NETWORKING

High Performance Cloud Native Networking

Super-charge your cloud native network.

High Performance Cloud Native Networking

Super-charge your cloud native network

Default Kubernetes networking is too limited

  • Kubernetes include, by default, basic networking capabilities to enable pod connectivity.
  • To benefit from enhanced networking, security and observability functionalities, platform operators need to install a Container Network Interface (CNI).
  • While there are dozens of CNIs available, their features, scale and performance vary greatly. Many of them rely on a legacy technology (iptables) that cannot handle the scale and churn of Kubernetes environments.
  • Most CNIs offer support for L3/L4 Kubernetes network policy but little beyond.
  • Most Cloud Providers provide their own custom CNIs resulting in operational complexity for customers operating in multi-cloud environments.

eBPF to the rescue

  • Cilium provides a wide variety of Observability and Security features through the use of eBPF.
  • eBPF-based data plane provides an optimal path through the networking stack, resulting into latency reduction and performance gains.
  • Cilium has been tested, validated and optimized across multiple clouds and Kubernetes distributions.
  • Cilium has proven to scale beyond hundreds of nodes.
  • Cilium includes multiple unique performance features, such as XDP, BBR and BIG TCP.
  • Cilium is IPv6-ready and supports advanced IPv6 features such as BGP over IPv6 and Segment Routing v6 (SRv6).
Supercharged Networking

Supercharged Networking

  • Better user experience through reduced latency from the optimized eBPF-based data plane

  • Network platform available across many clouds, making network operations consistent.

  • Future-ready platform through large scale and IPv6 features support

Liberating Kubernetes From Kube-proxy and Iptables

iptables and Netfilter are the two foundational technologies of kube-proxy for implementing a Service abstraction. They carry legacy accumulated over 20 years of development grounded in a more traditional networking environment that is typically far more static than your average Kubernetes cluster.

In the age of containers, they are no longer the best tool for the job, especially in terms of performance, reliability, scalability, and operations. Companies like Google, Facebook and Cloudflare have long realised this and therefore embraced eBPF as technology, which lets one to dynamically reprogram the kernel. Can we replicate the same success story in Kubernetes?

In this talk, you will learn about running a fully functioning Kubernetes cluster without iptables, Netfilter and thus without kube-proxy in a scalable and secure way with the help of eBPF and Cilium.

BIG TCP Demo

With Cilium 1.13 comes a new exciting feature that enables faster performance and lower latency through the network stack: BIG TCP.

PostFinance Solution Highlight

“We measured and compared pod startup latencies - how long does it take for a pod after startup to reach certain endpoints on the network?- and quickly saw that Cilium was outperforming the iptables based CNI."

-- Thomas Gosteli, Linux Systems Specialist

PostFinance

Want to learn more?

There is plenty more material available if you'd like to learn more.

Start a Lab

Step through our interactive labs in a sandbox environment.

Start a Lab

Contact Sales

Engage with the Isovalent sales team to assess an enterprise-grade deployment of Cilium.

Contact Sales

Request a Demo

Request a personalized live demo with an Isovalent Cilium Enterprise expert.

Request a Demo