Cilium Service Mesh
Sidecar-free Service Mesh powered by eBPF & Envoy
Evolution of the cloud native service mesh
Traditional Service Mesh
- Architectural complexity limits deployments and time-to-value
- Requires tracing across cloud native operations
- Sidecar proxies deployed to support each workload or pod
- Proxy routing brings inefficient increased latency and resource burden
Sidecar-free & Proxyless
- Sidecar-free and proxyless model optimizes resources and simplifies multi-tenant deployment complexity
- Rich observability, context, and control on Layers 3-4 with service mesh API communication on Layer 7
- Low latency significantly increases performance by 4x and reduces operational overhead
- Ready to be implemented out of the box, with no application code changes required
Efficient networking and application context
- Integrated L7 Traffic Management & Load-balancing (HTTP, gRPC, WebSocket, mTLS, REST, distributed tracing, and more)
- Topology Aware Routing across dynamic multi-cloud, clusters, and premises
- Tracing with OpenTelemetry & Jaeger integration
- Built-in Kubernetes Ingress Support
- Low latency authentication with identity-based mTLS authentication for encrypted traffic
Proxyless architecture, seamless adoption
- Proxyless model as the fast lane over other sidecar free service mesh models
- Everything in-kernel with eBPF, with L3/L4 forwarding & load-balancing and L7 tracing & metrics
- Next-Generation Mutual Authentication (mTLS) significantly reduces latency
- Gateway API managing and enforcing ingress traffic, with HTTP routing, TLS termination, and more
- Proxy routing brings overhead by injecting the proxy, redirecting network traffic, terminating connections, and initiating new connections
Read the Case Study
Better policies, less tool sprawl: Tietoevry uses Cilium and Hubble
Learn more here
Flexibility without compromise
- Choice of dataplane with eBPF-powered proxyless & sidecar-free or Envoy powered sidecar-free deployment
- Cilium brings its own Kubernetes-based control plane to offer APIs and coordinate the dataplane across nodes
- Built on existing standards including Kubernetes Services, Gateway API, OpenTelemetry, Prometheus, and SPIFFE
Introduction to Cilium Service Mesh
"Cilium can be crucial for platform maintainers: since it already is so powerful, there are fewer different pieces of a puzzle you have to install into the cluster. You don’t need an extra Ingress or Service Mesh."
-Endre Karlson, SRE Tietoevry Industries
Want to learn more?
There is plenty more material available if you'd like to learn more.
Start a Service Mesh Lab
Step through our interactive labs in a sandbox environment. Choose your path!
Start a LabContact Sales
Engage with the Isovalent sales team to assess an enterprise-grade deployment of Cilium.
Contact SalesRequest a Demo
Request a personalized live demo with an Isovalent Cilium Enterprise expert.
Request a Demo