Welcome to Cilium’s documentation!
The documentation is divided into the following sections:
Cilium Quick Installation: Provides a simple tutorial for running a small Cilium setup on your laptop. Intended as an easy way to get your hands dirty applying Cilium security policies between containers.
Getting Started : Details instructions for installing, configuring, and troubleshooting Cilium in different deployment modes.
Overview of Network Policy : Detailed walkthrough of the policy language structure and the supported formats.
Monitoring & Metrics : Instructions for configuring metrics collection from Cilium.
Troubleshooting : Describes how to troubleshoot Cilium in different deployment modes.
BPF and XDP Reference Guide : Provides a technical deep dive of eBPF and XDP technology, primarily focused at developers.
API Reference : Details the Cilium agent API for interacting with a local Cilium instance.
Development : Gives background to those looking to develop and contribute modifications to the Cilium code or documentation.
Securing Networks with Cilium : Provides a one-page resource of best practices for securing Cilium.
A hands-on tutorial in a live environment is also available for users looking for a way to quickly get started and experiment with Cilium.
Overview
Getting Started
Advanced Installation
Networking
- Networking Concepts
- Kubernetes Networking
- Introduction
- Concepts
- Requirements
- Configuration
- Network Policy
- Kubernetes Without kube-proxy
- Endpoint CRD
- EndpointSlice CRD
- CiliumEndpointSlice (beta)
- Kubernetes Compatibility
- Cilium CRD schema validation
- Troubleshooting
- Bandwidth Manager
- Kata Containers with Cilium
- Configuring IPAM Modes
- Local Redirect Policy (beta)
- BGP
- eBPF Datapath
- Multi-cluster Networking
- External networking
- Service Mesh
- VXLAN Tunnel Endpoint (VTEP) Integration (beta)
- LoadBalancer IP Address Management (LB IPAM)
- L2 Announcements / L2 Aware LB (Beta)
Security
- Securing Networks with Cilium
- Identity-Aware and HTTP-Aware Policy Enforcement
- Locking Down External Access with DNS-Based Policies
- Inspecting TLS Encrypted Connections with Cilium
- Securing a Kafka Cluster
- Securing gRPC
- Securing Elasticsearch
- Securing a Cassandra Database
- Securing Memcached
- Locking Down External Access Using AWS Metadata
- Creating Policies from Verdicts
- Host Firewall
- Restricting privileged Cilium pod access
- Overview of Network Security
- Overview of Network Policy
- Restricting privileged Cilium pod access
- Threat Model
Operations
Community
Contributor Guide
Reference
BPF and XDP Reference Guide