Kubernetes, modern uygulamalar\u0131n orkestrasyonu i\u00e7in end\u00fcstri standard\u0131 haline gelmi\u015ftir. Ancak, Kubernetes’in sundu\u011fu temel a\u011f yetenekleri, karma\u015f\u0131k ve g\u00fcvenlik odakl\u0131 senaryolarda yetersiz kalabilir. \u0130\u015fte bu noktada Cilium devreye giriyor. Cilium, Kubernetes a\u011flar\u0131n\u0131 ve g\u00fcvenlik politikalar\u0131n\u0131 daha geli\u015fmi\u015f bir seviyeye ta\u015f\u0131mak i\u00e7in tasarlanm\u0131\u015f a\u00e7\u0131k kaynakl\u0131 bir \u00e7\u00f6z\u00fcmd\u00fcr. Bu blog yaz\u0131s\u0131nda, Cilium’un ne oldu\u011funu, avantajlar\u0131n\u0131, kullan\u0131m senaryolar\u0131n\u0131 ve nas\u0131l kurulup yap\u0131land\u0131r\u0131laca\u011f\u0131n\u0131 ayr\u0131nt\u0131l\u0131 olarak inceleyece\u011fiz. Ayr\u0131ca, BirCloud Teknoloji \u00c7\u00f6z\u00fcmleri A.\u015e. olarak bu alandaki uzmanl\u0131\u011f\u0131m\u0131z\u0131 ve Cilium’un m\u00fc\u015fterilerimize nas\u0131l de\u011fer katabilece\u011fini de ele alaca\u011f\u0131z.<\/p>\n
Cilium, Kubernetes ortamlar\u0131 i\u00e7in tasarlanm\u0131\u015f a\u00e7\u0131k kaynakl\u0131 bir a\u011f ve g\u00fcvenlik \u00e7\u00f6z\u00fcm\u00fcd\u00fcr. Container Network Interface (CNI) olarak \u00e7al\u0131\u015f\u0131r ve eBPF (extended Berkeley Packet Filter) teknolojisini kullanarak y\u00fcksek performansl\u0131 ve g\u00fcvenli bir a\u011f altyap\u0131s\u0131 sa\u011flar. Geleneksel a\u011f yakla\u015f\u0131mlar\u0131n\u0131n aksine, Cilium, uygulama katman\u0131ndaki kimlik bilgilerini (\u00f6rne\u011fin, Kubernetes servis hesaplar\u0131 veya etiketler) kullanarak a\u011f politikalar\u0131n\u0131 uygular. Bu, daha ince taneli ve dinamik g\u00fcvenlik politikalar\u0131n\u0131n tan\u0131mlanmas\u0131na olanak tan\u0131r.<\/p>\n
Cilium’un temel \u00f6zellikleri \u015funlard\u0131r:<\/p>\n
Cilium’un Kubernetes a\u011f y\u00f6netimi ve g\u00fcvenli\u011fi i\u00e7in sundu\u011fu bir\u00e7ok avantaj vard\u0131r:<\/p>\n
Cilium, \u00e7e\u015fitli kullan\u0131m senaryolar\u0131nda de\u011fer sa\u011flayabilir:<\/p>\n
Cilium’u Kubernetes k\u00fcmenize kurmak ve yap\u0131land\u0131rmak i\u00e7in a\u015fa\u011f\u0131daki ad\u0131mlar\u0131 izleyebilirsiniz:<\/p>\n
curl -L --fail --remote-name-all https:\/\/github.com\/cilium\/cilium-cli\/releases\/latest\/download\/cilium-linux-amd64.tar.gz\n tar xzvf cilium-linux-amd64.tar.gz\n sudo mv cilium \/usr\/local\/bin\/\n rm cilium-linux-amd64.tar.gz\n <\/code><\/pre>\n<\/li>\n- Cilium’u Kubernetes’e Kurulumu (Cilium CLI ile):<\/b>\n
cilium install\n <\/code><\/pre>\n Bu komut, Cilium’u Kubernetes k\u00fcmenize kuracak ve gerekli yap\u0131land\u0131rmay\u0131 otomatik olarak yapacakt\u0131r.\n <\/li>\n
- Cilium’u Kubernetes’e Kurulumu (Helm ile):<\/b>
\n \u0130lk olarak Helm repolar\u0131n\u0131 g\u00fcncelleyin:<\/p>\n helm repo update\n <\/code><\/pre>\n Ard\u0131ndan Cilium’u kurun:<\/p>\n
helm install cilium cilium\/cilium --version 1.14.6\n <\/code><\/pre>\n<\/li>\n- Cilium Durumunu Kontrol Etme:<\/b>\n
cilium status\n <\/code><\/pre>\n Bu komut, Cilium’un durumunu ve bile\u015fenlerinin sa\u011fl\u0131kl\u0131 olup olmad\u0131\u011f\u0131n\u0131 g\u00f6sterir.\n <\/li>\n
- A\u011f Politikas\u0131 Tan\u0131mlama:<\/b>\n
A\u015fa\u011f\u0131daki \u00f6rnek, `app=frontend` etiketine sahip podlar\u0131n `app=backend` etiketine sahip podlara TCP port 80 \u00fczerinden eri\u015fmesine izin veren bir a\u011f politikas\u0131d\u0131r:<\/p>\n
\napiVersion: networking.k8s.io\/v1\nkind: NetworkPolicy\nmetadata:\n name: frontend-to-backend\nspec:\n podSelector:\n matchLabels:\n app: frontend\n policyTypes:\n - Egress\n egress:\n - to:\n - podSelector:\n matchLabels:\n app: backend\n ports:\n - protocol: TCP\n port: 80\n <\/code><\/pre>\n Bu YAML dosyas\u0131n\u0131 `kubectl apply -f network-policy.yaml` komutuyla uygulayabilirsiniz.\n <\/li>\n<\/ol>\n
