Join the Cilium Slack
Cilium is an open source project that anyone in the community can use, improve, and enjoy. We'd love you to join us on Slack! Find out what's happening and get involved.
Join the SlackNetworking
Kube-proxy Replacement
Enhanced networking speed and efficiency for your Kubernetes clustersLiberating Kubernetes From kube-proxy and IPtables
IPtables and Netfilter are the two foundational technologies of kube-proxy for implementing the Service abstraction. They carry legacy accumulated over 20 years of development grounded in more traditional networking environments that are typically far more static than your average Kubernetes cluster. In the age of cloud native, they are no longer the best tool for the job, especially in terms of performance, reliability, scalability, and operations.
Kubernetes Without Kube-Proxy
Cilium’s control and data plane has been built from the ground up for large-scale and highly dynamic cloud native environments where 100s and even 1000s of containers are created and destroyed within seconds. Cilium’s control plane is highly optimized, running in Kubernetes clusters of up to 5K nodes and 100K pods. Cilium’s data plane uses eBPF for efficient load-balancing and incremental updates, avoiding the pitfalls of large IPtables rulesets.
Seamless Integration and Upgrade
If you already have kube-proxy running as a DaemonSet, transitioning to Cilium is a breeze. Replacing kube-proxy with Cilium is a straightforward process, as Cilium provides a Kubernetes-native implementation that is fully compatible with the Kubernetes API. Existing Kubernetes applications and configurations can continue to work seamlessly with Cilium.
Unlock Advanced Configuration Modes
Cilium's kube-proxy replacement offers advanced configuration modes to cater to your specific needs. Features like client source IP preservation ensure that your service connections remain intact, while Maglev Consistent Hashing enhances load balancing and resiliency. With support for Direct Server Return (DSR) and Hybrid DSR/SNAT modes, you can optimize traffic routing and improve performance.
Who’s using Cilium’s kube-proxy replacement?
Post Finance picks Isovalent Cilium for Cloud Native Networking
Cilium helped our team to build a scalable Kubernetes platform which meets our demanding requirements to run mission-critical banking software in production. We were able to solve the scale issues of our previous CNI plugin and to simplify our Kubernetes setup by eliminating the need for kube-proxy.
SmartNews leverages Cilium to improve performance and scaling
Cilium has become the go-to solution for replacing kube-proxy in SmartNews new Kubernetes clusters. It boosted their network performance and offered a cost-efficient solution during peak loads.
Service Load-Balancing Without Kube-Proxy on Kubermatic
We use Cilium because it uses eBPF and provides high throughput, lower latency, and less resource consumption, especially when the number of services is large. It also works well across all three major cloud providers, including Google GKE and Azure AKS, which was a critical factor in our choice.
Why is the kernel community replacing iptables with BPF?
Read the history of iptables in the kernel and the advantages of replacing it with eBPF
Want to Learn More?
Read the Documentation
Cilium has extensive documentation that covers its features and use cases. The docs also features tutorials for common user stories.
Read the DocsGet Help
Get help with Cilium through Slack, Github, training, support, and FAQs. The community can also help you tell or promote your story around Cilium.
Get Help