Introduction to Cilium (Part II)
In this episode, joined by Ilya Dmitrichenko, we'll take a look at Cilium; a CNI implementation for Kubernetes, integrated with eBPF.Cilium is open source software for transparently securing the network connectivity between application services deployed using Linux container management platforms like Docker and Kubernetes.At the foundation of Cilium is a new Linux kernel technology called BPF, which enables the dynamic insertion of powerful security visibility and control logic within Linux itself. Because BPF runs inside the Linux kernel, Cilium security policies can be applied and updated without any changes to the application code or container configuration.š° Timeline00:00 - Holding screen01:00 - Introductions05:20 - What was setup in advance06:30 - Installing Cilium / Connectivity Tests10:00 - Cilium endpoints15:00 - Layer 3/4 network policies22:50 - Layer 7 network policies31:40 - Hubble UI43:10 - DNS network policies56:30 - Replacing kube-proxyš ResourcesIlya Dmitrichenko - https://twitter.com/errordeveloperCilium - https://cilium.io