SlideShare une entreprise Scribd logo

Cilium + Istio with Gloo Mesh

Christian Posta
Christian Posta

Solo.io webinar diving into cilium + istio and unifying L2-7 network policies

Technologie
1  sur  40
Télécharger pour lire hors ligne
Cilium and Istio with Gloo Mesh
2 | Copyright © 2020 CHRISTIAN POSTA VP, Global Field CTO, Solo.io @christianposta christian@solo.io https://blog.christianposta.com https://slideshare.net/ceposta Istio in Action (March 2022) https://www.manning.com/books/istio-in-action Discount Code: SOLOIO41 Shortlink: mng.bz/06Wl
3 | Copyright © 2020 Idit Levine Founding API gateway WG-Istio Christian Posta Founding community member, Istio Steering Committee, author Istio in Action Lin Sun Founding Istio project maintainer, Technical Oversight Committee (TOC), Steering Committee Neeraj Poddar Istio Steering and TOC member. Co-founded Istio Product Security Working Group Yuval Kohavi Renowned security researcher, Founding API Gateway WG-Istio, Contributor Envoy Ram Vennam Founding Istio Steering Committee member Nick Nellis First to run Istio in production, current contributor and maintainer Solo Istio/Envoy Community Leadership Founded in 2017 by Idit Levine Based in Cambridge, MA with multiple locations around the globe The industry’s leading Cloud-native Application Networking company. Open-Core, “Enterprise” Subscription model Growing fast with happy customers Well Funded 500+% bookings growth y/y 98%+ renewal rate $171.5M venture financing $1 Billion valuation Company Overview Gloo Application Networking Platform Simplify your application networking with unified control, reliability, observability, extensibility, and security 3 | Copyright © 2022 Greg Hanson Founding Istio Maintainer, Product Security WG Lead, Istio Release Manager
4 | Copyright © 2020 Gloo Application Networking Platform Manage APIs Data Access Gloo Gateway API Gateway Gloo Mesh Microservices, Security, Observability Gloo Network Kubernetes CNI, Network Policy
5 | Copyright © 2020
6 | Copyright © 2020 6 | Copyright © 2020 Problem
7 | Copyright © 2020 What is application networking? Challenges ● Service discovery ● Load balancing ● Timeouts ● Retry / Budgets ● Circuit breaking ● Tracing, observability ● Secure transport ● Extension
8 | Copyright © 2020 What is application networking?
9 | Copyright © 2020 Previous solutions to these problems
10 | Copyright © 2020 Previous solutions to these problems
11 | Copyright © 2020 11 | Copyright © 2020 Push enforcement points down to application
12 | Copyright © 2020 What is application networking?
13 | Copyright © 2020 What is application networking?
14 | Copyright © 2020 Service Mesh Technologies Provide the Following L4 & L7 Observability Traffic Encryption / L7 Identity L4 & L7 Policies [Canary, RBAC, ….]
15 | Copyright © 2020 15 | Copyright © 2020 Demo
16 | Copyright © 2020 What you must build to run service mesh in production? Istio Service Mesh Security | Compliance FIPS-140 Authentication Cert-Mgmt Rate-Limiting API Gateway Failover Routing Global Service Discovery Integrate Observability Routing | Traffic Mgmt Topologies | API | UI | Extensibility Multi-Cluster Multi-Tenant Web Assembly UI / Higher-level API
17 | Copyright © 2020 https://www.solo.io/products/gloo-mesh/ Enterprise Service Mesh for multi-cluster, cross-cluster and hybrid environments based on upstream Istio
18 | Copyright © 2020 https://www.solo.io/products/gloo-mesh/ Gloo Mesh Enterprise • Enterprise Istio for single cluster, multi-cluster and multi-platform configuration. • Focus on ease of us, powerful best practices built in, security, and extensibility. Installation, upgrade, takeover and hybrid lifecycle Production and long-terms support (LTS, N-4) with patches and hotfixes for validated upstream Istio Delegate ownership of configuration and policy by persona, including: developers, SREs, and admins Discovery services running across multiple clusters, clouds, VMs Operational visibility with a single pane of glass across multiple service mesh clusters Cross-cluster failover and locality aware routing Support multiple teams owning their own resources across multiple clusters End to end security across clusters and meshes for zero trust networks, integrate with PKI, CA/RA, etc Istio Support Istio Lifecycle (2.1) Global Failover Routing Multi Tenancy API Gateway Global Service Discovery Unified Observability Zero-Trust Security
19 | Copyright © 2020 User Clusters Public cloud Compliance / DMZ
20 | Copyright © 2020 Consistent API for multi-cluster N/S and E/W Policy
21 | Copyright © 2020 Gloo API Gateway
22 | Copyright © 2020 Team Tenancy (Service Mesh as a Service) ● Tenancy ● Dependency ● More flexible API ● Hierarchy ● Unified NS/EW
23 | Copyright © 2020 Drive everything through GitOps!
24 | Copyright © 2020 24 | Copyright © 2020 Demo
25 | Copyright © 2020 Gloo Application Networking Platform Manage APIs Data Access Gloo Gateway API Gateway Gloo Mesh Microservices, Security, Observability Gloo Network Kubernetes CNI, Network Policy
26 | Copyright © 2020 Kernel-level observability Security controls Advanced L3/L4/L7 Network Policy Container networking / CNI / Overlay built on eBPF!
27 | Copyright © 2020 Cilium: Cloud Networking Overlay
28 | Copyright © 2020 Flexible: Executes custom logic in the Linux kernel. Safe: BPF code is verified to not crash/hang kernel. Fast: JIT-compiled to run at native speed. Humble origins: BPF Berkeley Packet Filter $ tcpdump -n dst host 192.168.1.1 What is eBPF?
29 | Copyright © 2020 with strong safety guarantees and native kernel performance “Function-as-a-Service” for kernel events Execution Stack in the Kernel submit_bio submit_bh() journal_submit_commit_record() jbd2_journal_commit_transaction() mb_cache_list() BPF Hook BPF Program Source Code bpf() syscall llvm / clang Verifier + JIT compiler What is eBPF?
30 | Copyright © 2020 30 | Copyright © 2020 What about conflicting policy at different layers? (demo maybe?)
31 | Copyright © 2020 Consistent Networking Policies
32 | Copyright © 2020
33 | Copyright © 2020 33 | Copyright © 2020 Demo
34 | Copyright © 2020 34 | Copyright © 2020 Recap
35 | Copyright © 2020
36 | Copyright © 2020 Cloud Native Stack ANY KUBERNETES (CLUSTERS) VMs eBPF WASM GLOO NETWORKING | CILIUM ENVOY PROXY ISTIO GLOO MESH GLOO GATEWAY GLOO PORTAL EXT. AUTH RATE LIMITING GRAPHQL XSLT (SOAP-REST) ANY CLOUD Gloo Application Networking Platform
37 | Copyright © 2020 Learn More!! Free Workshops and Certifications ● Envoy Proxy ● Istio ● Cilium ● eBPF ● On demand ● Instructor led ● Service mesh ● Modern API gateway ● eBPF Solo Academy 1 2 https://www.solo.io/events/upcoming / https://www.solo.io/solo-academy/
38 | Copyright © 2020 We are hiring! https://www.solo.io/company/careers/
39 | Copyright © 2020 Solo.io global presence
40 | Copyright © 2020 • https://solo.io • https://solo.io/blog • https://slack.solo.io • https://gloo.solo.io • https://envoyproxy.io • https://istio.io • https://webassemblyhub.io

