Managing your microservices with Kubernetes and Istio. Craig Box
|
|
- Aileen Foster
- 6 years ago
- Views:
Transcription
1 Managing your microservices with Kubernetes and Istio Craig Box
2 Agenda What is a Service Mesh? How we got here: a story Architecture and details Q&A 2
3 What is a service mesh? A network for services, not bytes Traffic Control Visibility Resiliency & Efficiency Security Policy Enforcement
4 Remember the monolith? Monolithic App Module Module File System main() Module Module Database Module Module
5 Microservices main() Service Service File System Service Service Database Service Service Database File System 5
6 Success! Gained development velocity! Easy testing because of abstractions! Scale services independently! 6
7 At what cost? Replaced a reliable in-process call with an unreliable RPC. Secure in-process communication is replaced by insecure network. Access control within process was a no-op Latency went up Trivial single-stepping replaced by? 7
8 Can we fix it? Add retry logic to the application code Add entry-exit traces Secure inter-service connections with strong authentication 8
9 While we're adding code... Choose the RPC endpoint intelligently Endpoints with low latency Endpoints with warm caches 9
10 Service mesh
11 Istio
12 A complete framework for connecting, securing, managing and monitoring services 12
13 Kubernetes provides service abstraction web web auth payments logging auth payments logging 13
14 Weaving the mesh frontend pictures auth payments Users Cloud SQL External Payment Processor 14
15 Weaving the mesh auth Users Cloud SQL ingress frontend pictures payments External Payment Processor 15
16 The sidecar : Envoy A C++ based L4/L7 Low memory footprint Lyft 100+ services 10,000+ VMs 2M req/s An awesome team willing to work with the community! 16
17 The sidecar : Envoy Goodies: HTTP/2 & grpc Zone-aware load balancing w/ failover Health checks, circuit breakers, timeouts, retry budgets No hot reloads - API driven config updates Istio's contributions Transparent ing w/ SO_ORIGINAL_DST Traffic routing and splitting Request tracing using Zipkin Fault injection 17
18 Injection spec: containers: - image: frontend:latest spec: containers: - image: frontend:latest - image: istio/ frontend frontend Initializer policy initimage: docker.io/istio/_init Image: docker.io/istio/ 18
19 Architecture payments frontend Traffic transparently proxied unaware of Envoy sidecars Policy checks, telemetry Discovery & config data to Envoy sidecars Pilot Mixer TLS certs to Envoy sidecars Istio-Auth Control Plane 19
20 Traffic Control Visibility Resiliency & Efficiency Security Policy Enforcement
21 Application rollout // A simple traffic splitting rule destination: pictures.example.local match: source: frontend.example.local route: - tags: version: v1.5 env: prod weight: 99 - tags: version: v2.0-alpha env: staging weight: 1 frontend 99% 1% pictures pictures pictures version: 1.5 env: prod version: 2.0-alpha env: staging 21
22 Traffic steering // Content-based traffic steering rule destination: pictures.example.local match: httpheaders: user-agent: regex: ^(.*?;)?(iphone)(;.*)?$ precedence: 2 route: - tags: version: 2.0-alpha env: staging frontend pictures pictures pictures version: 1.5 env: prod version: 2.0-alpha env: staging 22
23 Traffic Control Visibility Resiliency & Efficiency Security Policy Enforcement
24 Visibility Monitoring & tracing should not be an afterthought in the infrastructure Goals: Metrics without instrumenting apps Consistent metrics across fleet Trace flow of requests across services Portable across metric backend providers 24
25
26
27 Metrics flow Mixer collects metrics emitted by Envoys frontend pictures API: /pictures Latency: 10ms Status Code: 503 src: dst: Adapters in the Mixer normalize and forward to monitoring backends Custom Metrics backend can be swapped at runtime InfluxDB Prometheus Mixer 27
28 Tracing X-B3-TraceId X-B3-SpanId X-B3-ParentSpanId X-B3-Sampled X-B3-Flags Mixer Custom Stackdriver Applications do not have to deal with generating spans or correlating causality Envoys generate spans Applications need to forward context headers on outbound calls Envoys send traces to Mixer Adapters at Mixer send traces to respective backends pictures Zipkin frontend 28
