Cilium is open source software for transparently securing the network connectivity between application services deployed using Linux container management platforms like Docker and Kubernetes. At the foundation of Cilium is a new Linux kernel technology called BPF, which enables the dynamic insertion of powerful security visibility and control logic within Linux itself. Because BPF runs inside the Linux kernel, Cilium security policies can be applied and updated.
Download URL: http://github.com/cilium/cilium.git
|Relevant Categories||NFVI - Infrastructure Layer, VNF - Layer 4-7 Security|
|Related Foundation||N/A (Covalent.IO)|
Cilium acts as a middle layer, plugs into container runtimes and orchestrators such as Kubernetes, Docker or CNI, and can generate and atomically update eBPF programs on the fly without requiring a container to restart. Thus, unlike connection proxies, an update of the data-path does not cause connections to be dropped. These programs are specifically tailored and optimized for each container.
|Developer Community Size||44 Contributers|
|Last Release Date||September 2017|
|Code Base Size||911K Lines of code|