Networking, Securing and Observing the Kubernetes Universe With Cilium and Hubble

February 28, 2024February 28, 2024 Timothy Mamo Cilium, cluster management, Hubble, kubernetes, observability

by Timothy Mamo

As you venture deeper into the Kubernetes universe, you’ll start to deal with networking. This is no small feat—especially for the uninitiated—as Kubernetes networking is notoriously complex. This is why tools like Cilium and Hubble, built on Extended Berkeley Packet Filter (eBPF), help you shine a light into the abyss of Kubernetes networking and make things a lot easier.

Cilium

Cilium, a CNCF Graduated open source project, is built on top of eBPF, the technology that allows you to run sandboxed programs in the Linux kernel. Cilium provides a secure and observable way of connecting different workloads, just like the pods and services you run within your Kubernetes cluster.

There are multiple use cases for Cilium, one of which is high-performance networking for clusters where scalability and performance is vital when operating thousands of nodes and a hundred thousand pods. By using this latest technology and moving away from legacy iptables, Cilium allows for efficient load-balancing and incremental updates.

Cilium also offers next-generation service mesh, allowing for lightning-fast networking without the need for sidecars, ensuring a low overhead and reduced complexity on your cluster. It also allows for cluster meshing, increasing your resilience and fault tolerance by making your services highly available.

It also increases your cluster security not only by encrypting traffic within your cluster via a straightforward switch but also by enforcing L7 policies at a granular level to ensure least privileged permissions.

Hubble

Just as the Hubble Space Telescope gave us new insights into our universe when it was first launched, Hubble allows us to observe our Kubernetes cluster, giving us service map visibility and clarity into the communication occurring within our workloads.

Hubble is built on top of Cilium, and therefore eBPF, which means all processes that occur within the kernel will be visible to it.

As your services and workloads increase in number and complexity, having this unparalleled insight and detail about your service dependencies and communication will allow you to secure and troubleshoot your workloads more easily than ever before.

Key features and benefits of Hubble are:

Advanced network visibility: Hubble enables users to observe and troubleshoot interactions between microservices in a Kubernetes cluster, including real-time monitoring of network traffic, service dependencies, and connectivity issues.
Security insights: Get enhanced security analysis and threat detection, helping you to identify potential security risks within your Kubernetes environment. Monitor network policy with detailed observations on DNS resolutions.
Scalable architecture: Hubble is built to handle the needs of large-scale, production Kubernetes environments.
Monitoring and altering: Hubble precisely identifies network issues and can distinguish between DNS, application, and network problems. Set up real-time alerts for TCP interruptions, DNS, and response rate analytics for TCP SYN requests.
User-friendly interface: A simple and intuitive UI for easy navigation and analysis showing a dependency graph between services like highlighting HTTP calls and Kafka interactions

The mysteries of your Kubernetes universe are a little less mysterious with Cilium and Hubble. Add these open source tools to your clusters and enjoy unprecedented visibility into all of your Kubernetes deployments so you can make running Kubernetes way less complex and more efficiently manage and troubleshoot them.

To hear more about cloud-native topics, join the Cloud Native Computing Foundation, Techstrong Group and the entire cloud-native community in Paris, France at KubeCon+CloudNativeCon EU 2024 – March 19-22, 2024.