Recommandé

Cloud Native Networking & Security with Cilium & eBPF
Cloud Native Networking & Security with Cilium & eBPFCloud Native Networking & Security with Cilium & eBPF
Cloud Native Networking & Security with Cilium & eBPFRaphaël PINSON
 
Accelerating Envoy and Istio with Cilium and the Linux Kernel
Accelerating Envoy and Istio with Cilium and the Linux KernelAccelerating Envoy and Istio with Cilium and the Linux Kernel
Accelerating Envoy and Istio with Cilium and the Linux KernelThomas Graf
 
Cilium - Network security for microservices
Cilium - Network security for microservicesCilium - Network security for microservices
Cilium - Network security for microservicesThomas Graf
 
eBPF - Rethinking the Linux Kernel
eBPF - Rethinking the Linux KerneleBPF - Rethinking the Linux Kernel
eBPF - Rethinking the Linux KernelThomas Graf
 
Ansible presentation
Ansible presentationAnsible presentation
Ansible presentationSuresh Kumar
 
Kubernetes security
Kubernetes securityKubernetes security
Kubernetes securityThomas Fricke
 
Webinar - Unbox GitLab CI/CD
Webinar - Unbox GitLab CI/CD Webinar - Unbox GitLab CI/CD
Webinar - Unbox GitLab CI/CD Annie Huang
 
Cfgmgmtcamp 2023 — eBPF Superpowers
Cfgmgmtcamp 2023 — eBPF SuperpowersCfgmgmtcamp 2023 — eBPF Superpowers
Cfgmgmtcamp 2023 — eBPF SuperpowersRaphaël PINSON
 

Recommandé

Cloud Native Networking & Security with Cilium & eBPF
Cloud Native Networking & Security with Cilium & eBPFCloud Native Networking & Security with Cilium & eBPF
Cloud Native Networking & Security with Cilium & eBPFRaphaël PINSON
 
Accelerating Envoy and Istio with Cilium and the Linux Kernel
Accelerating Envoy and Istio with Cilium and the Linux KernelAccelerating Envoy and Istio with Cilium and the Linux Kernel
Accelerating Envoy and Istio with Cilium and the Linux KernelThomas Graf
 
Cilium - Network security for microservices
Cilium - Network security for microservicesCilium - Network security for microservices
Cilium - Network security for microservicesThomas Graf
 
eBPF - Rethinking the Linux Kernel
eBPF - Rethinking the Linux KerneleBPF - Rethinking the Linux Kernel
eBPF - Rethinking the Linux KernelThomas Graf
 
Ansible presentation
Ansible presentationAnsible presentation
Ansible presentationSuresh Kumar
 
Kubernetes security
Kubernetes securityKubernetes security
Kubernetes securityThomas Fricke
 
Webinar - Unbox GitLab CI/CD
Webinar - Unbox GitLab CI/CD Webinar - Unbox GitLab CI/CD
Webinar - Unbox GitLab CI/CD Annie Huang
 
Cfgmgmtcamp 2023 — eBPF Superpowers
Cfgmgmtcamp 2023 — eBPF SuperpowersCfgmgmtcamp 2023 — eBPF Superpowers
Cfgmgmtcamp 2023 — eBPF SuperpowersRaphaël PINSON
 
Cilium - Bringing the BPF Revolution to Kubernetes Networking and Security
Cilium - Bringing the BPF Revolution to Kubernetes Networking and SecurityCilium - Bringing the BPF Revolution to Kubernetes Networking and Security
Cilium - Bringing the BPF Revolution to Kubernetes Networking and SecurityThomas Graf
 
ContainerDays Hamburg 2023 — Cilium Workshop.pdf
ContainerDays Hamburg 2023 — Cilium Workshop.pdfContainerDays Hamburg 2023 — Cilium Workshop.pdf
ContainerDays Hamburg 2023 — Cilium Workshop.pdfRaphaël PINSON
 
Service Mesh - Why? How? What?
Service Mesh - Why? How? What?Service Mesh - Why? How? What?
Service Mesh - Why? How? What?Orkhan Gasimov
 
Scale Kubernetes to support 50000 services
Scale Kubernetes to support 50000 servicesScale Kubernetes to support 50000 services
Scale Kubernetes to support 50000 servicesLinuxCon ContainerCon CloudOpen China
 
Docker Kubernetes Istio
Docker Kubernetes IstioDocker Kubernetes Istio
Docker Kubernetes IstioAraf Karsh Hamid
 
Kubernetes Networking with Cilium - Deep Dive
Kubernetes Networking with Cilium - Deep DiveKubernetes Networking with Cilium - Deep Dive
Kubernetes Networking with Cilium - Deep DiveMichal Rostecki
 
Replacing iptables with eBPF in Kubernetes with Cilium
Replacing iptables with eBPF in Kubernetes with CiliumReplacing iptables with eBPF in Kubernetes with Cilium
Replacing iptables with eBPF in Kubernetes with CiliumMichal Rostecki
 
cilium-public.pdf
cilium-public.pdfcilium-public.pdf
cilium-public.pdfSanjeev Rampal
 
