Skip to main content
Mainland China
AIMenta
H

Hubble

by Cilium / CNCF

eBPF-powered network observability platform for Cilium-based Kubernetes clusters providing real-time service dependency maps, network flow inspection, and DNS query visibility for APAC platform teams.

Visit Hubble (opens in new tab) Get a recommendation
AIMenta verdict
Recommended
5/5

"Cilium network observability — APAC platform teams use Hubble to gain real-time eBPF-powered network flow visibility into APAC Kubernetes cluster traffic, with per-service connection graphs and DNS query inspection without code changes."

Features
6
Use cases
1
Watch outs
3
What it does

Key features

  • Real-time network flows: eBPF-powered L3/L4/L7 APAC traffic visibility at kernel level
  • Service dependency map: live visualization of APAC service-to-service communication
  • DNS inspection: per-request DNS query visibility for APAC service discovery debugging
  • Policy visibility: which APAC Cilium network policies allow/deny specific flows
  • Hubble CLI: filter and query APAC flows by namespace, service, protocol, verdict
  • Hubble Relay: cluster-wide APAC flow aggregation across multiple Kubernetes nodes
When to reach for it

Best for

  • APAC platform teams running Cilium as their Kubernetes CNI who want network flow observability without sidecar proxies or code instrumentation — particularly for debugging Cilium network policies and APAC service mesh traffic.
Don't get burned

Limitations to know

  • ! Requires Cilium CNI — APAC clusters running Calico, Flannel, or AWS VPC CNI cannot use Hubble
  • ! L7 visibility requires Cilium L7 policy enforcement mode — APAC teams must enable additional Cilium features
  • ! Flow storage is ephemeral — APAC teams need Prometheus/Loki integration for persistent network metrics
Context

About Hubble

Hubble is the network observability component of the Cilium ecosystem — providing real-time eBPF-powered network flow visibility for APAC Kubernetes clusters running Cilium as the CNI. Where traditional network monitoring requires packet capture or sidecar proxies, Hubble uses the eBPF programs already running in the Cilium kernel to extract network flow data with zero additional overhead on APAC workloads.

Hubble's service map (available in Hubble UI, a web dashboard) visualizes which APAC services are communicating with which — showing live traffic flows, request rates, error rates, and latency between APAC service pairs. This APAC service dependency map updates in real-time as traffic patterns change, revealing unexpected connections between APAC services that weren't apparent from configuration alone.

For APAC security teams, Hubble's network policy visibility shows which APAC network policies are allowing or denying specific flows — critical for debugging Cilium network policy configuration in APAC Kubernetes clusters without generating test traffic. The Hubble CLI can filter flows by source namespace, destination service, L7 protocol, or verdict (allowed/denied) for targeted APAC debugging.

Hubble Relay aggregates flows from all APAC Kubernetes nodes into a single queryable view — enabling cluster-wide APAC network visibility without connecting to individual node Hubble instances. For APAC clusters with hundreds of nodes, Hubble Relay is the production access pattern for centralized APAC network flow analysis.

Beyond this tool

Where this category meets practice depth.

A tool only matters in context. Browse the service pillars that operationalise it, the industries where it ships, and the Asian markets where AIMenta runs adoption programs.

Or browse All tools · Encyclopedia · Case studies · Rankings