{"id":31435,"date":"2024-03-05T08:18:54","date_gmt":"2024-03-05T07:18:54","guid":{"rendered":"https:\/\/www.dbi-services.com\/blog\/?p=31435"},"modified":"2024-03-05T08:18:58","modified_gmt":"2024-03-05T07:18:58","slug":"kubernetes-networking-by-using-cilium-advanced-level-ebpf-routing","status":"publish","type":"post","link":"https:\/\/www.dbi-services.com\/blog\/kubernetes-networking-by-using-cilium-advanced-level-ebpf-routing\/","title":{"rendered":"Kubernetes Networking by Using Cilium \u2013 Advanced Level \u2013 eBPF Routing"},"content":{"rendered":"\n

We have come a long way regarding networking in Kubernetes using Cilium. From a high level picture in this post<\/a>, we moved to discovering the Kubernetes networking interfaces in this post<\/a> and dived into linux routing in Kubernetes in this post<\/a>.<\/p>\n\n\n\n

If you still want to know more, then you are in the right place. Fasten your seat belt because in this blog post we will dive deep into the eBPF routing. When using Cilium for networking in your Kubernetes cluster, you will automatically use eBPF for routing between pods. I’ll stick to the same 2 examples of routing between pods on the same node and on different nodes. You’ll then see the continuity on the same drawing that will hopefully help you understand this routing topic completely.<\/p>\n\n\n\n

Discovering eBPF<\/h2>\n\n\n\n

eBPF Routing<\/h3>\n\n\n\n

In my high level blog and in the previous one about routing, I’ve talked about servants that are waiting at some network interfaces to help and direct you in the Kubernetes cluster. I’ve told you they were using a magical eBPF map to guide you through a secret passage toward your destination. Let’s now see what these servants are exactly in our Kubernetes cluster.<\/p>\n\n\n\n

A servant is actually an eBPF program attached to a network interface at the kernel level. That is what eBPF allows you to do, modify the kernel dynamically. The advantage is that you can attach your own program (that is C code transformed to machine code) to some events and network interfaces in the kernel and trigger any action you have programmed. An action could be routing a packet or report and act on any interaction with the kernel. This is why eBPF fits nicely for observability because anything happening in a node interact with the kernel. It could be running a process, opening a file, routing a packet,… Regarding routing, it is very fast because it shortcuts the traditional Linux routing process. That is the reason why we couldn’t see all the routing steps in the previous post by using our traditional networking tools. We now need eBPF tools to inspect this routing in more details.<\/p>\n\n\n\n

Cilium Agent and eBPF routing<\/h3>\n\n\n\n

You know from the previous posts that there is a Cilium agent pod on each node in the cluster. This agent takes care of everything about networking on that node and so also eBPF routing. It comes with some eBPF tools packed with it that will allow us to explore it more deeply.<\/p>\n\n\n\n

Let’s now see what these servants really look like in our cluster. As a reminder and to gather all the information here, below are all our Cilium agents in our cluster:<\/p>\n\n\n

\n$ kubectl get po -n kube-system -owide|grep cilium\ncilium-9zh9s                                      1\/1     Running   5 (65m ago)   113d   172.18.0.3    mycluster-control-plane   <none>           <none>\ncilium-czffc                                      1\/1     Running   5 (65m ago)   113d   172.18.0.4    mycluster-worker2         <none>           <none>\ncilium-dprvh                                      1\/1     Running   5 (65m ago)   113d   172.18.0.2    mycluster-worker          <none>           <none>\ncilium-operator-6b865946df-24ljf                  1\/1     Running   5 (65m ago)   113d   172.18.0.2    mycluster-worker          <none>           <none>\n<\/pre><\/div>\n\n\n
