This isn’t a lab built for slide decks. It’s a hands-on environment that automates cluster provisioning from scratch, supports both virtual and bare-metal setups, integrates with Cisco's Hypershield architecture, and shows how performance networking doesn’t have to be complex or expensive. We use it to train, to test, to experiment – and most importantly: to engage with customers who want a modern approach to Kubernetes networking and security.
Why We Built This Lab – And Why It’s Different
Most labs are designed to reinforce a vendor pitch, with pre-baked demos and static environments. Ours moves in a different direction. We’ve built a system that can be dynamically rebuilt from the ground up in minutes – a “nuke & pave” environment where nothing is sacred and everything is repeatable.
This design allows us to adapt to real-world customer situations on the fly. A request comes in to simulate a specific topology? Done. We want to test Hypershield features in a constrained setup? Easy. Someone breaks the cluster in a training? No problem – we tear it down and build it again. It’s not just agile; it’s deliberate. This lab is meant to evolve as fast as the tech stack it supports.
What also makes it different is its hybrid readiness. Whether we’re working with full bare-metal configurations or performance-tuned virtual machines with PCIe passthrough, the lab is ready to mirror the diverse realities of our customers’ environments.
What is Cilium?
Cilium is an open source networking, observability and security layer for Kubernetes, powered by eBPF. Unlike traditional CNIs (Container Network Interfaces), Cilium runs in the Linux kernel and enables high-performance networking, fine-grained security policies, and deep observability – all without sidecars or kernel modules.
From Blueprint to Reality: Our Tech Stack
The architecture behind the Cilium Lab draws from our delivery experience. Built on plain Linux with KVM and libvirt, it offers flexibility far beyond conventional managed offerings. While some Kubernetes distributions like EKS-A come with restrictions – such as requiring uniform node configurations – we’ve deliberately engineered our environment to embrace mixed infrastructure setups.
That decision wasn’t made in isolation. We’ve been running Cilium in production–grade environments for some time now, particularly within Google Cloud Platform’s GKE service, where Cilium is the default CNI and on-prem bare-metal environments requiring high-performance-low-latency network performance. Internally, we’ve also developed a cloud-native blueprint that serves as a reusable reference architecture for Logicalis teams – a secure, automated platform that informs both our delivery methodology and the lab setup.
What we’re building here isn’t a hypothetical stack. It’s a practical, modular evolution of what we already deploy with customers. The difference is: now we’ve wrapped it in a lab environment that invites exploration and experimentation.
Stefan Hoeltken
Managing Director Logicalis Connected GmbH
Real Scenarios. Real Customers. Real Experiments.
The best way to understand modern networking is to experience it. That’s why the lab is actively used to replicate real customer scenarios, measure performance under different load conditions, and explore what Cilium’s eBPF engine can deliver in terms of observability and security.
We run experiments with endpoint protection mechanisms, test policy enforcement with tools like Tetragon and Hubble, and simulate how workloads behave when SmartNICs take over specific network functions. It’s not just technical curiosity – it’s preparation. We want our teams to be ready for what customers ask tomorrow, not just what they’re using today.
That readiness is also organizational. Our engineers access the lab through GitLab-managed workflows, running pipelines that automate builds, deploy cluster components, and track configuration changes. It’s tightly integrated into our way of working – supported by Jira, documented by design, and open to collaboration across squads.
Built to Engage – Not Just Impress
One of the most valuable outcomes of the lab has nothing to do with hardware or software – it’s about dialogue. By bringing this platform into customer conversations, we’re able to move beyond the theoretical and into the practical. We can say: “Yes, we’ve tested that,” or “Let’s simulate your architecture and see what happens.”
And this matters especially for the kinds of customers who are often overlooked in high-end vendor strategies. Not every organization is ready for full-blown Cisco SDN. But many are curious about what eBPF can offer, or how to achieve better visibility without adding layers of complexity. Our lab gives us a way to meet them where they are – with real technology, in real time.
