How-To

AllCommunityHow-ToReleaseTechnology
How Cilium Protects Against Common Network Attacks
Jun 29, 2020

How Cilium Protects Against Common Network Attacks

Recently a vulnerability was discovered by Etienne Champetier that impacted several Kubernetes CNIs. The vulnerability worked by having an attacker pod send rogue IPv6 “Router Advertisement” packets to the host worker node, causing the node to route its IPv6 traffic through the attackers pod (commonly known as “Man-In-The-Middle”). Fortunately for users of Cilium, this vulnerability didn’t impact their environments because of several built-in and on-by-default security features provided by Cilium.In this blog post, we’ll discuss how on-by-default Cilium features automatically protect against these common types of network attacks.

How-To
Apr 29, 2020

Building a Multi-node Environment with Cilium and K3s in Twenty Minutes or Less

In this guide, we will walk through the steps required to build a multi-node Kubernetes cluster on your local workstation or laptop using K3s and Cilium. Then we'll show how you can use Hubble to inspect traffic in the cluster and visualize data exposed by the superpowers of eBPF and Cilium. We will also show you how to restrict the flow of traffic between applications. Finally, we will see how Cilium and Hubble can provide detailed information to help you solve problems related to compliance and regulations.

How-To
Debugging and Monitoring DNS issues in Kubernetes
Dec 18, 2019

Debugging and Monitoring DNS issues in Kubernetes

DNS is a common cause for outages and incidents in Kubernetes clusters. For real-world stories, swing by Kubernetes Failure Stories. How do you debug and troubleshoot DNS issues? How do you know a problem is related to DNS? This guide provides a step by step tutorial on how to systematically troubleshoot DNS issues in Kubernetes clusters. We will be using [Hubble] to identify and inspect DNS issues as well as set up monitoring so we can locate DNS issues early on to react even before incidents occur.

How-To
Deep Dive into Cilium Multi-cluster
Mar 18, 2019

Deep Dive into Cilium Multi-cluster

This is a deep dive into ClusterMesh, Cilium's multi-cluster implementation.

How-To
Analyzing the CNI performance benchmark
Dec 03, 2018

Analyzing the CNI performance benchmark

This blog post documents the investigation we have done so far of what looked like a performance regression of HTTP/FTP traffic over pure TCP.

How-To
Cilium How-To: Install with Kubernetes on Ubuntu 18.04
Sep 26, 2018

Cilium How-To: Install with Kubernetes on Ubuntu 18.04

Cilium provides API-aware network security for cloud-native applications. Here's a How-To guide to get you going easily with Kubernetes and Cilium on Ubuntu 18.04 LTS.

How-To
Jul 17, 2018

Prometheus Metrics for Kubernetes Networking Using Cilium

In Kubernetes deployments, Prometheus is a popular monitoring system and time-series database for storing health and performance metrics of all the components. Equally popular is Grafana for plotting the metrics. In this post, we will provide steps to setup Prometheus and Grafana for understanding important Cilium metrics related to the security and health of service interactions in a Kubernetes cluster.

How-To
Open Source Elasticsearch Security: Using Cilium for Elasticsearch Access Control with No App/Container Changes
Jul 10, 2018

Open Source Elasticsearch Security: Using Cilium for Elasticsearch Access Control with No App/Container Changes

Elasticsearch is a dominanting open source platform for storing and analyzing all different types of data ranging from application logs, to user payment transactions and network audit logs.

How-To
Feb 07, 2018

Connectivity Troubleshooting with cilium-health

As we approach the upcoming 1.0 release, the Cilium community has been putting a lot of effort towards monitoring and troubleshooting. This has led to the development of several new tools in the project which we'll explore in this blog series. In this first part, we will cover **cilium-health**, a tool for troubleshooting intra-cluster connectivity issues.`

How-To

Community

  • Slack

    For live conversation and quick questions, join the Cilium Slack workspace. Don’t forget to say hi!

    Join slack workspace

  • Twitter

    Follow Cilium on Twitter for the latest news and announcements.

    Follow Cilium on Twitter

  • Github

    Cilium uses GitHub tags to maintain a list of asked questions.

    Join Github