using a key-value store. Secure access to and from external services Label based security is the tool of choice for cluster internal access control. In order to secure access to and from external services source host. For east-west type load balancing, Cilium performs efficient service-to-backend translation right in the Linux kernel’s socket layer (e.g. at TCP connect time) such that per-packet NAT operations Event monitoring with metadata: When a packet is dropped, the tool doesn’t just report the source and destination IP of the packet, the tool provides the full label information of both the sender and receiver

using a key-value store. Secure access to and from external services Label based security is the tool of choice for cluster internal access control. In order to secure access to and from external services source host. For east-west type load balancing, Cilium performs efficient service-to-backend translation right in the Linux kernel’s socket layer (e.g. at TCP connect time) such that per-packet NAT operations Event monitoring with metadata: When a packet is dropped, the tool doesn’t just report the source and destination IP of the packet, the tool provides the full label information of both the sender and receiver

using a key-value store. Secure access to and from external services Label based security is the tool of choice for cluster internal access control. In order to secure access to and from external services source host. For east-west type load balancing, Cilium performs efficient service-to-backend translation right in the Linux kernel’s socket layer (e.g. at TCP connect time) such that per-packet NAT operations Event monitoring with metadata: When a packet is dropped, the tool doesn’t just report the source and destination IP of the packet, the tool provides the full label information of both the sender and receiver

using a key-value store. Secure access to and from external services Label based security is the tool of choice for cluster internal access control. In order to secure access to and from external services Event monitoring with metadata: When a packet is dropped, the tool doesn’t just report the source and destination IP of the packet, the tool provides the full label information of both the sender and receiver 443/TCP 3m53s Each pod will be represented in Cilium as an Endpoint. We can invoke the cilium tool inside the Cilium pod to list them: $ kubectl -n kube-system get pods -l k8s-app=cilium NAME

using a key-value store. Secure access to and from external services Label based security is the tool of choice for cluster internal access control. In order to secure access to and from external services Event monitoring with metadata: When a packet is dropped, the tool doesn’t just report the source and destination IP of the packet, the tool provides the full label information of both the sender and receiver 443/TCP 3m53s Each pod will be represented in Cilium as an Endpoint. We can invoke the cilium tool inside the Cilium pod to list them: $ kubectl -n kube-system get pods -l k8s-app=cilium NAME

using a key-value store. Secure access to and from external services Label based security is the tool of choice for cluster internal access control. In order to secure access to and from external services Event monitoring with metadata: When a packet is dropped, the tool doesn’t just report the source and destination IP of the packet, the tool provides the full label information of both the sender and receiver 443/TCP 3m53s Each pod will be represented in Cilium as an Endpoint. We can invoke the cilium tool inside the Cilium pod to list them: $ kubectl -n kube-system get pods -l k8s-app=cilium NAME

using a key-value store. Secure access to and from external services Label based security is the tool of choice for cluster internal access control. In order to secure access to and from external services Event monitoring with metadata: When a packet is dropped, the tool doesn’t just report the source and des�na�on IP of the packet, the tool provides the full label informa�on of both the sender and receiver 443/TCP 3m53 Each pod will be represented in Cilium as an Endpoint. We can invoke the cilium tool inside the Cilium pod to list them: $ kubectl -n kube-system get pods -l k8s-app=cilium NAME