KCD Zurich 2023 — Bridge Dev & Ops with eBPF.pdf
KCD Zurich 2023 — Bridge Dev & Ops with eBPF.pdfKCD Zurich 2023 — Bridge Dev & Ops with eBPF.pdf
KCD Zurich 2023 — Bridge Dev & Ops with eBPF.pdfRaphaël PINSON
 
Comparing Next-Generation Container Image Building Tools
Comparing Next-Generation Container Image Building Tools Comparing Next-Generation Container Image Building Tools
Comparing Next-Generation Container Image Building ToolsAkihiro Suda
 
Introduction to eBPF
Introduction to eBPFIntroduction to eBPF
Introduction to eBPFRogerColl2
 
Cilium - overview and recent updates
Cilium - overview and recent updatesCilium - overview and recent updates
Cilium - overview and recent updatesMichal Rostecki
 
ansible why ?
ansible why ?ansible why ?
ansible why ?Yashar Esmaildokht
 
Understanding eBPF in a Hurry!
Understanding eBPF in a Hurry!Understanding eBPF in a Hurry!
Understanding eBPF in a Hurry!Ray Jenkins
 
Kubernetes Networking 101
Kubernetes Networking 101Kubernetes Networking 101
Kubernetes Networking 101Weaveworks
 
[Container Plumbing Days 2023] Why was nerdctl made?
[Container Plumbing Days 2023] Why was nerdctl made?[Container Plumbing Days 2023] Why was nerdctl made?
[Container Plumbing Days 2023] Why was nerdctl made?Akihiro Suda
 
eBPF - Observability In Deep
eBPF - Observability In DeepeBPF - Observability In Deep
eBPF - Observability In DeepMydbops
 
Introduction to the Container Network Interface (CNI)
Introduction to the Container Network Interface (CNI)Introduction to the Container Network Interface (CNI)
Introduction to the Container Network Interface (CNI)Weaveworks
 
Introduction to kubernetes
Introduction to kubernetesIntroduction to kubernetes
Introduction to kubernetesRaffaele Di Fazio
 
BPF & Cilium - Turning Linux into a Microservices-aware Operating System
BPF & Cilium - Turning Linux into a Microservices-aware Operating SystemBPF & Cilium - Turning Linux into a Microservices-aware Operating System
BPF & Cilium - Turning Linux into a Microservices-aware Operating SystemThomas Graf
 
Compliance and Zero Trust Ambient Mesh
Compliance and Zero Trust Ambient MeshCompliance and Zero Trust Ambient Mesh
Compliance and Zero Trust Ambient MeshChristian Posta
 
GDG Cloud Southlake #10 Christian Posta: Future of Service Mesh
GDG Cloud Southlake #10 Christian Posta: Future of Service MeshGDG Cloud Southlake #10 Christian Posta: Future of Service Mesh
GDG Cloud Southlake #10 Christian Posta: Future of Service MeshJamesAnderson599331
 

Contenu connexe

Tendances

Cilium - Bringing the BPF Revolution to Kubernetes Networking and Security
Cilium - Bringing the BPF Revolution to Kubernetes Networking and SecurityCilium - Bringing the BPF Revolution to Kubernetes Networking and Security
Cilium - Bringing the BPF Revolution to Kubernetes Networking and SecurityThomas Graf
 
ContainerDays Hamburg 2023 — Cilium Workshop.pdf
ContainerDays Hamburg 2023 — Cilium Workshop.pdfContainerDays Hamburg 2023 — Cilium Workshop.pdf
ContainerDays Hamburg 2023 — Cilium Workshop.pdfRaphaël PINSON
 
Service Mesh - Why? How? What?
Service Mesh - Why? How? What?Service Mesh - Why? How? What?
Service Mesh - Why? How? What?Orkhan Gasimov
 
Kubernetes Networking with Cilium - Deep Dive
Kubernetes Networking with Cilium - Deep DiveKubernetes Networking with Cilium - Deep Dive
Kubernetes Networking with Cilium - Deep DiveMichal Rostecki
 
Replacing iptables with eBPF in Kubernetes with Cilium
Replacing iptables with eBPF in Kubernetes with CiliumReplacing iptables with eBPF in Kubernetes with Cilium
Replacing iptables with eBPF in Kubernetes with CiliumMichal Rostecki
 
KCD Zurich 2023 — Bridge Dev & Ops with eBPF.pdf
KCD Zurich 2023 — Bridge Dev & Ops with eBPF.pdfKCD Zurich 2023 — Bridge Dev & Ops with eBPF.pdf
KCD Zurich 2023 — Bridge Dev & Ops with eBPF.pdfRaphaël PINSON
 
Comparing Next-Generation Container Image Building Tools
Comparing Next-Generation Container Image Building Tools Comparing Next-Generation Container Image Building Tools
Comparing Next-Generation Container Image Building ToolsAkihiro Suda
 
Introduction to eBPF
Introduction to eBPFIntroduction to eBPF
Introduction to eBPFRogerColl2
 
Cilium - overview and recent updates
Cilium - overview and recent updatesCilium - overview and recent updates
Cilium - overview and recent updatesMichal Rostecki
 
Understanding eBPF in a Hurry!
Understanding eBPF in a Hurry!Understanding eBPF in a Hurry!
Understanding eBPF in a Hurry!Ray Jenkins
 
Kubernetes Networking 101
Kubernetes Networking 101Kubernetes Networking 101
Kubernetes Networking 101Weaveworks
 
[Container Plumbing Days 2023] Why was nerdctl made?
[Container Plumbing Days 2023] Why was nerdctl made?[Container Plumbing Days 2023] Why was nerdctl made?
[Container Plumbing Days 2023] Why was nerdctl made?Akihiro Suda
 
eBPF - Observability In Deep
eBPF - Observability In DeepeBPF - Observability In Deep
eBPF - Observability In DeepMydbops
 
Introduction to the Container Network Interface (CNI)
Introduction to the Container Network Interface (CNI)Introduction to the Container Network Interface (CNI)
Introduction to the Container Network Interface (CNI)Weaveworks
 
BPF & Cilium - Turning Linux into a Microservices-aware Operating System
BPF & Cilium - Turning Linux into a Microservices-aware Operating SystemBPF & Cilium - Turning Linux into a Microservices-aware Operating System
BPF & Cilium - Turning Linux into a Microservices-aware Operating SystemThomas Graf
 

Tendances (20)

Cilium - Bringing the BPF Revolution to Kubernetes Networking and Security
Cilium - Bringing the BPF Revolution to Kubernetes Networking and SecurityCilium - Bringing the BPF Revolution to Kubernetes Networking and Security
Cilium - Bringing the BPF Revolution to Kubernetes Networking and Security
 
ContainerDays Hamburg 2023 — Cilium Workshop.pdf
ContainerDays Hamburg 2023 — Cilium Workshop.pdfContainerDays Hamburg 2023 — Cilium Workshop.pdf
ContainerDays Hamburg 2023 — Cilium Workshop.pdf
 
Service Mesh - Why? How? What?
Service Mesh - Why? How? What?Service Mesh - Why? How? What?
Service Mesh - Why? How? What?
 
