SlideShare une entreprise Scribd logo

Your Application Deserves Better than Kubernetes Ingress: Istio vs. Kubernetes

Mirantis
Mirantis

Learn the difference between Kubernetes Ingress and Istio Ingress Gateway. Watch demos of both at: https://info.mirantis.com/istio-ingress

Technologie
1  sur  23
Télécharger pour lire hors ligne
Copyright © 2019 Mirantis, Inc. All rights reserved Your App Deserves More than Kubernetes Ingress Kubernetes Ingress vs. Istio Gateway Webinar | October 15, 2019
2 A few introductions (OK, just one) Andrew Lee Technical Instructor at Mirantis Andrew started his early career in a QA position for Open Networking Lab, where he gained hands-on experience in cloud technologies and SDN solutions. He joined the training team at Mirantis in October of 2015 and currently manages content development and delivery of Kubernetes and Istio courses. He is an avid believer in open source technologies and enjoys teaching engineers how to effectively utilize them.
3 A little housekeeping ● Please submit questions in the Questions panel. ● We’ll provide a link where you can download the slides at the end of the webinar.
4 ● What is Ingress? ● Kubernetes Ingress & Ingress Controller ● Istio Ingress Gateway ● [Demo] Overview
5 What is Kubernetes Ingress?
6 ● Kubernetes way to expose your app ○ NodePort type Service ○ LoadBalancer type Service ○ Ingress / Ingress Controller Entrypoint for your Application 6
7 Entrypoint for your Application: NodePort 7
8 ● 1 NodePort per service ● Pain for end users ○ Not a standard port range ○ Different ports for different applications NodePort Limitations 8 http://52.14.21.152:30126
9 Entrypoint for your Application: Ingress 9
10 Entrypoint for your Application: Ingress (with LB) 10
11 ● Path / host based routing ○ mysite.com/blog -> svc A ○ mysite.com/shop -> svc B ● Multiple services behind single cloud Load Balancer Kubernetes Ingress Advantages 11
12 ● Requires three components ○ Ingress ■ Kubernetes Resource ■ Define rules here ○ Ingress Controller ■ Kubernetes Pod ■ Acts as reverse proxy ■ Nginx is recommended ■ Cloud providers have their own implementations with LB ■ “Acts” on the ingress definitions provided ○ Default Backend ■ Kubernetes Pod ■ All traffic that doesn’t match any ingress rules go here (HTTP 404) Kubernetes Ingress 12
13 ● Limited observability toolsets available ● No advanced traffic control / release strategies ○ % based Canary releases ○ Dark launching ● No service resiliency features ○ Retry, circuit breaking, timeouts Kubernetes Ingress Limitations
14 Istio Ingress Gateway
15 Istio Ingress Gateway 15
16 ● Requires three resources ● Gateway ○ Configure ports, protocol, certificates ● Virtual Service ○ Configure routing information to k8s service ○ Enables “intelligent” routing ○ Similar to “Ingress” Kubernetes resource ● Ingress Gateway ○ Pod with Envoy that does the routing ○ Configured by Gateway & Virtual Service Istio Ingress Gateway
17 ● Envoy proxy handles L7 traffic ○ More featureful than Kubernetes Ingress Controller ○ Advanced routing rules, distributed tracing, rate limiting, policy checking, metrics collection, etc. ○ Natively supports gRPC ● Dynamic configuration ○ Maintain connections but able to reload new config ● Egress gateway is also supported :) Istio Gateway Advantages
18 ● Disadvantages: ○ Requires installation of another control plane component (Istio Pilot) ○ Internal traffic management features are shared with Edge ● Alternatives: ○ API Gateways ■ Ambassador, Traefik, Kong, … (Mainly commercial products) Istio Gateway Disadvantages and Alternatives
19 Demo Overview Istio is easy!
20 ● Expose via Kubernetes NodePort ● Expose via Kubernetes Ingress ● Configure DNS ● Install and configure Istio ● Expose via Istio Ingress Gateway & Domain Name! ● Bonus: Observability Demo Cat Gif: Progressive App Exposure 20
Copyright © 2019 Mirantis, Inc. All rights reserved Mirantis Training training.mirantis.com
22 Mirantis Training: Kubernetes & Istio training.mirantis.com Kubernetes & Docker Bootcamp I (KD100) Learn Docker and Kubernetes to deploy, run, and manage containerized applications 2 days Kubernetes & Docker Bootcamp II (KD200) Advanced training for Kubernetes professionals, preparation for CKA exam 3 days Accelerated Kubernetes & Docker Bootcamp (KD250) Most popular course! A combination of KD100 & KD200 at an accelerated pace, preps for the CKA exam 4 days Service Mesh and Istio Fundamentals (IST50) New! Introduction to Istio & Service Mesh 1 day Microservices and Istio Bootcamp (IST100) New! Microservices security, resiliency and monitoring using Istio 2 days
Copyright © 2019 Mirantis, Inc. All rights reserved Questions? Thank you! Download the slides and view the recording at: https://info.mirantis.com/istio-ingress

Recommandé

How to Build a Basic Edge Cloud
How to Build a Basic Edge CloudHow to Build a Basic Edge Cloud
How to Build a Basic Edge CloudMirantis
 
