Submit your CfP for CiliumCon NA
Dec 06, 2017

Cilium Now Speaks gRPC!

cilium grpc

The Cilium team is happy to announce tech preview support for gRPC-aware filtering!

While the majority of existing API-based services leverage HTTP REST as their primary protocol for inter-service communication, among teams designing new platforms from scratch, gRPC is quickly gaining steam.  gRPC is based on Google's popular protobuf project, which provides a more compact and efficiently serializable RPC payload.

Microservices written using gRPC typically include a large number of RPC "methods", all of which are exposed on a single TCP port belonging to the gRPC server.  As a result, a traditional network firewall would either open or close the port of the gRPC server, exposing either all or none of the gRPC methods for a service to each RPC client.  However, Cilium's API-aware filtering enables fine-grain security policies that selectively expose RPC methods to different remote callers, eliminating unnecessary attack surface.

We have created a Cilium + gRPC "Getting Started Guide" so you can try it out yourself: http://docs.cilium.io/en/stable/gettingstarted/grpc/ .  Building on our tradition of Star Wars-themed demos, this guide explains how the lack of gRPC-aware network security helped the rebels escape from Cloud City during "The Empire Strikes Back".   Check out the video!

As always, we're very interested in your questions and feedback, so don't hesitate to reach out via Twitter (@ciliumproject) or Slack (http://www.cilium.io/slack).   And don't forget to check out the code and star us on Cilium Github .  Happy gRPC-ing!

Popular posts

Agentic Bee: How to get AI Agents to talk to Tetragon?
May 15, 2025

Agentic Bee: How to get AI Agents to talk to Tetragon?

Learn how Canopus uses eBPF Tetragon & AI Agents to find top 1% of vulnerabilities

Community
Sinad User Story: Delivering Security and Observability for Workloads with Confidence
Apr 25, 2025

Sinad User Story: Delivering Security and Observability for Workloads with Confidence

Learn why Sinad uses Tetragon for security observability and runtime enforcement

Community
Tetragon User Story: Why This Social Networking Company Made Tetragon a Default for their Kubernetes Clusters
Apr 15, 2025

Tetragon User Story: Why This Social Networking Company Made Tetragon a Default for their Kubernetes Clusters

Why a social networking company secures every Kubernetes cluster with Tetragon

Community