Scale Kubernetes to support 50000 services
Scale Kubernetes to support 50000 servicesScale Kubernetes to support 50000 services
Scale Kubernetes to support 50000 services
 
Docker Kubernetes Istio
Docker Kubernetes IstioDocker Kubernetes Istio
Docker Kubernetes Istio
 
Kubernetes Networking with Cilium - Deep Dive
Kubernetes Networking with Cilium - Deep DiveKubernetes Networking with Cilium - Deep Dive
Kubernetes Networking with Cilium - Deep Dive
 
Replacing iptables with eBPF in Kubernetes with Cilium
Replacing iptables with eBPF in Kubernetes with CiliumReplacing iptables with eBPF in Kubernetes with Cilium
Replacing iptables with eBPF in Kubernetes with Cilium
 
cilium-public.pdf
cilium-public.pdfcilium-public.pdf
cilium-public.pdf
 
KCD Zurich 2023 — Bridge Dev & Ops with eBPF.pdf
KCD Zurich 2023 — Bridge Dev & Ops with eBPF.pdfKCD Zurich 2023 — Bridge Dev & Ops with eBPF.pdf
KCD Zurich 2023 — Bridge Dev & Ops with eBPF.pdf
 
Comparing Next-Generation Container Image Building Tools
Comparing Next-Generation Container Image Building Tools Comparing Next-Generation Container Image Building Tools
Comparing Next-Generation Container Image Building Tools
 
Introduction to eBPF
Introduction to eBPFIntroduction to eBPF
Introduction to eBPF
 
Cilium - overview and recent updates
Cilium - overview and recent updatesCilium - overview and recent updates
Cilium - overview and recent updates
 
ansible why ?
ansible why ?ansible why ?
ansible why ?
 
Understanding eBPF in a Hurry!
Understanding eBPF in a Hurry!Understanding eBPF in a Hurry!
Understanding eBPF in a Hurry!
 
Kubernetes Networking 101
Kubernetes Networking 101Kubernetes Networking 101
Kubernetes Networking 101
 
[Container Plumbing Days 2023] Why was nerdctl made?
[Container Plumbing Days 2023] Why was nerdctl made?[Container Plumbing Days 2023] Why was nerdctl made?
[Container Plumbing Days 2023] Why was nerdctl made?
 
eBPF - Observability In Deep
eBPF - Observability In DeepeBPF - Observability In Deep
eBPF - Observability In Deep
 
Introduction to the Container Network Interface (CNI)
Introduction to the Container Network Interface (CNI)Introduction to the Container Network Interface (CNI)
Introduction to the Container Network Interface (CNI)
 
Introduction to kubernetes
Introduction to kubernetesIntroduction to kubernetes
Introduction to kubernetes
 
BPF & Cilium - Turning Linux into a Microservices-aware Operating System
BPF & Cilium - Turning Linux into a Microservices-aware Operating SystemBPF & Cilium - Turning Linux into a Microservices-aware Operating System
BPF & Cilium - Turning Linux into a Microservices-aware Operating System
 

Similaire à Cilium + Istio with Gloo Mesh

Compliance and Zero Trust Ambient Mesh
Compliance and Zero Trust Ambient MeshCompliance and Zero Trust Ambient Mesh
Compliance and Zero Trust Ambient MeshChristian Posta
 
GDG Cloud Southlake #10 Christian Posta: Future of Service Mesh
GDG Cloud Southlake #10 Christian Posta: Future of Service MeshGDG Cloud Southlake #10 Christian Posta: Future of Service Mesh
GDG Cloud Southlake #10 Christian Posta: Future of Service MeshJamesAnderson599331
 
The Current And Future State Of Service Mesh
The Current And Future State Of Service MeshThe Current And Future State Of Service Mesh
The Current And Future State Of Service MeshRam Vennam
 
apidays Paris 2022 - Blurred Lines, Denis Jannot, Solo.io
apidays Paris 2022 - Blurred Lines, Denis Jannot, Solo.ioapidays Paris 2022 - Blurred Lines, Denis Jannot, Solo.io
apidays Paris 2022 - Blurred Lines, Denis Jannot, Solo.ioapidays
 
Kubernetes Ingress to Service Mesh (and beyond!)
Kubernetes Ingress to Service Mesh (and beyond!)Kubernetes Ingress to Service Mesh (and beyond!)
Kubernetes Ingress to Service Mesh (and beyond!)Christian Posta
 
Security & Resiliency of Cloud Native Apps with Weave GitOps & Tetrate Servic...
Security & Resiliency of Cloud Native Apps with Weave GitOps & Tetrate Servic...Security & Resiliency of Cloud Native Apps with Weave GitOps & Tetrate Servic...
Security & Resiliency of Cloud Native Apps with Weave GitOps & Tetrate Servic...Weaveworks
 
Quebec - 16 November 2022 - Canada CNCF Meetups.pdf
Quebec - 16 November 2022 - Canada CNCF Meetups.pdfQuebec - 16 November 2022 - Canada CNCF Meetups.pdf
Quebec - 16 November 2022 - Canada CNCF Meetups.pdfprune1
 
INTERFACE, by apidays - Challenges of exposing and connecting microservices
INTERFACE, by apidays - Challenges of exposing and connecting microservicesINTERFACE, by apidays - Challenges of exposing and connecting microservices
INTERFACE, by apidays - Challenges of exposing and connecting microservicesapidays
 