29 Traffic Control Visibility Resiliency & Efficiency Security Policy Enforcement
30 Resiliency // Circuit breakers destination: auth.cluster.local policy: - tags: version: v1 circuitbreaker: simplecb: httpconsecutiveerrors: 7 sleepwindow: 5m httpdetectioninterval: 1m 30
31 Resiliency features Timeouts Retries with timeout budget Circuit breakers Health checks AZ-aware load balancing w/ automatic failover Control connection pool size and request load Systematic fault injection 31
32 Resiliency testing Systematic fault injection to identify weaknesses in failure recovery policies HTTP/gRPC error codes Delay injection 300ms 400ms frontend movies stars timeout: 100ms retries: 3 timeout: 200ms retries: 2 32
33 Efficiency L7 load balancing Passive/Active health checks, circuit breaks Backend subsets Affinity TLS offload No more JSSE or stale SSL versions HTTP/2 and grpc ing 33
34 Traffic Control Visibility Resiliency & Efficiency Security Policy Enforcement
35 Security Verifiable identity Secure naming / addressing Traffic encryption Revocation 35
36 Security at scale frontend payments Envoy Envoy SAN: "spiffe://example.local/ns/prod/sa/foo" Namespace: prod Service account: foo SAN: "spiffe://example.local/ns/prod/sa/bar" Namespace: prod Service account: bar Istio-Auth 36
37 Traffic Control Visibility Resiliency & Efficiency Security Policy Enforcement
38 What does Mixer do? Check() Precondition checking Quotas & Rate Limiting Report() telemetry reporting Primary point of extensibility Enabler for platform mobility Operator-focused configuration model 38
39 Putting it all together frontend payments Policy checks, telemetry Discovery & config data to Envoy sidecars Pilot Mixer TLS certs to Envoy sidecars Istio-Auth Control Plane 39
40 Ultimately, it's just this frontend pictures auth payments Users Cloud SQL External Payment Processor 40
41 Getting started Install Kubernetes (v1.7+ for Initializers) Google Container Engine Alpha clusters istio.io quickstart Helm chart helm install incubator/istio Bookinfo service example 41
42 Roadmap 0.1: a single Kubernetes namespace 0.2 (just launched): a single Kubernetes cluster and external VMs 0.3 (by end of year): production readiness within a single cluster 1.0: (2018): complete mesh across all environments Release roadmap 42
43 Thank you Craig Box 43
Istio. A modern service mesh. Louis Ryan Principal
Istio A modern service mesh Louis Ryan Principal Engineer @ Google @louiscryan My Google Career HTTP Reverse Proxy HTTP HTTP2 GRPC Reverse Proxy Reverse Proxy HTTP API Proxy HTTP Control Plane HTTP2 GRPC
More informationService Mesh with Istio on Kubernetes. Dmitry Burlea Software FlixCharter
Service Mesh with Istio on Kubernetes Dmitry Burlea Software Developer @ FlixCharter Road to Microservices Monolith (all-in-one) Road to Microservices Images from http://amazon.com/ Road to Microservices
More informationA Comparision of Service Mesh Options
A Comparision of Service Mesh Options Looking at Istio, Linkerd, Consul-connect Syed Ahmed - CloudOps Inc Introduction About Me Cloud Software Architect @ CloudOps PMC for Apache CloudStack Worked on network
More informationMSB to Support for Carrier Grade ONAP Microservice Architecture. Huabing Zhao, PTL of MSB Project, ZTE
MSB to Support for Carrier Grade ONAP Microservice Architecture Huabing Zhao, PTL of MSB Project, ZTE ONAP Architecture Principle: Microservices ONAP Architecture Principle: ONAP modules should be designed
More informationThe Road to Istio: How IBM, Google and Lyft Joined Forces to Simplify Microservices
The Road to Istio: How IBM, Google and Lyft Joined Forces to Simplify Microservices Dr. Tamar Eilam IBM Fellow @ Watson Research Center, NY eilamt@us.ibm.com @tamareilam The Evolution of Principles (2004-2018)
More informationIstio s Mixer: Policy Enforcement with Custom Adapters Limin Wang, Software Engineer, Google Torin Sandall, Software Engineer, Styra
Istio s Mixer: Policy Enforcement with Custom Adapters Limin Wang, Software Engineer, Google Torin Sandall, Software Engineer, Styra Outline Istio and policy (how to enforce your custom policy in Istio)
