Cilium, an open-source technology used to manage software containers’ network traffic, today graduated from the CNCF’s incubation program.

The CNCF, or Cloud Native Computing Foundation, is a Linux Foundation affiliate that manages dozens of open-source projects. Its portfolio includes foundational technologies such as Kubernetes and the Prometheus observability platform. The CNCF incubation program from which Cilium graduated today is designed to foster promising open-source projects with applications in the enterprise.

Cilium’s graduation comes about two years after it was donated to the CNCF by Isovalent Inc., a venture-backed networking startup. It’s a software engine designed to ease the task of managing the data traffic that flows between a company’s containers. Cilium also provides cybersecurity and observability features.

At the heart of Cilium is a piece of open-source software called eBPF. The latter technology is included in the Linux kernel, the part of the operating system that contains its most essential features. Using eBPF, developers can extend Linux with custom features that the kernel doesn’t provide out of the box. 

There are several other ways to customize Linux. However, those methods involve more time and effort than using eBPF. Additionally, they often require developers to modify the existing, highly complicated code that makes up the Linux kernel, which increases the risk of software errors.

Cilium uses eBPF to extend Linux with tools for managing network traffic between software containers. According to the engine’s maintainers, it can be used to coordinate the flow of traffic in Kubernetes clusters with thousands of containers. Cilium is also capable of managing data movement between disparate Kubernetes clusters.

One of the engine’s main selling points is that it’s fast. Typically, containers’ network traffic goes through a component of the Linux kernel called iptables before it continues to its destination, which slows down processing. Cilium bypasses iptables to improve performance.

The engine also includes other performance optimizations. It features an implementation of BBR, an algorithm developed by Google LLC to reduce network congestion in enterprise application environments. BBR can detect when a network link connecting two containers experiences high latency and reroute traffic in a way that removes the bottleneck.

For added measure, Cilium has a built-in load balancing tool. The tool can evenly spread network traffic among a company’s Kubernetes clusters to optimize performance. This avoids situations where too much traffic is sent to one of the Kubernetes clusters while the others are left underutilized. 

Alongside its core networking features, Cilium provides a number of other capabilities to ease Kubernetes cluster management. Those capabilities focus on two use cases: cybersecurity and observability. 

Cilium includes a security tool that can limit which containers may exchange data with one another over the network. By blocking unnecessary network connections, companies can make it more difficult for hackers to send requests traffic to their workloads. Cilium also makes it possible to encrypt containers’ traffic to block eavesdropping attempts.

A complementary set of monitoring features can be used to scan network traffic for malicious activity. Cilium’s monitoring features also lend themselves to more routine tasks, such as tracking connection error rates.

The engine’s graduation from CNCF incubation today follows several years of development, a due diligence initiative carried out by the CNCF’s technical oversight committee and a third-party cybersecurity audit. The milestone is significant because it signals Cilium is now ready for production use in the enterprise. That could help boost the adoption of the engine among large enterprises, as well as potentially draw more code contributors. 

“Cilium’s graduation highlights its evolution from a simple CNI to a complete networking, observability, and security solution that prepares platforms and organizations for the next steps on their cloud native journey,” said Thomas Graf, co-founder and chief technology officer of Cilium creator Isovalent.

Though it only graduated today, Cilium already has an installed base of about 50 organizations. Those early adopters include S&P Global Inc., Bloomberg LP and other large enterprises. Cilium’s maintainer ecosystem includes more than 800 individual developers along with seven companies.

Image: Cilium