Training > Cloud & Containers > Introduction to Cilium (LFS146)
Training Course

Introduction to Cilium (LFS146)

Cilium is a popular and widely-deployed Container Network Interface (CNI) solution that is now the default across many Kubernetes distributions and cloud provider offerings. Get a practical introduction to using Cilium as the networking plug-in for Kubernetes, including installation, observability with Hubble, securing network connections, and multi-cluster support – all based on eBPF for scalability.

Who Is It For

This course is designed for application developers, systems operators, and security professionals with an interest in learning how to use Cilium to better connect, observe, and secure Kubernetes. Learners should be familiar with basic Kubernetes concepts, Kubernetes operations and the kubectl tool.
read less read more
What You’ll Learn

The course teaches the basics of Cilium and how it is used to connect, observe, and secure Kubernetes clusters, starting with the container networking challenges motivating the creation of Cilium, followed by the Cilium architecture and how it uses eBPF to address those challenges. The course also provides a step-by-step guide for installing and setting up Cilium as your CNI is included, enabling you to learn how to configure network policies to secure a network and how to use Hubble to observe network flows. Finally, the course provides hands-on experience using some of Cilium’s most popular features, such as support for L7 protocol-aware network policies, transparent encryption, and cluster mesh networking. By the end of this course, you will understand how Cilium and Hubble work and how they can be used to connect, observe, and secure your cloud native environments.
read less read more
What It Prepares You For

Upon completion, you will be able to install and use Cilium to better connect, observe and secure your Kubernetes applications. Cluster administrators will be able to confidently install Cilium on a single cluster or in a cluster mesh configuration and to replace kube-proxy for more efficient, scalable networking. Cluster users will be able to use Hubble to observe network activity and then craft L3-L7 network policy to better secure their applications.
read less read more
Course Outline
Chapter 1. Cilium Overview
Chapter 2. Let's Install Cilium
Chapter 3. Network Policy
Chapter 4. Network Observability Using Hubble
Chapter 5. Prometheus Metrics
Chapter 6. Transparent Encryption
Chapter 7. Replacing kube-proxy with Cilium
Chapter 8. Introduction to Cilium Cluster Mesh

  • The hands-on exercises require a Kubernetes cluster pre-provisioned without a CNI plugin.
  • The cluster hosts must be using a Linux kernel with socket load balancing support (kernel versions v4.19.57, v5.1.16, v5.2.0 or more recent)
  • The learners’ primary system should have the helm, kubectl and curl commands available.
  • All exercises have been tested using local development clusters based on Kind (v0.17.0) and minikube (v1.26.1), as well as Azure’s AKS service.