More informationService Mesh and Related Microservice Technologies in ONAP
Service Mesh and Related Microservice Technologies in ONAP Contributors: Ramki Krishnan (VMware), Srini Addepalli (Intel), Manoj Nair (Net Cracker), Tal Liron (Red Hat), Roger Maitland (Amdocs), Huabing
More informationSQUASH. Debugger for microservices. Idit Levine solo.io
SQUASH Debugger for microservices Idit Levine solo.io About me Idit Levine Founder and CEO of solo.io @Idit_Levine @ilevine The problem: Debugging microservices applications is hard The problem A monolithic
More informationEnabling Multi-Cloud with Istio Stretching an Istio service mesh between Public & Private Clouds. John Joyce Robert Li
Enabling Multi-Cloud with Istio Stretching an Istio service mesh between Public & Private Clouds John Joyce Robert Li Introduction Extending an Application across Multiple Clouds Public Cloud microservice
More informationHandling Microservices with Kubernetes - Basic Info
Handling Microservices with Kubernetes - Basic Info This course is for organizations who: you are considering expanding your DevOps skills with a future-proof platform, you want to understand Kubernetes
More informationISTIO 1.0 INTRODUCTION & OVERVIEW OpenShift Commons Briefing Brian redbeard Harrington Product Manager, Istio
ISTIO 1.0 INTRODUCTION & OVERVIEW OpenShift Commons Briefing Brian redbeard Harrington Product Manager, Istio 2018-08-07 PARTY TIME 2018-07-31 Istio hits 1.0!!! ONE STEP CLOSER TO BORING* * http://mcfunley.com/choose-boring-technology
More informationService Mesh and Microservices Networking
Service Mesh and Microservices Networking WHITEPAPER Service mesh and microservice networking As organizations adopt cloud infrastructure, there is a concurrent change in application architectures towards
More informationNGINX: From North/South to East/West
NGINX: From North/South to East/West Reducing Complexity with API and Microservices Traffic Management and NGINX Plus Speakers: Alan Murphy, Regional Solution Architect, APAC September, 2018 About NGINX,
More informationSERVERLESS APL. For now this is just research in Cloud technologies in SimCorp A/S.
SERVERLESS APL RESEARCH ON USING SERVERLESS APL IN KUBERNETES APL KUBELESS RUNTIME MARKO VRANIĆ SIMCORP A/S BELFAST, NORTHERN IRELAND, UK 31-10-2018 For now this is just research in Cloud technologies
More informationOPENSHIFT 3.7 and beyond
OPENSHIFT 3.7 and beyond Qu est qu un conteneur? APPLICATIONS INFRASTRUCTURE 2 Processus sur un système d exploitation Applications et toutes ses dépendances Plus simple, léger et dense des VMs Portable
More information& the architecture along the way!
QCon London March 2019 & the architecture along the way! mt165.co.uk Objectives Learn how a packet traverses an Istio//Kubernetes system See what control plane calls are made in that process Build a useful
More informationENHANCE APPLICATION SCALABILITY AND AVAILABILITY WITH NGINX PLUS AND THE DIAMANTI BARE-METAL KUBERNETES PLATFORM
JOINT SOLUTION BRIEF ENHANCE APPLICATION SCALABILITY AND AVAILABILITY WITH NGINX PLUS AND THE DIAMANTI BARE-METAL KUBERNETES PLATFORM DIAMANTI PLATFORM AT A GLANCE Modern load balancers which deploy as
More informationMicroservices. GCPUG Tokyo Kubernetes Engine
Microservices On GKE At Mercari GCPUG Tokyo Kubernetes Engine Day @deeeet @deeeet Background Start with Monolith Small Overhead for cross domains Reusable code across domains Effective operation by SRE
More informationHow to Re-Architect without Breaking Stuff (too much) Owen Garrett March 2018
How to Re-Architect without Breaking Stuff (too much) Owen Garrett March 2018 owen@nginx.com All problems in computer science can be solved by another layer of indirection --- David Wheeler, FRS This giant
More informationUsing Custom Resources to Provide Cloud Native API Management Frank B Greco Jr, Cloud Native Engineer, Northwestern Mutual
Using Custom Resources to Provide Cloud Native API Management Frank B Greco Jr, Cloud Native Engineer, Northwestern Mutual APIs Authorization Rate Limiting Transformation Monitoring Analytics Routing
More informationCloud Native Security. OpenShift Commons Briefing
