Working of Cilium on GKE

In this article we will see overview of Cilium and how to install cilium on GKE.

What is Cilium?

Cilium= eBPF-based Networking, Observability and Security

Cilium is open-source software for transparently securing the network connectivity between application services deployed using Linux container management platforms like Docker and Kubernetes.

At the foundation of Cilium is a new Linux kernel technology called eBPF, which enables the dynamic insertion of powerful security visibility and control logic within Linux itself. Because eBPF runs inside the Linux kernel, Cilium security policies can be applied and updated without any changes to the application code or container configuration.

Installation of Cilium over GKE (Google Kubernetes Engine)

Setup 0: Pre-Installed things:

Setup 1: Check the version of Docker

$ docker version

Setup 2: Check the version Kubernetes Version

$ kubectl version

Setup 3: Install Gcloud Sdk

2. $ echo “deb [signed-by=/usr/share/keyrings/cloud.google.gpg] https://packages.cloud.google.com/apt cloud-sdk main” | sudo tee -a /etc/apt/sources.list.d/google-cloud-sdk.list

3. $ sudo apt-get install apt-transport-https ca-certificates gnupg

4. $ curl https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo apt-key — keyring /usr/share/keyrings/cloud.google.gpg add –

5. $ sudo apt-get update && sudo apt-get install google-cloud-sdk

6. $ gcloud init

Setup 5: Setup Gcloud Sdk on Command Line

1. $gcloud init

2. Login to your account where you have configured the google cloud

3. Select the project

4. Configure Date and time with the system

Setup 6: Install the Cilium CLI(command line program) on Linux

1. $ curl -LO https://github.com/cilium/cilium-cli/releases/latest/download/cilium-linux-amd64.tar.gz

2. $ sudo tar xzvfC cilium-linux-amd64.tar.gz /usr/local/bin

3. $ rm cilium-linux-amd64.tar.gz

Make sure your Gcloud is working with GRK i.e Google Kubernetes Engine

Setup 7: Create Cluster on GKE

1. export NAME=”$(whoami)-$RANDOM”

2. gcloud container clusters create “${NAME}” — zone us-west2-a

3. gcloud container clusters get-credentials “${NAME}” — zone us-west2-a

Setup 8: Install Cilium

$ cilium install

Setup 9: Check Cilium installation

$ cilium status –wait

Setup 10: Deploy the connectivity test

$ cilium connectivity test