{"id":28317,"date":"2026-03-12T06:31:05","date_gmt":"2026-03-12T06:31:05","guid":{"rendered":"https:\/\/cloud-cod.com\/?p=28317"},"modified":"2026-03-12T10:29:47","modified_gmt":"2026-03-12T10:29:47","slug":"cilium-as-kube-proxy-replacement-on-kind","status":"publish","type":"post","link":"https:\/\/cloud-cod.com\/index.php\/2026\/03\/12\/cilium-as-kube-proxy-replacement-on-kind\/","title":{"rendered":"Cilium as Kube-Proxy Replacement on KIND"},"content":{"rendered":"\t\t<div data-elementor-type=\"wp-post\" data-elementor-id=\"28317\" class=\"elementor elementor-28317\" data-elementor-post-type=\"post\">\n\t\t\t\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-51125d7 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"51125d7\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-b37fae3\" data-id=\"b37fae3\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t\t\t<div class=\"elementor-element elementor-element-9ad36bd elementor-widget elementor-widget-text-editor\" data-id=\"9ad36bd\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<style>\/*! elementor - v3.17.0 - 01-11-2023 *\/\n.elementor-widget-text-editor.elementor-drop-cap-view-stacked .elementor-drop-cap{background-color:#69727d;color:#fff}.elementor-widget-text-editor.elementor-drop-cap-view-framed .elementor-drop-cap{color:#69727d;border:3px solid;background-color:transparent}.elementor-widget-text-editor:not(.elementor-drop-cap-view-default) .elementor-drop-cap{margin-top:8px}.elementor-widget-text-editor:not(.elementor-drop-cap-view-default) .elementor-drop-cap-letter{width:1em;height:1em}.elementor-widget-text-editor .elementor-drop-cap{float:left;text-align:center;line-height:1;font-size:50px}.elementor-widget-text-editor .elementor-drop-cap-letter{display:inline-block}<\/style>\t\t\t\t<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">In my previous article <a href=\"https:\/\/cloud-cod.com\/index.php\/2026\/03\/11\/running-kind-on-aws-ec2\/\">https:\/\/cloud-cod.com\/index.php\/2026\/03\/11\/running-kind-on-aws-ec2\/<\/a> , I showed how to run a multi\u2011node Kind cluster on an Ubuntu EC2 instance. In this post, we go one step further:<\/p><ul><li class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">we install Cilium as the CNI<\/li><li class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">and enable its eBPF\u2011based kube\u2011proxy replacement so that Cilium handles all Kubernetes Service traffic, including ClusterIP and NodePort.<\/li><\/ul><p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">We will then deploy a simple nginx application and expose it via NodePort and Kind\u2019s port mappings, effectively simulating a LoadBalancer from the outside world.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-47adb80 elementor-toc--minimized-on-tablet elementor-widget elementor-widget-table-of-contents\" data-id=\"47adb80\" data-element_type=\"widget\" data-settings=\"{&quot;exclude_headings_by_selector&quot;:[],&quot;marker_view&quot;:&quot;bullets&quot;,&quot;headings_by_tags&quot;:[&quot;h2&quot;,&quot;h3&quot;,&quot;h4&quot;,&quot;h5&quot;,&quot;h6&quot;],&quot;icon&quot;:{&quot;value&quot;:&quot;fas fa-circle&quot;,&quot;library&quot;:&quot;fa-solid&quot;},&quot;minimize_box&quot;:&quot;yes&quot;,&quot;minimized_on&quot;:&quot;tablet&quot;,&quot;hierarchical_view&quot;:&quot;yes&quot;,&quot;min_height&quot;:{&quot;unit&quot;:&quot;px&quot;,&quot;size&quot;:&quot;&quot;,&quot;sizes&quot;:[]},&quot;min_height_tablet&quot;:{&quot;unit&quot;:&quot;px&quot;,&quot;size&quot;:&quot;&quot;,&quot;sizes&quot;:[]},&quot;min_height_mobile&quot;:{&quot;unit&quot;:&quot;px&quot;,&quot;size&quot;:&quot;&quot;,&quot;sizes&quot;:[]}}\" data-widget_type=\"table-of-contents.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<style>\/*! elementor-pro - v3.17.0 - 01-11-2023 *\/\n.elementor-widget-table-of-contents .elementor-toc__header-title{color:var(--header-color)}.elementor-widget-table-of-contents.elementor-toc--collapsed .elementor-toc__toggle-button--collapse,.elementor-widget-table-of-contents:not(.elementor-toc--collapsed) .elementor-toc__toggle-button--expand{display:none}.elementor-widget-table-of-contents .elementor-widget-container{min-height:var(--box-min-height);border:var(--box-border-width,1px) solid var(--box-border-color,#9da5ae);border-radius:var(--box-border-radius,3px);background-color:var(--box-background-color);transition:min-height .4s;overflow:hidden}.elementor-toc__header{display:flex;align-items:center;justify-content:space-between;padding:var(--box-padding,20px);background-color:var(--header-background-color);border-bottom:var(--separator-width,1px) solid var(--box-border-color,#9da5ae)}.elementor-toc__header-title{font-size:18px;margin:0;color:var(--header-color)}.elementor-toc__toggle-button{cursor:pointer;display:inline-flex}.elementor-toc__toggle-button i{color:var(--toggle-button-color)}.elementor-toc__toggle-button svg{height:1em;width:1em;fill:var(--toggle-button-color)}.elementor-toc__spinner-container{text-align:center}.elementor-toc__spinner{font-size:2em}.elementor-toc__spinner.e-font-icon-svg{height:1em;width:1em}.elementor-toc__body{padding:var(--box-padding,20px);max-height:var(--toc-body-max-height);overflow-y:auto}.elementor-toc__body::-webkit-scrollbar{width:7px}.elementor-toc__body::-webkit-scrollbar-thumb{background-color:#babfc5;border-radius:10px}.elementor-toc__list-wrapper{list-style:none;padding:0}.elementor-toc__list-item{margin-bottom:.5em}.elementor-toc__list-item.elementor-item-active{font-weight:700}.elementor-toc__list-item .elementor-toc__list-wrapper{margin-top:.5em;margin-left:var(--nested-list-indent,1em)}.elementor-toc__list-item-text:hover{color:var(--item-text-hover-color);-webkit-text-decoration:var(--item-text-hover-decoration);text-decoration:var(--item-text-hover-decoration)}.elementor-toc__list-item-text.elementor-item-active{color:var(--item-text-active-color);-webkit-text-decoration:var(--item-text-active-decoration);text-decoration:var(--item-text-active-decoration)}.elementor-toc__list-item-text-wrapper{display:flex;align-items:center}.elementor-toc__list-item-text-wrapper:before,.elementor-toc__list-item-text-wrapper i{margin-right:8px;color:var(--marker-color)}.elementor-toc__list-item-text-wrapper svg{margin-right:8px;fill:var(--marker-color);height:var(--marker-size,.5em);width:var(--marker-size,.5em)}.elementor-toc__list-item-text-wrapper i{font-size:var(--marker-size,.5em)}.elementor-toc__list-item-text-wrapper:before{font-size:var(--marker-size,1em)}.elementor-toc--content-ellipsis .elementor-toc__list-item-text{white-space:nowrap;overflow:hidden;text-overflow:ellipsis}.elementor-toc__list-items--collapsible>.elementor-toc__list-wrapper>.elementor-toc__list-item>.elementor-toc__list-wrapper{display:none}.elementor-toc__heading-anchor{position:absolute}.elementor-toc__body .elementor-toc__list-item-text{color:var(--item-text-color);-webkit-text-decoration:var(--item-text-decoration);text-decoration:var(--item-text-decoration)}.elementor-toc__body .elementor-toc__list-item-text:hover{color:var(--item-text-hover-color);-webkit-text-decoration:var(--item-text-hover-decoration);text-decoration:var(--item-text-hover-decoration)}.elementor-toc__body .elementor-toc__list-item-text.elementor-item-active{color:var(--item-text-active-color);-webkit-text-decoration:var(--item-text-active-decoration);text-decoration:var(--item-text-active-decoration)}ol.elementor-toc__list-wrapper{counter-reset:item}ol.elementor-toc__list-wrapper .elementor-toc__list-item{counter-increment:item}ol.elementor-toc__list-wrapper .elementor-toc__list-item-text-wrapper:before{content:counters(item,\".\") \". \"}<\/style>\t\t<div class=\"elementor-toc__header\">\n\t\t\t<h4 class=\"elementor-toc__header-title\">\n\t\t\t\tTable of Contents\t\t\t<\/h4>\n\t\t\t\t\t\t\t<div class=\"elementor-toc__toggle-button elementor-toc__toggle-button--expand\" role=\"button\" tabindex=\"0\" aria-controls=\"elementor-toc__47adb80\" aria-expanded=\"true\" aria-label=\"Open table of contents\"><i aria-hidden=\"true\" class=\"fas fa-chevron-down\"><\/i><\/div>\n\t\t\t\t<div class=\"elementor-toc__toggle-button elementor-toc__toggle-button--collapse\" role=\"button\" tabindex=\"0\" aria-controls=\"elementor-toc__47adb80\" aria-expanded=\"true\" aria-label=\"Close table of contents\"><i aria-hidden=\"true\" class=\"fas fa-chevron-up\"><\/i><\/div>\n\t\t\t\t\t<\/div>\n\t\t<div id=\"elementor-toc__47adb80\" class=\"elementor-toc__body\">\n\t\t\t<div class=\"elementor-toc__spinner-container\">\n\t\t\t\t<i class=\"elementor-toc__spinner eicon-animation-spin eicon-loading\" aria-hidden=\"true\"><\/i>\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-f989f53 elementor-widget elementor-widget-heading\" data-id=\"f989f53\" data-element_type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<style>\/*! elementor - v3.17.0 - 01-11-2023 *\/\n.elementor-heading-title{padding:0;margin:0;line-height:1}.elementor-widget-heading .elementor-heading-title[class*=elementor-size-]>a{color:inherit;font-size:inherit;line-height:inherit}.elementor-widget-heading .elementor-heading-title.elementor-size-small{font-size:15px}.elementor-widget-heading .elementor-heading-title.elementor-size-medium{font-size:19px}.elementor-widget-heading .elementor-heading-title.elementor-size-large{font-size:29px}.elementor-widget-heading .elementor-heading-title.elementor-size-xl{font-size:39px}.elementor-widget-heading .elementor-heading-title.elementor-size-xxl{font-size:59px}<\/style><h2 class=\"elementor-heading-title elementor-size-default\">Prerequisites<\/h2>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-d89c891 elementor-widget elementor-widget-text-editor\" data-id=\"d89c891\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>You should already have:<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-4c718c4 elementor-widget elementor-widget-text-editor\" data-id=\"4c718c4\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<ul class=\"marker:text-quiet list-disc\"><li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\"><p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">An AWS EC2 instance (Ubuntu 24.04 LTS recommended) with Docker, kubectl, and Kind installed.