As before in this series, we will trace the routing from a pod on the node mycluster-worker<\/strong> and so we will need to interact with the Cilium agent of that node: cilium-dprvh. We use into that agent pod the tool bpftool<\/strong> to list all the network interfaces and the eBPF programs attached to them:<\/p>\n\n\n
\n$ kubectl exec -it -n kube-system cilium-dprvh -- bpftool net show\nDefaulted container "cilium-agent" out of: cilium-agent, config (init), mount-cgroup (init), apply-sysctl-overwrites (init), mount-bpf-fs (init), clean-cilium-state (init), install-cni-binaries (init)\nxdp:\n\ntc:\ncilium_net(2) clsact\/ingress cil_to_host-cilium_net id 1209\ncilium_host(3) clsact\/ingress cil_to_host-cilium_host id 1184\ncilium_host(3) clsact\/egress cil_from_host-cilium_host id 1197\ncilium_vxlan(4) clsact\/ingress cil_from_overlay-cilium_vxlan id 1154\ncilium_vxlan(4) clsact\/egress cil_to_overlay-cilium_vxlan id 1155\nlxc_health(6) clsact\/ingress cil_from_container-lxc_health id 1295\neth0(7) clsact\/ingress cil_from_netdev-eth0 id 1223\nlxc4a891387ff1a(9) clsact\/ingress cil_from_container-lxc4a891387ff1a id 1285\nlxc5b7b34955e61(11) clsact\/ingress cil_from_container-lxc5b7b34955e61 id 1303\nlxc73d2e1d7cf4(13) clsact\/ingress cil_from_container-lxc73d2e1d7cf4 id 1294\n<\/pre><\/div>\n\n\n
Yes these programs are our servants! Armed with the knowledge of the network interfaces in a previous post<\/a> you should recognize their names. The one that will be used at the starting point of our travel is lxc4a891387ff1a. In parenthesis you have the interface id 9 that is on the node side of this link to this container. The Cilium agent assigned to this interface the id 1285. The name of the program attached to this interface is called cil_from_container<\/strong>. From this name, you know for which direction the program will operate. Here it is for the traffic coming from the container to the node, in the other direction there is no processing. As the Cilium community edition is open source, you can read its code directly here<\/a>. In the file bpf_lxc.c<\/strong> just search for the program name and you will see all the details. Yes, this is advanced but don’t worry, I did the hard work for you, so you just have to read along!<\/p>\n\n\n\n
Before we move on to trace the eBPF routing, let’s update our drawing to show these eBPF servants:<\/p>\n\n\n
\n
\"Kubernetes
Kubernetes networking routing with Cilium using eBPF<\/figcaption><\/figure>\n<\/div>\n\n\n
Don’t be confused about the lxc network interface id. For example lxc4a891387ff1a(9) from the command output above. It means it is linked to id 9 which is on the node side, on the interface called lxc….@if8. Id 8 being the id inside of the container (you will see in it 8: eth0@if9).<\/p>\n\n\n\n
Pod to pod routing on the same node<\/h2>\n\n\n\n
I don’t want to lose you with all the details so I’ll give you only the key information to follow along this eBPF routing. Yes, from here it is becoming more complicated but I’ll try to make it smooth for you to enjoy it anyway.<\/p>\n\n\n\n
