Cilium leaves incubator, gets the nod from Cloud Native Computing Foundation

The Cloud Native Computing Foundation (CNCF) has awarded a graduated sash to Cilium, a validation of the maturity and future of the eBPF project.

Cilium started as an eBPF-based implementation of the Container Networking Interface (CNI) to provide connectivity for container workloads. In the years since development kicked off, it has grown to add capabilities such as bandwidth management, BGP, and network encryption. It also encompasses the sub-projects Hubble and Tetragon, which focus on network observability and security observability, respectively.

The graduation nod means that the project has made it through a due diligence process with the CNCF technical oversight committee and completed a third-party security audit. It has also driven the process to allow CNCF projects to include GPL-licensed eBPF code to run in the kernel.

"eBPF has grown into a powerful technology for extending the Linux kernel to meet a variety of use cases," said Chris Aniszczyk, CTO of CNCF. "Cilium and the modern eBPF stack will help shape the future of cloud native networking and observability. Cilium has demonstrated really impressive growth in its nearly two years in the Incubator, and we're excited to watch as the ecosystem continues to push the benefits of eBPF even further."

eBPF allows code to be run in a privileged context – in the operating system kernel. It allows for extending the kernel's capabilities without requiring changes to the kernel itself. Security is via a verifier to check that the code won't interfere negatively with the kernel.

Intel fellow, Brendan Gregg, famously referred to the technology as a superpower for Linux. eBPF is also on its way into the Windows environment.

Initially created by Isovalent, Cilium joined the ranks of incubating CNCF projects in 2021 and is the second most CNCF project in terms of commits - behind only Kubernetes. It now has maintainers from seven different companies and over 800 individual contributors.

• Long-term support for Linux kernels is about to get a lot shorter
• The next deep magic Linux program to change the world? Io_uring
• Why securing East-West network traffic is so important – and how it can be done
• Zero Trust: What does it actually mean – and why would you want it?

"Graduation is not the end goal," noted the CNCF, "but rather the beginning of creating the ecosystem around Cilium."

Tim Hockin, distinguished software engineer at Google Cloud, said: "From the earliest days of Kubernetes, we knew that a thriving ecosystem was a critical ingredient, and Cilium is perhaps the most visible demonstration of this. Cilium taps into the power and excitement of eBPF to super-charge Kubernetes networking.

"While it may have started as 'just a network plugin', Cilium has evolved into much more than that, with a broad feature set which speaks to many types of users from startups to major enterprises. I'm thrilled to see Cilium be successful – it's really a win for Kubernetes users everywhere." ®