected, some unexpected, this blog post will dive into what we learned and how we improved.

Release
Deep Dive into Cilium Multi-cluster
Mar 18, 2019

Deep Dive into Cilium Multi-cluster

This is a deep dive into ClusterMesh, Cilium's multi-cluster implementation.

How-To
Cilium 1.4: Multi-Cluster Service Routing, DNS Authorization, IPVLAN support, Transparent Encryption, Flannel Integration, Benchmarking other CNIs, ...
Feb 12, 2019

Cilium 1.4: Multi-Cluster Service Routing, DNS Authorization, IPVLAN support, Transparent Encryption, Flannel Integration, Benchmarking other CNIs, ...

We are excited to announce the Cilium 1.4 release. The release introduces several new features as well as optimization and scalability work. The highlights include the addition of global services to provide Kubernetes service routing across multiple clusters, DNS request/response aware authorization and visibility, transparent encryption (beta), IPVLAN support for better performance and latency (beta), integration with Flannel, GKE on COS support, AWS metadata based policy enforcement (alpha) as well as significant efforts into optimizing memory and CPU usage.

Release
Why MobiLabs switched to Cilium
Jan 22, 2019

Why MobiLabs switched to Cilium

Learn how Mobilabs switched to Cilium to improve network performance

Community
External
Cilium 1.4 Preview: Multi-Cluster Service Routing, DNS Authorization, and Transparent Encryption
Dec 10, 2018

Cilium 1.4 Preview: Multi-Cluster Service Routing, DNS Authorization, and Transparent Encryption

As we all enjoy a wonderful week at KubeCon 2018 US, we want to provide a preview into the upcoming Cilium 1.4 release. We are days away from 1.4.0-rc1 which will allow for community testing of a lot new exciting functionality.

Release
Analyzing the CNI performance benchmark
Dec 03, 2018

Analyzing the CNI performance benchmark

This blog post documents the investigation we have done so far of what looked like a performance regression of HTTP/FTP traffic over pure TCP.

How-To

Community

  • Slack

    Join slack workspace
  • Twitter

    Follow Cilium on Twitter
  • Github

    Join Github