PSOCLD 1007 Cisco Hybrid Cloud Platform for Google Cloud
PSOCLD 1007 Cisco Hybrid Cloud Platform for Google CloudPSOCLD 1007 Cisco Hybrid Cloud Platform for Google Cloud
PSOCLD 1007 Cisco Hybrid Cloud Platform for Google CloudRohit Agarwalla
 
Building The Right Network
Building The Right NetworkBuilding The Right Network
Building The Right NetworkCisco Canada
 
Microservices and containers networking: Contiv, an industry leading open sou...
Microservices and containers networking: Contiv, an industry leading open sou...Microservices and containers networking: Contiv, an industry leading open sou...
Microservices and containers networking: Contiv, an industry leading open sou...Codemotion
 
TechWiseTV Workshop: Cisco Hybrid Cloud Platform for Google Cloud
TechWiseTV Workshop: Cisco Hybrid Cloud Platform for Google CloudTechWiseTV Workshop: Cisco Hybrid Cloud Platform for Google Cloud
TechWiseTV Workshop: Cisco Hybrid Cloud Platform for Google CloudRobb Boyd
 
Putting microservices on a diet with istio
Putting microservices on a diet with istioPutting microservices on a diet with istio
Putting microservices on a diet with istioQAware GmbH
 
Securing Kubernetes Clusters with NGINX Plus Ingress Controller & NAP
Securing Kubernetes Clusters with NGINX Plus Ingress Controller & NAPSecuring Kubernetes Clusters with NGINX Plus Ingress Controller & NAP
Securing Kubernetes Clusters with NGINX Plus Ingress Controller & NAPOlivia LaMar
 
apidays LIVE LONDON - Toward certifying Financial-grade API profile with Keyc...
apidays LIVE LONDON - Toward certifying Financial-grade API profile with Keyc...apidays LIVE LONDON - Toward certifying Financial-grade API profile with Keyc...
apidays LIVE LONDON - Toward certifying Financial-grade API profile with Keyc...apidays
 
APIdays London 2020: Toward certifying Financial-grade API security profile w...
APIdays London 2020: Toward certifying Financial-grade API security profile w...APIdays London 2020: Toward certifying Financial-grade API security profile w...
APIdays London 2020: Toward certifying Financial-grade API security profile w...Hitachi, Ltd. OSS Solution Center.
 
The Future of Service Mesh
The Future of Service MeshThe Future of Service Mesh
The Future of Service MeshAll Things Open
 
Log Analytics for Distributed Microservices
Log Analytics for Distributed MicroservicesLog Analytics for Distributed Microservices
Log Analytics for Distributed MicroservicesKai Wähner
 
2019.02 Eclipse Foundation and Eclipse IoT presentation at Eclipse IoT Day Gr...
2019.02 Eclipse Foundation and Eclipse IoT presentation at Eclipse IoT Day Gr...2019.02 Eclipse Foundation and Eclipse IoT presentation at Eclipse IoT Day Gr...
2019.02 Eclipse Foundation and Eclipse IoT presentation at Eclipse IoT Day Gr...Gaël Blondelle
 

Similaire à Cilium + Istio with Gloo Mesh (20)

Compliance and Zero Trust Ambient Mesh
Compliance and Zero Trust Ambient MeshCompliance and Zero Trust Ambient Mesh
Compliance and Zero Trust Ambient Mesh
 
GDG Cloud Southlake #10 Christian Posta: Future of Service Mesh
GDG Cloud Southlake #10 Christian Posta: Future of Service MeshGDG Cloud Southlake #10 Christian Posta: Future of Service Mesh
GDG Cloud Southlake #10 Christian Posta: Future of Service Mesh
 
The Current And Future State Of Service Mesh
The Current And Future State Of Service MeshThe Current And Future State Of Service Mesh
The Current And Future State Of Service Mesh
 
apidays Paris 2022 - Blurred Lines, Denis Jannot, Solo.io
apidays Paris 2022 - Blurred Lines, Denis Jannot, Solo.ioapidays Paris 2022 - Blurred Lines, Denis Jannot, Solo.io
apidays Paris 2022 - Blurred Lines, Denis Jannot, Solo.io
 
Kubernetes Ingress to Service Mesh (and beyond!)
Kubernetes Ingress to Service Mesh (and beyond!)Kubernetes Ingress to Service Mesh (and beyond!)
Kubernetes Ingress to Service Mesh (and beyond!)
 
Security & Resiliency of Cloud Native Apps with Weave GitOps & Tetrate Servic...
Security & Resiliency of Cloud Native Apps with Weave GitOps & Tetrate Servic...Security & Resiliency of Cloud Native Apps with Weave GitOps & Tetrate Servic...
Security & Resiliency of Cloud Native Apps with Weave GitOps & Tetrate Servic...
 
Quebec - 16 November 2022 - Canada CNCF Meetups.pdf
Quebec - 16 November 2022 - Canada CNCF Meetups.pdfQuebec - 16 November 2022 - Canada CNCF Meetups.pdf
Quebec - 16 November 2022 - Canada CNCF Meetups.pdf
 
INTERFACE, by apidays - Challenges of exposing and connecting microservices
INTERFACE, by apidays - Challenges of exposing and connecting microservicesINTERFACE, by apidays - Challenges of exposing and connecting microservices
INTERFACE, by apidays - Challenges of exposing and connecting microservices
 
PSOCLD 1007 Cisco Hybrid Cloud Platform for Google Cloud
PSOCLD 1007 Cisco Hybrid Cloud Platform for Google CloudPSOCLD 1007 Cisco Hybrid Cloud Platform for Google Cloud
PSOCLD 1007 Cisco Hybrid Cloud Platform for Google Cloud
 
Building The Right Network
Building The Right NetworkBuilding The Right Network
Building The Right Network
 
Microservices and containers networking: Contiv, an industry leading open sou...
Microservices and containers networking: Contiv, an industry leading open sou...Microservices and containers networking: Contiv, an industry leading open sou...
Microservices and containers networking: Contiv, an industry leading open sou...
 