As we did in the previous post, let’s now see how eBPF routes the traffic thanks to its servants from 10.10.2.117 to 10.10.2.121. The Cilium agent gives information to the eBPF program and receives information from them. For exchanging information, it uses what is called maps<\/strong> (yes these are our magic maps!) in the eBPF terminology. There are several of them that are used for different purposes. These maps are stored in the folder \/sys\/fs\/bpf\/tc\/globals<\/strong> into the Cilium agent pod and we can manually interact with them by using the bpftool<\/strong>. We can then trace the eBPF routing that way. When the packet leaves the container, it reaches the lxc interface on the node and the program cil_from_container<\/strong> is triggered to route that packet. The program sees the destination IP Address is in the same subnet as the source and will then just forward the traffic to the destination lxc network interface by using the map called cilium_lxc<\/strong>.<\/p>\n\n\n\n
Below is how we can trace that eBPF routing:<\/p>\n\n\n
\n$ kubectl exec -it -n kube-system cilium-dprvh -- bpftool map lookup pinned \/sys\/fs\/bpf\/tc\/globals\/cilium_lxc key hex 0a 0a 02 79 00 00 00 00  00 00 00 00 00 00 00 00 01 00 00 00\nDefaulted container "cilium-agent" out of: cilium-agent, config (init), mount-cgroup (init), apply-sysctl-overwrites (init), mount-bpf-fs (init), clean-cilium-state (init), install-cni-binaries (init)\nkey:\n0a 0a 02 79 00 00 00 00  00 00 00 00 00 00 00 00\n01 00 00 00\nvalue:\n0b 00 00 00 00 00 33 06  00 00 00 00 00 00 00 00\nea c4 71 d6 4f a0 00 00  f6 87 b6 c3 a6 45 00 00\n2c 0d 00 00 00 00 00 00  00 00 00 00 00 00 00 00\n<\/pre><\/div>\n\n\n
We have to give to the bpftool<\/strong> an hexadecimal string that it expects (the details of this format can be found in the source code). The destination IP Address we want to trace is 10.10.2.121 which is 0a 0a 02 79 in hexadecimal. This information is at the beginning of the string in our command.<\/p>\n\n\n\n
In the output of this command you can see the key section, which is the hexadecimal string we have provided as well as the result in the value section.<\/p>\n\n\n\n
In this result we get the MAC Address of the destination lxc interface on the pod side which is ea c4 71 d6 4f a0. We also get the MAC Address of the destination lxc interface on the node side which is f6 87 b6 c3 a6 45. Finally we get the lxc id of the destination pod which is 33 06. A little trick here is that this value is stored in reverse order (you can do a search about big endian and little endian if you want to know more on this) so we have to read 06 33 which converted to decimal gives 1587. This value is the endpoint ID used by Cilium to identify the pods. You can get this general information in the cluster with the following command:<\/p>\n\n\n
\n$ kubectl get ciliumendpoint -n networking101\nNAME                        ENDPOINT ID   IDENTITY ID   INGRESS ENFORCEMENT   EGRESS ENFORCEMENT   VISIBILITY POLICY   ENDPOINT STATE   IPV4          IPV6\nbusybox-c8bbbbb84-fmhwc     897           3372          <status disabled>     <status disabled>    <status disabled>   ready            10.10.1.164\nbusybox-c8bbbbb84-t6ggh     715           3372          <status disabled>     <status disabled>    <status disabled>   ready            10.10.2.117\nnetshoot-7d996d7884-fwt8z   1587          10388         <status disabled>     <status disabled>    <status disabled>   ready            10.10.2.121\nnetshoot-7d996d7884-gcxrm   3564          10388         <status disabled>     <status disabled>    <status disabled>   ready            10.10.1.155\n<\/pre><\/div>\n\n\n
So the destination pod is netshoot-7d996d7884-fwt8z and it is reached directly through its lxc interface. And that’s it! Of course the routing occurs much faster than me explaining it but more importantly it is faster than the traditional Linux routing.<\/p>\n\n\n\n
Pod to pod routing on a different node<\/h2>\n\n\n\n
Let’s now check the eBPF routing from 10.10.2.117 to 10.10.1.155 which is then on a different node. The packet is also intercepted by the program cil_from_container<\/strong> but this time the destination IP Address belongs to another subnet so it is going to use another map called cilium_ipcache<\/strong> to route that packet.<\/p>\n\n\n\n