It’s also a space where our own teams learn. Every time we spin up a new setup, investigate a new use case, or push the performance boundaries, we’re building knowledge that flows back into projects, proposals, and solution design. The lab doesn’t just support our message – it sharpens it.
What's Next: Hypershield and the Edge
Looking ahead, the roadmap includes deeper Hypershield integration and more advanced SmartNIC scenarios – particularly focused on offloading policy enforcement using Cisco’s MDX capabilities. These features have the potential to shift where and how decisions are made in the network, offering security and performance right at the edge.
We’re also feeding insights from the lab directly into our broader delivery models. Our internal orchestration platform – a Kubernetes-native, cloud-ready environment developed and refined across Logicalis regions – continues to evolve based on what we test here. The lab serves not only as a testbed, but as a proving ground for what becomes part of our customer-ready toolkit.
Want to See It in Action?
Whether you're looking to secure your workloads, test observability stacks, or just see how Cilium performs under pressure – our Lab is open for collaboration.
Let’s explore performance networking together. 👉 Engange with Experts!
Das könnte Sie auch interessieren
Digitaler Zwilling von Netzwerken: Simulationsgestützte Planung bei EWE Tel
Das kontinuierliche Wachstum des Datenverkehrs ist heutzutage eine echte Herausforderung für die Betreiber, da mehrere Dienste ihren Datenverkehr in die Betreiber Netze hinzufügen. Bei jeglicher Planung von Infrastruktur sind digitale Zwillinge ein wichtiges Hilfsmittel, um Kosten zu sparen und Schwierigkeiten und Konflikte vorherzusehen. Dies gilt auch für die Planung von Netzwerken.
Gemeinsam zur grünen Energie! - Effiziente Netzplanungs-Unterstützung für Bayernwerk
Logicalis Connected übernimmt verschiedene Aufgaben im Rahmen der Planung und Realisierung von Trassenverläufen für Mittel- und Niederspannungsleitungen für Bayernwerk. Durch die Übernahme dieser Aufgaben unterstützt die Logicalis Bayernwerk bei der effizienten und erfolgreichen Planung und Umsetzung von Trassenverläufen für Mittel- und Niederspannungsleitungen.
MultiNet6G: Brücken bauen zwischen drahtlosen Technologien
Das MultiNet6G-Projekt wird von der Vision angetrieben, verschiedene drahtlose Kommunikationstechnologien nahtlos zu integrieren, darunter 5G, WiFi, Visible Light Communication (VLC) und Radarkommunikation. Der Bedarf für diese Integration ergibt sich aus mehreren Szenarien.
Logicalis und Currenta - Ein Interview zur Erfolgsgeschichte in der Campus-Umgebung
Unser Netzwerk-Design für Currenta steht exemplarisch für erfolgreiche Planung und Orchestrierung in einer komplexen Campus-Umgebung. Im Fokus steht das Currenta Backbone Projekt, bei dem ein IP-Datennetz für den CHEMPARK-Betreiber über drei Standorte hinweg implementiert wurde.
5G Mobil-Konnektivität in Europas Tunnelprojekten
In Europa erleben wir eine stetige Zunahme von Tunnelbauprojekten. Diese komplexen Untergrundprojekte stellen besondere Herausforderungen an die Kommunikation und Sicherheit, insbesondere für Rettungsdienste, für die eine zuverlässige Mission Critical Communication (MCC) unverzichtbar ist.
Network Source Of Truth (NSOT): Die Basis für Netzwerk Automation
Network Source of Truth (NSoT)-Systeme zentralisieren netzwerkbezogene Daten, vereinfachen die Verwaltung von Konfigurationen, IP-Adressen und Geräten und gewährleisten Datenkonsistenz und Effizienz im gesamten Unternehmen. Sie sind ein Baustein, aber kein Allheilmittel.