Cilium is a networking, observability, and security solution with an eBPF-based dataplane. It provides a simple flat Layer 3 network with the ability to span multiple clusters in either a native routing or overlay mode. It is L7-protocol aware and can enforce network policies on L3-L7 using an identity based security model that is decoupled from network addressing.
Cilium implements distributed load balancing for traffic between application containers and to external services and is able to fully replace components such as kube-proxy. The load balancing is implemented in eBPF using efficient hashtables allowing for almost unlimited scale.
For north-south type load balancing, Cilium’s eBPF implementation is optimized for maximum performance, can be attached to XDP (eXpress Data Path), and supports direct server return (DSR) as well as Maglev consistent hashing if the load balancing operation is not performed on the source host.
For east-west type load balancing, Cilium performs efficient service-to-backend translation right in the Linux kernel’s socket layer (e.g. at TCP connect time) such that per-packet NAT operations overhead can be avoided in lower layers.
A new Linux kernel technology called eBPF is at the foundation of Cilium. It supports dynamic insertion of eBPF bytecode into the Linux kernel at various integration points such as: network IO, application sockets, and tracepoints to implement security, networking and visibility logic. eBPF is highly efficient and flexible. To learn more about eBPF, visit eBPF.io.
This is free and open source software.
Website: cilium.io
Support: GitHub Code Repository
Developer: The Cilium Authors
License: Apache License 2.0
Cilium is written in Go. Learn Go with our recommended free books and free tutorials.
Related Software
| Load Balancers | |
|---|---|
| Traefik | Modern HTTP reverse proxy and load balancer |
| HAProxy | High availability layer 7 load balancer and proxy server for TCP and HTTP |
| Cilium | eBPF-based Networking, Observability, Security |
| nginx | Includes a L7 load balancer |
| RoadRunner | High-performance PHP application server, load balancer, and process manager |
| fabio | Fast, modern, zero-conf load balancing HTTP(S) and TCP router |
| BFE | Modern L7 load balancer |
| gobetween | Modern and minimalistic L4 load balancer and reverse-proxy |
| Seesaw | Linux Virtual Server (LVS) based load balancing platform. L4 load balancer |
| nuster | High-performance HTTP proxy cache server and HTTP/TCP load balancer |
| GLB Director | Set of stateless L4 load balancer servers |
| Balance | Generic TCP proxy with round robin load balancing and failover capabilities |
Read our verdict in the software roundup.
 Explore our comprehensive directory of recommended free and open source software. Our carefully curated collection spans every major software category.This directory is part of our ongoing series of informative articles for Linux enthusiasts. It features hundreds of detailed reviews, along with open source alternatives to proprietary solutions from major corporations such as Google, Microsoft, Apple, Adobe, IBM, Cisco, Oracle, and Autodesk. You’ll also find interesting projects to try, hardware coverage, free programming books and tutorials, and much more. Discovered a useful open source Linux program that we haven’t covered yet? Let us know by completing this form. |