KubeConRecap_nakamura.pdf
KubeConRecap_nakamura.pdfKubeConRecap_nakamura.pdf
KubeConRecap_nakamura.pdf
 
TechWiseTV Workshop: Cisco Hybrid Cloud Platform for Google Cloud
TechWiseTV Workshop: Cisco Hybrid Cloud Platform for Google CloudTechWiseTV Workshop: Cisco Hybrid Cloud Platform for Google Cloud
TechWiseTV Workshop: Cisco Hybrid Cloud Platform for Google Cloud
 
Putting microservices on a diet with istio
Putting microservices on a diet with istioPutting microservices on a diet with istio
Putting microservices on a diet with istio
 
Securing Kubernetes Clusters with NGINX Plus Ingress Controller & NAP
Securing Kubernetes Clusters with NGINX Plus Ingress Controller & NAPSecuring Kubernetes Clusters with NGINX Plus Ingress Controller & NAP
Securing Kubernetes Clusters with NGINX Plus Ingress Controller & NAP
 
apidays LIVE LONDON - Toward certifying Financial-grade API profile with Keyc...
apidays LIVE LONDON - Toward certifying Financial-grade API profile with Keyc...apidays LIVE LONDON - Toward certifying Financial-grade API profile with Keyc...
apidays LIVE LONDON - Toward certifying Financial-grade API profile with Keyc...
 
APIdays London 2020: Toward certifying Financial-grade API security profile w...
APIdays London 2020: Toward certifying Financial-grade API security profile w...APIdays London 2020: Toward certifying Financial-grade API security profile w...
APIdays London 2020: Toward certifying Financial-grade API security profile w...
 
The Future of Service Mesh
The Future of Service MeshThe Future of Service Mesh
The Future of Service Mesh
 
Log Analytics for Distributed Microservices
Log Analytics for Distributed MicroservicesLog Analytics for Distributed Microservices
Log Analytics for Distributed Microservices
 
2019.02 Eclipse Foundation and Eclipse IoT presentation at Eclipse IoT Day Gr...
2019.02 Eclipse Foundation and Eclipse IoT presentation at Eclipse IoT Day Gr...2019.02 Eclipse Foundation and Eclipse IoT presentation at Eclipse IoT Day Gr...
2019.02 Eclipse Foundation and Eclipse IoT presentation at Eclipse IoT Day Gr...
 

Plus de Christian Posta

Comparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioComparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioChristian Posta
 
Understanding Wireguard, TLS and Workload Identity
Understanding Wireguard, TLS and Workload IdentityUnderstanding Wireguard, TLS and Workload Identity
Understanding Wireguard, TLS and Workload IdentityChristian Posta
 
Multi-cluster service mesh with GlooMesh
Multi-cluster service mesh with GlooMeshMulti-cluster service mesh with GlooMesh
Multi-cluster service mesh with GlooMeshChristian Posta
 
Multicluster Kubernetes and Service Mesh Patterns
Multicluster Kubernetes and Service Mesh PatternsMulticluster Kubernetes and Service Mesh Patterns
Multicluster Kubernetes and Service Mesh PatternsChristian Posta
 
Cloud-Native Application Debugging with Envoy and Service Mesh
Cloud-Native Application Debugging with Envoy and Service MeshCloud-Native Application Debugging with Envoy and Service Mesh
Cloud-Native Application Debugging with Envoy and Service MeshChristian Posta
 
The Truth About the Service Mesh Data Plane
The Truth About the Service Mesh Data PlaneThe Truth About the Service Mesh Data Plane
The Truth About the Service Mesh Data PlaneChristian Posta
 
Deep Dive: Building external auth plugins for Gloo Enterprise
Deep Dive: Building external auth plugins for Gloo EnterpriseDeep Dive: Building external auth plugins for Gloo Enterprise
Deep Dive: Building external auth plugins for Gloo EnterpriseChristian Posta
 
Role of edge gateways in relation to service mesh adoption
Role of edge gateways in relation to service mesh adoptionRole of edge gateways in relation to service mesh adoption
Role of edge gateways in relation to service mesh adoptionChristian Posta
 
Navigating the service mesh landscape with Istio, Consul Connect, and Linkerd
Navigating the service mesh landscape with Istio, Consul Connect, and LinkerdNavigating the service mesh landscape with Istio, Consul Connect, and Linkerd
Navigating the service mesh landscape with Istio, Consul Connect, and LinkerdChristian Posta
 
Chaos Debugging for Microservices
Chaos Debugging for MicroservicesChaos Debugging for Microservices
Chaos Debugging for MicroservicesChristian Posta
 
Leveraging Envoy Proxy and GraphQL to Lower the Risk of Monolith to Microserv...
Leveraging Envoy Proxy and GraphQL to Lower the Risk of Monolith to Microserv...Leveraging Envoy Proxy and GraphQL to Lower the Risk of Monolith to Microserv...
Leveraging Envoy Proxy and GraphQL to Lower the Risk of Monolith to Microserv...Christian Posta
 
Service-mesh options with Linkerd, Consul, Istio and AWS AppMesh
Service-mesh options with Linkerd, Consul, Istio and AWS AppMeshService-mesh options with Linkerd, Consul, Istio and AWS AppMesh
Service-mesh options with Linkerd, Consul, Istio and AWS AppMeshChristian Posta
 
Intro Istio and what's new Istio 1.1
Intro Istio and what's new Istio 1.1Intro Istio and what's new Istio 1.1
Intro Istio and what's new Istio 1.1Christian Posta
 
API Gateways are going through an identity crisis
API Gateways are going through an identity crisisAPI Gateways are going through an identity crisis
API Gateways are going through an identity crisisChristian Posta
 
KubeCon NA 2018: Evolution of Integration and Microservices with Service Mesh...
KubeCon NA 2018: Evolution of Integration and Microservices with Service Mesh...KubeCon NA 2018: Evolution of Integration and Microservices with Service Mesh...
KubeCon NA 2018: Evolution of Integration and Microservices with Service Mesh...Christian Posta
 
PHX DevOps Days: Service Mesh Landscape
PHX DevOps Days: Service Mesh LandscapePHX DevOps Days: Service Mesh Landscape
PHX DevOps Days: Service Mesh LandscapeChristian Posta
 
API World: The service-mesh landscape
API World: The service-mesh landscapeAPI World: The service-mesh landscape
API World: The service-mesh landscapeChristian Posta
 
Making sense of microservices, service mesh, and serverless
Making sense of microservices, service mesh, and serverlessMaking sense of microservices, service mesh, and serverless
Making sense of microservices, service mesh, and serverlessChristian Posta
 
Evolution of integration and microservices patterns with service mesh
Evolution of integration and microservices patterns with service meshEvolution of integration and microservices patterns with service mesh
Evolution of integration and microservices patterns with service meshChristian Posta
 