<\/p><\/li><li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\"><p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">A running Kind cluster created with default CNI disabled<\/p><\/li><\/ul>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-2080e06 elementor-widget elementor-widget-image\" data-id=\"2080e06\" data-element_type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<style>\/*! elementor - v3.17.0 - 01-11-2023 *\/\n.elementor-widget-image{text-align:center}.elementor-widget-image a{display:inline-block}.elementor-widget-image a img[src$=\".svg\"]{width:48px}.elementor-widget-image img{vertical-align:middle;display:inline-block}<\/style>\t\t\t\t\t\t\t\t\t<figure class=\"wp-caption\">\n\t\t\t\t\t\t\t\t\t\t\t<a href=\"http:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/01_aws_kind_cilium-1.png\" data-elementor-open-lightbox=\"yes\" data-elementor-lightbox-title=\"After KIND installation\" data-elementor-lightbox-description=\"After KIND installation\" data-e-action-hash=\"#elementor-action%3Aaction%3Dlightbox%26settings%3DeyJpZCI6MjgzMzYsInVybCI6Imh0dHBzOlwvXC9jbG91ZC1jb2QuY29tXC93cC1jb250ZW50XC91cGxvYWRzXC8yMDI2XC8wM1wvMDFfYXdzX2tpbmRfY2lsaXVtLTEucG5nIn0%3D\">\n\t\t\t\t\t\t\t<img loading=\"lazy\" decoding=\"async\" width=\"768\" height=\"276\" src=\"https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/01_aws_kind_cilium-1-768x276.png\" class=\"attachment-medium_large size-medium_large wp-image-28336\" alt=\"After KIND installation\" srcset=\"https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/01_aws_kind_cilium-1-768x276.png 768w, https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/01_aws_kind_cilium-1-300x108.png 300w, https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/01_aws_kind_cilium-1-1024x368.png 1024w, https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/01_aws_kind_cilium-1-1536x551.png 1536w, https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/01_aws_kind_cilium-1.png 1755w\" sizes=\"auto, (max-width: 768px) 100vw, 768px\" \/>\t\t\t\t\t\t\t\t<\/a>\n\t\t\t\t\t\t\t\t\t\t\t<figcaption class=\"widget-image-caption wp-caption-text\">After KIND installation<\/figcaption>\n\t\t\t\t\t\t\t\t\t\t<\/figure>\n\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-0b8f402 elementor-widget elementor-widget-text-editor\" data-id=\"0b8f402\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>Right now, my Kind cluster on EC2 is up, but all nodes are in NotReady and several system pods are stuck in Pending. The core control-plane components and kube-proxy are running, but both coredns and the local-path-provisioner remain Pending because there is no CNI plugin installed yet. This is the exact starting point from which we will remove kube-proxy, install Cilium as the CNI, and enable its kube-proxy replacement.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-d023add elementor-widget elementor-widget-heading\" data-id=\"d023add\" data-element_type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">Kube-Proxy Removal<\/h2>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-cce9d8e elementor-widget elementor-widget-text-editor\" data-id=\"cce9d8e\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>Cilium\u2019s kube\u2011proxy replacement expects kube\u2011proxy to be absent, otherwise you have two components trying to program Service rules. Kind deploys kube\u2011proxy by default, so we must remove its DaemonSet.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-a7e1bb4 elementor-widget elementor-widget-code-highlight\" data-id=\"a7e1bb4\" data-element_type=\"widget\" data-widget_type=\"code-highlight.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"prismjs-default copy-to-clipboard \">\n\t\t\t<pre data-line=\"\" class=\"highlight-height language-javascript line-numbers\">\n\t\t\t\t<code readonly=\"true\" class=\"language-javascript\">\n\t\t\t\t\t<xmp>kubectl -n kube-system get ds kube-proxy\r\nkubectl -n kube-system get pods -l k8s-app=kube-proxy -o wide\r\n<\/xmp>\n\t\t\t\t<\/code>\n\t\t\t<\/pre>\n\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-f0a3703 elementor-widget elementor-widget-image\" data-id=\"f0a3703\" data-element_type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t<figure class=\"wp-caption\">\n\t\t\t\t\t\t\t\t\t\t\t<a href=\"http:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/02_kube_proxy_ds-1.png\" data-elementor-open-lightbox=\"yes\" data-elementor-lightbox-title=\"Kube-Proxy DaemonSet\" data-elementor-lightbox-description=\"Kube-Proxy DaemonSet\" data-e-action-hash=\"#elementor-action%3Aaction%3Dlightbox%26settings%3DeyJpZCI6MjgzMzcsInVybCI6Imh0dHBzOlwvXC9jbG91ZC1jb2QuY29tXC93cC1jb250ZW50XC91cGxvYWRzXC8yMDI2XC8wM1wvMDJfa3ViZV9wcm94eV9kcy0xLnBuZyJ9\">\n\t\t\t\t\t\t\t<img loading=\"lazy\" decoding=\"async\" width=\"768\" height=\"122\" src=\"https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/02_kube_proxy_ds-1-768x122.png\" class=\"attachment-medium_large size-medium_large wp-image-28337\" alt=\"Kube-Proxy DaemonSet\" srcset=\"https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/02_kube_proxy_ds-1-768x122.png 768w, https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/02_kube_proxy_ds-1-300x48.png 300w, https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/02_kube_proxy_ds-1-1024x163.png 1024w, https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/02_kube_proxy_ds-1-1536x245.png 1536w, https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/02_kube_proxy_ds-1-2048x327.png 2048w\" sizes=\"auto, (max-width: 768px) 100vw, 768px\" \/>\t\t\t\t\t\t\t\t<\/a>\n\t\t\t\t\t\t\t\t\t\t\t<figcaption class=\"widget-image-caption wp-caption-text\">Kube-Proxy DaemonSet<\/figcaption>\n\t\t\t\t\t\t\t\t\t\t<\/figure>\n\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-f78b5e1 elementor-widget elementor-widget-text-editor\" data-id=\"f78b5e1\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>Delete the DaemonSet:<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-3ff2901 elementor-widget elementor-widget-code-highlight\" data-id=\"3ff2901\" data-element_type=\"widget\" data-widget_type=\"code-highlight.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"prismjs-default copy-to-clipboard \">\n\t\t\t<pre data-line=\"\" class=\"highlight-height language-javascript line-numbers\">\n\t\t\t\t<code readonly=\"true\" class=\"language-javascript\">\n\t\t\t\t\t<xmp>kubectl -n kube-system delete ds kube-proxy<\/xmp>\n\t\t\t\t<\/code>\n\t\t\t<\/pre>\n\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-b78701f elementor-widget elementor-widget-image\" data-id=\"b78701f\" data-element_type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t<figure class=\"wp-caption\">\n\t\t\t\t\t\t\t\t\t\t\t<a href=\"http:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/03_kube_proxy_removal-1.png\" data-elementor-open-lightbox=\"yes\" data-elementor-lightbox-title=\"Kube-Proxy Removal\" data-elementor-lightbox-description=\"Kube-Proxy Removal\" data-e-action-hash=\"#elementor-action%3Aaction%3Dlightbox%26settings%3DeyJpZCI6MjgzMzgsInVybCI6Imh0dHBzOlwvXC9jbG91ZC1jb2QuY29tXC93cC1jb250ZW50XC91cGxvYWRzXC8yMDI2XC8wM1wvMDNfa3ViZV9wcm94eV9yZW1vdmFsLTEucG5nIn0%3D\">\n\t\t\t\t\t\t\t<img loading=\"lazy\" decoding=\"async\" width=\"768\" height=\"127\" src=\"https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/03_kube_proxy_removal-1-768x127.png\" class=\"attachment-medium_large size-medium_large wp-image-28338\" alt=\"Kube-Proxy Removal\" srcset=\"https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/03_kube_proxy_removal-1-768x127.png 768w, https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/03_kube_proxy_removal-1-300x49.png 300w, https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/03_kube_proxy_removal-1-1024x169.png 1024w, https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/03_kube_proxy_removal-1.png 1164w\" sizes=\"auto, (max-width: 768px) 100vw, 768px\" \/>\t\t\t\t\t\t\t\t<\/a>\n\t\t\t\t\t\t\t\t\t\t\t<figcaption class=\"widget-image-caption wp-caption-text\">Kube-Proxy Removal<\/figcaption>\n\t\t\t\t\t\t\t\t\t\t<\/figure>\n\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-35b5124 elementor-widget elementor-widget-text-editor\" data-id=\"35b5124\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>On a \u201creal\u201d bare\u2011metal cluster you would also need to clean up kube\u2011proxy\u2019s iptables rules, but in Kind these rules are isolated to the containerized nodes and will be overwritten when Cilium programs its own eBPF datapath.