Securing Your Containers is Not Enough: How to Encrypt Container Data
Securing Your Containers is Not Enough: How to Encrypt Container DataSecuring Your Containers is Not Enough: How to Encrypt Container Data
Securing Your Containers is Not Enough: How to Encrypt Container DataMirantis
 
What's New in Kubernetes 1.18 Webinar Slides
What's New in Kubernetes 1.18 Webinar SlidesWhat's New in Kubernetes 1.18 Webinar Slides
What's New in Kubernetes 1.18 Webinar SlidesMirantis
 
Using Kubernetes to make cellular data plans cheaper for 50M users
Using Kubernetes to make cellular data plans cheaper for 50M usersUsing Kubernetes to make cellular data plans cheaper for 50M users
Using Kubernetes to make cellular data plans cheaper for 50M usersMirantis
 
Comparison of Current Service Mesh Architectures
Comparison of Current Service Mesh ArchitecturesComparison of Current Service Mesh Architectures
Comparison of Current Service Mesh ArchitecturesMirantis
 
Demystifying Cloud Security Compliance
Demystifying Cloud Security ComplianceDemystifying Cloud Security Compliance
Demystifying Cloud Security ComplianceMirantis
 
Shifting security left simplifying security for k8s open shift environments
Shifting security left simplifying security for k8s open shift environmentsShifting security left simplifying security for k8s open shift environments
Shifting security left simplifying security for k8s open shift environmentsLibbySchulze
 
Istio : Service Mesh
Istio : Service MeshIstio : Service Mesh
Istio : Service MeshKnoldus Inc.
 

Recommandé

How to Build a Basic Edge Cloud
How to Build a Basic Edge CloudHow to Build a Basic Edge Cloud
How to Build a Basic Edge CloudMirantis
 
Securing Your Containers is Not Enough: How to Encrypt Container Data
Securing Your Containers is Not Enough: How to Encrypt Container DataSecuring Your Containers is Not Enough: How to Encrypt Container Data
Securing Your Containers is Not Enough: How to Encrypt Container DataMirantis
 
What's New in Kubernetes 1.18 Webinar Slides
What's New in Kubernetes 1.18 Webinar SlidesWhat's New in Kubernetes 1.18 Webinar Slides
What's New in Kubernetes 1.18 Webinar SlidesMirantis
 
Using Kubernetes to make cellular data plans cheaper for 50M users
Using Kubernetes to make cellular data plans cheaper for 50M usersUsing Kubernetes to make cellular data plans cheaper for 50M users
Using Kubernetes to make cellular data plans cheaper for 50M usersMirantis
 
Comparison of Current Service Mesh Architectures
Comparison of Current Service Mesh ArchitecturesComparison of Current Service Mesh Architectures
Comparison of Current Service Mesh ArchitecturesMirantis
 
Demystifying Cloud Security Compliance
Demystifying Cloud Security ComplianceDemystifying Cloud Security Compliance
Demystifying Cloud Security ComplianceMirantis
 
Shifting security left simplifying security for k8s open shift environments
Shifting security left simplifying security for k8s open shift environmentsShifting security left simplifying security for k8s open shift environments
Shifting security left simplifying security for k8s open shift environmentsLibbySchulze
 
Istio : Service Mesh
Istio : Service MeshIstio : Service Mesh
Istio : Service MeshKnoldus Inc.
 
Securing danish healthcare using cloudnative
Securing danish healthcare using cloudnativeSecuring danish healthcare using cloudnative
Securing danish healthcare using cloudnativeFrederik Mogensen
 
Patterns of evolution from monolith to microservices
Patterns of evolution from monolith to microservicesPatterns of evolution from monolith to microservices
Patterns of evolution from monolith to microservicesKarina Mora
 
DCSF 19 Zero Trust Networks Come to Enterprise Kubernetes
DCSF 19 Zero Trust Networks Come to Enterprise KubernetesDCSF 19 Zero Trust Networks Come to Enterprise Kubernetes
DCSF 19 Zero Trust Networks Come to Enterprise KubernetesDocker, Inc.
 
NGINX DevSecOps Workshop
NGINX DevSecOps WorkshopNGINX DevSecOps Workshop
NGINX DevSecOps WorkshopNGINX, Inc.
 
Operations Experience
Operations ExperienceOperations Experience
Operations ExperienceMidoNet
 
MidoNet roadmap
MidoNet roadmapMidoNet roadmap
MidoNet roadmapJean-Francois Joly
 
Service mesh with istio
Service mesh with istioService mesh with istio
Service mesh with istioWisnuPrabowo20
 
Microservices and containers networking: Contiv, an industry leading open sou...
Microservices and containers networking: Contiv, an industry leading open sou...Microservices and containers networking: Contiv, an industry leading open sou...
Microservices and containers networking: Contiv, an industry leading open sou...Codemotion
 
Safe and Secure Applications: Deploying in a Cloud or Multi-Cloud Environment
Safe and Secure Applications: Deploying in a Cloud or Multi-Cloud EnvironmentSafe and Secure Applications: Deploying in a Cloud or Multi-Cloud Environment
Safe and Secure Applications: Deploying in a Cloud or Multi-Cloud EnvironmentDevOps.com
 