BirCloud Perspektifi<\/h2>\n
BirCloud Teknoloji \u00c7\u00f6z\u00fcmleri A.\u015e. olarak, m\u00fc\u015fterilerimize en iyi bulut \u00e7\u00f6z\u00fcmlerini sunmaya odaklan\u0131yoruz. Kubernetes ve Cilium gibi a\u00e7\u0131k kaynakl\u0131 teknolojiler, m\u00fc\u015fterilerimizin uygulamalar\u0131n\u0131 daha g\u00fcvenli, \u00f6l\u00e7eklenebilir ve y\u00f6netilebilir hale getirmelerine yard\u0131mc\u0131 olabilir. Cilium’un sundu\u011fu geli\u015fmi\u015f a\u011f y\u00f6netimi ve g\u00fcvenlik politikalar\u0131, \u00f6zellikle mikroservis mimarileri ve \u00e7oklu kirac\u0131l\u0131 ortamlarda kritik \u00f6neme sahiptir. BirCloud, m\u00fc\u015fterilerine Cilium kurulumu, yap\u0131land\u0131rmas\u0131 ve y\u00f6netimi konusunda uzman dan\u0131\u015fmanl\u0131k hizmetleri sunmaktad\u0131r. Ayr\u0131ca, Cilium’u BirCloud’un bulut platformuna entegre ederek, m\u00fc\u015fterilerimizin daha da kolay bir \u015fekilde kullanabilmelerini sa\u011fl\u0131yoruz. A\u00e7\u0131k kaynakl\u0131 \u00e7\u00f6z\u00fcmlere olan ba\u011fl\u0131l\u0131\u011f\u0131m\u0131z ve bulut bili\u015fim alan\u0131ndaki uzmanl\u0131\u011f\u0131m\u0131z sayesinde, m\u00fc\u015fterilerimizin i\u015f hedeflerine ula\u015fmalar\u0131na yard\u0131mc\u0131 oluyoruz.<\/p>\n
Sonu\u00e7<\/h2>\n
Cilium, Kubernetes a\u011f y\u00f6netimi ve g\u00fcvenli\u011fi i\u00e7in g\u00fc\u00e7l\u00fc ve esnek bir \u00e7\u00f6z\u00fcmd\u00fcr. eBPF teknolojisi sayesinde y\u00fcksek performans, geli\u015fmi\u015f g\u00fcvenlik ve kolay y\u00f6netim imkan\u0131 sunar. Mikroservis mimarileri, \u00e7oklu kirac\u0131l\u0131 ortamlar ve bulut yerel uygulamalar i\u00e7in idealdir. BirCloud Teknoloji \u00c7\u00f6z\u00fcmleri A.\u015e. olarak, m\u00fc\u015fterilerimize Cilium’un t\u00fcm avantajlar\u0131ndan yararlanmalar\u0131na yard\u0131mc\u0131 olmaktan mutluluk duyar\u0131z. Kubernetes ortam\u0131n\u0131zda a\u011f y\u00f6netimini ve g\u00fcvenli\u011fi iyile\u015ftirmek istiyorsan\u0131z, Cilium’u de\u011ferlendirmeniz \u015fiddetle tavsiye edilir. BirCloud’un uzman ekibi, size bu s\u00fcre\u00e7te destek olmaktan memnuniyet duyacakt\u0131r.<\/p>\n","protected":false},"excerpt":{"rendered":"
Kubernetes ortamlar\u0131nda Cilium ile a\u011f y\u00f6netimini ve g\u00fcvenlik politikalar\u0131n\u0131 nas\u0131l geli\u015ftirebilece\u011finizi \u00f6\u011frenin. Geli\u015fmi\u015f \u00f6zellikler, avantajlar ve pratik kullan\u0131m senaryolar\u0131.<\/p>\n","protected":false},"author":2,"featured_media":2680,"comment_status":"","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[160],"tags":[192,191,161,193,155],"class_list":["post-2681","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-bulut-bilisim","tag-ag-yonetimi","tag-cilium","tag-ebpf","tag-guvenlik-politikalari","tag-kubernetes"],"_links":{"self":[{"href":"https:\/\/www.bircloud.com\/cloud\/index.php\/wp-json\/wp\/v2\/posts\/2681","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.bircloud.com\/cloud\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.bircloud.com\/cloud\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.bircloud.com\/cloud\/index.php\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.bircloud.com\/cloud\/index.php\/wp-json\/wp\/v2\/comments?post=2681"}],"version-history":[{"count":0,"href":"https:\/\/www.bircloud.com\/cloud\/index.php\/wp-json\/wp\/v2\/posts\/2681\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.bircloud.com\/cloud\/index.php\/wp-json\/wp\/v2\/media\/2680"}],"wp:attachment":[{"href":"https:\/\/www.bircloud.com\/cloud\/index.php\/wp-json\/wp\/v2\/media?parent=2681"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.bircloud.com\/cloud\/index.php\/wp-json\/wp\/v2\/categories?post=2681"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.bircloud.com\/cloud\/index.php\/wp-json\/wp\/v2\/tags?post=2681"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}