Cilium is open source software for transparently providing and securing the network and API connectivity for containers. Cilium is deployed as a daemonset on all worker nodes. Cilium works with both AWS EKS and self-hosted Kubernetes clusters on AWS.
At the foundation of Cilium is a new Linux kernel technology called BPF, which enables the dynamic insertion of powerful security, visibility, and networking control logic within Linux itself. Besides providing traditional network level security, the flexibility of BPF enables security on API and process level to secure communication within a container or pod. Because BPF runs inside the Linux kernel, Cilium security policies can be applied and updated without any changes to the application code or container configuration.