Loading...
Loading...
Cilium and Hubble network observability for Kubernetes. Use when managing network policies, observing traffic flows, or troubleshooting connectivity with eBPF-based networking.
npx skill4agent add rohitg00/kubectl-mcp-server k8s-cilium| Priority | Rule | Impact | Tools |
|---|---|---|---|
| 1 | Detect Cilium installation first | CRITICAL | |
| 2 | Check agent status for health | HIGH | |
| 3 | Use Hubble for flow debugging | HIGH | |
| 4 | Start with default deny | MEDIUM | CiliumNetworkPolicy |
| Task | Tool | Example |
|---|---|---|
| Detect Cilium | | |
| Agent status | | |
| List policies | | |
| Query flows | | |
cilium_detect_tool()cilium_status_tool()cilium_policies_list_tool(namespace="default")cilium_policy_get_tool(name="allow-web", namespace="default")kubectl_apply(manifest="""
apiVersion: cilium.io/v2
kind: CiliumNetworkPolicy
metadata:
name: allow-web
namespace: default
spec:
endpointSelector:
matchLabels:
app: web
ingress:
- fromEndpoints:
- matchLabels:
app: frontend
toPorts:
- ports:
- port: "80"
protocol: TCP
egress:
- toEndpoints:
- matchLabels:
app: database
toPorts:
- ports:
- port: "5432"
protocol: TCP
""")cilium_endpoints_list_tool(namespace="default")cilium_identities_list_tool()cilium_nodes_list_tool()hubble_flows_query_tool(
namespace="default",
pod="my-pod",
last="5m"
)
hubble_flows_query_tool(
namespace="default",
verdict="DROPPED"
)
hubble_flows_query_tool(
namespace="default",
type="l7"
)kubectl_apply(manifest="""
apiVersion: cilium.io/v2
kind: CiliumNetworkPolicy
metadata:
name: api-policy
namespace: default
spec:
endpointSelector:
matchLabels:
app: api
ingress:
- fromEndpoints:
- matchLabels:
app: frontend
toPorts:
- ports:
- port: "8080"
protocol: TCP
rules:
http:
- method: GET
path: "/api/v1/.*"
- method: POST
path: "/api/v1/users"
""")kubectl_apply(manifest="""
apiVersion: cilium.io/v2
kind: CiliumClusterwideNetworkPolicy
metadata:
name: allow-cross-cluster
spec:
endpointSelector:
matchLabels:
app: shared-service
ingress:
- fromEntities:
- cluster
- remote-node
""")cilium_status_tool()
cilium_endpoints_list_tool(namespace)
cilium_policies_list_tool(namespace)
hubble_flows_query_tool(namespace, pod, verdict="DROPPED")cilium_policy_get_tool(name, namespace)
cilium_endpoints_list_tool(namespace)
hubble_flows_query_tool(namespace)cilium_status_tool()
cilium_nodes_list_tool()
hubble_flows_query_tool(namespace, type="l7")cilium install