Cilium is a networking, security, and observability solution for Kubernetes, built on eBPF. It provides high-performance networking with support for Layer 3-7 policies, load balancing, and transparent encryption. With Cilium, you can enforce fine-grained security policies, observe network flows in real time, and integrate seamlessly with service meshes. It also offers eBPF-powered network policies and cluster mesh capabilities, enabling secure communication across multiple Kubernetes clusters.
Install with:
helm repo add cilium https://helm.cilium.io/
helm install cilium cilium/cilium -f values.yaml
See examples from other people.
Name | Repo | Stars | Version | Timestamp |
---|---|---|---|---|
cilium | kashalls/home-cluster | 120 | 1.17.2 | a day ago |
cilium | coolguy1771/home-ops | 69 | 1.17.2 | 2 days ago |
cilium | coolguy1771/home-ops | 69 | 1.17.2 | 2 days ago |
cilium | drag0n141/home-ops | 32 | 1.17.2 | 2 days ago |
cilium | mchestr/home-cluster | 95 | 1.17.2 | 2 days ago |
See the most popular values for this chart:
Key | Types |
---|---|
boolean | |
boolean | |
hubble.ui.ingress.hosts[] (94) - hubble.${SECRET_DOMAIN} | string |
hubble.ui.ingress.className (88) internal | string |
hubble.ui.ingress.tls[].hosts[] (50) - hubble.${SECRET_DOMAIN} | string |
hubble.ui.ingress.tls[].secretName (14) hubble-tls | string |
hubble.ui.ingress.annotations."hajimari.io/icon" (16) simple-icons:cilium | string |
string | |
hubble.ui.ingress.annotations."cert-manager.io/cluster-issuer" (10) letsencrypt-production | string |
string | |
string | |
string | |
string | |
string | |
string | |
string | |
string | |
string | |
string | |
string | |
string | |
string | |
string | |
string | |
string | |
string | |
string | |
string | |
string | |
string | |
string | |
string | |
string | |
string | |
string | |
string | |
string | |
string | |
string | |
string | |
string | |
string | |
boolean | |
number | |
string | |
string | |
string | |
string | |
string | |
string | |
string | |
string | |
string | |
string | |
string | |
boolean | |
boolean | |
boolean, string | |
boolean | |
boolean | |
boolean | |
string | |
string | |
string | |
number | |
string | |
hubble.metrics.enabled[] (92) - dns:query | string |
boolean, string | |
string | |
string | |
string | |
string | |
string | |
string | |
boolean, string | |
string | |
string | |
string | |
string | |
string | |
boolean | |
boolean | |
boolean | |
string | |
hubble.dashboards.namespace (8) monitoring | string |
hubble.dashboards.label (7) grafana_dashboard | string |
string | |
string | |
string | |
string | |
string | |
number | |
boolean | |
string | |
boolean | |
boolean | |
boolean | |
string | |
boolean | |
boolean | |
boolean | |
boolean, string | |
string | |
operator.prometheus.serviceMonitor.metricRelabelings[].regex (3) workqueue_(work|queue)_duration_seconds_bucket | string |
operator.prometheus.serviceMonitor.metricRelabelings[].sourceLabels[] (3) - __name__ | string |
boolean, string | |
string | |
boolean | |
boolean | |
string | |
string | |
string | |
string | |
string | |
boolean | |
number | |
boolean | |
string | |
string | |
boolean, string | |
boolean | |
boolean, string | |
boolean | |
boolean | |
boolean | |
string | |
string | |
string | |
string | |
ipam.mode (55) kubernetes | string |
number | |
string | |
number | |
string | |
boolean, string | |
k8sServiceHost (49) 127.0.0.1 | string |
number | |
boolean | |
ipv4NativeRoutingCIDR (43) ${CLUSTER_CIDR} | string |
boolean | |
boolean | |
number, string | |
cluster.name (42) home-cluster | string |
string | |
string | |
string | |
string | |
boolean | |
boolean | |
boolean | |
boolean | |
kubeProxyReplacementHealthzBindAddr (41) 0.0.0.0:10256 | string |
boolean | |
string | |
string | |
string | |
boolean | |
bpf.tproxy (7) true | boolean |
boolean | |
string | |
boolean | |
number | |
number | |
routingMode (35) native | string |
securityContext.capabilities.ciliumAgent[] (33) - CHOWN | string |
securityContext.capabilities.cleanCiliumState[] (33) - NET_ADMIN | string |
string | |
string | |
boolean | |
cgroup.hostRoot (30) /sys/fs/cgroup | string |
boolean | |
boolean | |
string | |
boolean | |
containerRuntime.integration (21) containerd | string |
containerRuntime.socketPath (17) /var/run/k3s/containerd/containerd.sock | string |
bgp.enabled (19) false | boolean |
boolean | |
boolean | |
cni.exclusive (18) false | boolean |
cni.binPath (5) /var/lib/rancher/k3s/data/cni | string |
cni.confPath (5) /var/lib/rancher/k3s/agent/etc/cni/net.d | string |
envoy.enabled (14) false | boolean |
string, boolean | |
boolean | |
tunnel (12) disabled | string |
boolean | |
boolean | |
boolean | |
boolean | |
boolean | |
boolean | |
boolean | |
boolean | |
string | |
boolean | |
string | |
string | |
string | |
boolean | |
boolean | |
boolean | |
boolean | |
string | |
string | |
boolean | |
boolean | |
boolean | |
string | |
number | |
number | |
boolean | |
boolean | |
boolean | |
boolean | |
boolean | |
string | |
boolean | |
boolean | |
boolean | |
boolean | |
boolean | |
boolean | |
boolean | |
string | |
string | |
number | |
string | |
string | |
boolean | |
boolean | |
string | |
boolean | |
boolean | |
boolean | |
string | |
string | |
string | |
string | |
string | |
string | |
string | |
boolean | |
boolean |