The Cloud Native Computing Foundation (CNCF) has announced the graduation of Cilium, an eBPF-powered open source, cloud native solution for providing, securing, and observing network connectivity between workloads.
“Cilium’s graduation highlights its evolution from a simple CNI to a complete networking, observability, and security solution that prepares platforms and organizations for the next steps on their cloud native journey,” said Thomas Graf, Cilium co-founder and CTO of Isovalent. “On behalf of the project, we wish to thank every contributor who has collectively brought us to graduation within CNCF.”
Cilium began as an eBPF-based implementation of the Container Networking Interface to provide Layer 3-4 connectivity between container workloads. It has since expanded to include capabilities like network policy, meshing multiple Kubernetes clusters together, replacing kube-proxy, providing network encryption, integrated ingress and egress gateway, bandwidth management, BGP, and connecting external workloads into Kubernetes. The Cilium project pioneered sidecarless service mesh, and its sub-project Hubble provides network observability for layers 3-7, metrics, service map, and UI, while Tetragon focuses on security observability and runtime enforcement.
“eBPF has grown into a powerful technology for extending the Linux kernel to meet a variety of use cases,” said Chris Aniszczyk, CTO of CNCF. “Cilium and the modern eBPF stack will help shape the future of cloud native networking and observability. Cilium has demonstrated really impressive growth in its nearly two years in the Incubator, and we’re excited to watch as the ecosystem continues to push the benefits of eBPF even further.”