Evaluating container security with ATT&CK Framework
Evaluating container security with ATT&CK FrameworkEvaluating container security with ATT&CK Framework
Evaluating container security with ATT&CK FrameworkSandeep Jayashankar
 
apidays LIVE Paris - Multicluster Service Mesh in Action by Denis Jannot
apidays LIVE Paris - Multicluster Service Mesh in Action by Denis Jannotapidays LIVE Paris - Multicluster Service Mesh in Action by Denis Jannot
apidays LIVE Paris - Multicluster Service Mesh in Action by Denis Jannotapidays
 
Securing k8s With Kubernetes Goat
Securing k8s With Kubernetes GoatSecuring k8s With Kubernetes Goat
Securing k8s With Kubernetes GoatMuhammad Yuga Nugraha
 
The How and Why of Container Vulnerability Management
The How and Why of Container Vulnerability ManagementThe How and Why of Container Vulnerability Management
The How and Why of Container Vulnerability ManagementTim Mackey
 
Redefining cloud native debugging
Redefining cloud native debugging Redefining cloud native debugging
Redefining cloud native debugging LibbySchulze
 
Control Kubernetes Ingress and Egress Together with NGINX
Control Kubernetes Ingress and Egress Together with NGINXControl Kubernetes Ingress and Egress Together with NGINX
Control Kubernetes Ingress and Egress Together with NGINXNGINX, Inc.
 
Secure Application Development in the Age of Continuous Delivery
Secure Application Development in the Age of Continuous DeliverySecure Application Development in the Age of Continuous Delivery
Secure Application Development in the Age of Continuous DeliveryTim Mackey
 
Getting Started with Runtime Security on Azure Kubernetes Service (AKS)
Getting Started with Runtime Security on Azure Kubernetes Service (AKS)Getting Started with Runtime Security on Azure Kubernetes Service (AKS)
Getting Started with Runtime Security on Azure Kubernetes Service (AKS)DevOps.com
 
Microservice API Gateways with NGINX
Microservice API Gateways with NGINXMicroservice API Gateways with NGINX
Microservice API Gateways with NGINXGeoffrey Filippi
 
The user s identities
The user s identitiesThe user s identities
The user s identitiesGiuliano Latini
 
Secured APIM-as-a-Service
Secured APIM-as-a-ServiceSecured APIM-as-a-Service
Secured APIM-as-a-ServiceNGINX, Inc.
 
Control Plane: Security Rationale for Istio (DevSecOps - London Gathering, Ja...
Control Plane: Security Rationale for Istio (DevSecOps - London Gathering, Ja...Control Plane: Security Rationale for Istio (DevSecOps - London Gathering, Ja...
Control Plane: Security Rationale for Istio (DevSecOps - London Gathering, Ja...Michael Man
 
Cloud Native API Management : Microservices to APIs in Kubernetes
Cloud Native API Management : Microservices to APIs in KubernetesCloud Native API Management : Microservices to APIs in Kubernetes
Cloud Native API Management : Microservices to APIs in KubernetesWSO2
 

Contenu connexe

Tendances

Securing danish healthcare using cloudnative
Securing danish healthcare using cloudnativeSecuring danish healthcare using cloudnative
Securing danish healthcare using cloudnativeFrederik Mogensen
 
Patterns of evolution from monolith to microservices
Patterns of evolution from monolith to microservicesPatterns of evolution from monolith to microservices
Patterns of evolution from monolith to microservicesKarina Mora
 
DCSF 19 Zero Trust Networks Come to Enterprise Kubernetes
DCSF 19 Zero Trust Networks Come to Enterprise KubernetesDCSF 19 Zero Trust Networks Come to Enterprise Kubernetes
DCSF 19 Zero Trust Networks Come to Enterprise KubernetesDocker, Inc.
 
NGINX DevSecOps Workshop
NGINX DevSecOps WorkshopNGINX DevSecOps Workshop
NGINX DevSecOps WorkshopNGINX, Inc.
 
Operations Experience
Operations ExperienceOperations Experience
Operations ExperienceMidoNet
 
Service mesh with istio
Service mesh with istioService mesh with istio
Service mesh with istioWisnuPrabowo20
 
Microservices and containers networking: Contiv, an industry leading open sou...
Microservices and containers networking: Contiv, an industry leading open sou...Microservices and containers networking: Contiv, an industry leading open sou...
Microservices and containers networking: Contiv, an industry leading open sou...Codemotion
 
Safe and Secure Applications: Deploying in a Cloud or Multi-Cloud Environment
Safe and Secure Applications: Deploying in a Cloud or Multi-Cloud EnvironmentSafe and Secure Applications: Deploying in a Cloud or Multi-Cloud Environment
Safe and Secure Applications: Deploying in a Cloud or Multi-Cloud EnvironmentDevOps.com
 
Evaluating container security with ATT&CK Framework
Evaluating container security with ATT&CK FrameworkEvaluating container security with ATT&CK Framework
Evaluating container security with ATT&CK FrameworkSandeep Jayashankar
 
apidays LIVE Paris - Multicluster Service Mesh in Action by Denis Jannot
apidays LIVE Paris - Multicluster Service Mesh in Action by Denis Jannotapidays LIVE Paris - Multicluster Service Mesh in Action by Denis Jannot
apidays LIVE Paris - Multicluster Service Mesh in Action by Denis Jannotapidays
 
The How and Why of Container Vulnerability Management
The How and Why of Container Vulnerability ManagementThe How and Why of Container Vulnerability Management
The How and Why of Container Vulnerability ManagementTim Mackey
 
Redefining cloud native debugging
Redefining cloud native debugging Redefining cloud native debugging
Redefining cloud native debugging LibbySchulze
 
Control Kubernetes Ingress and Egress Together with NGINX
Control Kubernetes Ingress and Egress Together with NGINXControl Kubernetes Ingress and Egress Together with NGINX
Control Kubernetes Ingress and Egress Together with NGINXNGINX, Inc.
 
