Kubernetes Cilium Network Plugin

Template version:v25-10-30

Helm charts used: cilium/cilium v1.18.3

Cilium is an open source, cloud native solution for providing, securing, and observing network connectivity between workloads, fueled by the revolutionary Kernel technology eBPF

Note: cilium must be deployed at first, as the Network plugin for the kubernetes cluster.

Template override parameters

File _values-tpl.yaml contains template configuration parameters and their default values:

#
#   _values-tpl.yaml
#
#   cskygen template default values file
#
_tplname: k8s-cilium
_tpldescription: Kubernetes Network plugin
_tplversion: 25-10-30
#
# Values to override
#
## k8s cluster credentials kubeconfig file
kubeconfig: config-k8s-mod
namespace:
  ## k8s namespace name
  name: kube-system

TL;DR

Install network & chart:

# Install  
./csdeploy.sh -m install
# Check status
./csdeploy.sh -l

Prerequisites

• Administrative access to Kubernetes cluster.
• Helm v3.

How-to guides

Pull Charts

To pull charts, change the repositories and charts needed in variable source_charts inside the script csdeploy.sh and run:

# Pull charts to './charts/' directory
  ./csdeploy.sh -m pull-charts

When pulling new charts, all the content of ./charts directory will be removed, and replaced by the new pulled charts.

Install

To Create network and install chart:

  #  Create network and install chart.
    ./csdeploy.sh -m install

Update

To update chart settings, change values in override file values-cilium.yaml or change cilium_chart_version="1.18.2" variable in file csdeploy.sh

Upgrade the chart by running:

  # Upgrade chart
    ./csdeploy.sh -m update

Uninstall

To uninstall chart and network run:

  # Uninstall chart and network
    ./csdeploy.sh -m uninstall

Display status

To display namespace & chart status run:

  # Display namespace and charts status:
    ./csdeploy.sh -l

Utilities

Passwords and secrets

Generate passwords and secrets with:

# Screen
echo $(head -c 512 /dev/urandom | LC_ALL=C tr -cd 'a-zA-Z0-9' | head -c 16)
# File (without newline)
printf $(head -c 512 /dev/urandom | LC_ALL=C tr -cd 'a-zA-Z0-9' | head -c 16) > RESTIC-PASS.txt

Change the parameter head -c 16 according with the desired length of the secret.

Reference

To learn more see:

• https://docs.cilium.io/en/stable/installation/k8s-install-helm/

Helm charts and values

Scripts

cs-deploy

Purpose:
  Cilium Network Plugin for Kubernetes.
Usage:
  sudo csdeploy.sh [-l] [-m <execution_mode>] [-h] [-q]
Execution modes:
  -l  [list-status]     - List current status.
  -m  <execution_mode>  - Valid modes are:
      [pull-charts]     - Pull charts to './charts/' directory.
      [install]         - Create network, secrets, config-maps,
                          apply manifests and install charts.
      [update]          - Reapply manifests and update or upgrade charts.
      [uninstall]       - Uninstall charts, delete manifests, remove PV's and network.
Options and arguments:  
  -h  Help
  -q  Quiet (Nonstop) execution.
Examples:
  # Pull charts to './charts/' directory
    ./csdeploy.sh -m pull-charts
  # Create network, secrets, config-maps, apply manifests and install charts.
    ./csdeploy.sh -m install
  # Reapply manifests and update or upgrade charts.
    ./csdeploy.sh -m update
  # Uninstall charts, delete manifests, and network.
    ./csdeploy.sh -m uninstall
  # Display network, and charts status:
    ./csdeploy.sh -l

License

Copyright © 2025 cSkyLab.com ™

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.