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-1c09c5c elementor-widget elementor-widget-heading\" data-id=\"1c09c5c\" data-element_type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">Cilium Helm Repo Installation<\/h2>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-7af4934 elementor-widget elementor-widget-text-editor\" data-id=\"7af4934\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>We will use Helm to install Cilium and explicitly enable kube\u2011proxy replacement.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-c7bb137 elementor-widget elementor-widget-text-editor\" data-id=\"c7bb137\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>Helm installation:<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-5cd9002 elementor-widget elementor-widget-code-highlight\" data-id=\"5cd9002\" data-element_type=\"widget\" data-widget_type=\"code-highlight.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"prismjs-default copy-to-clipboard \">\n\t\t\t<pre data-line=\"\" class=\"highlight-height language-javascript line-numbers\">\n\t\t\t\t<code readonly=\"true\" class=\"language-javascript\">\n\t\t\t\t\t<xmp>HELM_VERSION=v3.15.0\r\n\r\ncurl -LO https:\/\/get.helm.sh\/helm-${HELM_VERSION}-linux-amd64.tar.gz\r\ntar -xzf helm-${HELM_VERSION}-linux-amd64.tar.gz\r\nsudo mv linux-amd64\/helm \/usr\/local\/bin\/helm\r\nrm -rf linux-amd64 helm-${HELM_VERSION}-linux-amd64.tar.gz\r\n\r\nhelm version\r\n<\/xmp>\n\t\t\t\t<\/code>\n\t\t\t<\/pre>\n\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-2bc3101 elementor-widget elementor-widget-image\" data-id=\"2bc3101\" data-element_type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t<figure class=\"wp-caption\">\n\t\t\t\t\t\t\t\t\t\t\t<a href=\"http:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/04_helm_installation-1.png\" data-elementor-open-lightbox=\"yes\" data-elementor-lightbox-title=\"Helm Installation\" data-elementor-lightbox-description=\"Helm Installation\" data-e-action-hash=\"#elementor-action%3Aaction%3Dlightbox%26settings%3DeyJpZCI6MjgzMzksInVybCI6Imh0dHBzOlwvXC9jbG91ZC1jb2QuY29tXC93cC1jb250ZW50XC91cGxvYWRzXC8yMDI2XC8wM1wvMDRfaGVsbV9pbnN0YWxsYXRpb24tMS5wbmcifQ%3D%3D\">\n\t\t\t\t\t\t\t<img loading=\"lazy\" decoding=\"async\" width=\"768\" height=\"146\" src=\"https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/04_helm_installation-1-768x146.png\" class=\"attachment-medium_large size-medium_large wp-image-28339\" alt=\"Helm Installation\" srcset=\"https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/04_helm_installation-1-768x146.png 768w, https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/04_helm_installation-1-300x57.png 300w, https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/04_helm_installation-1-1024x195.png 1024w, https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/04_helm_installation-1-1536x293.png 1536w, https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/04_helm_installation-1-2048x391.png 2048w\" sizes=\"auto, (max-width: 768px) 100vw, 768px\" \/>\t\t\t\t\t\t\t\t<\/a>\n\t\t\t\t\t\t\t\t\t\t\t<figcaption class=\"widget-image-caption wp-caption-text\">Helm Installation<\/figcaption>\n\t\t\t\t\t\t\t\t\t\t<\/figure>\n\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-df0b598 elementor-widget elementor-widget-text-editor\" data-id=\"df0b598\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>Add the Cilium Helm repo:<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-9150421 elementor-widget elementor-widget-code-highlight\" data-id=\"9150421\" data-element_type=\"widget\" data-widget_type=\"code-highlight.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"prismjs-default copy-to-clipboard \">\n\t\t\t<pre data-line=\"\" class=\"highlight-height language-javascript line-numbers\">\n\t\t\t\t<code readonly=\"true\" class=\"language-javascript\">\n\t\t\t\t\t<xmp>helm repo add cilium https:\/\/helm.cilium.io\/\r\nhelm repo update\r\n<\/xmp>\n\t\t\t\t<\/code>\n\t\t\t<\/pre>\n\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-2f45b4b elementor-widget elementor-widget-image\" data-id=\"2f45b4b\" data-element_type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t<figure class=\"wp-caption\">\n\t\t\t\t\t\t\t\t\t\t\t<a href=\"http:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/05_adding_cilium_to_helm-1.png\" data-elementor-open-lightbox=\"yes\" data-elementor-lightbox-title=\"Adding Cilium Helm Repo\" data-elementor-lightbox-description=\"Adding Cilium Helm Repo\" data-e-action-hash=\"#elementor-action%3Aaction%3Dlightbox%26settings%3DeyJpZCI6MjgzNDcsInVybCI6Imh0dHBzOlwvXC9jbG91ZC1jb2QuY29tXC93cC1jb250ZW50XC91cGxvYWRzXC8yMDI2XC8wM1wvMDVfYWRkaW5nX2NpbGl1bV90b19oZWxtLTEucG5nIn0%3D\">\n\t\t\t\t\t\t\t<img loading=\"lazy\" decoding=\"async\" width=\"768\" height=\"176\" src=\"https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/05_adding_cilium_to_helm-1-768x176.png\" class=\"attachment-medium_large size-medium_large wp-image-28347\" alt=\"Adding Cilium Helm Repo\" srcset=\"https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/05_adding_cilium_to_helm-1-768x176.png 768w, https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/05_adding_cilium_to_helm-1-300x69.png 300w, https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/05_adding_cilium_to_helm-1-1024x235.png 1024w, https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/05_adding_cilium_to_helm-1.png 1297w\" sizes=\"auto, (max-width: 768px) 100vw, 768px\" \/>\t\t\t\t\t\t\t\t<\/a>\n\t\t\t\t\t\t\t\t\t\t\t<figcaption class=\"widget-image-caption wp-caption-text\">Adding Cilium Helm Repo<\/figcaption>\n\t\t\t\t\t\t\t\t\t\t<\/figure>\n\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-8d56315 elementor-widget elementor-widget-image\" data-id=\"8d56315\" data-element_type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t<figure class=\"wp-caption\">\n\t\t\t\t\t\t\t\t\t\t\t<a href=\"http:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/06_checking_cilium_helm_version-1.png\" data-elementor-open-lightbox=\"yes\" data-elementor-lightbox-title=\"Checking Cilium Helm repo version\" data-elementor-lightbox-description=\"Checking Cilium Helm repo version\" data-e-action-hash=\"#elementor-action%3Aaction%3Dlightbox%26settings%3DeyJpZCI6MjgzNDgsInVybCI6Imh0dHBzOlwvXC9jbG91ZC1jb2QuY29tXC93cC1jb250ZW50XC91cGxvYWRzXC8yMDI2XC8wM1wvMDZfY2hlY2tpbmdfY2lsaXVtX2hlbG1fdmVyc2lvbi0xLnBuZyJ9\">\n\t\t\t\t\t\t\t<img loading=\"lazy\" decoding=\"async\" width=\"768\" height=\"63\" src=\"https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/06_checking_cilium_helm_version-1-768x63.png\" class=\"attachment-medium_large size-medium_large wp-image-28348\" alt=\"Checking Cilium Helm repo version\" srcset=\"https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/06_checking_cilium_helm_version-1-768x63.png 768w, https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/06_checking_cilium_helm_version-1-300x25.png 300w, https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/06_checking_cilium_helm_version-1-1024x84.png 1024w, https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/06_checking_cilium_helm_version-1.png 1527w\" sizes=\"auto, (max-width: 768px) 100vw, 768px\" \/>\t\t\t\t\t\t\t\t<\/a>\n\t\t\t\t\t\t\t\t\t\t\t<figcaption class=\"widget-image-caption wp-caption-text\">Checking Cilium Helm repo version<\/figcaption>\n\t\t\t\t\t\t\t\t\t\t<\/figure>\n\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-26ae8d2 elementor-widget elementor-widget-heading\" data-id=\"26ae8d2\" data-element_type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">Cilium Installation<\/h2>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-8a2b256 elementor-widget elementor-widget-text-editor\" data-id=\"8a2b256\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>Cilium needs to know where to reach the Kubernetes API server when it runs without kube\u2011proxy:<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-eb97219 elementor-widget elementor-widget-code-highlight\" data-id=\"eb97219\" data-element_type=\"widget\" data-widget_type=\"code-highlight.