Secure Application Development in the Age of Continuous Delivery
Secure Application Development in the Age of Continuous DeliverySecure Application Development in the Age of Continuous Delivery
Secure Application Development in the Age of Continuous DeliveryTim Mackey
 
Getting Started with Runtime Security on Azure Kubernetes Service (AKS)
Getting Started with Runtime Security on Azure Kubernetes Service (AKS)Getting Started with Runtime Security on Azure Kubernetes Service (AKS)
Getting Started with Runtime Security on Azure Kubernetes Service (AKS)DevOps.com
 
Microservice API Gateways with NGINX
Microservice API Gateways with NGINXMicroservice API Gateways with NGINX
Microservice API Gateways with NGINXGeoffrey Filippi
 
Secured APIM-as-a-Service
Secured APIM-as-a-ServiceSecured APIM-as-a-Service
Secured APIM-as-a-ServiceNGINX, Inc.
 

Tendances (20)

Securing danish healthcare using cloudnative
Securing danish healthcare using cloudnativeSecuring danish healthcare using cloudnative
Securing danish healthcare using cloudnative
 
Patterns of evolution from monolith to microservices
Patterns of evolution from monolith to microservicesPatterns of evolution from monolith to microservices
Patterns of evolution from monolith to microservices
 
DCSF 19 Zero Trust Networks Come to Enterprise Kubernetes
DCSF 19 Zero Trust Networks Come to Enterprise KubernetesDCSF 19 Zero Trust Networks Come to Enterprise Kubernetes
DCSF 19 Zero Trust Networks Come to Enterprise Kubernetes
 
NGINX DevSecOps Workshop
NGINX DevSecOps WorkshopNGINX DevSecOps Workshop
NGINX DevSecOps Workshop
 
Operations Experience
Operations ExperienceOperations Experience
Operations Experience
 
MidoNet roadmap
MidoNet roadmapMidoNet roadmap
MidoNet roadmap
 
Service mesh with istio
Service mesh with istioService mesh with istio
Service mesh with istio
 
Microservices and containers networking: Contiv, an industry leading open sou...
Microservices and containers networking: Contiv, an industry leading open sou...Microservices and containers networking: Contiv, an industry leading open sou...
Microservices and containers networking: Contiv, an industry leading open sou...
 
Safe and Secure Applications: Deploying in a Cloud or Multi-Cloud Environment
Safe and Secure Applications: Deploying in a Cloud or Multi-Cloud EnvironmentSafe and Secure Applications: Deploying in a Cloud or Multi-Cloud Environment
Safe and Secure Applications: Deploying in a Cloud or Multi-Cloud Environment
 
Evaluating container security with ATT&CK Framework
Evaluating container security with ATT&CK FrameworkEvaluating container security with ATT&CK Framework
Evaluating container security with ATT&CK Framework
 
apidays LIVE Paris - Multicluster Service Mesh in Action by Denis Jannot
apidays LIVE Paris - Multicluster Service Mesh in Action by Denis Jannotapidays LIVE Paris - Multicluster Service Mesh in Action by Denis Jannot
apidays LIVE Paris - Multicluster Service Mesh in Action by Denis Jannot
 
Securing k8s With Kubernetes Goat
Securing k8s With Kubernetes GoatSecuring k8s With Kubernetes Goat
Securing k8s With Kubernetes Goat
 
The How and Why of Container Vulnerability Management
The How and Why of Container Vulnerability ManagementThe How and Why of Container Vulnerability Management
The How and Why of Container Vulnerability Management
 
Redefining cloud native debugging
Redefining cloud native debugging Redefining cloud native debugging
Redefining cloud native debugging
 
Control Kubernetes Ingress and Egress Together with NGINX
Control Kubernetes Ingress and Egress Together with NGINXControl Kubernetes Ingress and Egress Together with NGINX
Control Kubernetes Ingress and Egress Together with NGINX
 
Secure Application Development in the Age of Continuous Delivery
Secure Application Development in the Age of Continuous DeliverySecure Application Development in the Age of Continuous Delivery
Secure Application Development in the Age of Continuous Delivery
 
Getting Started with Runtime Security on Azure Kubernetes Service (AKS)
Getting Started with Runtime Security on Azure Kubernetes Service (AKS)Getting Started with Runtime Security on Azure Kubernetes Service (AKS)
Getting Started with Runtime Security on Azure Kubernetes Service (AKS)
 
Microservice API Gateways with NGINX
Microservice API Gateways with NGINXMicroservice API Gateways with NGINX
Microservice API Gateways with NGINX
 
The user s identities
The user s identitiesThe user s identities
The user s identities
 
Secured APIM-as-a-Service
Secured APIM-as-a-ServiceSecured APIM-as-a-Service
Secured APIM-as-a-Service
 

Similaire à Your Application Deserves Better than Kubernetes Ingress: Istio vs. Kubernetes

