Technology · Ebook
Cilium: eBPF Networking, Security, and Observability
by Shriira Press
Cilium is the modern networking, security, and observability layer for Kubernetes, built on the Linux kernel's eBPF technology and an identity-based model that replaces brittle IP rules. This free book teaches it from the ground up: what eBPF is and why it changes networking, Cilium's architecture and CNI role, the identity and endpoint model, network policies from L3/L4 up to L7 and DNS-aware egress, replacing kube-proxy with eBPF service load balancing, Hubble for real-time flow observability, transparent encryption with WireGuard/IPsec, multi-cluster networking with Cluster Mesh, and operating Cilium in production. Ten focused chapters with real policies and clear diagrams that take you from concepts to a fast, secure, and finally visible cluster network.
Contents
- 1Preface
- 2Chapter 1 — What Cilium Is
- 3Chapter 2 — eBPF Foundations
- 4Chapter 3 — Architecture and the CNI Role
- 5Chapter 4 — Identity and Endpoints
- 6Chapter 5 — Network Policies
- 7Chapter 6 — Layer 7 and DNS-Aware Policies
- 8Chapter 7 — Services and Load Balancing
- 9Chapter 8 — Hubble and Observability
- 10Chapter 9 — Encryption and Multi-Cluster
- 11Chapter 10 — Operating Cilium and Putting It Together