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"prismjs-default copy-to-clipboard \">\n\t\t\t<pre data-line=\"\" class=\"highlight-height language-javascript line-numbers\">\n\t\t\t\t<code readonly=\"true\" class=\"language-javascript\">\n\t\t\t\t\t<xmp>API_SERVER_IP=$(kubectl get endpoints kubernetes -o jsonpath='{.subsets[0].addresses[0].ip}')\r\nAPI_SERVER_PORT=$(kubectl get endpoints kubernetes -o jsonpath='{.subsets[0].ports[0].port}')\r\necho \"$API_SERVER_IP $API_SERVER_PORT\"\r\n<\/xmp>\n\t\t\t\t<\/code>\n\t\t\t<\/pre>\n\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-99f2f0a elementor-widget elementor-widget-image\" data-id=\"99f2f0a\" data-element_type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t<figure class=\"wp-caption\">\n\t\t\t\t\t\t\t\t\t\t\t<a href=\"http:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/07_api_server-1.png\" data-elementor-open-lightbox=\"yes\" data-elementor-lightbox-title=\"Checking API Server IP address and port\" data-elementor-lightbox-description=\"Checking API Server IP address and port\" data-e-action-hash=\"#elementor-action%3Aaction%3Dlightbox%26settings%3DeyJpZCI6MjgzNTIsInVybCI6Imh0dHBzOlwvXC9jbG91ZC1jb2QuY29tXC93cC1jb250ZW50XC91cGxvYWRzXC8yMDI2XC8wM1wvMDdfYXBpX3NlcnZlci0xLnBuZyJ9\">\n\t\t\t\t\t\t\t<img loading=\"lazy\" decoding=\"async\" width=\"768\" height=\"77\" src=\"https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/07_api_server-1-768x77.png\" class=\"attachment-medium_large size-medium_large wp-image-28352\" alt=\"Checking API Server IP address and port\" srcset=\"https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/07_api_server-1-768x77.png 768w, https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/07_api_server-1-300x30.png 300w, https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/07_api_server-1-1024x103.png 1024w, https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/07_api_server-1-1536x154.png 1536w, https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/07_api_server-1.png 1880w\" sizes=\"auto, (max-width: 768px) 100vw, 768px\" \/>\t\t\t\t\t\t\t\t<\/a>\n\t\t\t\t\t\t\t\t\t\t\t<figcaption class=\"widget-image-caption wp-caption-text\">Checking API Server IP address and port<\/figcaption>\n\t\t\t\t\t\t\t\t\t\t<\/figure>\n\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-ebd296c elementor-widget elementor-widget-text-editor\" data-id=\"ebd296c\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>Install Cilium with kubeProxyReplacement=true :<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-16a24e9 elementor-widget elementor-widget-code-highlight\" data-id=\"16a24e9\" data-element_type=\"widget\" data-widget_type=\"code-highlight.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"prismjs-default copy-to-clipboard \">\n\t\t\t<pre data-line=\"\" class=\"highlight-height language-javascript line-numbers\">\n\t\t\t\t<code readonly=\"true\" class=\"language-javascript\">\n\t\t\t\t\t<xmp>helm install cilium cilium\/cilium \\\r\n  --version 1.19.1 \\\r\n  --namespace kube-system \\\r\n  --create-namespace \\\r\n  --set ipam.mode=cluster-pool \\\r\n  --set ipam.operator.clusterPoolIPv4PodCIDRList='{10.111.0.0\/16}' \\\r\n  --set ipam.operator.clusterPoolIPv4MaskSize=24 \\\r\n  --set kubeProxyReplacement=true \\\r\n  --set k8sServiceHost=\"$API_SERVER_IP\" \\\r\n  --set k8sServicePort=\"$API_SERVER_PORT\" \\\r\n  --set nodePort.enabled=true \\\r\n  --set externalIPs.enabled=true \\\r\n  --set hostPort.enabled=true \\\r\n  --set hostServices.enabled=true \\\r\n  --set bpf.masquerade=true\r\n<\/xmp>\n\t\t\t\t<\/code>\n\t\t\t<\/pre>\n\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-c84686e elementor-widget elementor-widget-text-editor\" data-id=\"c84686e\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Key flags:<\/p><ul class=\"marker:text-quiet list-disc\"><li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\"><p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><code>ipam.mode=cluster-pool<\/code>\u00a0with\u00a0<code>clusterPoolIPv4PodCIDRList<\/code>\u00a0matches the pod subnet configured in Kind.<\/p><\/li><li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\"><code>kubeProxyReplacement=true<\/code>\u00a0activates Cilium\u2019s eBPF\u2011based implementation of Service load balancing.<\/li><li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\"><p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><code>k8sServiceHost<\/code>\u00a0and\u00a0<code>k8sServicePort<\/code>\u00a0tell Cilium where to reach the API server without relying on kube\u2011proxy.<\/p><\/li><li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\"><p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><code>nodePort.enabled=true<\/code>\u00a0enables NodePort support in Cilium.<\/p><\/li><li class=\"py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0\"><p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\"><code>bpf.masquerade=true<\/code>\u00a0allows Cilium to perform BPF\u2011based masquerading for traffic leaving the cluster.<\/p><\/li><\/ul>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-927f716 elementor-widget elementor-widget-text-editor\" data-id=\"927f716\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>In a real production environment, you would typically use\u00a0<code>type: LoadBalancer<\/code>\u00a0Services backed by Cilium\u2019s native load balancer integration, which requires additional configuration such as defining\u00a0<code>CiliumLoadBalancerIPPool<\/code>\u00a0resources and, optionally, BGP or L2 announcement to advertise those IPs externally. This article focuses on a simpler lab setup where we simulate a LoadBalancer using a Cilium\u2011backed NodePort Service combined with Kind\u2019s host port mappings on the EC2 instance.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-5a018dc elementor-widget elementor-widget-image\" data-id=\"5a018dc\" data-element_type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t<figure class=\"wp-caption\">\n\t\t\t\t\t\t\t\t\t\t\t<a href=\"http:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/08_cilium_installation-1.png\" data-elementor-open-lightbox=\"yes\" data-elementor-lightbox-title=\"Cilium Installation\" data-elementor-lightbox-description=\"Cilium Installation\" data-e-action-hash=\"#elementor-action%3Aaction%3Dlightbox%26settings%3DeyJpZCI6MjgzNTMsInVybCI6Imh0dHBzOlwvXC9jbG91ZC1jb2QuY29tXC93cC1jb250ZW50XC91cGxvYWRzXC8yMDI2XC8wM1wvMDhfY2lsaXVtX2luc3RhbGxhdGlvbi0xLnBuZyJ9\">\n\t\t\t\t\t\t\t<img loading=\"lazy\" decoding=\"async\" width=\"768\" height=\"530\" src=\"https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/08_cilium_installation-1-768x530.png\" class=\"attachment-medium_large size-medium_large wp-image-28353\" alt=\"Cilium Installation\" srcset=\"https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/08_cilium_installation-1-768x530.png 768w, https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/08_cilium_installation-1-300x207.png 300w, https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/08_cilium_installation-1-1024x707.png 1024w, https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/08_cilium_installation-1.png 1206w\" sizes=\"auto, (max-width: 768px) 100vw, 768px\" \/>\t\t\t\t\t\t\t\t<\/a>\n\t\t\t\t\t\t\t\t\t\t\t<figcaption class=\"widget-image-caption wp-caption-text\">Cilium Installation<\/figcaption>\n\t\t\t\t\t\t\t\t\t\t<\/figure>\n\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-395a478 elementor-widget elementor-widget-text-editor\" data-id=\"395a478\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>Run the following commands to verify the Cilium installation:<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-cc0a9b6 elementor-widget elementor-widget-code-highlight\" data-id=\"cc0a9b6\" data-element_type=\"widget\" data-widget_type=\"code-highlight.