Cloud Native Security OpenShift Commons Briefing Amir Sharif Co-Founder amir@aporeto.com Cloud Native Applications Challenge Security Change Frequency x 10x 100x 1,000x Legacy (Pets) Servers VMs Cloud
More informationCloud I - Introduction
Cloud I - Introduction Chesapeake Node.js User Group (CNUG) https://www.meetup.com/chesapeake-region-nodejs-developers-group START BUILDING: CALLFORCODE.ORG 3 Agenda Cloud Offerings ( Cloud 1.0 ) Infrastructure
More informationTechnical Brief. A Checklist for Every API Call. Managing the Complete API Lifecycle
Technical Brief A Checklist for Table of Contents Introduction: The API Lifecycle 2 3 Security professionals API developers Operations engineers API product or business owners Apigee Edge 7 A Checklist
More informationSingapore. Service Proxy, Container Networking & K8s. Acknowledgement: Pierre Pfister, Jerome John DiGiglio, Ray
Singapore Service Proxy, Container Networking & K8s Hongjun Ni Intel Email: hongjun.ni@intel.com Acknowledgement: Pierre Pfister, Jerome Tollet @Cisco John DiGiglio, Ray Kinsella @Intel Agenda What is
More informationDynamic App Services in Containerized Environments
Dynamic App Services in Containerized Environments F5 Government Technology Symposium Mark Dittmer Sr Product Management Engineer Understanding the Container Market and Customer Challenges 1 Organization
More informationElastic Load Balancing
Elastic Load Balancing Deep Dive & Best Practices Mariano Vecchioli, Sr. Technical Account Manager AWS Michaela Kurkiewicz, Principal Service Manager Co-op Tina Howell, Platform Lead - Co-op June 28 th,
More informationContainer-Native Applications
Container-Native Applications Security, Logging, Tracing Matthias Fuchs, @hias222 DOAG 2018 Exa & Middleware Days, 2018/06/19 Microservice Example Flow Oracle Cloud Details Logging Security, OAuth, TLS
More informationBUILDING MICROSERVICES ON AZURE. ~ Vaibhav
BUILDING MICROSERVICES ON AZURE ~ Vaibhav Gujral @vabgujral About Me Over 11 years of experience Working with Assurant Inc. Microsoft Certified Azure Architect MCSD, MCP, Microsoft Specialist Aspiring
More informationDelivering Microservices Securely and at Scale with NGINX in Red Hat OpenShift. November, 2017
Delivering Microservices Securely and at Scale with NGINX in Red Hat OpenShift November, 2017 Klaus Oxdal Channel Director klaus@nginx.com The Big Shift Architectural Changes: Monolith import myapp.driver
More informationOpen Java EE and Eclipse MicroProfile - A New Java Landscape for Cloud Native Apps
EclipseCon Europe 2017 Open Java EE and Eclipse MicroProfile - A New Java Landscape for Cloud Native Apps Kevin Sutter MicroProfile and Java EE Architect @kwsutter Emily Jiang MicroProfile Development
More informationEclipse MicroProfile: Accelerating the adoption of Java Microservices
Eclipse MicroProfile: Accelerating the adoption of Java Microservices Emily Jiang twitter @emilyfhjiang 10 th October 2017 What is Eclipse MicroProfile? Eclipse MicroProfile is an open-source community
More informationBuilding a Kubernetes on Bare-Metal Cluster to Serve Wikipedia. Alexandros Kosiaris Giuseppe Lavagetto
Building a Kubernetes on Bare-Metal Cluster to Serve Wikipedia Alexandros Kosiaris Giuseppe Lavagetto Introduction The Wikimedia Foundation is the organization running the infrastructure supporting Wikipedia
More informationArchitectural Code Analysis. Using it in building Microservices NYC Cloud Expo 2017 (June 6-8)
Architectural Code Analysis Using it in building Microservices NYC Cloud Expo 2017 (June 6-8) Agenda Intro to Structural Analysis Challenges addressed during traditional software development The new world
More informationOpenShift Container Platform 3.11
OpenShift Container Platform 3.11 Service Mesh Install OpenShift Container Platform 3.11 Service Mesh Installation Guide Last Updated: 2019-01-15 OpenShift Container Platform 3.11 Service Mesh Install
More informationCHALLENGES IN A MICROSERVICES AGE: MONITORING, LOGGING AND TRACING ON OPENSHIFT. Martin Etmajer Technology May 4, 2017
CHALLENGES IN A MICROSERVICES AGE: MONITORING, LOGGING AND TRACING ON OPENSHIFT Martin Etmajer Technology Lead @Dynatrace May 4, 2017 WHY A CHALLENGE? Microservice A Microservice B Microservice C Microservice
