Posted on

The Art of Deploying a Service Mesh

Service mesh is the next logical step to overcoming security and networking challenges obstructing Kubernetes deployment and container adoption. Check out the benefits of deploying a service mesh here.

With the increased adoption of Microservices, new complexities have emerged for enterprises due to a sheer rise in the number of services. Problems that had to be solved only once for a monolith, such as resiliency, security, compliance, load balancing, monitoring, and observability, now need to be handled for each service in a Microservices architecture.

Posted on

The 2021 DORA Report Gives a Veiled Nod to GitOps

The 2021 DORA report is out, and it continues its focus on the characteristics of top-performing DevOps teams. It's becoming an essential read for anyone interested in how companies are using DevOps. The findings show that GitOps principles are integral to top-performing teams. Here are the highlights from the report.

SRE and DevOps Are Complementary

SRE (site reliability engineering) started to gain traction around the same time as DevOps, and it has its origins in companies like Google and Facebook. 

Posted on

Service Meshes: Why Istio? An Introduction

In our introduction to Istio Service Mesh, we will cover basic points as below:

  • What is a Service Mesh?
  • Why do we need Service Mesh?
  • Types of Service Mesh Available and Why Istio?
  • Istio — Architecture and Implementations.
  • Istio Components.
  • Istio Features.

What Is a Service Mesh?

In any microservice-based architecture, whenever there is a service call from one microservice to another. We are not able to infer or debug what is happening inside the networked service calls. 

Posted on

A Guide to Understanding Sidecar Deployment With Istio Service Mesh

Industry analysts predict that 83% of all enterprise workloads will be in the cloud by the end of 2020. To leverage the scalability and flexibility of the cloud, developers can deploy independent microservices into their cloud environments. Yet, transitioning to a distributed microservice architecture isn't without its challenges. As organizations grow, it becomes increasingly difficult to connect, secure, control, and monitor those services.

That's where Istio service mesh comes in.

Posted on

Origin Authentication and RBAC in Istio with Custom Identity Provider

The concept of access control can be boiled down to two factors: authentication (AuthN) and authorization (AuthZ). While authentication determines the identity of a client based on the data presented to the identity provider (e.g., Google and Microsoft AD), authorization determines whether an authenticated principal may interact with the resource.

Istio supports Token-based end-user authentication with JSON Web Tokens or JWT. In terms of Istio, the process of authentication of the end-user, which might be a person or a device, is known as origin authentication. Istio allows you to validate nearly all the fields of a JWT token presented to it. Since JWT is an industry-standard token format, the origin authentication feature of Istio is compatible with OpenID connect providers such as Auth0, Google Auth, and Key Cloak.

Posted on

Integrating Istio With TIBCO BusinessWorks Container Edition (BWCE) Applications

Introduction

Services Mesh is one of the “greatest new things” in our PaaS environments. No matter if you’re working with K8S, Docker Swarm, pure-cloud with EKS or AWS, you’ve heard and probably tried to know how you can use this new thing that has so many advantages because it provides a lot of options in handling communication between components without impacting the logic of the components. And if you’ve heard of Service Mesh, you’ve heard of Istio as well because it is the “flagship option” at the moment. Even though other options like Linkerd or AWS App Mesh are also great options, Istio is the most-used Service Mesh at the moment.

You've probably seen some examples about how to integrate Istio with your open source-based developments, but what happens if you have a lot of BWCE or BusinessWorks applications…can you use all this power, or are you going to be banned from this new world?

Posted on

Istio Service Mesh Data Plane

As enterprises transition from a monolithic to microservices architecture, they have found it difficult to manage the service to service communication and handle functionalities such as security, traffic control, resiliency, monitoring, metrics, and logging. More requirements like A/B testing, canary releases, rate limiting, policy enforcement, access control, and end-to-end authentication become another burden. Istio solves such complex requirements while not requiring changes to application code.

A service mesh allows applications to offload these capabilities from application-level libraries to a separate infrastructure layer and allow developers to focus on the business logic itself. Istio is one of the best implementations of a service mesh.

Posted on

Hands-on With Istio Service Mesh: Implementing Canary Deployment

In this hands-on exercise, we will build a Kubernetes cluster, install Istio on the cluster, build two simple dockerized microservices using Spring Boot, deploy to the cluster, and configure canary deployment using the Istio Service Mesh Virtual Service and Destination Rules.

The exercise assumes a basic knowledge of Kubernetes, Istio, Spring Boot, and Docker. We will use Google Cloud Engine for building Kubernetes cluster.