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"prismjs-default copy-to-clipboard \">\n\t\t\t<pre data-line=\"\" class=\"highlight-height language-javascript line-numbers\">\n\t\t\t\t<code readonly=\"true\" class=\"language-javascript\">\n\t\t\t\t\t<xmp>kubectl -n kube-system get pods -l k8s-app=cilium\nkubectl -n kube-system get pods -l name=cilium-operator<\/xmp>\n\t\t\t\t<\/code>\n\t\t\t<\/pre>\n\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-2549414 elementor-widget elementor-widget-image\" data-id=\"2549414\" data-element_type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t<figure class=\"wp-caption\">\n\t\t\t\t\t\t\t\t\t\t\t<a href=\"http:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/09_cilium_pods.png\" data-elementor-open-lightbox=\"yes\" data-elementor-lightbox-title=\"Cilium Pods\" data-e-action-hash=\"#elementor-action%3Aaction%3Dlightbox%26settings%3DeyJpZCI6MjgzNTcsInVybCI6Imh0dHBzOlwvXC9jbG91ZC1jb2QuY29tXC93cC1jb250ZW50XC91cGxvYWRzXC8yMDI2XC8wM1wvMDlfY2lsaXVtX3BvZHMucG5nIn0%3D\">\n\t\t\t\t\t\t\t<img loading=\"lazy\" decoding=\"async\" width=\"768\" height=\"202\" src=\"https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/09_cilium_pods-768x202.png\" class=\"attachment-medium_large size-medium_large wp-image-28357\" alt=\"Cilium Pods\" srcset=\"https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/09_cilium_pods-768x202.png 768w, https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/09_cilium_pods-300x79.png 300w, https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/09_cilium_pods-1024x269.png 1024w, https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/09_cilium_pods.png 1289w\" sizes=\"auto, (max-width: 768px) 100vw, 768px\" \/>\t\t\t\t\t\t\t\t<\/a>\n\t\t\t\t\t\t\t\t\t\t\t<figcaption class=\"widget-image-caption wp-caption-text\">Cilium Pods<\/figcaption>\n\t\t\t\t\t\t\t\t\t\t<\/figure>\n\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-0653eaa elementor-widget elementor-widget-heading\" data-id=\"0653eaa\" data-element_type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">Cilium CLI Installation<\/h2>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-e7139b3 elementor-widget elementor-widget-text-editor\" data-id=\"e7139b3\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>We don&#8217;t have Cilium CLI installed. Let&#8217;s fix it:<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-bbf98e6 elementor-widget elementor-widget-code-highlight\" data-id=\"bbf98e6\" data-element_type=\"widget\" data-widget_type=\"code-highlight.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"prismjs-default copy-to-clipboard \">\n\t\t\t<pre data-line=\"\" class=\"highlight-height language-javascript line-numbers\">\n\t\t\t\t<code readonly=\"true\" class=\"language-javascript\">\n\t\t\t\t\t<xmp>CILIUM_CLI_VERSION=$(curl -s https:\/\/raw.githubusercontent.com\/cilium\/cilium-cli\/main\/stable.txt)\r\nCLI_ARCH=amd64\r\n\r\ncurl -L --fail --remote-name-all \\\r\n  https:\/\/github.com\/cilium\/cilium-cli\/releases\/download\/${CILIUM_CLI_VERSION}\/cilium-linux-${CLI_ARCH}.tar.gz{,.sha256sum}\r\n\r\nsha256sum --check cilium-linux-${CLI_ARCH}.tar.gz.sha256sum\r\n\r\nsudo tar xzvf cilium-linux-${CLI_ARCH}.tar.gz -C \/usr\/local\/bin\r\n\r\nrm cilium-linux-${CLI_ARCH}.tar.gz{,.sha256sum}\r\n<\/xmp>\n\t\t\t\t<\/code>\n\t\t\t<\/pre>\n\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-92442d4 elementor-widget elementor-widget-text-editor\" data-id=\"92442d4\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>We can check Cilium status now:<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-e16c0ab elementor-widget elementor-widget-image\" data-id=\"e16c0ab\" data-element_type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t<figure class=\"wp-caption\">\n\t\t\t\t\t\t\t\t\t\t\t<a href=\"http:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/10_cilium_status.png\" data-elementor-open-lightbox=\"yes\" data-elementor-lightbox-title=\"Cilium Status\" data-elementor-lightbox-description=\"Cilium Status\" data-e-action-hash=\"#elementor-action%3Aaction%3Dlightbox%26settings%3DeyJpZCI6MjgzNjEsInVybCI6Imh0dHBzOlwvXC9jbG91ZC1jb2QuY29tXC93cC1jb250ZW50XC91cGxvYWRzXC8yMDI2XC8wM1wvMTBfY2lsaXVtX3N0YXR1cy5wbmcifQ%3D%3D\">\n\t\t\t\t\t\t\t<img loading=\"lazy\" decoding=\"async\" width=\"768\" height=\"440\" src=\"https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/10_cilium_status-768x440.png\" class=\"attachment-medium_large size-medium_large wp-image-28361\" alt=\"Cilium Status\" srcset=\"https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/10_cilium_status-768x440.png 768w, https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/10_cilium_status-300x172.png 300w, https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/10_cilium_status-1024x587.png 1024w, https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/10_cilium_status.png 1308w\" sizes=\"auto, (max-width: 768px) 100vw, 768px\" \/>\t\t\t\t\t\t\t\t<\/a>\n\t\t\t\t\t\t\t\t\t\t\t<figcaption class=\"widget-image-caption wp-caption-text\">Cilium Status<\/figcaption>\n\t\t\t\t\t\t\t\t\t\t<\/figure>\n\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-85968df elementor-widget elementor-widget-heading\" data-id=\"85968df\" data-element_type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">Kube-Proxy Replacement Verification<\/h2>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-12e9f0c elementor-widget elementor-widget-text-editor\" data-id=\"12e9f0c\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>Let&#8217;s double-check that Kube-Proxy has been replaced by Cilium:<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-40fcde0 elementor-widget elementor-widget-code-highlight\" data-id=\"40fcde0\" data-element_type=\"widget\" data-widget_type=\"code-highlight.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"prismjs-default copy-to-clipboard \">\n\t\t\t<pre data-line=\"\" class=\"highlight-height language-javascript line-numbers\">\n\t\t\t\t<code readonly=\"true\" class=\"language-javascript\">\n\t\t\t\t\t<xmp>kubectl -n kube-system exec ds\/cilium -- cilium status --verbose | grep -i KubeProxyReplacement || true\nkubectl -n kube-system get pods | grep kube-proxy || echo \"No kube-proxy pods\"<\/xmp>\n\t\t\t\t<\/code>\n\t\t\t<\/pre>\n\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-2d20a96 elementor-widget elementor-widget-image\" data-id=\"2d20a96\" data-element_type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t<figure class=\"wp-caption\">\n\t\t\t\t\t\t\t\t\t\t\t<a href=\"http:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/11_kubeproxy_replacement_verification.png\" data-elementor-open-lightbox=\"yes\" data-elementor-lightbox-title=\"Kube-Proxy Replacement Verification\" data-elementor-lightbox-description=\"Kube-Proxy Replacement Verification\" data-e-action-hash=\"#elementor-action%3Aaction%3Dlightbox%26settings%3DeyJpZCI6MjgzNjgsInVybCI6Imh0dHBzOlwvXC9jbG91ZC1jb2QuY29tXC93cC1jb250ZW50XC91cGxvYWRzXC8yMDI2XC8wM1wvMTFfa3ViZXByb3h5X3JlcGxhY2VtZW50X3ZlcmlmaWNhdGlvbi5wbmcifQ%3D%3D\">\n\t\t\t\t\t\t\t<img loading=\"lazy\" decoding=\"async\" width=\"768\" height=\"88\" src=\"https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/11_kubeproxy_replacement_verification-768x88.png\" class=\"attachment-medium_large size-medium_large wp-image-28368\" alt=\"Kube-Proxy Replacement Verification\" srcset=\"https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/11_kubeproxy_replacement_verification-768x88.png 768w, https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/11_kubeproxy_replacement_verification-300x35.png 300w, https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/11_kubeproxy_replacement_verification-1024x118.png 1024w, https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/11_kubeproxy_replacement_verification-1536x177.png 1536w, https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/11_kubeproxy_replacement_verification.png 2022w\" sizes=\"auto, (max-width: 768px) 100vw, 768px\" \/>\t\t\t\t\t\t\t\t<\/a>\n\t\t\t\t\t\t\t\t\t\t\t<figcaption class=\"widget-image-caption wp-caption-text\">Kube-Proxy Replacement Verification<\/figcaption>\n\t\t\t\t\t\t\t\t\t\t<\/figure>\n\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-0086332 elementor-widget elementor-widget-text-editor\" data-id=\"0086332\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>This confirms that kube-proxy has been successfully removed and Cilium\u2019s eBPF data plane is now providing Service load balancing for ClusterIP and NodePort traffic on the Kind cluster.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-1940930 elementor-widget elementor-widget-text-editor\" data-id=\"1940930\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>All the Nodes are now &#8220;Ready&#8221;:<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-d6f9b07 elementor-widget elementor-widget-image\" data-id=\"d6f9b07\" data-element_type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t<figure class=\"wp-caption\">\n\t\t\t\t\t\t\t\t\t\t\t<a href=\"http:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/12_nodes_ready.png\" data-elementor-open-lightbox=\"yes\" data-elementor-lightbox-title=\"Nodes &quot;Ready&quot; status\" data-elementor-lightbox-description=\"Nodes &quot;Ready&quot; status\" data-e-action-hash=\"#elementor-action%3Aaction%3Dlightbox%26settings%3DeyJpZCI6MjgzNzIsInVybCI6Imh0dHBzOlwvXC9jbG91ZC1jb2QuY29tXC93cC1jb250ZW50XC91cGxvYWRzXC8yMDI2XC8wM1wvMTJfbm9kZXNfcmVhZHkucG5nIn0%3D\">\n\t\t\t\t\t\t\t<img loading=\"lazy\" decoding=\"async\" width=\"768\" height=\"137\" src=\"https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/12_nodes_ready-768x137.png\" class=\"attachment-medium_large size-medium_large wp-image-28372\" alt=\"Nodes &quot;Ready&quot; status\" srcset=\"https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/12_nodes_ready-768x137.png 768w, https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/12_nodes_ready-300x53.png 300w, https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/12_nodes_ready-1024x182.png 1024w, https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/12_nodes_ready.png 1156w\" sizes=\"auto, (max-width: 768px) 100vw, 768px\" \/>\t\t\t\t\t\t\t\t<\/a>\n\t\t\t\t\t\t\t\t\t\t\t<figcaption class=\"widget-image-caption wp-caption-text\">Nodes \"Ready\" status<\/figcaption>\n\t\t\t\t\t\t\t\t\t\t<\/figure>\n\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-ed65bb8 elementor-widget elementor-widget-heading\" data-id=\"ed65bb8\" data-element_type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">Deploy Test Nginx App<\/h2>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-8e1cbdd elementor-widget elementor-widget-text-editor\" data-id=\"8e1cbdd\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>Now we can deploy a simple nginx application and expose it via NodePort. Thanks to the port mappings in Kind, traffic will flow from the EC2 host\u2019s port 80 into the NodePort inside the cluster.