Control Plane: Security Rationale for Istio (DevSecOps - London Gathering, Ja...
Control Plane: Security Rationale for Istio (DevSecOps - London Gathering, Ja...Control Plane: Security Rationale for Istio (DevSecOps - London Gathering, Ja...
Control Plane: Security Rationale for Istio (DevSecOps - London Gathering, Ja...Michael Man
 
Cloud Native API Management : Microservices to APIs in Kubernetes
Cloud Native API Management : Microservices to APIs in KubernetesCloud Native API Management : Microservices to APIs in Kubernetes
Cloud Native API Management : Microservices to APIs in KubernetesWSO2
 
Self service cloud resources
Self service cloud resourcesSelf service cloud resources
Self service cloud resourcesAppvia
 
2017 Microservices Practitioner Virtual Summit: Microservices at Squarespace ...
2017 Microservices Practitioner Virtual Summit: Microservices at Squarespace ...2017 Microservices Practitioner Virtual Summit: Microservices at Squarespace ...
2017 Microservices Practitioner Virtual Summit: Microservices at Squarespace ...Ambassador Labs
 
Xpdays: Kubernetes CI-CD Frameworks Case Study
Xpdays: Kubernetes CI-CD Frameworks Case StudyXpdays: Kubernetes CI-CD Frameworks Case Study
Xpdays: Kubernetes CI-CD Frameworks Case StudyDenys Vasyliev
 
The Kubernetes Gateway API and its role in Cloud Native API Management
The Kubernetes Gateway API and its role in Cloud Native API ManagementThe Kubernetes Gateway API and its role in Cloud Native API Management
The Kubernetes Gateway API and its role in Cloud Native API ManagementNuwan Dias
 
Montreal Kubernetes Meetup: Developer-first workflows (for microservices) on ...
Montreal Kubernetes Meetup: Developer-first workflows (for microservices) on ...Montreal Kubernetes Meetup: Developer-first workflows (for microservices) on ...
Montreal Kubernetes Meetup: Developer-first workflows (for microservices) on ...Ambassador Labs
 
DevOps Days Boston 2017: Real-world Kubernetes for DevOps
DevOps Days Boston 2017: Real-world Kubernetes for DevOpsDevOps Days Boston 2017: Real-world Kubernetes for DevOps
DevOps Days Boston 2017: Real-world Kubernetes for DevOpsAmbassador Labs
 
Spring Boot & Spring Cloud on k8s and PCF
Spring Boot & Spring Cloud on k8s and PCFSpring Boot & Spring Cloud on k8s and PCF
Spring Boot & Spring Cloud on k8s and PCFLars Rosenquist
 
Moving from Monolith to Microservices
Moving from Monolith to MicroservicesMoving from Monolith to Microservices
Moving from Monolith to MicroservicesMist.io
 
MicroServices with Containers, Kubernetes & ServiceMesh
MicroServices with Containers, Kubernetes & ServiceMeshMicroServices with Containers, Kubernetes & ServiceMesh
MicroServices with Containers, Kubernetes & ServiceMeshAkash Agrawal
 
Container world 2019 Canary Release
Container world 2019 Canary ReleaseContainer world 2019 Canary Release
Container world 2019 Canary ReleaseBilly Yuen
 
Monitoring Your AWS EKS Environment with Datadog
Monitoring Your AWS EKS Environment with DatadogMonitoring Your AWS EKS Environment with Datadog
Monitoring Your AWS EKS Environment with DatadogDevOps.com
 
London-MuleSoft-Meetup-April-19-2023
London-MuleSoft-Meetup-April-19-2023London-MuleSoft-Meetup-April-19-2023
London-MuleSoft-Meetup-April-19-2023AnuragSharma900
 
Deploy Application on Kubernetes
Deploy Application on KubernetesDeploy Application on Kubernetes
Deploy Application on KubernetesOpsta
 

Similaire à Your Application Deserves Better than Kubernetes Ingress: Istio vs. Kubernetes (20)

Control Plane: Security Rationale for Istio (DevSecOps - London Gathering, Ja...
Control Plane: Security Rationale for Istio (DevSecOps - London Gathering, Ja...Control Plane: Security Rationale for Istio (DevSecOps - London Gathering, Ja...
Control Plane: Security Rationale for Istio (DevSecOps - London Gathering, Ja...
 
Cloud Native API Management : Microservices to APIs in Kubernetes
Cloud Native API Management : Microservices to APIs in KubernetesCloud Native API Management : Microservices to APIs in Kubernetes
Cloud Native API Management : Microservices to APIs in Kubernetes
 
Mikrotik API
Mikrotik APIMikrotik API
Mikrotik API
 
Self service cloud resources
Self service cloud resourcesSelf service cloud resources
Self service cloud resources
 
2017 Microservices Practitioner Virtual Summit: Microservices at Squarespace ...
2017 Microservices Practitioner Virtual Summit: Microservices at Squarespace ...2017 Microservices Practitioner Virtual Summit: Microservices at Squarespace ...
2017 Microservices Practitioner Virtual Summit: Microservices at Squarespace ...
 
