Cilium: Deployment Guide¶

Deployment Steps for Cilium & Hubble CLI¶

1. Download and install Cilium CLI¶

curl -L --remote-name-all https://github.com/cilium/cilium-cli/releases/download/v0.10.2/cilium-linux-amd64.tar.gz{,.sha256sum}
sha256sum --check cilium-linux-amd64.tar.gz.sha256sum
sudo tar xzvfC cilium-linux-amd64.tar.gz /usr/local/bin
rm cilium-linux-amd64.tar.gz{,.sha256sum}

2. Install Cilium¶

cilium install --agent-image docker.io/accuknox/cilium:latest --operator-image docker.io/accuknox/cilium-operator-generic:latest

Note: If you are using AWS or Azure managed kubernetes cluster, then change the value of --operator-image option in the above command to docker.io/accuknox/cilium-operator-aws:latest or docker.io/accuknox/cilium-operator-azure:latest respectively.

It is assumed that the k8s cluster is already present/reachable and the user has rights to create service-accounts and cluster-role-bindings.

3. Validate the Installation¶

a. [Optional] To validate that Cilium has been properly installed, you can run:¶

cilium status --wait

b. [Optional] Run the following command to validate that your cluster has proper network connectivity:¶

cilium connectivity test

Congratulations! You have a fully functional Kubernetes cluster with Cilium. 🎉

4. Setting up Hubble Observability¶

a. Enable Hubble in Cilium¶

cilium hubble enable --relay-image quay.io/cilium/hubble-relay:stable

b. Install the Hubble CLI Client¶

export HUBBLE_VERSION=$(curl -s https://raw.githubusercontent.com/cilium/hubble/master/stable.txt)
curl -L --remote-name-all https://github.com/cilium/hubble/releases/download/$HUBBLE_VERSION/hubble-linux-amd64.tar.gz{,.sha256sum}
sha256sum --check hubble-linux-amd64.tar.gz.sha256sum
sudo tar xzvfC hubble-linux-amd64.tar.gz /usr/local/bin
rm hubble-linux-amd64.tar.gz{,.sha256sum}

5. Getting Alerts/Telemetry from Cilium¶

a. Enable port-forwarding for Cilium Hubble relay¶

cilium hubble port-forward&

b. Observing logs using hubble cli¶

hubble observe