As before, we have to provide an hexadecimal string in the expected format to trace the routing of this packet. Here, our destination IP Address is 10.10.1.155 so 0a 0a 01 9b in hexadecimal.<\/p>\n\n\n
\n$ kubectl exec -it -n kube-system cilium-dprvh -- bpftool map lookup pinned \/sys\/fs\/bpf\/tc\/globals\/cilium_ipcache key hex 40 00 00 00 00 00 00 01 0a 0a 01 9b 00 00 00 00 00 00 00 00 00 00 00 00\nDefaulted container "cilium-agent" out of: cilium-agent, config (init), mount-cgroup (init), apply-sysctl-overwrites (init), mount-bpf-fs (init), clean-cilium-state (init), install-cni-binaries (init)\nkey:\n40 00 00 00 00 00 00 01  0a 0a 01 9b 00 00 00 00\n00 00 00 00 00 00 00 00\nvalue:\n94 28 00 00 ac 12 00 04  00 00 00 00\n<\/pre><\/div>\n\n\n
In the value section we can see the destination IP Address of the node mycluster-worker2 which is ac 12 00 04 (172.18.0.4). From there, the packet is encapsulated and goes straight to the egress VXLAN interface to reach that node. Once there, it is now the eBPF programs of the Cilium agent pod on this node that will be used. Let’s check them as we did before for the other node:<\/p>\n\n\n
\n$ kubectl exec -it -n kube-system cilium-czffc -- bpftool net show\nDefaulted container "cilium-agent" out of: cilium-agent, config (init), mount-cgroup (init), apply-sysctl-overwrites (init), mount-bpf-fs (init), clean-cilium-state (init), install-cni-binaries (init)\nxdp:\n\ntc:\ncilium_net(2) clsact\/ingress cil_to_host-cilium_net id 1254\ncilium_host(3) clsact\/ingress cil_to_host-cilium_host id 1242\ncilium_host(3) clsact\/egress cil_from_host-cilium_host id 1246\ncilium_vxlan(4) clsact\/ingress cil_from_overlay-cilium_vxlan id 1163\ncilium_vxlan(4) clsact\/egress cil_to_overlay-cilium_vxlan id 1164\nlxc_health(6) clsact\/ingress cil_from_container-lxc_health id 1414\nlxc0a97661d8043(8) clsact\/ingress cil_from_container-lxc0a97661d8043 id 1387\neth0(9) clsact\/ingress cil_from_netdev-eth0 id 1261\nlxc174c023046ff(11) clsact\/ingress cil_from_container-lxc174c023046ff id 1391\nlxce84a702bb02c(13) clsact\/ingress cil_from_container-lxce84a702bb02c id 1419\n<\/pre><\/div>\n\n\n
The output is similar to the other node. So, once the packet exits the VXLAN tunnel, it is caught by another program on the ingress VXLAN interface called cil_from_overlay-cilium_vxlan<\/strong>. This program sees the destination IP Address belongs to this node. It will then use the map cilium_lxc<\/strong> to forward the traffic to the lxc interface of the destination pod as we have seen before. Note that there is no programs in the list above called to_container so the packet in not processed further. We can then trace that eBPF routing part as before by using the hexadecimal value of our destination IP Address 10.10.1.155:<\/p>\n\n\n
\n$ kubectl exec -it -n kube-system cilium-dprvh -- bpftool map lookup pinned \/sys\/fs\/bpf\/tc\/globals\/cilium_lxc key hex 0a 0a 01 9b 00 00 00 00  00 00 00 00 00 00 00 00 01 00 00 00\nDefaulted container "cilium-agent" out of: cilium-agent, config (init), mount-cgroup (init), apply-sysctl-overwrites (init), mount-bpf-fs (init), clean-cilium-state (init), install-cni-binaries (init)\nkey:\n0a 0a 01 9b 00 00 00 00  00 00 00 00 00 00 00 00\n01 00 00 00\nvalue:\n0b 00 00 00 00 00 ec 0d  00 00 00 00 00 00 00 00\nbe 57 3d 54 40 f1 00 00  92 65 df 09 dd 28 00 00\n2c 0d 00 00 00 00 00 00  00 00 00 00 00 00 00 00\n<\/pre><\/div>\n\n\n
The result gives us the following information:<\/p>\n\n\n\n
    \n
  • 92 65 df 09 dd 28: This is the MAC Address of the destination lxc interface on the node side<\/li>\n\n\n\n