Plus de Christian Posta (20)

Comparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioComparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and Istio
 
Understanding Wireguard, TLS and Workload Identity
Understanding Wireguard, TLS and Workload IdentityUnderstanding Wireguard, TLS and Workload Identity
Understanding Wireguard, TLS and Workload Identity
 
Multi-cluster service mesh with GlooMesh
Multi-cluster service mesh with GlooMeshMulti-cluster service mesh with GlooMesh
Multi-cluster service mesh with GlooMesh
 
Multicluster Kubernetes and Service Mesh Patterns
Multicluster Kubernetes and Service Mesh PatternsMulticluster Kubernetes and Service Mesh Patterns
Multicluster Kubernetes and Service Mesh Patterns
 
Cloud-Native Application Debugging with Envoy and Service Mesh
Cloud-Native Application Debugging with Envoy and Service MeshCloud-Native Application Debugging with Envoy and Service Mesh
Cloud-Native Application Debugging with Envoy and Service Mesh
 
The Truth About the Service Mesh Data Plane
The Truth About the Service Mesh Data PlaneThe Truth About the Service Mesh Data Plane
The Truth About the Service Mesh Data Plane
 
Deep Dive: Building external auth plugins for Gloo Enterprise
Deep Dive: Building external auth plugins for Gloo EnterpriseDeep Dive: Building external auth plugins for Gloo Enterprise
Deep Dive: Building external auth plugins for Gloo Enterprise
 
Role of edge gateways in relation to service mesh adoption
Role of edge gateways in relation to service mesh adoptionRole of edge gateways in relation to service mesh adoption
Role of edge gateways in relation to service mesh adoption
 
Navigating the service mesh landscape with Istio, Consul Connect, and Linkerd
Navigating the service mesh landscape with Istio, Consul Connect, and LinkerdNavigating the service mesh landscape with Istio, Consul Connect, and Linkerd
Navigating the service mesh landscape with Istio, Consul Connect, and Linkerd
 
Chaos Debugging for Microservices
Chaos Debugging for MicroservicesChaos Debugging for Microservices
Chaos Debugging for Microservices
 
Leveraging Envoy Proxy and GraphQL to Lower the Risk of Monolith to Microserv...
Leveraging Envoy Proxy and GraphQL to Lower the Risk of Monolith to Microserv...Leveraging Envoy Proxy and GraphQL to Lower the Risk of Monolith to Microserv...
Leveraging Envoy Proxy and GraphQL to Lower the Risk of Monolith to Microserv...
 
Service-mesh options with Linkerd, Consul, Istio and AWS AppMesh
Service-mesh options with Linkerd, Consul, Istio and AWS AppMeshService-mesh options with Linkerd, Consul, Istio and AWS AppMesh
Service-mesh options with Linkerd, Consul, Istio and AWS AppMesh
 
Intro Istio and what's new Istio 1.1
Intro Istio and what's new Istio 1.1Intro Istio and what's new Istio 1.1
Intro Istio and what's new Istio 1.1
 
API Gateways are going through an identity crisis
API Gateways are going through an identity crisisAPI Gateways are going through an identity crisis
API Gateways are going through an identity crisis
 
KubeCon NA 2018: Evolution of Integration and Microservices with Service Mesh...
KubeCon NA 2018: Evolution of Integration and Microservices with Service Mesh...KubeCon NA 2018: Evolution of Integration and Microservices with Service Mesh...
KubeCon NA 2018: Evolution of Integration and Microservices with Service Mesh...
 
PHX DevOps Days: Service Mesh Landscape
PHX DevOps Days: Service Mesh LandscapePHX DevOps Days: Service Mesh Landscape
PHX DevOps Days: Service Mesh Landscape
 
Intro to Knative
Intro to KnativeIntro to Knative
Intro to Knative
 
API World: The service-mesh landscape
API World: The service-mesh landscapeAPI World: The service-mesh landscape
API World: The service-mesh landscape
 
Making sense of microservices, service mesh, and serverless
Making sense of microservices, service mesh, and serverlessMaking sense of microservices, service mesh, and serverless
Making sense of microservices, service mesh, and serverless
 
Evolution of integration and microservices patterns with service mesh
Evolution of integration and microservices patterns with service meshEvolution of integration and microservices patterns with service mesh
Evolution of integration and microservices patterns with service mesh
 

Dernier

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Angeliki Cooney
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWERMadyBayot
 
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontologyjohnbeverley2021
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfOrbitshub
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusZilliz
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamUiPathCommunity
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...apidays
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingEdi Saputra
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Orbitshub
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesrafiqahmad00786416
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businesspanagenda
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Victor Rentea
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Victor Rentea
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdfSandro Moreira
 

Dernier (20)

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontology
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 

