Thalassa CloudMenu
- Digital Sovereignty
- Solutions
Managed Cloud
Dedicated Private Cloud
- Use cases
- About
About Thalassa Cloud
Learn why Cilium powers Thalassa Cloud's Kubernetes solution with high performance, predictability, and advanced security features.
When we set out to build the Kubernetes platform for Thalassa Cloud, we knew that every component we selected had to align with our vision: a platform that prioritizes performance, security, and flexibility. One of the most critical choices we faced was selecting the right Container Network Interface (CNI). Networking is the backbone of any Kubernetes deployment—get it right, and your platform thrives. Get it wrong, and you’re battling bottlenecks and vulnerabilities.
For years, I’ve been a big fan of Calico. It’s been my go-to CNI for countless Kubernetes clusters I’ve deployed and managed. Reliable, familiar, and feature-rich—it always got the job done. So when the time came to choose the CNI for Thalassa Cloud, I naturally leaned toward Calico. But we knew this project required more than familiarity. It required a solution that could handle not just the demands of today but the complexity of tomorrow’s workloads.
We dug deep, evaluating multiple options with a critical eye. After rigorous testing and consideration, we chose Cilium as the default CNI for our platform. It wasn’t just about feature checklists—it was about building a future-proof foundation for secure, high-performance networking. Here’s why we made that choice.
Cilium is built to handle the high-performance networking demands of modern Kubernetes workloads. By leveraging eBPF (Extended Berkeley Packet Filter), Cilium processes network traffic directly in the Linux kernel, reducing overhead and making packet processing much faster. This means your clusters benefit from lower latency and higher throughput without sacrificing efficiency.
In practice, this translates to faster networking and better scalability—essential for enterprises and cloud-native applications operating in complex environments. Whether you’re running high-throughput applications or scaling out microservices, Cilium keeps your network fast, reliable, and responsive.
For businesses that need to stay agile while managing resource-intensive workloads, Cilium provides the performance and predictability to scale with confidence.
One of the key reasons we chose Cilium is its widespread adoption within the Kubernetes ecosystem. Major cloud providers like AWS, GCP, and Azure either use Cilium or offer it as an option in their managed Kubernetes services. This level of adoption means that Cilium has been battle-tested in countless production environments, reinforcing its reputation for stability and reliability—qualities that our users rely on.
By choosing a CNI with such a strong track record, we ensure that Thalassa Cloud’s Kubernetes deployments benefit from a solution that’s not only trusted by the industry but also continuously improved by a large and active community of developers. This widespread use means Cilium receives significant attention, rapid bug fixes, and frequent updates to enhance performance and security.
Ultimately, this gives you peace of mind—knowing that your production workloads are running on a platform backed by one of the most trusted and stable networking solutions in the Kubernetes world.
Cilium Network Policies bring a powerful layer of security to Thalassa Cloud, enabling fine-grained control over how workloads communicate within and outside the cluster. Unlike standard Kubernetes Network Policies, Cilium extends functionality with DNS-aware rules, Layer 7 filtering, and application-layer policies. This means users can define rules based on actual application behavior, such as restricting traffic to specific API endpoints or allowing connections to trusted external services by hostname.
These security features are particularly valuable for environments where isolating workloads and enforcing strict compliance requirements are critical. With Cilium Network Policies, Thalassa Cloud users benefit from enhanced security that is not only more comprehensive but also easier to manage, ensuring their Kubernetes deployments are both safe and efficient.
While we believe Cilium is the best choice for most Kubernetes deployments, we understand that some use cases require alternative networking solutions. That’s why Thalassa Cloud supports custom CNIs, allowing our users to integrate their preferred networking stack. Whether you’re running specialized workloads or have unique networking requirements, our platform provides the flexibility to meet your needs without locking you into a specific solution.
When you create a new Kubernetes cluster on the Thalassa Cloud platform, Cilium is selected as the default CNI. This ensures that your cluster benefits from advanced networking capabilities right out of the box.
The default Cilium installation is pre-configured with the following features:
kube-proxy to handle service routing more efficiently, reducing network complexity and improving performance across your cluster.With these default settings, your cluster is equipped with secure, high-performance networking from the outset. This configuration minimizes setup complexity while providing encryption and efficient service routing, ensuring your infrastructure is both secure and optimized for production workloads.
By choosing Cilium as the default CNI for Thalassa Cloud, we’ve prioritized performance, security, and reliability as the backbone of our Kubernetes platform. Its widespread adoption across the industry means our users benefit from a proven solution that ensures stability and compatibility with other Kubernetes environments. Features like CiliumNetworkPolicies offer fine-grained control, enabling more secure and adaptable networking configurations tailored to your needs.
For teams with unique requirements, Thalassa Cloud also supports alternative CNIs, providing the flexibility to address any networking challenge. With Cilium at the core, Thalassa Cloud delivers a modern Kubernetes experience that’s built for the demands of today and ready to scale for the needs of tomorrow.
We’d love to hear about your networking challenges and how our solution can support your goals. Let’s work together to build a private cloud-native infrastructure that’s ready for the future!