  • be 57 3d 54 40 f1: This is the MAC Address of the destination lxc interface on the pod side<\/li>\n\n\n\n
  • ec 0d: We reverse it to 0d ec which we convert to 3564. This is the Cilium endpoint of the destination pod netshoot-7d996d7884-gcxrm as we have seen previously (you can check the output of the command above and find that pod).<\/li>\n<\/ul>\n\n\n\n
    As before, from here the packet is directly forwarded to this destination pod. This is how an eBPF routing plan comes up together!<\/p>\n\n\n\n
    Wrap up<\/h2>\n\n\n\n
    Wow! Congratulations if you’ve reached that point! You are champions! You now have the complete and detailed picture of how the basic networking between pods is working with Cilium in a Kubernetes cluster. There is more to cover as I’ve mentioned network policies in a previous post but we didn’t talk about services, ingress or name resolution. Also in addition to these basic Kubernetes networking topics, Cilium provides a lot of other features that enrich what can be done in a cluster. So stay tuned!<\/p>\n\n\n\n
     <\/p>\n","protected":false},"excerpt":{"rendered":"
    The DevOps technology Kubernetes uses a complex networking process when using Cilium. Cilium leverage eBPF for a fast and efficient routing in Kubernetes.<\/p>\n","protected":false},"author":109,"featured_media":31581,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1320,1522],"tags":[2700,2667,2933,2634,2668],"type_dbi":[3099,3017,3273,2943,3256],"class_list":["post-31435","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-devops","category-kubernetes","tag-cilium","tag-devops-2","tag-ebpf","tag-kubernetes-2","tag-networking","type-cilium","type-devops","type-ebpf","type-kubernetes","type-networking"],"acf":[],"yoast_head":"\nKubernetes networking using Cilium for eBPF routing<\/title>\n<meta name=\"description\" content=\"The DevOps technology Kubernetes uses a complex networking process when using Cilium. Cilium leverage eBPF for a fast and efficient routing in Kubernetes.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.dbi-services.com\/blog\/kubernetes-networking-by-using-cilium-advanced-level-ebpf-routing\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Kubernetes Networking by Using Cilium \u2013 Advanced Level \u2013 eBPF Routing\" \/>\n<meta property=\"og:description\" content=\"The DevOps technology Kubernetes uses a complex networking process when using Cilium. Cilium leverage eBPF for a fast and efficient routing in Kubernetes.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.dbi-services.com\/blog\/kubernetes-networking-by-using-cilium-advanced-level-ebpf-routing\/\" \/>\n<meta property=\"og:site_name\" content=\"dbi Blog\" \/>\n<meta property=\"article:published_time\" content=\"2024-03-05T07:18:54+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-03-05T07:18:58+00:00\" \/>\n<meta property=\"og:image\" content=\"http:\/\/www.dbi-services.com\/blog\/wp-content\/uploads\/sites\/2\/2024\/03\/KubernetesNetworking101-KubernetesNetwork-5.png\" \/>\n\t<meta property=\"og:image:width\" content=\"2044\" \/>\n\t<meta property=\"og:image:height\" content=\"922\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"DevOps\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"DevOps\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"8 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.dbi-services.com\/blog\/kubernetes-networking-by-using-cilium-advanced-level-ebpf-routing\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.dbi-services.com\/blog\/kubernetes-networking-by-using-cilium-advanced-level-ebpf-routing\/\"},\"author\":{\"name\":\"DevOps\",\"@id\":\"https:\/\/www.dbi-services.com\/blog\/#\/schema\/person\/4cd1b5f8a3de93f05a16ab8d7d2b7735\"},\"headline\":\"Kubernetes