API Gateway, Istio, Kubernetes, Service Mesh

Using Istio service mesh as API Gateway

API gateways have been around for a long time as the entry point for clients to access the back-end, mainly to manage “north-south” traffic, In recent years, service mesh architectures have become popular, mainly for managing internal systems,(i.e. “east-west” traffic), while a service mesh like Istio also has built-in gateways that bring traffic inside and outside the system under unified control. This often creates confusion for first-time users of Istio. What is the relationship between the service mesh and the API gateway? How does Istio’s gateway work? What are the ways to expose the services in the Istio mesh? This article gives you the answer.

Read More
Kubernetes, Service Mesh, Tetrate

Multicluster Management with Kubernetes and Istio

Do you have multiple Kubernetes clusters and a service mesh? Do your virtual machines and services in a Kubernetes cluster need to interact? This article will take you through the process and considerations of building a hybrid cloud using Kubernetes and an Istio Service Mesh. Together, Kubernetes and Istio can be used to bring hybrid workloads into a mesh and achieve interoperability for multicluster. But another layer of infrastructure — a management plane — is helpful for managing multicluster or multimesh deployments.

Read More
Tetrate

Tetrate与ECS Anywhere合作带来跨云的无缝连接

技术进步从未停止,企业架构的目标是为了建立多种技术之间的和谐。将它们融合在一起,取各家之长,并利用这些技术让它们在特定业务领域变得更有效率。另外,企业架构应该简化。让不同的堆栈为你工作,而不是把你所有的时间花在管理不同架构的基础设施上。

Read More
Digital Transformation
Istio, Kubernetes, Open Source, Service Mesh

Why do you need Istio when you already have Kubernetes?

If you’ve heard of service mesh and tried Istio, you may have the following questions:

  1. Why is Istio running on Kubernetes?
  2. What is the role of Kubernetes and a service mesh in the cloud-native application architecture, respectively?
  3. What aspects of Kubernetes does Istio extend? What problems does it solve?
  4. What is the relationship between Kubernetes, Envoy, and Istio?

This article will take you through the inner workings of Kubernetes and Istio. In addition, I will introduce the load balancing approach in Kubernetes, and explain why you need Istio when you have Kubernetes.

Read More
Access
NGAC, Security, Service Mesh, Zero Trust

NGAC vs RBAC vs ABAC

Why You Should Choose NGAC as Your Access Control Model

Different companies or software providers have devised countless ways to control user access to functions or resources, such as Discretionary Access Control (DAC), Mandatory Access Control (MAC), Role-Based Access Control (RBAC), and Attribute-Based Access Control (ABAC). In essence, whatever the type of access control model, three basic elements can be abstracted: user, system/application, and policy.

In this article, we will introduce ABAC, RBAC, and a new access control model — Next Generation Access Control (NGAC) — and compare the similarities and differences between the three, as well as why you should consider NGAC.

Read More