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-2b1f1e4 elementor-widget elementor-widget-code-highlight\" data-id=\"2b1f1e4\" data-element_type=\"widget\" data-widget_type=\"code-highlight.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"prismjs-default copy-to-clipboard \">\n\t\t\t<pre data-line=\"\" class=\"highlight-height language-javascript line-numbers\">\n\t\t\t\t<code readonly=\"true\" class=\"language-javascript\">\n\t\t\t\t\t<xmp>kubectl create namespace demo\r\nkubectl -n demo create deployment nginx \\\r\n  --image=nginx:stable-alpine \\\r\n  --port=80\r\nkubectl -n demo expose deployment nginx \\\r\n  --type=NodePort \\\r\n  --port=80 \\\r\n  --target-port=80 \\\r\n  --name=nginx-svc\r\nkubectl -n demo get svc nginx-svc\r\n<\/xmp>\n\t\t\t\t<\/code>\n\t\t\t<\/pre>\n\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-d8b5028 elementor-widget elementor-widget-text-editor\" data-id=\"d8b5028\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>By default, Kubernetes will pick a random NodePort in the 30000\u201332767 range. We want to align it with the Kind port mapping (30080).<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-b288e0a elementor-widget elementor-widget-code-highlight\" data-id=\"b288e0a\" data-element_type=\"widget\" data-widget_type=\"code-highlight.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"prismjs-default copy-to-clipboard \">\n\t\t\t<pre data-line=\"\" class=\"highlight-height language-javascript line-numbers\">\n\t\t\t\t<code readonly=\"true\" class=\"language-javascript\">\n\t\t\t\t\t<xmp> kubectl get svc -A | grep nginx<\/xmp>\n\t\t\t\t<\/code>\n\t\t\t<\/pre>\n\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-e6ce1d2 elementor-widget elementor-widget-image\" data-id=\"e6ce1d2\" data-element_type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t<figure class=\"wp-caption\">\n\t\t\t\t\t\t\t\t\t\t\t<a href=\"http:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/14_default_svc_port.png\" data-elementor-open-lightbox=\"yes\" data-elementor-lightbox-title=\"Default NodePort comes from the range 30000-32767\" data-e-action-hash=\"#elementor-action%3Aaction%3Dlightbox%26settings%3DeyJpZCI6MjgzNzksInVybCI6Imh0dHBzOlwvXC9jbG91ZC1jb2QuY29tXC93cC1jb250ZW50XC91cGxvYWRzXC8yMDI2XC8wM1wvMTRfZGVmYXVsdF9zdmNfcG9ydC5wbmcifQ%3D%3D\">\n\t\t\t\t\t\t\t<img loading=\"lazy\" decoding=\"async\" width=\"768\" height=\"51\" src=\"https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/14_default_svc_port-768x51.png\" class=\"attachment-medium_large size-medium_large wp-image-28379\" alt=\"Default NodePort comes from the range 30000-32767\" srcset=\"https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/14_default_svc_port-768x51.png 768w, https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/14_default_svc_port-300x20.png 300w, https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/14_default_svc_port-1024x68.png 1024w, https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/14_default_svc_port-1536x101.png 1536w, https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/14_default_svc_port.png 1589w\" sizes=\"auto, (max-width: 768px) 100vw, 768px\" \/>\t\t\t\t\t\t\t\t<\/a>\n\t\t\t\t\t\t\t\t\t\t\t<figcaption class=\"widget-image-caption wp-caption-text\">Default NodePort comes from the range 30000-32767<\/figcaption>\n\t\t\t\t\t\t\t\t\t\t<\/figure>\n\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-3099e25 elementor-widget elementor-widget-text-editor\" data-id=\"3099e25\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>Patch the service:<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-3962f90 elementor-widget elementor-widget-code-highlight\" data-id=\"3962f90\" data-element_type=\"widget\" data-widget_type=\"code-highlight.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"prismjs-default copy-to-clipboard \">\n\t\t\t<pre data-line=\"\" class=\"highlight-height language-javascript line-numbers\">\n\t\t\t\t<code readonly=\"true\" class=\"language-javascript\">\n\t\t\t\t\t<xmp>kubectl -n demo patch svc nginx-svc \\\r\n  -p '{\"spec\": {\"ports\": [{\"port\": 80, \"targetPort\": 80, \"nodePort\": 30080}]}}'\r\n<\/xmp>\n\t\t\t\t<\/code>\n\t\t\t<\/pre>\n\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-1dae015 elementor-widget elementor-widget-image\" data-id=\"1dae015\" data-element_type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t<figure class=\"wp-caption\">\n\t\t\t\t\t\t\t\t\t\t\t<a href=\"http:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/15_patch_svc_port.png\" data-elementor-open-lightbox=\"yes\" data-elementor-lightbox-title=\"Service port changed to 30080\" data-elementor-lightbox-description=\"Service port changed to 30080\" data-e-action-hash=\"#elementor-action%3Aaction%3Dlightbox%26settings%3DeyJpZCI6MjgzODMsInVybCI6Imh0dHBzOlwvXC9jbG91ZC1jb2QuY29tXC93cC1jb250ZW50XC91cGxvYWRzXC8yMDI2XC8wM1wvMTVfcGF0Y2hfc3ZjX3BvcnQucG5nIn0%3D\">\n\t\t\t\t\t\t\t<img loading=\"lazy\" decoding=\"async\" width=\"768\" height=\"105\" src=\"https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/15_patch_svc_port-768x105.png\" class=\"attachment-medium_large size-medium_large wp-image-28383\" alt=\"Service port changed to 30080\" srcset=\"https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/15_patch_svc_port-768x105.png 768w, https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/15_patch_svc_port-300x41.png 300w, https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/15_patch_svc_port-1024x140.png 1024w, https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/15_patch_svc_port-1536x210.png 1536w, https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/15_patch_svc_port.png 1602w\" sizes=\"auto, (max-width: 768px) 100vw, 768px\" \/>\t\t\t\t\t\t\t\t<\/a>\n\t\t\t\t\t\t\t\t\t\t\t<figcaption class=\"widget-image-caption wp-caption-text\">Service port changed to 30080<\/figcaption>\n\t\t\t\t\t\t\t\t\t\t<\/figure>\n\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-5987f88 elementor-widget elementor-widget-text-editor\" data-id=\"5987f88\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>Cilium\u2019s eBPF datapath will now handle all load-balancing for this Service instead of kube\u2011proxy.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-d8c75bd elementor-widget elementor-widget-heading\" data-id=\"d8c75bd\" data-element_type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">Test #1 - HTTP Access from Outside<\/h2>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-8e772e6 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"8e772e6\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-1d9699b\" data-id=\"1d9699b\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t\t\t<div class=\"elementor-element elementor-element-7d4739e elementor-widget elementor-widget-text-editor\" data-id=\"7d4739e\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>Because the Kind control-plane node exposes container port\u00a0<code>30080<\/code>\u00a0as host port\u00a0<code>80<\/code>, and my EC2 Security Group allows inbound TCP 80 from my Public IP, I can simply curl the EC2 public IP or test in a browser:<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-3e31605 elementor-widget elementor-widget-image\" data-id=\"3e31605\" data-element_type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t<figure class=\"wp-caption\">\n\t\t\t\t\t\t\t\t\t\t\t<a href=\"http:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/16_curl_test.png\" data-elementor-open-lightbox=\"yes\" data-elementor-lightbox-title=\"Curl Test from Outside\" data-e-action-hash=\"#elementor-action%3Aaction%3Dlightbox%26settings%3DeyJpZCI6MjgzOTAsInVybCI6Imh0dHBzOlwvXC9jbG91ZC1jb2QuY29tXC93cC1jb250ZW50XC91cGxvYWRzXC8yMDI2XC8wM1wvMTZfY3VybF90ZXN0LnBuZyJ9\">\n\t\t\t\t\t\t\t<img loading=\"lazy\" decoding=\"async\" width=\"768\" height=\"496\" src=\"https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/16_curl_test-768x496.png\" class=\"attachment-medium_large size-medium_large wp-image-28390\" alt=\"Curl Test from