Cilium + Istio with Gloo Mesh

  • 1. Cilium and Istio with Gloo Mesh
  • 2. 2 | Copyright © 2020 CHRISTIAN POSTA VP, Global Field CTO, Solo.io @christianposta christian@solo.io https://blog.christianposta.com https://slideshare.net/ceposta Istio in Action (March 2022) https://www.manning.com/books/istio-in-action Discount Code: SOLOIO41 Shortlink: mng.bz/06Wl
  • 3. 3 | Copyright © 2020 Idit Levine Founding API gateway WG-Istio Christian Posta Founding community member, Istio Steering Committee, author Istio in Action Lin Sun Founding Istio project maintainer, Technical Oversight Committee (TOC), Steering Committee Neeraj Poddar Istio Steering and TOC member. Co-founded Istio Product Security Working Group Yuval Kohavi Renowned security researcher, Founding API Gateway WG-Istio, Contributor Envoy Ram Vennam Founding Istio Steering Committee member Nick Nellis First to run Istio in production, current contributor and maintainer Solo Istio/Envoy Community Leadership Founded in 2017 by Idit Levine Based in Cambridge, MA with multiple locations around the globe The industry’s leading Cloud-native Application Networking company. Open-Core, “Enterprise” Subscription model Growing fast with happy customers Well Funded 500+% bookings growth y/y 98%+ renewal rate $171.5M venture financing $1 Billion valuation Company Overview Gloo Application Networking Platform Simplify your application networking with unified control, reliability, observability, extensibility, and security 3 | Copyright © 2022 Greg Hanson Founding Istio Maintainer, Product Security WG Lead, Istio Release Manager
  • 4. 4 | Copyright © 2020 Gloo Application Networking Platform Manage APIs Data Access Gloo Gateway API Gateway Gloo Mesh Microservices, Security, Observability Gloo Network Kubernetes CNI, Network Policy
  • 5. 5 | Copyright © 2020
  • 6. 6 | Copyright © 2020 6 | Copyright © 2020 Problem
  • 7. 7 | Copyright © 2020 What is application networking? Challenges ● Service discovery ● Load balancing ● Timeouts ● Retry / Budgets ● Circuit breaking ● Tracing, observability ● Secure transport ● Extension
  • 8. 8 | Copyright © 2020 What is application networking?
  • 9. 9 | Copyright © 2020 Previous solutions to these problems
  • 10. 10 | Copyright © 2020 Previous solutions to these problems
  • 11. 11 | Copyright © 2020 11 | Copyright © 2020 Push enforcement points down to application
  • 12. 12 | Copyright © 2020 What is application networking?
  • 13. 13 | Copyright © 2020 What is application networking?
  • 14. 14 | Copyright © 2020 Service Mesh Technologies Provide the Following L4 & L7 Observability Traffic Encryption / L7 Identity L4 & L7 Policies [Canary, RBAC, ….]
  • 15. 15 | Copyright © 2020 15 | Copyright © 2020 Demo
  • 16. 16 | Copyright © 2020 What you must build to run service mesh in production? Istio Service Mesh Security | Compliance FIPS-140 Authentication Cert-Mgmt Rate-Limiting API Gateway Failover Routing Global Service Discovery Integrate Observability Routing | Traffic Mgmt Topologies | API | UI | Extensibility Multi-Cluster Multi-Tenant Web Assembly UI / Higher-level API
  • 17. 17 | Copyright © 2020 https://www.solo.io/products/gloo-mesh/ Enterprise Service Mesh for multi-cluster, cross-cluster and hybrid environments based on upstream Istio
  • 18. 18 | Copyright © 2020 https://www.solo.io/products/gloo-mesh/ Gloo Mesh Enterprise • Enterprise Istio for single cluster, multi-cluster and multi-platform configuration. • Focus on ease of us, powerful best practices built in, security, and extensibility. Installation, upgrade, takeover and hybrid lifecycle Production and long-terms support (LTS, N-4) with patches and hotfixes for validated upstream Istio Delegate ownership of configuration and policy by persona, including: developers, SREs, and admins Discovery services running across multiple clusters, clouds, VMs Operational visibility with a single pane of glass across multiple service mesh clusters Cross-cluster failover and locality aware routing Support multiple teams owning their own resources across multiple clusters End to end security across clusters and meshes for zero trust networks, integrate with PKI, CA/RA, etc Istio Support Istio Lifecycle (2.1) Global Failover Routing Multi Tenancy API Gateway Global Service Discovery Unified Observability Zero-Trust Security
  • 19. 19 | Copyright © 2020 User Clusters Public cloud Compliance / DMZ
  • 20. 20 | Copyright © 2020 Consistent API for multi-cluster N/S and E/W Policy
  • 21. 21 | Copyright © 2020 Gloo API Gateway
  • 22. 22 | Copyright © 2020 Team Tenancy (Service Mesh as a Service) ● Tenancy ● Dependency ● More flexible API ● Hierarchy ● Unified NS/EW
  • 23. 23 | Copyright © 2020 Drive everything through GitOps!
  • 24. 24 | Copyright © 2020 24 | Copyright © 2020 Demo
  • 25. 25 | Copyright © 2020 Gloo Application Networking Platform Manage APIs Data Access Gloo Gateway API Gateway Gloo Mesh Microservices, Security, Observability Gloo Network Kubernetes CNI, Network Policy
  • 26. 26 | Copyright © 2020 Kernel-level observability Security controls Advanced L3/L4/L7 Network Policy Container networking / CNI / Overlay built on eBPF!
  • 27. 27 | Copyright © 2020 Cilium: Cloud Networking Overlay
  • 28. 28 | Copyright © 2020 Flexible: Executes custom logic in the Linux kernel. Safe: BPF code is verified to not crash/hang kernel. Fast: JIT-compiled to run at native speed. Humble origins: BPF Berkeley Packet Filter $ tcpdump -n dst host 192.168.1.1 What is eBPF?
  • 29. 29 | Copyright © 2020 with strong safety guarantees and native kernel performance “Function-as-a-Service” for kernel events Execution Stack in the Kernel submit_bio submit_bh() journal_submit_commit_record() jbd2_journal_commit_transaction() mb_cache_list() BPF Hook BPF Program Source Code bpf() syscall llvm / clang Verifier + JIT compiler What is eBPF?
  • 30. 30 | Copyright © 2020 30 | Copyright © 2020 What about conflicting policy at different layers? (demo maybe?)
  • 31. 31 | Copyright © 2020 Consistent Networking Policies
  • 32. 32 | Copyright © 2020
  • 33. 33 | Copyright © 2020 33 | Copyright © 2020 Demo
  • 34. 34 | Copyright © 2020 34 | Copyright © 2020 Recap
  • 35. 35 | Copyright © 2020
  • 36. 36 | Copyright © 2020 Cloud Native Stack ANY KUBERNETES (CLUSTERS) VMs eBPF WASM GLOO NETWORKING | CILIUM ENVOY PROXY ISTIO GLOO MESH GLOO GATEWAY GLOO PORTAL EXT. AUTH RATE LIMITING GRAPHQL XSLT (SOAP-REST) ANY CLOUD Gloo Application Networking Platform
  • 37. 37 | Copyright © 2020 Learn More!! Free Workshops and Certifications ● Envoy Proxy ● Istio ● Cilium ● eBPF ● On demand ● Instructor led ● Service mesh ● Modern API gateway ● eBPF Solo Academy 1 2 https://www.solo.io/events/upcoming / https://www.solo.io/solo-academy/
  • 38. 38 | Copyright © 2020 We are hiring! https://www.solo.io/company/careers/
  • 39. 39 | Copyright © 2020 Solo.io global presence
  • 40. 40 | Copyright © 2020 • https://solo.io • https://solo.io/blog • https://slack.solo.io • https://gloo.solo.io • https://envoyproxy.io • https://istio.io • https://webassemblyhub.io