What is Cilium?
Cilium provides eBPF-based networking, observability and security for container workloads. Cilium enables you to secure the network connectivity between application services deployed using Linux container management platforms like Kubernetes.
At the core of Cilium is eBPF, which enables the dynamic insertion of control logic within Linux itself. Because eBPF runs inside the Linux kernel, Cilium security policies can be applied and updated without any changes to the application code or container configuration.
Cilium networking in Gloo Mesh
The Cilium add-on module for Gloo Mesh brings together Istio and Cilium for a more cohesive, secure and performant Layer 2 - Layer 7 application networking architecture. This paves the way for a smoother, simplified enterprise cloud journey.
Integrated Application Networking throughout the entire stack
Companies using Kubernetes have two choices for OSI (Open Systems Interconnection) model Layer 3-4 networking through the CNI (container native interface); iptables-based solutions and eBPF-based solutions. While iptables-based solutions are well established in the market, eBPF-based solutions bring new innovations, and require a new level of expertise to take advantage of performance, security and observability capabilities.
Next generation of cloud-native Application Networking
Istio, Envoy Proxy, eBPF, Kubernetes and containers will provide the foundation for the next generation of cloud-native application networking, by enabling new innovations that will improve performance and simplify the management of networking for cloud-native applications.
Plugable CNI (container native interface) architecture
Gloo Mesh supports Cilium and 3rd-party CNI implementations in a batteries included by pluggable manner. This approach gives our customers the flexibility they need on their cloud journey.