More informationComparison of Service Description and Composition for Complex 3-tier Cloud-based Services
Date: 2017. 08. 28 Place: Dalian, China Comparison of Service Description and Composition for Complex 3-tier Cloud-based Services Asia Pacific Advanced Network (APAN) Cloud Working Group Meeting 2017 Moonjoong
More informationFour times Microservices: REST, Kubernetes, UI Integration, Async. Eberhard Fellow
Four times Microservices: REST, Kubernetes, UI Integration, Async Eberhard Wolff @ewolff http://ewolff.com Fellow http://continuous-delivery-buch.de/ http://continuous-delivery-book.com/ http://microservices-buch.de/
More informationKubernetes 1.8 and Beyond
Kubernetes 1.8 and Beyond Aparna Sinha, Group Product Manager, Google OpenShift Commons Gathering - Austin, Texas Why do users choose Kubernetes? Open Source Community Frequent releases Resource efficiency
More informationThe Elements of Kubernetes. Aaron Schlesinger Microsoft Azure Containers Lead, SIG-Service-Catalog
The Elements of Kubernetes Aaron Schlesinger Microsoft Azure Containers Lead, SIG-Service-Catalog Why we re here Kubernetes is growing fast Usage, development, projects We re in the wild west Building
More informationAGENDA Introduction Pivotal Cloud Foundry NSX-V integration with Cloud Foundry New Features in Cloud Foundry Networking NSX-T with Cloud Fou
NET1523BE INTEGRATING NSX AND CLOUD FOUNDRY Usha Ramachandran Staff Product Manager, Pivotal Sai Chaitanya Product Line Manager, VMware VMworld 2017 Content: Not for publication #VMworld AGENDA 1 2 3 4
More informationCONTRAIL SECURITY. Contrail Cloud Networking & Security
CONTRAIL SECURITY Aniket Daptari Sr. Product Manager Contrail Cloud Networking & Security Scott Sneddon Senior Director Cloud and SDN This statement of direction sets forth Juniper Networks current intention
More informationIntroducing Jaeger 1.0
Introducing Jaeger 1.0 Yuri Shkuro (Uber Technologies) CNCF Webinar Series, Jan-16-2018 1 Agenda What is distributed tracing Jaeger in a HotROD Jaeger under the hood Jaeger v1.0 Roadmap Project governance,
More informationWhat s New in K8s 1.3
What s New in K8s 1.3 Carter Morgan Background: 3 Hurdles How do I write scalable apps? The App How do I package and distribute? What runtimes am I locked into? Can I scale? The Infra Is it automatic?
More informationEASILY DEPLOY AND SCALE KUBERNETES WITH RANCHER
EASILY DEPLOY AND SCALE KUBERNETES WITH RANCHER 2 WHY KUBERNETES? Kubernetes is an open-source container orchestrator for deploying and managing containerized applications. Building on 15 years of experience
More informationA Tracing Technique for Understanding the Behavior of Large-Scale Distributed Systems
A Tracing Technique for Understanding the Behavior of Large-Scale Distributed Systems Yuichi Bando NTT Software Innovation Center Who am I? Research engineer at NTT Software Innovation Center (SIC) SIC
More informationKUBERNETES IN A GROWN ENVIRONMENT AND INTEGRATION INTO CONTINUOUS DELIVERY
KUBERNETES IN A GROWN ENVIRONMENT AND INTEGRATION INTO CONTINUOUS DELIVERY Stephan Fudeus, Expert Continuous Delivery Dr. Sascha Mühlbach, Expert Infrastructure Architect United Internet / 1&1 Mail & Media
More informationContinuous delivery while migrating to Kubernetes
Continuous delivery while migrating to Kubernetes Audun Fauchald Strand Øyvind Ingebrigtsen Øvergaard @audunstrand @oyvindio FINN Infrastructure History Kubernetes at FINN Agenda Finn Infrastructure As
More informationOrchestration in Docker
Orchestration in Docker Swarm mode, Docker services and declarative application deployment Mike Goelzer & Victor Vieux Docker Orchestration Overview Mike Goelzer / mgoelzer@docker.com / gh: mgoelzer Orchestration
More informationCloud Native Networking
Webinar Series Cloud Native Networking January 12, 2017 Your Presenters Christopher Liljenstolpe CTO, Tigera / Founder, Project Calico Bryan Boreham Director of Engineering, WeaveWorks 2 Networking in
More informationCloud Service Engine. Product Description. Issue 01 Date
Issue 01 Date 2018-04-09 Contents Contents 1 Overview... 1 2 Functions... 2 3 Advantages...3 4 Application Scenarios...6 5 Terms...7... 12 6.1 LocalServiceCenter... 12 6.2 Java SDK... 13 6.3 Go SDK...