Outside\" srcset=\"https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/16_curl_test-768x496.png 768w, https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/16_curl_test-300x194.png 300w, https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/16_curl_test-1024x662.png 1024w, https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/16_curl_test.png 1185w\" sizes=\"auto, (max-width: 768px) 100vw, 768px\" \/>\t\t\t\t\t\t\t\t<\/a>\n\t\t\t\t\t\t\t\t\t\t\t<figcaption class=\"widget-image-caption wp-caption-text\">Curl Test from Outside<\/figcaption>\n\t\t\t\t\t\t\t\t\t\t<\/figure>\n\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-7e0ae1b elementor-widget elementor-widget-image\" data-id=\"7e0ae1b\" data-element_type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t<figure class=\"wp-caption\">\n\t\t\t\t\t\t\t\t\t\t\t<a href=\"http:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/17_http_test.png\" data-elementor-open-lightbox=\"yes\" data-elementor-lightbox-title=\"Browser (HTTP) Test\" data-elementor-lightbox-description=\"Browser (HTTP) Test\" data-e-action-hash=\"#elementor-action%3Aaction%3Dlightbox%26settings%3DeyJpZCI6MjgzOTQsInVybCI6Imh0dHBzOlwvXC9jbG91ZC1jb2QuY29tXC93cC1jb250ZW50XC91cGxvYWRzXC8yMDI2XC8wM1wvMTdfaHR0cF90ZXN0LnBuZyJ9\">\n\t\t\t\t\t\t\t<img loading=\"lazy\" decoding=\"async\" width=\"768\" height=\"436\" src=\"https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/17_http_test-768x436.png\" class=\"attachment-medium_large size-medium_large wp-image-28394\" alt=\"Browser (HTTP) Test\" srcset=\"https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/17_http_test-768x436.png 768w, https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/17_http_test-300x170.png 300w, https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/17_http_test-1024x581.png 1024w, https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/17_http_test-1536x872.png 1536w, https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/17_http_test.png 1854w\" sizes=\"auto, (max-width: 768px) 100vw, 768px\" \/>\t\t\t\t\t\t\t\t<\/a>\n\t\t\t\t\t\t\t\t\t\t\t<figcaption class=\"widget-image-caption wp-caption-text\">Browser (HTTP) Test<\/figcaption>\n\t\t\t\t\t\t\t\t\t\t<\/figure>\n\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-22527a2 elementor-widget elementor-widget-heading\" data-id=\"22527a2\" data-element_type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">Test #2 - Block HTTP with Cilium<\/h2>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-743d4df elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"743d4df\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-41574d6\" data-id=\"41574d6\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t\t\t<div class=\"elementor-element elementor-element-7d971a5 elementor-widget elementor-widget-text-editor\" data-id=\"7d971a5\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>To demonstrate that Cilium\u2019s eBPF data plane is actually enforcing traffic policies, I created a simple CiliumNetworkPolicy that denies all ingress to the nginx pods in the\u00a0<code>demo<\/code> namespace. File: cnp-nginx-deny.yaml<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-0519342 elementor-widget elementor-widget-code-highlight\" data-id=\"0519342\" data-element_type=\"widget\" data-widget_type=\"code-highlight.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"prismjs-default copy-to-clipboard \">\n\t\t\t<pre data-line=\"\" class=\"highlight-height language-javascript line-numbers\">\n\t\t\t\t<code readonly=\"true\" class=\"language-javascript\">\n\t\t\t\t\t<xmp>apiVersion: cilium.io\/v2\r\nkind: CiliumNetworkPolicy\r\nmetadata:\r\n  name: nginx-deny-all-ingress\r\n  namespace: demo\r\nspec:\r\n  description: \"Deny all ingress traffic to nginx pods in the demo namespace\"\r\n  endpointSelector:\r\n    matchLabels:\r\n      app: nginx\r\n  ingress: []\r\n<\/xmp>\n\t\t\t\t<\/code>\n\t\t\t<\/pre>\n\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-47b3d86 elementor-widget elementor-widget-text-editor\" data-id=\"47b3d86\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>Apply:<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-8717d9b elementor-widget elementor-widget-code-highlight\" data-id=\"8717d9b\" data-element_type=\"widget\" data-widget_type=\"code-highlight.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"prismjs-default copy-to-clipboard \">\n\t\t\t<pre data-line=\"\" class=\"highlight-height language-javascript line-numbers\">\n\t\t\t\t<code readonly=\"true\" class=\"language-javascript\">\n\t\t\t\t\t<xmp>kubectl apply -f cnp-nginx-deny.yaml\r\n<\/xmp>\n\t\t\t\t<\/code>\n\t\t\t<\/pre>\n\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-90dbc2e elementor-widget elementor-widget-image\" data-id=\"90dbc2e\" data-element_type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t<figure class=\"wp-caption\">\n\t\t\t\t\t\t\t\t\t\t\t<a href=\"http:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/18_networkPolicy-1.png\" data-elementor-open-lightbox=\"yes\" data-elementor-lightbox-title=\"Applying CiliumNetworkPolicy to block the incoming traffic\" data-elementor-lightbox-description=\"Applying CiliumNetworkPolicy to block the incoming traffic\" data-e-action-hash=\"#elementor-action%3Aaction%3Dlightbox%26settings%3DeyJpZCI6Mjg0MDAsInVybCI6Imh0dHBzOlwvXC9jbG91ZC1jb2QuY29tXC93cC1jb250ZW50XC91cGxvYWRzXC8yMDI2XC8wM1wvMThfbmV0d29ya1BvbGljeS0xLnBuZyJ9\">\n\t\t\t\t\t\t\t<img loading=\"lazy\" decoding=\"async\" width=\"768\" height=\"69\" src=\"https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/18_networkPolicy-1-768x69.png\" class=\"attachment-medium_large size-medium_large wp-image-28400\" alt=\"Applying CiliumNetworkPolicy to block the incoming traffic\" srcset=\"https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/18_networkPolicy-1-768x69.png 768w, https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/18_networkPolicy-1-300x27.png 300w, https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/18_networkPolicy-1-1024x92.png 1024w, https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/18_networkPolicy-1.png 1245w\" sizes=\"auto, (max-width: 768px) 100vw, 768px\" \/>\t\t\t\t\t\t\t\t<\/a>\n\t\t\t\t\t\t\t\t\t\t\t<figcaption class=\"widget-image-caption wp-caption-text\">Applying CiliumNetworkPolicy to block the incoming traffic<\/figcaption>\n\t\t\t\t\t\t\t\t\t\t<\/figure>\n\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-5d78fa0 elementor-widget elementor-widget-text-editor\" data-id=\"5d78fa0\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>Verify the policy has been applied:<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-708c74e elementor-widget elementor-widget-code-highlight\" data-id=\"708c74e\" data-element_type=\"widget\" data-widget_type=\"code-highlight.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"prismjs-default copy-to-clipboard \">\n\t\t\t<pre data-line=\"\" class=\"highlight-height language-javascript line-numbers\">\n\t\t\t\t<code readonly=\"true\" class=\"language-javascript\">\n\t\t\t\t\t<xmp>kubectl -n demo get ciliumnetworkpolicies<\/xmp>\n\t\t\t\t<\/code>\n\t\t\t<\/pre>\n\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-9e0b666 elementor-widget elementor-widget-image\" data-id=\"9e0b666\" data-element_type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t<figure class=\"wp-caption\">\n\t\t\t\t\t\t\t\t\t\t\t<a href=\"http:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/19_apply.png\" data-elementor-open-lightbox=\"yes\" data-elementor-lightbox-title=\"Cilium Network Policy has been applied\" data-elementor-lightbox-description=\"Cilium Network Policy has been applied\" data-e-action-hash=\"#elementor-action%3Aaction%3Dlightbox%26settings%3DeyJpZCI6MjgzOTksInVybCI6Imh0dHBzOlwvXC9jbG91ZC1jb2QuY29tXC93cC1jb250ZW50XC91cGxvYWRzXC8yMDI2XC8wM1wvMTlfYXBwbHkucG5nIn0%3D\">\n\t\t\t\t\t\t\t<img loading=\"lazy\" decoding=\"async\" width=\"768\" height=\"100\" src=\"https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/19_apply-768x100.png\" class=\"attachment-medium_large size-medium_large wp-image-28399\" alt=\"Cilium Network Policy has been applied\" srcset=\"https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/19_apply-768x100.png 768w, https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/19_apply-300x39.png 300w, https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/19_apply-1024x134.png 1024w, https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/19_apply.png 1125w\" sizes=\"auto, (max-width: 768px) 100vw, 768px\" \/>\t\t\t\t\t\t\t\t<\/a>\n\t\t\t\t\t\t\t\t\t\t\t<figcaption class=\"widget-image-caption wp-caption-text\">Cilium Network Policy has been applied<\/figcaption>\n\t\t\t\t\t\t\t\t\t\t<\/figure>\n\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-6145948 elementor-widget elementor-widget-text-editor\" data-id=\"6145948\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>After applying this policy, the\u00a0<code>curl<\/code> and &#8220;web-browser&#8221; test that previously reached nginx now times out, even though the NodePort Service and Kind port mappings are still configured. This shows that Cilium\u2019s eBPF-based policy engine is blocking the traffic before it ever reaches the nginx pods.