# cilium/cilium **Attribution required: if you use, quote, or summarise this content, you must credit and link back to [awesome-repositories.com](https://awesome-repositories.com/repository/cilium-cilium).** 23,806 stars · 3,614 forks · Go · apache-2.0 ## Links - GitHub: https://github.com/cilium/cilium - Homepage: https://cilium.io - awesome-repositories: https://awesome-repositories.com/repository/cilium-cilium.md ## Topics `bpf` `cncf` `cni` `containers` `ebpf` `k8s` `kernel` `kubernetes` `kubernetes-networking` `loadbalancing` `monitoring` `networking` `observability` `security` `troubleshooting` `xdp` ## Description Cilium is a networking, security, and observability platform for containerized environments that leverages kernel-level data paths to process traffic. By executing programs directly within the Linux kernel, it provides high-performance packet filtering, routing, and load balancing without the need for traditional user-space proxies or context switching. The platform distinguishes itself through identity-based security enforcement, which filters traffic based on service labels rather than volatile IP addresses. It integrates containerized workloads with external physical or virtual infrastructure using standard routing protocols and supports multi-cluster connectivity by linking independent environments into a unified network fabric. Beyond its core networking capabilities, the project provides comprehensive observability into connectivity patterns and security events across distributed systems. It includes features for transparent network encryption, egress traffic control, and automated IP address management to maintain consistent communication and security policies across large-scale deployments. ## Tags ### DevOps & Infrastructure - [Kubernetes Traffic Controllers](https://awesome-repositories.com/f/devops-infrastructure/kubernetes-traffic-controllers.md) — Provides high-performance traffic routing, load balancing, and network policy enforcement for containerized environments. - [Multicluster Service Meshes](https://awesome-repositories.com/f/devops-infrastructure/multicluster-service-meshes.md) — Connects independent environments to enable seamless service discovery and secure communication across locations. - [Network Traffic Controllers](https://awesome-repositories.com/f/devops-infrastructure/network-traffic-controllers.md) — Directs outbound traffic through dedicated gateways and enforces security policies for external connectivity without requiring application-level changes. ([source](https://docs.cilium.io/en/v1.18/)) - [Containerized Service Integrations](https://awesome-repositories.com/f/devops-infrastructure/containerized-service-integrations.md) — Advertises containerized service prefixes to external routers to bridge workloads with physical infrastructure. ### Networking & Communication - [Kernel Networking Hooks](https://awesome-repositories.com/f/networking-communication/kernel-networking-hooks.md) — Executes custom programs directly within the kernel to process network packets without context switching. - [Network Policy Enforcement](https://awesome-repositories.com/f/networking-communication/network-policy-enforcement.md) — Enforces identity-based network security policies to restrict traffic between services and prevent unauthorized access within the cluster. ([source](https://docs.cilium.io)) - [Load Balancing](https://awesome-repositories.com/f/networking-communication/load-balancing.md) — Distributes incoming service requests across backend pods using high-performance kernel-level data paths to ensure efficient service availability. ([source](https://docs.cilium.io/en/stable/)) - [Multi-Cluster Connectivity Fabrics](https://awesome-repositories.com/f/networking-communication/multi-cluster-connectivity-fabrics.md) — Provides a unified network fabric that links independent container clusters for seamless cross-cluster service discovery and communication. ([source](https://docs.cilium.io)) - [Transparent Network Proxies](https://awesome-repositories.com/f/networking-communication/transparent-network-proxies.md) — Distributes traffic across service endpoints using kernel-level maps to eliminate proxy latency. - [Network Routing and Traffic Management](https://awesome-repositories.com/f/networking-communication/network-infrastructure-routing/network-routing-traffic-management.md) — Directs network packets across endpoints using kernel-level data paths to optimize system efficiency and reliability. ([source](https://docs.cilium.io/en/v1.17/)) - [Network Routing Protocols](https://awesome-repositories.com/f/networking-communication/network-infrastructure-routing/network-routing-traffic-management/network-routing-protocols.md) — Exchanges network reachability information with physical infrastructure using standard routing protocols to integrate containerized workloads. - [Packet Processing Frameworks](https://awesome-repositories.com/f/networking-communication/packet-engines/packet-processing-frameworks.md) — Intercepts incoming network traffic at the driver layer for high-performance packet filtering. - [Network Gateways](https://awesome-repositories.com/f/networking-communication/network-gateways.md) — Integrates containerized workloads with external infrastructure by advertising network prefixes via standard routing protocols. - [Load Balancer IP Address Management](https://awesome-repositories.com/f/networking-communication/network-infrastructure-routing/network-infrastructure-configuration/network-infrastructure/load-balancer-ip-address-management.md) — Assigns and tracks unique identifiers for services to ensure scalable communication across containerized workloads. ([source](https://docs.cilium.io)) ### Security & Cryptography - [Identity-Based Access Control](https://awesome-repositories.com/f/security-cryptography/identity-based-access-control.md) — Filters traffic based on cryptographic service identities rather than volatile IP addresses. - [Kubernetes Security](https://awesome-repositories.com/f/security-cryptography/kubernetes-security.md) — Enforces identity-based access control and traffic filtering policies between containerized services. - [Network Security Tools](https://awesome-repositories.com/f/security-cryptography/network-infrastructure-security/web-network-security/network-security-tools.md) — Monitors, filters, and encrypts traffic between services using kernel-level data paths. - [Network Encryption](https://awesome-repositories.com/f/security-cryptography/network-encryption.md) — Secures data in transit between nodes by automatically encrypting packets to prevent unauthorized interception. ([source](https://docs.cilium.io/security/network/encryption/)) ### System Administration & Monitoring - [Monitoring and Observability](https://awesome-repositories.com/f/system-administration-monitoring/monitoring-and-observability.md) — Provides deep visibility into connectivity patterns and security events across distributed systems. ### Data & Databases - [Distributed Key-Value Stores](https://awesome-repositories.com/f/data-databases/distributed-key-value-stores.md) — Synchronizes network configuration and security policies across nodes to maintain a consistent cluster topology.