More informationZero to Microservices in 5 minutes using Docker Containers. Mathew Lodge Weaveworks
Zero to Microservices in 5 minutes using Docker Containers Mathew Lodge (@mathewlodge) Weaveworks (@weaveworks) https://www.weave.works/ 2 Going faster with software delivery is now a business issue Software
More informationExam : Implementing Microsoft Azure Infrastructure Solutions
Exam 70-533: Implementing Microsoft Azure Infrastructure Solutions Objective Domain Note: This document shows tracked changes that are effective as of January 18, 2018. Design and Implement Azure App Service
More informationOpenShift 3 Technical Architecture. Clayton Coleman, Dan McPherson Lead Engineers
OpenShift 3 Technical Architecture Clayton Coleman, Dan McPherson Lead Engineers Principles The future of *aas Redefine the Application Networked components wired together Not just a web frontend anymore
More informationCatalyst. Uber s Serverless Platform. Shawn Burke - Staff Engineer Uber Seattle
Catalyst Uber s Serverless Platform Shawn Burke - Staff Engineer Uber Seattle Why Serverless? Complexity! Microservices, Languages, Client Libs, Tools Product teams have basic infrastructure needs Stable,
More informationDisclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme
CNA2080BU Deep Dive: How to Deploy and Operationalize Kubernetes Cornelia Davis, Pivotal Nathan Ness Technical Product Manager, CNABU @nvpnathan #VMworld #CNA2080BU Disclaimer This presentation may contain
More informationMicroservices Implementations not only with Java. Eberhard Wolff Fellow
Microservices Implementations not only with Java Eberhard Wolff http://ewolff.com @ewolff Fellow http://continuous-delivery-buch.de/ http://continuous-delivery-book.com/ http://microservices-buch.de/ http://microservices-book.com/
More informationMicrosoft Architecting Microsoft Azure Solutions.
Microsoft 70-535 Architecting Microsoft Azure Solutions https://killexams.com/pass4sure/exam-detail/70-535 QUESTION: 106 Your organization has developed and deployed several Azure App Service Web and API
More informationKubernetes 1.9 Features and Future
OpenShift Commons Briefing: Kubernetes 1.9 Features and Future Derek Carr - Lead Engineer, Kubernetes What s new this time around? RELEASE STATS Shorter release (end of year) 6000+ pull requests merged
More informationCloud Native Architecture 300. Copyright 2014 Pivotal. All rights reserved.
Cloud Native Architecture 300 Copyright 2014 Pivotal. All rights reserved. Cloud Native Architecture Why What How Cloud Native Architecture Why What How Cloud Computing New Demands Being Reactive Cloud
More informationWhat s New in K8s 1.3
What s New in K8s 1.3 Carter Morgan Background: 3 Hurdles How do I write scalable apps? The App How do I package and distribute? What runtimes am I locked into? Can I scale? The Infra Is it automatic?
More informationEfficiently exposing apps on Kubernetes at scale. Rasheed Amir, Stakater
Efficiently exposing apps on Kubernetes at scale Rasheed Amir, Stakater Problem Kubernetes runs container workloads in Pods... but these are not automatically accessible outside the cluster What options
More informationWHITEPAPER AMAZON ELB: Your Master Key to a Secure, Cost-Efficient and Scalable Cloud.
WHITEPAPER AMAZON ELB: Your Master Key to a Secure, Cost-Efficient and Scalable Cloud www.cloudcheckr.com TABLE OF CONTENTS Overview 3 What Is ELB? 3 How ELB Works 4 Classic Load Balancer 5 Application
More informationKubernetes Integration Guide
Kubernetes Integration Guide Cloud-Native Security www.aporeto.com Aporeto Kubernetes Integration Guide The purpose of this document is to describe the features of Aporeto that secure application services
More informationTable of Contents DevOps Administrators
DevOps Administrators Table of Contents DevOps Administrators Overview for DevOps Admins Managing Images, Projects, Users Configure a Registry Create Users Assign the Administrator Role Create a Project
More informationStarting the Avalanche:
Starting the Avalanche: Application DoS In Microservice Architectures Scott Behrens Jeremy Heffner Introductions Scott Behrens Netflix senior application security engineer Breaking and building for 8+
More informationBuilding an on premise Kubernetes cluster DANNY TURNER
Building an on premise Kubernetes cluster DANNY TURNER Outline What is K8s? Why (not) run k8s? Why run our own cluster? Building what the public cloud provides 2 Kubernetes Open-Source Container Management
More informationClover Overview: Gambia release. April 16, 2018
Clover Overview: Gambia release April 16, 2018 Motivation 1. Future Telecom Services, e.g. 5G s top use cases 50 billion IoT devices by 2020 Exceptional user experience AR/VR Ultra low latency services