Xpdays: Kubernetes CI-CD Frameworks Case Study
Xpdays: Kubernetes CI-CD Frameworks Case StudyXpdays: Kubernetes CI-CD Frameworks Case Study
Xpdays: Kubernetes CI-CD Frameworks Case Study
 
The Kubernetes Gateway API and its role in Cloud Native API Management
The Kubernetes Gateway API and its role in Cloud Native API ManagementThe Kubernetes Gateway API and its role in Cloud Native API Management
The Kubernetes Gateway API and its role in Cloud Native API Management
 
Microservices at Mercari
Microservices at MercariMicroservices at Mercari
Microservices at Mercari
 
Montreal Kubernetes Meetup: Developer-first workflows (for microservices) on ...
Montreal Kubernetes Meetup: Developer-first workflows (for microservices) on ...Montreal Kubernetes Meetup: Developer-first workflows (for microservices) on ...
Montreal Kubernetes Meetup: Developer-first workflows (for microservices) on ...
 
DevOps Days Boston 2017: Real-world Kubernetes for DevOps
DevOps Days Boston 2017: Real-world Kubernetes for DevOpsDevOps Days Boston 2017: Real-world Kubernetes for DevOps
DevOps Days Boston 2017: Real-world Kubernetes for DevOps
 
The rise of microservices
The rise of microservicesThe rise of microservices
The rise of microservices
 
Spring Boot & Spring Cloud on k8s and PCF
Spring Boot & Spring Cloud on k8s and PCFSpring Boot & Spring Cloud on k8s and PCF
Spring Boot & Spring Cloud on k8s and PCF
 
Publishing Microservices Applications
Publishing Microservices ApplicationsPublishing Microservices Applications
Publishing Microservices Applications
 
Moving from Monolith to Microservices
Moving from Monolith to MicroservicesMoving from Monolith to Microservices
Moving from Monolith to Microservices
 
MicroServices with Containers, Kubernetes & ServiceMesh
MicroServices with Containers, Kubernetes & ServiceMeshMicroServices with Containers, Kubernetes & ServiceMesh
MicroServices with Containers, Kubernetes & ServiceMesh
 
Container world 2019 Canary Release
Container world 2019 Canary ReleaseContainer world 2019 Canary Release
Container world 2019 Canary Release
 
Monitoring Your AWS EKS Environment with Datadog
Monitoring Your AWS EKS Environment with DatadogMonitoring Your AWS EKS Environment with Datadog
Monitoring Your AWS EKS Environment with Datadog
 
Kubernetes + netflix oss
Kubernetes + netflix ossKubernetes + netflix oss
Kubernetes + netflix oss
 
London-MuleSoft-Meetup-April-19-2023
London-MuleSoft-Meetup-April-19-2023London-MuleSoft-Meetup-April-19-2023
London-MuleSoft-Meetup-April-19-2023
 
Deploy Application on Kubernetes
Deploy Application on KubernetesDeploy Application on Kubernetes
Deploy Application on Kubernetes
 

Plus de Mirantis

How to Accelerate Your Application Delivery Process on Top of Kubernetes Usin...
How to Accelerate Your Application Delivery Process on Top of Kubernetes Usin...How to Accelerate Your Application Delivery Process on Top of Kubernetes Usin...
How to Accelerate Your Application Delivery Process on Top of Kubernetes Usin...Mirantis
 
Kubernetes Security Workshop
Kubernetes Security WorkshopKubernetes Security Workshop
Kubernetes Security WorkshopMirantis
 
Mirantis life
Mirantis lifeMirantis life
Mirantis lifeMirantis
 
OpenStack and the IoT: Where we are, where we're going, what we need to get t...
OpenStack and the IoT: Where we are, where we're going, what we need to get t...OpenStack and the IoT: Where we are, where we're going, what we need to get t...
OpenStack and the IoT: Where we are, where we're going, what we need to get t...Mirantis
 
Boris Renski: OpenStack Summit Keynote Austin 2016
Boris Renski: OpenStack Summit Keynote Austin 2016Boris Renski: OpenStack Summit Keynote Austin 2016
Boris Renski: OpenStack Summit Keynote Austin 2016Mirantis
 
Digital Disciplines: Attaining Market Leadership through the Cloud
Digital Disciplines: Attaining Market Leadership through the CloudDigital Disciplines: Attaining Market Leadership through the Cloud
Digital Disciplines: Attaining Market Leadership through the CloudMirantis
 
Decomposing Lithium's Monolith with Kubernetes and OpenStack
Decomposing Lithium's Monolith with Kubernetes and OpenStackDecomposing Lithium's Monolith with Kubernetes and OpenStack
Decomposing Lithium's Monolith with Kubernetes and OpenStackMirantis
 
OpenStack: Changing the Face of Service Delivery
OpenStack: Changing the Face of Service DeliveryOpenStack: Changing the Face of Service Delivery
OpenStack: Changing the Face of Service DeliveryMirantis
 
Accelerating the Next 10,000 Clouds
Accelerating the Next 10,000 CloudsAccelerating the Next 10,000 Clouds
Accelerating the Next 10,000 CloudsMirantis
 
Containers for the Enterprise: It's Not That Simple
Containers for the Enterprise: It's Not That SimpleContainers for the Enterprise: It's Not That Simple
Containers for the Enterprise: It's Not That SimpleMirantis
 
Protecting Yourself from the Container Shakeout
Protecting Yourself from the Container ShakeoutProtecting Yourself from the Container Shakeout
Protecting Yourself from the Container ShakeoutMirantis
 
