Introduction to Cilium (Part II)

2020-11-12

In this episode, joined by Ilya Dmitrichenko, we'll take a look at Cilium; a CNI implementation for Kubernetes, integrated with eBPF.

Cilium is open source software for transparently securing the network connectivity between application services deployed using Linux container management platforms like Docker and Kubernetes.

At the foundation of Cilium is a new Linux kernel technology called BPF, which enables the dynamic insertion of powerful security visibility and control logic within Linux itself. Because BPF runs inside the Linux kernel, Cilium security policies can be applied and updated without any changes to the application code or container configuration.

šŸ•° Timeline

00:00 - Holding screen
01:00 - Introductions
05:20 - What was setup in advance
06:30 - Installing Cilium / Connectivity Tests
10:00 - Cilium endpoints
15:00 - Layer 3/4 network policies
22:50 - Layer 7 network policies
31:40 - Hubble UI
43:10 - DNS network policies
56:30 - Replacing kube-proxy

šŸŒŽ Resources

Ilya Dmitrichenko - https://twitter.com/errordeveloper
Cilium - https://cilium.io