Skip to content


eBPF-based Networking, Security, and Observability

Hey, this is Cilium 🐝🐝🐝

Our Sign-up Contributing Roadmap Governance

Cilium is an open source, cloud native solution for providing, securing, and observing network connectivity between workloads, fueled by the revolutionary Kernel technology eBPF.


Cilium is used to provide and transparently secure network connectivity and load balancing between application workloads such as application containers, processes, or VMs. Cilium operates at Layer 3/4 to provide traditional networking and security services as well as Layer 7 to protect and secure use of modern application protocols such as HTTP, gRPC, and Kafka. Cilium is a part of the Cloud Native Computing Foundation and is their most advanced and widely used CNI for Kubernetes. Check out the Getting Started Guides to try it out.

Cilium has hundreds of adopters around the world including Bell Canada, Capital One, Google, The New York Times, and Yahoo. If you are using Cilium, add yourself to the list today!

Cilium overview diagram


Hubble is a fully distributed networking and security observability platform for cloud native workloads. It is built on top of Cilium and eBPF to enable deep visibility into the communication and behavior of services as well as the networking infrastructure in a completely transparent manner. Hubble helps teams understand service dependencies and communication maps, operational monitoring and alerting, application monitoring, and security observability.

Hubble overview diagram


Tetragon enables powerful realtime, eBPF-based Security Observability and Runtime Enforcement. Tetragon detects and is able to react to security-significant events, such as:

  • Process execution events
  • System call activity
  • I/O activity including network & file access

When used in a Kubernetes environment, Tetragon is Kubernetes-aware - that is, it understands Kubernetes identities such as namespaces and pods - so that security event detection can be configured for specific individual workloads.

Tetragon Overview Diagram

As described in the roadmap, Tetragon is still considered Beta level software. We would love your feedback on Tetragon to help it mature.


Cilium is an open source project that anyone in the community can use, improve, and enjoy. Over 400 people have already contributed to the Cilium project and you can too. We'd love you to join us! Here's a few ways to find out what's happening and get involved:

Join the Cilium workspace on Slack

Follow Cilium on Twitter and LinkedIn

Check Good First Issues for starting to contribute

Subscribe to the newsletter

Subscribe to the eBPF and Cilium Community on Youtube

You’ve already found us on Github!


  1. cilium cilium Public

    eBPF-based Networking, Security, and Observability

    Go 19.1k 2.8k

  2. tetragon tetragon Public

    eBPF-based Security Observability and Runtime Enforcement

    Go 3.4k 323

  3. hubble hubble Public

    Hubble - Network, Service & Security Observability for Kubernetes using eBPF

    Makefile 3.4k 244

  4. ebpf ebpf Public

    ebpf-go is a pure-Go library to read, modify and load eBPF programs and attach them to various hooks in the Linux kernel.

    Go 5.9k 659

  5. pwru pwru Public

    Packet, where are you? -- eBPF-based Linux kernel networking debugger

    C 2.6k 161

  6. cilium-cli cilium-cli Public

    CLI to install, manage & troubleshoot Kubernetes clusters running Cilium

    Go 387 195


Showing 10 of 128 repositories