Networking by Using Cilium \u2013 Advanced Level \u2013 eBPF Routing\",\"datePublished\":\"2024-03-05T07:18:54+00:00\",\"dateModified\":\"2024-03-05T07:18:58+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.dbi-services.com\/blog\/kubernetes-networking-by-using-cilium-advanced-level-ebpf-routing\/\"},\"wordCount\":1709,\"commentCount\":0,\"image\":{\"@id\":\"https:\/\/www.dbi-services.com\/blog\/kubernetes-networking-by-using-cilium-advanced-level-ebpf-routing\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.dbi-services.com\/blog\/wp-content\/uploads\/sites\/2\/2024\/03\/KubernetesNetworking101-KubernetesNetwork-5.png\",\"keywords\":[\"cilium\",\"devops\",\"ebpf\",\"kubernetes\",\"networking\"],\"articleSection\":[\"DevOps\",\"Kubernetes\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.dbi-services.com\/blog\/kubernetes-networking-by-using-cilium-advanced-level-ebpf-routing\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.dbi-services.com\/blog\/kubernetes-networking-by-using-cilium-advanced-level-ebpf-routing\/\",\"url\":\"https:\/\/www.dbi-services.com\/blog\/kubernetes-networking-by-using-cilium-advanced-level-ebpf-routing\/\",\"name\":\"Kubernetes networking using Cilium for eBPF routing\",\"isPartOf\":{\"@id\":\"https:\/\/www.dbi-services.com\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.dbi-services.com\/blog\/kubernetes-networking-by-using-cilium-advanced-level-ebpf-routing\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.dbi-services.com\/blog\/kubernetes-networking-by-using-cilium-advanced-level-ebpf-routing\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.dbi-services.com\/blog\/wp-content\/uploads\/sites\/2\/2024\/03\/KubernetesNetworking101-KubernetesNetwork-5.png\",\"datePublished\":\"2024-03-05T07:18:54+00:00\",\"dateModified\":\"2024-03-05T07:18:58+00:00\",\"author\":{\"@id\":\"https:\/\/www.dbi-services.com\/blog\/#\/schema\/person\/4cd1b5f8a3de93f05a16ab8d7d2b7735\"},\"description\":\"The DevOps technology Kubernetes uses a complex networking process when using Cilium. Cilium leverage eBPF for a fast and efficient routing in Kubernetes.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.dbi-services.com\/blog\/kubernetes-networking-by-using-cilium-advanced-level-ebpf-routing\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.dbi-services.com\/blog\/kubernetes-networking-by-using-cilium-advanced-level-ebpf-routing\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.dbi-services.com\/blog\/kubernetes-networking-by-using-cilium-advanced-level-ebpf-routing\/#primaryimage\",\"url\":\"https:\/\/www.dbi-services.com\/blog\/wp-content\/uploads\/sites\/2\/2024\/03\/KubernetesNetworking101-KubernetesNetwork-5.png\",\"contentUrl\":\"https:\/\/www.dbi-services.com\/blog\/wp-content\/uploads\/sites\/2\/2024\/03\/KubernetesNetworking101-KubernetesNetwork-5.png\",\"width\":2044,\"height\":922},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.dbi-services.com\/blog\/kubernetes-networking-by-using-cilium-advanced-level-ebpf-routing\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Accueil\",\"item\":\"https:\/\/www.dbi-services.com\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Kubernetes Networking by Using Cilium \u2013 Advanced Level \u2013 eBPF Routing\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.dbi-services.com\/blog\/#website\",\"url\":\"https:\/\/www.dbi-services.com\/blog\/\",\"name\":\"dbi Blog\",\"description\":\"\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.dbi-services.com\/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.dbi-services.com\/blog\/#\/schema\/person\/4cd1b5f8a3de93f05a16ab8d7d2b7735\",\"name\":\"DevOps\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/secure.gravatar.com\/avatar\/cdd2dd7441774355062c0f0f68612296b059cd1e2ff6c7af0b15dba0ed64a85f?s=96&d=mm&r=g\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/cdd2dd7441774355062c0f0f68612296b059cd1e2ff6c7af0b15dba0ed64a85f?