It's Not the Technology, It's You
It's Not the Technology, It's YouIt's Not the Technology, It's You
It's Not the Technology, It's YouMirantis
 
OpenStack as the Platform for Innovation
OpenStack as the Platform for InnovationOpenStack as the Platform for Innovation
OpenStack as the Platform for InnovationMirantis
 
Moving AWS workloads to OpenStack
Moving AWS workloads to OpenStackMoving AWS workloads to OpenStack
Moving AWS workloads to OpenStackMirantis
 
Your 1st Ceph cluster
Your 1st Ceph clusterYour 1st Ceph cluster
Your 1st Ceph clusterMirantis
 
App catalog (Vancouver)
App catalog (Vancouver)App catalog (Vancouver)
App catalog (Vancouver)Mirantis
 
Tales From The Ship: Navigating the OpenStack Community Seas
Tales From The Ship: Navigating the OpenStack Community SeasTales From The Ship: Navigating the OpenStack Community Seas
Tales From The Ship: Navigating the OpenStack Community SeasMirantis
 
OpenStack Overview and History
OpenStack Overview and HistoryOpenStack Overview and History
OpenStack Overview and HistoryMirantis
 
OpenStack Architecture
OpenStack ArchitectureOpenStack Architecture
OpenStack ArchitectureMirantis
 
OpenStack Architecture
OpenStack ArchitectureOpenStack Architecture
OpenStack ArchitectureMirantis
 

Plus de Mirantis (20)

How to Accelerate Your Application Delivery Process on Top of Kubernetes Usin...
How to Accelerate Your Application Delivery Process on Top of Kubernetes Usin...How to Accelerate Your Application Delivery Process on Top of Kubernetes Usin...
How to Accelerate Your Application Delivery Process on Top of Kubernetes Usin...
 
Kubernetes Security Workshop
Kubernetes Security WorkshopKubernetes Security Workshop
Kubernetes Security Workshop
 
Mirantis life
Mirantis lifeMirantis life
Mirantis life
 
OpenStack and the IoT: Where we are, where we're going, what we need to get t...
OpenStack and the IoT: Where we are, where we're going, what we need to get t...OpenStack and the IoT: Where we are, where we're going, what we need to get t...
OpenStack and the IoT: Where we are, where we're going, what we need to get t...
 
Boris Renski: OpenStack Summit Keynote Austin 2016
Boris Renski: OpenStack Summit Keynote Austin 2016Boris Renski: OpenStack Summit Keynote Austin 2016
Boris Renski: OpenStack Summit Keynote Austin 2016
 
Digital Disciplines: Attaining Market Leadership through the Cloud
Digital Disciplines: Attaining Market Leadership through the CloudDigital Disciplines: Attaining Market Leadership through the Cloud
Digital Disciplines: Attaining Market Leadership through the Cloud
 
Decomposing Lithium's Monolith with Kubernetes and OpenStack
Decomposing Lithium's Monolith with Kubernetes and OpenStackDecomposing Lithium's Monolith with Kubernetes and OpenStack
Decomposing Lithium's Monolith with Kubernetes and OpenStack
 
OpenStack: Changing the Face of Service Delivery
OpenStack: Changing the Face of Service DeliveryOpenStack: Changing the Face of Service Delivery
OpenStack: Changing the Face of Service Delivery
 
Accelerating the Next 10,000 Clouds
Accelerating the Next 10,000 CloudsAccelerating the Next 10,000 Clouds
Accelerating the Next 10,000 Clouds
 
Containers for the Enterprise: It's Not That Simple
Containers for the Enterprise: It's Not That SimpleContainers for the Enterprise: It's Not That Simple
Containers for the Enterprise: It's Not That Simple
 
Protecting Yourself from the Container Shakeout
Protecting Yourself from the Container ShakeoutProtecting Yourself from the Container Shakeout
Protecting Yourself from the Container Shakeout
 
It's Not the Technology, It's You
It's Not the Technology, It's YouIt's Not the Technology, It's You
It's Not the Technology, It's You
 
OpenStack as the Platform for Innovation
OpenStack as the Platform for InnovationOpenStack as the Platform for Innovation
OpenStack as the Platform for Innovation
 
Moving AWS workloads to OpenStack
Moving AWS workloads to OpenStackMoving AWS workloads to OpenStack
Moving AWS workloads to OpenStack
 
Your 1st Ceph cluster
Your 1st Ceph clusterYour 1st Ceph cluster
Your 1st Ceph cluster
 
App catalog (Vancouver)
App catalog (Vancouver)App catalog (Vancouver)
App catalog (Vancouver)
 
Tales From The Ship: Navigating the OpenStack Community Seas
Tales From The Ship: Navigating the OpenStack Community SeasTales From The Ship: Navigating the OpenStack Community Seas
Tales From The Ship: Navigating the OpenStack Community Seas
 
OpenStack Overview and History
OpenStack Overview and HistoryOpenStack Overview and History
OpenStack Overview and History
 
OpenStack Architecture
OpenStack ArchitectureOpenStack Architecture
OpenStack Architecture
 
OpenStack Architecture
OpenStack ArchitectureOpenStack Architecture
OpenStack Architecture
 

