Service Mesh


Multi-Cluster & Multi-Cloud Service Meshes With CNCF's Kuma and Envoy

When we first created Kuma – which means “bear” in Japanese – we dreamed of creating a service mesh that could run across every cluster, every cloud and every application. These are all requirements that large organizations must implement to support their application teams across a wide variety of architectures and platforms: VMs, Kubernetes, AWS, GCP and so on.

Kong Demo: Protecting Microservices with Servicemesh

In this interactive demo, we will show how to encrypt and protect all services inside a service mesh using the Kuma Mutual TLS policy. We will then demonstrate how to control traffic permissions among each individual service using the TrafficPermission policy. In addition to security, Kuma provides traffic metrics using Prometheus and Grafana dashboards, as well as traffic tracing (APM) and traffic logging integrated into managed cloud logging and analytics services.

Deploying Citrix ADC with Service Mesh on Rancher

As a network of microservices changes and grows, the interactions between them can be difficult to manage and understand. That’s why it’s handy to have a service mesh as a separate infrastructure layer. A service mesh is an approach to solving microservices at scale. It handles routing and terminating traffic, monitoring and tracing, service delivery and routing, load balancing, circuit breaking and mutual authentication.

Implementing Canary Releases on Kubernetes with Spinnaker, Istio, and Prometheus

In a microservices world, applications consist of dozens, hundreds, or even thousands of components. Manually deploying and verifying deployment quality in production is virtually impossible. Kubernetes, which natively supports rolling updates, enables blue-green application deployments with Spinnaker. However, the gradual rollout is a feature that doesn’t come out-of-the-box but can be achieved by adding Istio and Prometheus to the equation.

Kuma 0.6.0 Released With Hybrid Universal Support for Service Mesh and CNCF Donation

We are happy to announce the much-anticipated Kuma 0.6 release! This new release ships with major improvements, especially when it comes to supporting service meshes that can span across multiple clouds, multiple Kubernetes clusters and hybrid platforms (Kubernetes + VMs) in enterprise environments. Kuma has also been donated to the CNCF as a Sandbox project: the first Envoy-based service mesh to ever be donated to the foundation. Let’s unwrap these announcements.


What is Prometheus - How is it Used When Monitoring Istio?

Kubernetes doesn’t come with built-in monitoring capabilities. Instead, it relies on the open source ecosystem to build tools for vital operational tasks like monitoring. CNCF is the governing body that oversees the development of such projects. Two of the most successful CNCF projects to date are Prometheus and Istio. Prometheus for monitoring, and Istio to manage network communication in the form of a service mesh.


Announcing API management for services that use Envoy

Among forward-looking software developers, Envoy has become ubiquitous as a high-performance pluggable proxy, providing improved networking and observability capability for increased services traffic. Built on the learnings of HAProxy and nginx, Envoy is now an official Cloud Native Computing Foundation project, and has many fans—including among users of our Apigee API management platform.

KMC - Running a Multi-Cluster Service Mesh in Rancher

If you are or your organization is running Kubernetes, then it's likely that you are running more than one cluster. This model works well for most, but starts to break down when microservices and service mesh enter the discussion. However, with some additional configuration and tooling , a multicluster mesh can take advantage of distributed Kubernetes environments and the services therein. In this Master Class, recorded on June 20, 2020, Rancher Field Engineer Jason Skrzypek discusses and demos a multi-cluster service mesh running Istio.

What's New in Istio 1.6? New Features and Capabilities

The Istio service mesh continues its quarterly release cadence with version 1.6. After major changes in release 1.5 to the control plane architecture, notably moving from a set of microservices to a monolithic Istiod service, and the introduction of a new, unified model for extending Istio and its Envoy proxies using WebAssembly, Istio 1.6 may seem tame in comparison, but it still offers a large number of smaller enhancements with a focus on operability. We will look at several of the highlights.