Enterprises are increasing their investments in digital transformation and in hiring the right talent to accelerate the journey. According to the 2020 open source jobs report from Linux Foundation, 52% of hiring managers are more likely to hire someone with a certification, up from 47% two years ago. Not so surprisingly, 93% of hiring managers report difficulty finding sufficient talent. Tetrate today announced the public availability of its exam for Certified Istio Administrator by Tetrate (CIAT) that evaluates skill, knowledge, and ability to perform Istio service mesh installation and configuration as well as configure traffic management, resilience and fault injection, and use security features of the Istio service mesh. This follows the February launch of the free training and certification course on Istio Fundamentals. Over 600 IT professionals have taken the training since then.
We are excited to announce General Availability (GA) of the Tetrate Service Bridge. Tetrate is on a mission to take the complexity of application networking and make it simple for application developers and operators. And today marks an important milestone on our path.
If you’ve heard of service mesh and tried Istio, you may have the following questions:
- Why is Istio running on Kubernetes?
- What is the role of Kubernetes and a service mesh in the cloud-native application architecture, respectively?
- What aspects of Kubernetes does Istio extend? What problems does it solve?
- What is the relationship between Kubernetes, Envoy, and Istio?
This article will take you through the inner workings of Kubernetes and Istio. In addition, I will introduce the load balancing approach in Kubernetes, and explain why you need Istio when you have Kubernetes.
Why You Should Choose NGAC as Your Access Control Model
Different companies or software providers have devised countless ways to control user access to functions or resources, such as Discretionary Access Control (DAC), Mandatory Access Control (MAC), Role-Based Access Control (RBAC), and Attribute-Based Access Control (ABAC). In essence, whatever the type of access control model, three basic elements can be abstracted: user, system/application, and policy.
In this article, we will introduce ABAC, RBAC, and a new access control model — Next Generation Access Control (NGAC) — and compare the similarities and differences between the three, as well as why you should consider NGAC.
Tetrate and NIST co-hosted our second annual conference last week focusing on foundational approaches to security in the era of microservices: DevSecOps and Zero Trust Architecture in Multi-Cloud Environments. The one-day event took place virtually on Jan. 27, 2021. Here are some highlights!
What is a service mesh?
A service mesh is a relatively simple concept, consisting of a bunch of network proxies paired with each service in an application, plus a set of task management processes. The proxies are called the data plane and the management processes are called the control plane in the Service Mesh. The data plane intercepts calls between different services and “processes” them; the control plane is the brain of the mesh that coordinates the behavior of proxies and provides APIs for operations and maintenance personnel to manipulate and observe the entire network.
Service mesh architecture provides a rich set of features for controlling and securing communications among services. Encryption in transit is a feature that will be critical for financial institutions and other industries working within regulatory frameworks, including PCI, HIPAA, and others.
Join us for a day to dive into the foundational security approaches for multi-cloud environments!
With the popularity of service mesh at an all time high, it is important to think about how it might affect your current architecture. You might think you have to completely rework your environment, that it might not be “mesh ready.” But in fact you can integrate a service mesh into your current stack and make it work for your organization.
Istio is a popular service mesh to connect, secure, control, and observe services. When it was first introduced as open source in 2017, Kubernetes was winning the container orchestration battle and Istio answered the needs of organizations moving to microservices. Although Istio claims to support heterogeneous environments such as Nomad, Consul, Eureka, Cloud Foundry, Mesos, etc., in reality, it has always worked best with Kubernetes — on which its service discovery is based.