Cilium BGP + Gateway API: Production-Ready Kubernetes Ingress Deep Dive
In this hands-on Kubernetes networking lab, I walk through how to configure Cilium with BGP and Gateway API to build a production-ready ingress path — from your Kubernetes nodes all the way up to your physical network (Cisco Nexus) and core (pfSense) devices. We’ll cover installing Cilium (Helm flags for BGP + Gateway API), defining CiliumLoadBalancerIPPool objects, setting up BGPClusterConfig + BGPPeerConfig, validating BGP sessions from both the Nexus switches and inside the Cilium pods, and finally deploying a smoke-test echo application that allocates a VIP and advertises it as a /32 route up to pfSense. If you’re planning for the NGINX Ingress Controller deprecation and want to move to Gateway API with Cilium — on real hardware, with real routing — this video is for you. Don’t forget to: ✅ Check out the documentation I've used for the video: https://github.com/virtualelephant/Pr... ✅ Like this video if you find it helpful. ✅ Subscribe to the channel for more Kubernetes and cloud-native tutorials and project showcases. ✅ Drop a comment with your thoughts or questions about the project. Timecodes: 00:00 – Intro & what we’re building 00:52 – NGINX Ingress deprecation & Gateway API future 03:26 – Production bare-metal cluster overview 05:20 – BGP strategy & cluster layout 06:56 – Choosing BGP speaker nodes 08:27 – Topology considerations across racks/rows/DCs 09:19 – Project SignalWave & install guide 09:45 – Helm install flags for Cilium 11:07 – Required CRDs for Gateway API + BGP 12:01 – Cluster state & node labels 13:12 – CiliumLoadBalancerIPPool configuration 14:47 – BGPAdvertisement configuration 15:10 – BGPPeerConfig timers & families 15:36 – BGPClusterConfig & nodeSelector 17:59 – Cisco Nexus configuration & BGP neighbors 20:19 – Verifying BGP on the Nexus side 21:34 – Verifying BGP from inside Kubernetes 23:30 – Deploying the smoke-test echo app 24:28 – Curl tests & VIP validation 25:56 – Curl from outside via pfSense 26:30 – Wrap-up: why Cilium + Gateway API 27:46 – Summary #Cilium #Kubernetes #GatewayAPI #KubernetesNetworking #BGP #VirtualElephant #HomeLab #PlatformEngineering
An Introduction to Gateway API for Beginners in Kubernetes
The Differences between Ingress & Gateway API
Operational Maturity with Ansible + GitLab for Drift Detection & Remediation
BGP in Kubernetes with Cilium Why and How - Rastislav Szabo
Cilium Explained: eBPF-Powered Kubernetes Networking
Introduction to Envoy Gateway API for Kubernetes beginners
Kubernetes 1.34 Features Explained: What's New? (O' WaW Release)
Networking Fundamentals - BGP Deep Dive
A Cilium Introduction: Back to Bee-Sics - Nico Vibert & Dan Finneran, Isovalent
How I would migrate from Ingress NGINX to Gateway API
Gateway API Explained: The Future of Kubernetes Networking
You will never forget Kubernetes Gateway API after watching this.
Introduction to Traefik Gateway API for Kubernetes
I Hacked This Temu Router. What I Found Should Be Illegal.
The FASTEST Way to run Kubernetes at Home - k3s Ansible Automation - Kubernetes in your HomeLab
How to Run Proxmox Backup Server on TrueNAS
CKA Skill Builder: Manually Upgrade a Kubernetes Cluster with kubeadm
Gateway API - Ingress And Service Mesh Spec Replacement?
LISA19 - Deep Dive into Kubernetes Internals for Builders and Operators
