Networking, security, and observability for Kubernetes — powered by eBPF and identity, not IP addresses.

Welcome to Cilium: eBPF Networking, Security, and Observability.

Cilium is the modern networking, security, and observability layer for Kubernetes, built on the Linux kernel's eBPF technology and an identity-based model that replaces brittle IP rules. This free book teaches it from the ground up: what eBPF is and why it changes networking, Cilium's architecture and CNI role, the identity and endpoint model, network policies from L3/L4 up to L7 and DNS-aware egress, replacing kube-proxy with eBPF service load balancing, Hubble for real-time flow observability, transparent encryption with WireGuard/IPsec, multi-cluster networking with Cluster Mesh, and operating Cilium in production. Ten focused chapters with real policies and clear diagrams that take you from concepts to a fast, secure, and finally visible cluster network.

This title is part of the ShriIra library and is free to read in full, right here — our small contribution to making world-class knowledge easy to reach.

A note on reading it: open the Contents menu at the top of the reader to jump between chapters, use the Aa menu to set a comfortable text size, theme (light, sepia, or night), and single- or two-page layout. Your place is saved automatically, so you can always pick up where you left off.

We hope it serves you well.

— Shriira Press

Contents

1. Chapter 1 — What Cilium Is
2. Chapter 2 — eBPF Foundations
3. Chapter 3 — Architecture and the CNI Role
4. Chapter 4 — Identity and Endpoints
5. Chapter 5 — Network Policies
6. Chapter 6 — Layer 7 and DNS-Aware Policies
7. Chapter 7 — Services and Load Balancing
8. Chapter 8 — Hubble and Observability
9. Chapter 9 — Encryption and Multi-Cluster
10. Chapter 10 — Operating Cilium and Putting It Together