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/cdd2dd7441774355062c0f0f68612296b059cd1e2ff6c7af0b15dba0ed64a85f?s=96&d=mm&r=g\",\"caption\":\"DevOps\"},\"url\":\"https:\/\/www.dbi-services.com\/blog\/author\/devops\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Kubernetes networking using Cilium for eBPF routing","description":"The DevOps technology Kubernetes uses a complex networking process when using Cilium. Cilium leverage eBPF for a fast and efficient routing in Kubernetes.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.dbi-services.com\/blog\/kubernetes-networking-by-using-cilium-advanced-level-ebpf-routing\/","og_locale":"en_US","og_type":"article","og_title":"Kubernetes Networking by Using Cilium \u2013 Advanced Level \u2013 eBPF Routing","og_description":"The DevOps technology Kubernetes uses a complex networking process when using Cilium. Cilium leverage eBPF for a fast and efficient routing in Kubernetes.","og_url":"https:\/\/www.dbi-services.com\/blog\/kubernetes-networking-by-using-cilium-advanced-level-ebpf-routing\/","og_site_name":"dbi Blog","article_published_time":"2024-03-05T07:18:54+00:00","article_modified_time":"2024-03-05T07:18:58+00:00","og_image":[{"width":2044,"height":922,"url":"http:\/\/www.dbi-services.com\/blog\/wp-content\/uploads\/sites\/2\/2024\/03\/KubernetesNetworking101-KubernetesNetwork-5.png","type":"image\/png"}],"author":"DevOps","twitter_card":"summary_large_image","twitter_misc":{"Written by":"DevOps","Est. reading time":"8 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.dbi-services.com\/blog\/kubernetes-networking-by-using-cilium-advanced-level-ebpf-routing\/#article","isPartOf":{"@id":"https:\/\/www.dbi-services.com\/blog\/kubernetes-networking-by-using-cilium-advanced-level-ebpf-routing\/"},"author":{"name":"DevOps","@id":"https:\/\/www.dbi-services.com\/blog\/#\/schema\/person\/4cd1b5f8a3de93f05a16ab8d7d2b7735"},"headline":"Kubernetes Networking by Using Cilium \u2013 Advanced Level \u2013 eBPF Routing","datePublished":"2024-03-05T07:18:54+00:00","dateModified":"2024-03-05T07:18:58+00:00","mainEntityOfPage":{"@id":"https:\/\/www.dbi-services.com\/blog\/kubernetes-networking-by-using-cilium-advanced-level-ebpf-routing\/"},"wordCount":1709,"commentCount":0,"image":{"@id":"https:\/\/www.dbi-services.com\/blog\/kubernetes-networking-by-using-cilium-advanced-level-ebpf-routing\/#primaryimage"},"thumbnailUrl":"https:\/\/www.dbi-services.com\/blog\/wp-content\/uploads\/sites\/2\/2024\/03\/KubernetesNetworking101-KubernetesNetwork-5.png","keywords":["cilium","devops","ebpf","kubernetes","networking"],"articleSection":["DevOps","Kubernetes"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.dbi-services.com\/blog\/kubernetes-networking-by-using-cilium-advanced-level-ebpf-routing\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.dbi-services.com\/blog\/kubernetes-networking-by-using-cilium-advanced-level-ebpf-routing\/","url":"https:\/\/www.dbi-services.com\/blog\/kubernetes-networking-by-using-cilium-advanced-level-ebpf-routing\/","name":"Kubernetes networking using Cilium for eBPF routing","isPartOf":{"@id":"https:\/\/www.dbi-services.