Code Overview

This section provides an overview of the Cilium & Hubble source code directory structure. It is useful to get an initial overview on where to find what.

High-level

Top-level directories github.com/cilium/cilium:

api
The Cilium & Hubble API definition.
bpf
The eBPF datapath code
bugtool
CLI for collecting agent & system information for bug reporting
cilium
Cilium CLI client
contrib, tools
Additional tooling and resources used for development
daemon
The cilium-agent running on each node
examples
Various example resources and manifests. Typically require to be modified before usage is possible.
hubble-relay
Hubble Relay server
install
Helm deployment manifests for all components
pkg
Common Go packages shared between all components
operator
Operator responsible for centralized tasks which do not require to be performed on each node.
plugins
Plugins to integrate with Kubernetes and Docker
test
End-to-end integration tests run in the End-To-End Testing Framework.

Cilium

api/v1/openapi.yaml
API specification of the Cilium API. Used for code generation.
api/v1/models/
Go code generated from openapi.yaml representing all API resources
bpf
The eBPF datapath code
cilium
Cilium CLI client
cilium-health
Cilium cluster connectivity CLI client
daemon
cilium-agent specific code
plugins/cilium-cni
The CNI plugin to integrate with Kubernetes
plugins/cilium-docker
The Docker integration plugin

Hubble

The server-side code of Hubble is integrated into the Cilium repository. The Hubble CLI can be found in the separate repository github.com/cilium/hubble. The Hubble UI can be found in the separate repository github.com/cilium/hubble-ui.

api/v1/external, api/v1/flow, api/v1/observer, api/v1/peer, api/v1/relay
API specifications of the Hubble APIs.
hubble-relay
Hubble Relay agent
pkg/hubble
All Hubble specific code
pkg/hubble/container
Ring buffer implementation
pkg/hubble/filters
Flow filtering capabilities
pkg/hubble/metrics
Metrics plugins providing Prometheus based on Hubble’s visibility
pkg/hubble/observe
Layer running on top of the Cilium datapath monitoring, feeding the metrics and ring buffer.
pkg/hubble/parser
Network flow parsers
pkg/hubble/peer
Peer service implementation
pkg/hubble/relay
Hubble Relay service implementation
pkg/hubble/server
The server providing the API for the Hubble client and UI

Important common packages

pkg/allocator
Security identity allocation
pkg/bpf
Abstraction layer to interact with the eBPF runtime
pkg/client
Go client to access Cilium API
pkg/clustermesh
Multi-cluster implementation including control plane and global services
pkg/controller
Base controller implementation for any background operation that requires retries or interval-based invocation.
pkg/datapath
Abstraction layer for datapath interaction
pkg/default
All default values
pkg/elf
ELF abstraction library for the eBPF loader
pkg/endpoint
Abstraction of a Cilium endpoint, representing all workloads.
pkg/endpointmanager
Manager of all endpoints
pkg/envoy
Envoy proxy interactions
pkg/fqdn
FQDN proxy and FQDN policy implementation
pkg/health
Network connectivity health checking
pkg/identity
Representation of a security identity for workloads
pkg/ipam
IP address management
pkg/ipcache
Global cache mapping IPs to endpoints and security identities
pkg/k8s
All interactions with Kubernetes
pkg/kafka
Kafka protocol proxy and policy implementation
pkg/kvstore
Key-value store abstraction layer with backends for etcd and consul
pkg/labels
Base metadata type to describe all label/metadata requirements for workload identity specification and policy matching.
pkg/loadbalancer
Control plane for load-balancing functionality
pkg/maps
eBPF map representations
pkg/metrics
Prometheus metrics implementation
pkg/monitor
eBPF datapath monitoring abstraction
pkg/node
Representation of a network node
pkg/option
All available configuration options
pkg/policy
Policy enforcement specification & implementation
pkg/proxy
Layer 7 proxy abstraction
pkg/service
Representation of a load-balancing service
pkg/trigger
Implementation of trigger functionality to implement event-driven functionality