Cilium: Deployment Guide¶
Deployment Steps for Cilium & Hubble CLI¶
1. Download and install Cilium CLI¶
curl -L --remote-name-all https://github.com/cilium/cilium-cli/releases/download/v0.10.2/cilium-linux-amd64.tar.gz{,.sha256sum}
sha256sum --check cilium-linux-amd64.tar.gz.sha256sum
sudo tar xzvfC cilium-linux-amd64.tar.gz /usr/local/bin
rm cilium-linux-amd64.tar.gz{,.sha256sum}
2. Install Cilium¶
cilium install --agent-image docker.io/accuknox/cilium:latest --operator-image docker.io/accuknox/cilium-operator-generic:latest
--operator-image
option in the above command to docker.io/accuknox/cilium-operator-aws:latest
or docker.io/accuknox/cilium-operator-azure:latest
respectively.
It is assumed that the k8s cluster is already present/reachable and the user has rights to create service-accounts and cluster-role-bindings.
3. Validate the Installation¶
a. [Optional] To validate that Cilium has been properly installed, you can run:¶
cilium status --wait
b. [Optional] Run the following command to validate that your cluster has proper network connectivity:¶
cilium connectivity test
4. Setting up Hubble Observability¶
a. Enable Hubble in Cilium¶
cilium hubble enable --relay-image quay.io/cilium/hubble-relay:stable
b. Install the Hubble CLI Client¶
export HUBBLE_VERSION=$(curl -s https://raw.githubusercontent.com/cilium/hubble/master/stable.txt)
curl -L --remote-name-all https://github.com/cilium/hubble/releases/download/$HUBBLE_VERSION/hubble-linux-amd64.tar.gz{,.sha256sum}
sha256sum --check hubble-linux-amd64.tar.gz.sha256sum
sudo tar xzvfC hubble-linux-amd64.tar.gz /usr/local/bin
rm hubble-linux-amd64.tar.gz{,.sha256sum}
5. Getting Alerts/Telemetry from Cilium¶
a. Enable port-forwarding for Cilium Hubble relay¶
cilium hubble port-forward&
b. Observing logs using hubble cli¶
hubble observe