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.dbi-services.com\/blog\/kubernetes-networking-by-using-cilium-advanced-level-ebpf-routing\/#primaryimage"},"image":{"@id":"https:\/\/www.dbi-services.com\/blog\/kubernetes-networking-by-using-cilium-advanced-level-ebpf-routing\/#primaryimage"},"thumbnailUrl":"https:\/\/www.dbi-services.com\/blog\/wp-content\/uploads\/sites\/2\/2024\/03\/KubernetesNetworking101-KubernetesNetwork-5.png","datePublished":"2024-03-05T07:18:54+00:00","dateModified":"2024-03-05T07:18:58+00:00","author":{"@id":"https:\/\/www.dbi-services.com\/blog\/#\/schema\/person\/4cd1b5f8a3de93f05a16ab8d7d2b7735"},"description":"The DevOps technology Kubernetes uses a complex networking process when using Cilium. Cilium leverage eBPF for a fast and efficient routing in Kubernetes.","breadcrumb":{"@id":"https:\/\/www.dbi-services.com\/blog\/kubernetes-networking-by-using-cilium-advanced-level-ebpf-routing\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.dbi-services.com\/blog\/kubernetes-networking-by-using-cilium-advanced-level-ebpf-routing\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.dbi-services.com\/blog\/kubernetes-networking-by-using-cilium-advanced-level-ebpf-routing\/#primaryimage","url":"https:\/\/www.dbi-services.com\/blog\/wp-content\/uploads\/sites\/2\/2024\/03\/KubernetesNetworking101-KubernetesNetwork-5.png","contentUrl":"https:\/\/www.dbi-services.com\/blog\/wp-content\/uploads\/sites\/2\/2024\/03\/KubernetesNetworking101-KubernetesNetwork-5.png","width":2044,"height":922},{"@type":"BreadcrumbList","@id":"https:\/\/www.dbi-services.com\/blog\/kubernetes-networking-by-using-cilium-advanced-level-ebpf-routing\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Accueil","item":"https:\/\/www.dbi-services.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Kubernetes Networking by Using Cilium \u2013 Advanced Level \u2013 eBPF Routing"}]},{"@type":"WebSite","@id":"https:\/\/www.dbi-services.com\/blog\/#website","url":"https:\/\/www.dbi-services.com\/blog\/","name":"dbi Blog","description":"","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.dbi-services.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/www.dbi-services.com\/blog\/#\/schema\/person\/4cd1b5f8a3de93f05a16ab8d7d2b7735","name":"DevOps","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/cdd2dd7441774355062c0f0f68612296b059cd1e2ff6c7af0b15dba0ed64a85f?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/cdd2dd7441774355062c0f0f68612296b059cd1e2ff6c7af0b15dba0ed64a85f?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/cdd2dd7441774355062c0f0f68612296b059cd1e2ff6c7af0b15dba0ed64a85f?s=96&d=mm&r=g","caption":"DevOps"},"url":"https:\/\/www.dbi-services.com\/blog\/author\/devops\/"}]}},"_links":{"self":[{"href":"https:\/\/www.dbi-services.com\/blog\/wp-json\/wp\/v2\/posts\/31435","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.dbi-services.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.dbi-services.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.dbi-services.com\/blog\/wp-json\/wp\/v2\/users\/109"}],"replies":[{"embeddable":true,"href":"https:\/\/www.dbi-services.com\/blog\/wp-json\/wp\/v2\/comments?post=31435"}],"version-history":[{"count":25,"href":"https:\/\/www.dbi-services.com\/blog\/wp-json\/wp\/v2\/posts\/31435\/revisions"}],"predecessor-version":[{"id":31632,"href":"https:\/\/www.dbi-services.com\/blog\/wp-json\/wp\/v2\/posts\/31435\/revisions\/31632"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.dbi-services.com\/blog\/wp-json\/wp\/v2\/media\/31581"}],"wp:attachment":[{"href":"https:\/\/www.dbi-services.com\/blog\/wp-json\/wp\/v2\/media?parent=31435"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.dbi-services.com\/blog\/wp-json\/wp\/v2\/categories?post=31435"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.dbi-services.com\/blog\/wp-json\/wp\/v2\/tags?post=31435"},{"taxonomy":"type","embeddable":true,"href":"https:\/\/www.dbi-services.com\/blog\/wp-json\/wp\/v2\/type_dbi?post=31435"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}