Cilium Service Mesh Extends eBPF for Cloud Deployments

A major update to the open source Cilium project provides service mesh and runtime security for cloud-native application workloads.

Sean Michael Kerner, Contributor

July 22, 2022

3 Min Read
service mesh architecture
Getty Images

The open source Cilium project has been building out eBPF (extended Berkeley Packet Filter) networking technology for the last several years and is now moving to the next stage of its evolution, with service mesh capabilities for cloud deployments.

On July 20, Cilium 1.12 became generally available, adding service mesh to the project that is hosted by the Cloud Native Computing Foundation (CNCF). Cloud providers already widely use Cilium to enable visibility and control into networking. The addition of service mesh capabilities will now enable Cilium users to have more control for distributed applications running in cloud deployments.

"Service mesh really came from the application level," Thomas Graf, Cilium creator and Isovalent CTO and co-founder, told ITPro Today. "What we're now seeing is that the networking world and the service mesh world are kind of colliding, and most likely they will be folded together into what may be called cloud-native networking."

What Cilium Service Mesh Brings to the Cloud

The promise of service mesh technology has long been about enabling observability, security, and management, which is also what eBPF does for the Linux operating system, according to Graf.



The Linux operating system that is at the foundation of many cloud platforms has long supported eBPF. Graf explained that without the service mesh, the visibility and control have largely been at the networking layer. The service mesh concept now brings visibility and control higher up the stack into the application layer.

Related:Google Cloud Sustainability Summit Pushes Green Agenda

Cloud-native services are increasingly being managed and deployed by platform teams within organizations. Those teams generally are not particularly strong on networking skills and tend to focus on applications and services, Graf said. It is the platform teams that have been driving the adoption of service mesh technology to better deploy and manage cloud-native infrastructure.

With its service mesh capabilities, Cilium is able to support load balancing for traffic management across cloud-native services, as well as provide security segmentation, he said.

Cilium 1.12 Adds Improved Runtime Security for Cloud Workloads

While Service Mesh is the biggest new feature, it's not the only new capability in the Cilium 1.12 release.

The project has also added the Tetragon security feature, which provides runtime enforcement for security issues. Tetragon can help identify potentially malicious process execution, system call activity, and network and file access events.

The ability to see security events across multiple clusters is also supported in Cilium 1.12, thanks to improvements to Cilium's ClusterMesh capabilities. With ClusterMesh, services running across multiple clusters can be grouped together as a single global service.

The Cilium 1.12 technology is currently available as an open source release. Isovalent, which is one of the leading commercial contributors to the Cilium project, plans to release an enterprise edition in the next several weeks that will bring commercial support.

About the Author(s)

Sean Michael Kerner


Sean Michael Kerner is an IT consultant, technology enthusiast and tinkerer. He consults to industry and media organizations on technology issues.

Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.

You May Also Like