---
title: What Is Going on Within My Network? a Subtle Introduction to Cilium Hubble
tags:
 - platform
 - monitoring
 - network
---

Held by Cilium regarding eBPF and Hubble

## eBPF

> Extend the capabilities of the kernel without requiring to change the kernel source code or load modules

* Benefits: Reduce performance overhead, gain deep visibility while being widely available
* Example Tools: Parca (Profiling), Cilium (Networking), Hubble (Observability), Tetragon (Security)

## Cilium

> Open source Solution for network connectivity between workloads

## Hubble

> Observability-Layer for cilium

### Feature set

* CLI: TCP-Dump on steroids + API Client
* UI: Graphical dependency and connectivity map
* Prometheus + Grafana + OpenTelemetry compatible
* Metrics up to L7

### Where can it be used

* Service dependency with frequency
* Kinds of HTTP calls
* Network Problems between L4 and L7 (including DNS)
* Application Monitoring through status codes and latency
* Security-Related Network Blocks
* Services accessed from outside the cluster

### Architecture

* Cilium Agent: Runs as the CNI for all Pods
* Server: Runs on each node and retrieves the eBPF from cilium
* Relay: Provide visibility throughout all nodes

## TL;DR

Hubble looks pretty nice