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-043691b elementor-widget elementor-widget-image\" data-id=\"043691b\" data-element_type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t<figure class=\"wp-caption\">\n\t\t\t\t\t\t\t\t\t\t\t<a href=\"http:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/20_curl2-1.png\" data-elementor-open-lightbox=\"yes\" data-elementor-lightbox-title=\"Curl not working anymore\" data-elementor-lightbox-description=\"Curl not working anymore\" data-e-action-hash=\"#elementor-action%3Aaction%3Dlightbox%26settings%3DeyJpZCI6Mjg0MDIsInVybCI6Imh0dHBzOlwvXC9jbG91ZC1jb2QuY29tXC93cC1jb250ZW50XC91cGxvYWRzXC8yMDI2XC8wM1wvMjBfY3VybDItMS5wbmcifQ%3D%3D\">\n\t\t\t\t\t\t\t<img loading=\"lazy\" decoding=\"async\" width=\"768\" height=\"64\" src=\"https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/20_curl2-1-768x64.png\" class=\"attachment-medium_large size-medium_large wp-image-28402\" alt=\"Curl not working anymore\" srcset=\"https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/20_curl2-1-768x64.png 768w, https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/20_curl2-1-300x25.png 300w, https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/20_curl2-1-1024x85.png 1024w, https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/20_curl2-1.png 1511w\" sizes=\"auto, (max-width: 768px) 100vw, 768px\" \/>\t\t\t\t\t\t\t\t<\/a>\n\t\t\t\t\t\t\t\t\t\t\t<figcaption class=\"widget-image-caption wp-caption-text\">Curl not working anymore<\/figcaption>\n\t\t\t\t\t\t\t\t\t\t<\/figure>\n\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-9232368 elementor-widget elementor-widget-image\" data-id=\"9232368\" data-element_type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t<figure class=\"wp-caption\">\n\t\t\t\t\t\t\t\t\t\t\t<a href=\"http:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/21_http2-1.png\" data-elementor-open-lightbox=\"yes\" data-elementor-lightbox-title=\"Web-browser Test\" data-elementor-lightbox-description=\"Web-browser Test\" data-e-action-hash=\"#elementor-action%3Aaction%3Dlightbox%26settings%3DeyJpZCI6Mjg0MDQsInVybCI6Imh0dHBzOlwvXC9jbG91ZC1jb2QuY29tXC93cC1jb250ZW50XC91cGxvYWRzXC8yMDI2XC8wM1wvMjFfaHR0cDItMS5wbmcifQ%3D%3D\">\n\t\t\t\t\t\t\t<img loading=\"lazy\" decoding=\"async\" width=\"768\" height=\"455\" src=\"https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/21_http2-1-768x455.png\" class=\"attachment-medium_large size-medium_large wp-image-28404\" alt=\"Web-browser Test\" srcset=\"https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/21_http2-1-768x455.png 768w, https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/21_http2-1-300x178.png 300w, https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/21_http2-1-1024x607.png 1024w, https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/21_http2-1-1536x910.png 1536w, https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/21_http2-1.png 1902w\" sizes=\"auto, (max-width: 768px) 100vw, 768px\" \/>\t\t\t\t\t\t\t\t<\/a>\n\t\t\t\t\t\t\t\t\t\t\t<figcaption class=\"widget-image-caption wp-caption-text\">Web-browser Test<\/figcaption>\n\t\t\t\t\t\t\t\t\t\t<\/figure>\n\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-9b73971 elementor-widget elementor-widget-heading\" data-id=\"9b73971\" data-element_type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">Conclusions<\/h2>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-be8f461 elementor-widget elementor-widget-text-editor\" data-id=\"be8f461\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"mx-auto flex flex-col pointer-events-auto max-w-threadContentWidth gap-md md:gap-lg\"><div class=\"flex flex-col\"><div class=\"mt-md md:mt-lg\"><div><div class=\"flex flex-col gap-md md:gap-lg w-full\"><div id=\"radix-:r79:-content-default\" class=\"focus:outline-none\" tabindex=\"0\" role=\"tabpanel\" data-state=\"active\" data-orientation=\"horizontal\" aria-labelledby=\"radix-:r79:-trigger-default\"><div class=\"flex flex-col gap-y-md md:gap-y-lg\"><div class=\"gap-y-lg flex flex-col\"><div><div class=\"relative font-sans text-base text-foreground selection:bg-super\/50 selection:text-foreground dark:selection:bg-super\/10 dark:selection:text-super\"><div class=\"min-w-0 break-words [word-break:break-word]\"><div id=\"markdown-content-53\" class=\"gap-y-md after:clear-both after:block after:content-['']\" dir=\"auto\"><div class=\"has-inline-images my-2 first:mt-0 [&amp;:has([data-inline-type=image])+&amp;:has([data-inline-type=image])_[data-inline-type=image]]:hidden [&amp;:has(table)_[data-inline-type=image]]:hidden\"><div><div><div class=\"prose dark:prose-invert inline leading-relaxed break-words min-w-0 [word-break:break-word] prose-strong:font-bold [&amp;_&gt;*:first-child]:mt-0 [&amp;_&gt;*:last-child]:mb-0\"><p class=\"my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2\">Cilium can fully replace kube\u2011proxy and handle all Kubernetes Service traffic: ClusterIP, NodePort, and our simulated LoadBalance, directly in eBPF, without relying on iptables. With Kind running on EC2, you get a safe lab where you can remove kube\u2011proxy, enable Cilium\u2019s kube\u2011proxy replacement, and then prove it\u2019s really in control by exposing nginx over NodePort and later blocking that same traffic with CiliumNetworkPolicies.<\/p><\/div><\/div><\/div><\/div><\/div><\/div><\/div><\/div><\/div><\/div><\/div><\/div><\/div><\/div><\/div><\/div>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"<p>This article walks through setting up a lightweight Kubernetes lab on a single AWS EC2 instance using Kind and Cilium, then enabling Cilium as a full kube\u2011proxy replacement for all Service traffic.<\/p>\n","protected":false},"author":2,"featured_media":28411,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[21,39,38],"tags":[],"class_list":["post-28317","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-aws","category-cilium","category-kubernetes"],"uagb_featured_image_src":{"full":["https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/blog_thumbnail-4.png",1249,831,false],"thumbnail":["https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/blog_thumbnail-4-150x150.png",150,150,true],"medium":["https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/blog_thumbnail-4-300x200.png",300,200,true],"medium_large":["https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/blog_thumbnail-4-768x511.png",768,511,true],"large":["https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/blog_thumbnail-4-1024x681.png",800,532,true],"1536x1536":["https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/blog_thumbnail-4.png",1249,831,false],"2048x2048":["https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/blog_thumbnail-4.png",1249,831,false],"onepress-blog-small":["https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/blog_thumbnail-4-300x150.png",300,150,true],"onepress-small":["https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/blog_thumbnail-4-480x300.png",480,300,true],"onepress-medium":["https:\/\/cloud-cod.com\/wp-content\/uploads\/2026\/03\/blog_thumbnail-4-640x400.png",640,400,true]},"uagb_author_info":{"display_name":"Jakub","author_link":"https:\/\/cloud-cod.com\/index.php\/author\/jakub\/"},"uagb_comment_info":344,"uagb_excerpt":"This article walks through setting up a lightweight Kubernetes lab on a single AWS EC2 instance using Kind and Cilium, then enabling Cilium as a full kube\u2011proxy replacement for all Service traffic.","_links":{"self":[{"href":"https:\/\/cloud-cod.com\/index.php\/wp-json\/wp\/v2\/posts\/28317","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cloud-cod.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cloud-cod.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cloud-cod.com\/index.php\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/cloud-cod.com\/index.php\/wp-json\/wp\/v2\/comments?post=28317"}],"version-history":[{"count":64,"href":"https:\/\/cloud-cod.com\/index.php\/wp-json\/wp\/v2\/posts\/28317\/revisions"}],"predecessor-version":[{"id":28414,"href":"https:\/\/cloud-cod.com\/index.php\/wp-json\/wp\/v2\/posts\/28317\/revisions\/28414"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cloud-cod.com\/index.php\/wp-json\/wp\/v2\/media\/28411"}],"wp:attachment":[{"href":"https:\/\/cloud-cod.com\/index.php\/wp-json\/wp\/v2\/media?parent=28317"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cloud-cod.com\/index.php\/wp-json\/wp\/v2\/categories?post=28317"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cloud-cod.com\/index.php\/wp-json\/wp\/v2\/tags?post=28317"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}