The Cloud Native Computing Foundation, which builds sustainable ecosystems for cloud native software, announced the graduation of Cilium. Cilium is an eBPF-powered open source, cloud native solution for providing, securing, and observing network connectivity between workloads.
Cilium began as an eBPF-based implementation of the Container Networking Interface to provide Layer 3-4 connectivity between container workloads. It has since expanded to include capabilities like network policy, meshing multiple Kubernetes clusters together, replacing kube-proxy, providing network encryption, integrated ingress and egress gateway, bandwidth management, BGP, and connecting external workloads into Kubernetes. The Cilium project pioneered sidecarless service mesh, and its sub-project Hubble provides network observability for layers 3-7, metrics, service map, and UI, while Tetragon focuses on security observability and runtime enforcement.
“Cilium’s graduation highlights its evolution from a simple CNI to a complete networking, observability, and security solution that prepares platforms and organizations for the next steps on their cloud native journey,” said Thomas Graf, Cilium co-founder and CTO of Isovalent. “On behalf of the project, we wish to thank every contributor who has collectively brought us to graduation within CNCF.”
Cilium was initially created by Isovalent and was built from the ground up based on eBPF. It became an Incubating CNCF project in October 2021 and now has maintainers from 7 different companies and over 800 individual contributors. The project powers some of the largest Kubernetes clusters in the world, with end users ranging from digital native startups to the world’s largest financial institutions and telcos. It has 46 public case studies from companies, including Bell Canada, Bloomberg, DB Schenker, S&P Global, Sky, and The New York Times, and well over 100 organizations listed in its USERS file. Cilium is the second most active CNCF project in terms of the number of commits, behind only Kubernetes.
Graduation is not the end goal but rather the beginning of creating the ecosystem around Cilium. The project is growing beyond just Kubernetes to include support for external workloads, like bare metal and virtual machines. It was the first project to add support for Gateway API and includes a Layer 4 load balancer for north-south traffic. Cilium Service Mesh also enables workloads to mutually authenticate their connections using SPIFFE/SPIRE. Cilium now integrates with Prometheus and Grafana for simplified Day 2 operations.
“When embarking on a project, one can never predict its ultimate success, but the belief in its potential to address complex challenges is the driving force,” said André Martins, Cilium maintainer. “Witnessing Cilium achieve CNCF graduation is a testament to the unwavering support the community has contributed over the years. With each passing year, as the community continues to grow and deepen its support, it instills a profound sense of confidence in more organizations to adopt and integrate it into their infrastructure. This graduation isn’t the end; rather, it serves as a validation of the breakthroughs Cilium will pioneer in the years to come.”
SOURCE: PRNewswire