More informationLessons Learned: Building Scalable & Elastic Akka Clusters on Google Managed Kubernetes. - Timo Mechler & Charles Adetiloye
Lessons Learned: Building Scalable & Elastic Akka Clusters on Google Managed Kubernetes - Timo Mechler & Charles Adetiloye About MavenCode MavenCode is a Data Analytics software company offering training,
More informationOpenShift Roadmap Enterprise Kubernetes for Developers. Clayton Coleman, Architect, OpenShift
OpenShift Roadmap Enterprise Kubernetes for Developers Clayton Coleman, Architect, OpenShift What Is OpenShift? Application-centric Platform INFRASTRUCTURE APPLICATIONS Use containers for efficiency Hide
More informationKubernetes The Path to Cloud Native
Kubernetes The Path to Cloud Native Eric Brewer VP, Infrastructure @eric_brewer August 28, 2015 ACM SOCC Cloud Na*ve Applica*ons Middle of a great transition unlimited ethereal resources in the Cloud an
More informationFreeing the Whale How to Fail at Scale
from QConSF, November 9, 2016 Freeing the Whale How to Fail at Scale oliver gould cto, buoyant 2010 A FAILWHALE ODYSSEY Twitter, 2010 10 7 users 10 7 tweets/day 10 2 engineers 10 1 ops eng 10 1 services
More informationDocument Sub Title. Yotpo. Technical Overview 07/18/ Yotpo
Document Sub Title Yotpo Technical Overview 07/18/2016 2015 Yotpo Contents Introduction... 3 Yotpo Architecture... 4 Yotpo Back Office (or B2B)... 4 Yotpo On-Site Presence... 4 Technologies... 5 Real-Time
More informationEasily Secure your Microservices with Keycloak. Sébastien Blanc Red
Easily Secure your Microservices with Keycloak Sébastien Blanc Red Hat @sebi2706 Keycloak? Keycloak is an open source Identity and Access Management solution aimed at modern applications and services.
More informationRED HAT QUAY. As part of OCP Architecture Workshop. Technical Deck
RED HAT QUAY As part of OCP Architecture Workshop Technical Deck What Is Quay? Market leading enterprise container registry Available on-premise, on public cloud and as a hosted service (SaaS) RED HAT
More informationServices and Networking
This chapter contains the following topics: Load Balancing Kubernetes Services using NGINX, on page 1 Network Policies, on page 6 Load Balancer Services, on page 7 Load Balancing Kubernetes Services using
More informationTIBCO Cloud Integration Security Overview
TIBCO Cloud Integration Security Overview TIBCO Cloud Integration is secure, best-in-class Integration Platform as a Service (ipaas) software offered in a multi-tenant SaaS environment with centralized
More informationElastic Load Balancing. User Guide. Date
Date 2018-07-20 Contents Contents 1 Product Description... 4 1.1 What Is Elastic Load Balancing (ELB)?... 4 1.2 Load Balancer Type... 4 1.3 Basic Architecture... 5 1.3.1 Classic Load Balancer... 5 1.3.2
More informationWhat Building Multiple Scalable DC/OS Deployments Taught Me about Running Stateful Services on DC/OS
What Building Multiple Scalable DC/OS Deployments Taught Me about Running Stateful Services on DC/OS Nathan Shimek - VP of Client Solutions at New Context Dinesh Israin Senior Software Engineer at Portworx
More informationANIKET DAPTARI & RANJINI RAJENDRAN CONTRAIL TEAM
ROLE OF NETWORK VIRTUALIZATION AND SOFTWARE DEFINED SECURITY IN MULTICLOUD ANIKET DAPTARI & RANJINI RAJENDRAN CONTRAIL TEAM This statement of direction sets forth Juniper Networks current intention and
More informationWindows Azure Services - At Different Levels
Windows Azure Windows Azure Services - At Different Levels SaaS eg : MS Office 365 Paas eg : Azure SQL Database, Azure websites, Azure Content Delivery Network (CDN), Azure BizTalk Services, and Azure
More informationVitess on Kubernetes. followed by a demo of VReplication. Jiten Vaidya
Vitess on Kubernetes followed by a demo of VReplication Jiten Vaidya jiten@planetscale.com A word about me... Jiten Vaidya - Managed teams that operationalized Vitess at Youtube CEO at PlanetScale Founded
More informationIntent Driven Network Operations with AppFormix Advanced Analytics Platform. Joseph Li
Intent Driven Network Operations with AppFormix Advanced Analytics Platform Joseph Li This statement of direction sets forth Juniper Networks current intention and is subject to change at any time without
More information#ebpf You Cannot Stop This
#ebpf You Cannot Stop This David S. Miller, Red Hat Inc. davem_dokebi Van, The Man Ultimately, the true father of container networking and security Invented BPF in 1992 with Steven McCanne at LBL Recognized
More information70-532: Developing Microsoft Azure Solutions
70-532: Developing Microsoft Azure Solutions Exam Design Target Audience Candidates of this exam are experienced in designing, programming, implementing, automating, and monitoring Microsoft Azure solutions.
More informationDisclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme
CNA1142BE Developer-Ready Infrastructure from VMware and Pivotal Merlin Glynn (Vmware) Ramiro Salas (Pivotal) #VMworld #CNA1142BE Disclaimer This presentation may contain product features that are currently
More informationRTO/RPO numbers for different resiliency scenarios
RTO/RPO numbers for different resiliency scenarios Agenda Design changes to support Voice high availability User Services Component (Presence & Conferencing) Registrar Component Registration & Routing
More informationMEAP Edition Manning Early Access Program Istio in Action Version 1
MEAP Edition Manning Early Access Program Istio in Action Version 1 Copyright 2018 Manning Publications For more information on this and other Manning titles go to www.manning.com welcome Thank you for
More informationDisclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme
CNA1509BU Developer-Ready Infrastructure from VMware and Pivotal Merlin Glynn, VMware Ramiro Salas, Pivotal #VMworld #CNA1509BU Disclaimer This presentation may contain product features that are currently
More informationDeployment Strategies on Kubernetes. By Etienne Tremel Software engineer at Container February 13th, 2017
Deployment Strategies on Kubernetes By Etienne Tremel Software engineer at Container Solutions @etiennetremel February 13th, 2017 Agenda Kubernetes in brief Look at 6 different strategies Recreate Ramped
More informationThe Long Road from Capistrano to Kubernetes
The Long Road from Capistrano to Kubernetes Tobias Schwab, Co-Founder of PhraseApp Slides: http://bit.ly/cap-to-kube How to deploy Ruby on Rails? Deploying Ruby on Rails required on all servers: OS + system
More informationBrocade Virtual Traffic Manager and Parallels Remote Application Server
White Paper Parallels Brocade Virtual Traffic Manager and Parallels Deployment Guide 01 Contents Preface...4 About This Guide...4 Audience...4 Contacting Brocade...4 Internet...4 Technical Support...4
More informationLink Security Considerations in the. Enterprise
Link Security Considerations in the Mahalingam Mani 1 Security in Brief Point Security System Protection: beyond standards Servers upto application level Layer 2 & 3 Network Devices Perimeter Protection
More informationTechnology Overview ScaleArc. All Rights Reserved.
2014 ScaleArc. All Rights Reserved. Contents Contents...1 ScaleArc Overview...1 Who ScaleArc Helps...2 Historical Database Challenges...3 Use Cases and Projects...5 Sample ScaleArc Customers...5 Summary
More informationSetting up Microsoft Exchange Server 2016 with Avi
Page 1 of 14 Setting up Microsoft Exchange Server 2016 with Avi Networks view online What is Exchange Server 2016 Microsoft Exchange Server 2016 is an e-mail server solution, with calendar and contact
More informationThe Art of Container Monitoring. Derek Chen
The Art of Container Monitoring Derek Chen 2016.9.22 About me DevOps Engineer at Trend Micro Agile transformation Micro service and cloud service Docker integration Monitoring system development Automate
More informationOh.. You got this? Attack the modern web
Oh.. You got this? Attack the modern web HELLO DENVER!...Known for more than recreational stuff 2 WARNING IDK 2018 Moses Frost. @mosesrenegade This talk may contain comments or opinions that at times may
More informationDisclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme
CNA1612BU Deploying real-world workloads on Kubernetes and Pivotal Cloud Foundry VMworld 2017 Fred Melo, Director of Technology, Pivotal Merlin Glynn, Sr. Technical Product Manager, VMware Content: Not
More informationSecuring Containers on the High Seas. Jack OWASP Belgium September 2018
Securing Containers on the High Seas Jack Mannino @ OWASP Belgium September 2018 Who Am I? Jack Mannino CEO at nvisium, since 2009 Former OWASP Northern Virginia chapter leader Hobbies: Scala, Go and Kubernetes
More informationInside Broker How Broker Leverages the C++ Actor Framework (CAF)
Inside Broker How Broker Leverages the C++ Actor Framework (CAF) Dominik Charousset inet RG, Department of Computer Science Hamburg University of Applied Sciences Bro4Pros, February 2017 1 What was Broker
More informationCloud-Native Network Functions (CNFs)
White Paper Cloud-Native Network Functions (CNFs) 2018 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 1 of 15 Contents Introduction... 3 Primary cloud-native
More information