Dernier

Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsMiki Katsuragi
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfRankYa
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024The Digital Insurer
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piececharlottematthew16
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Wonjun Hwang
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
Training state-of-the-art general text embedding
Training state-of-the-art general text embeddingTraining state-of-the-art general text embedding
Training state-of-the-art general text embeddingZilliz
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyAlfredo García Lavilla
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxhariprasad279825
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostZilliz
 

Dernier (20)

Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdf
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piece
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
Training state-of-the-art general text embedding
Training state-of-the-art general text embeddingTraining state-of-the-art general text embedding
Training state-of-the-art general text embedding
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
 

Your Application Deserves Better than Kubernetes Ingress: Istio vs. Kubernetes

  • 1. Copyright © 2019 Mirantis, Inc. All rights reserved Your App Deserves More than Kubernetes Ingress Kubernetes Ingress vs. Istio Gateway Webinar | October 15, 2019
  • 2. 2 A few introductions (OK, just one) Andrew Lee Technical Instructor at Mirantis Andrew started his early career in a QA position for Open Networking Lab, where he gained hands-on experience in cloud technologies and SDN solutions. He joined the training team at Mirantis in October of 2015 and currently manages content development and delivery of Kubernetes and Istio courses. He is an avid believer in open source technologies and enjoys teaching engineers how to effectively utilize them.
  • 3. 3 A little housekeeping ● Please submit questions in the Questions panel. ● We’ll provide a link where you can download the slides at the end of the webinar.
  • 4. 4 ● What is Ingress? ● Kubernetes Ingress & Ingress Controller ● Istio Ingress Gateway ● [Demo] Overview
  • 6. 6 ● Kubernetes way to expose your app ○ NodePort type Service ○ LoadBalancer type Service ○ Ingress / Ingress Controller Entrypoint for your Application 6
  • 7. 7 Entrypoint for your Application: NodePort 7
  • 8. 8 ● 1 NodePort per service ● Pain for end users ○ Not a standard port range ○ Different ports for different applications NodePort Limitations 8 http://52.14.21.152:30126
  • 9. 9 Entrypoint for your Application: Ingress 9
  • 10. 10 Entrypoint for your Application: Ingress (with LB) 10
  • 11. 11 ● Path / host based routing ○ mysite.com/blog -> svc A ○ mysite.com/shop -> svc B ● Multiple services behind single cloud Load Balancer Kubernetes Ingress Advantages 11
  • 12. 12 ● Requires three components ○ Ingress ■ Kubernetes Resource ■ Define rules here ○ Ingress Controller ■ Kubernetes Pod ■ Acts as reverse proxy ■ Nginx is recommended ■ Cloud providers have their own implementations with LB ■ “Acts” on the ingress definitions provided ○ Default Backend ■ Kubernetes Pod ■ All traffic that doesn’t match any ingress rules go here (HTTP 404) Kubernetes Ingress 12
  • 13. 13 ● Limited observability toolsets available ● No advanced traffic control / release strategies ○ % based Canary releases ○ Dark launching ● No service resiliency features ○ Retry, circuit breaking, timeouts Kubernetes Ingress Limitations
  • 16. 16 ● Requires three resources ● Gateway ○ Configure ports, protocol, certificates ● Virtual Service ○ Configure routing information to k8s service ○ Enables “intelligent” routing ○ Similar to “Ingress” Kubernetes resource ● Ingress Gateway ○ Pod with Envoy that does the routing ○ Configured by Gateway & Virtual Service Istio Ingress Gateway
  • 17. 17 ● Envoy proxy handles L7 traffic ○ More featureful than Kubernetes Ingress Controller ○ Advanced routing rules, distributed tracing, rate limiting, policy checking, metrics collection, etc. ○ Natively supports gRPC ● Dynamic configuration ○ Maintain connections but able to reload new config ● Egress gateway is also supported :) Istio Gateway Advantages
  • 18. 18 ● Disadvantages: ○ Requires installation of another control plane component (Istio Pilot) ○ Internal traffic management features are shared with Edge ● Alternatives: ○ API Gateways ■ Ambassador, Traefik, Kong, … (Mainly commercial products) Istio Gateway Disadvantages and Alternatives
  • 20. 20 ● Expose via Kubernetes NodePort ● Expose via Kubernetes Ingress ● Configure DNS ● Install and configure Istio ● Expose via Istio Ingress Gateway & Domain Name! ● Bonus: Observability Demo Cat Gif: Progressive App Exposure 20
  • 21. Copyright © 2019 Mirantis, Inc. All rights reserved Mirantis Training training.mirantis.com
  • 22. 22 Mirantis Training: Kubernetes & Istio training.mirantis.com Kubernetes & Docker Bootcamp I (KD100) Learn Docker and Kubernetes to deploy, run, and manage containerized applications 2 days Kubernetes & Docker Bootcamp II (KD200) Advanced training for Kubernetes professionals, preparation for CKA exam 3 days Accelerated Kubernetes & Docker Bootcamp (KD250) Most popular course! A combination of KD100 & KD200 at an accelerated pace, preps for the CKA exam 4 days Service Mesh and Istio Fundamentals (IST50) New! Introduction to Istio & Service Mesh 1 day Microservices and Istio Bootcamp (IST100) New! Microservices security, resiliency and monitoring using Istio 2 days
  • 23. Copyright © 2019 Mirantis, Inc. All rights reserved Questions? Thank you! Download the slides and view the recording at: https://info.mirantis.com/istio-ingress