Observability and Istio Telemetryn/ concepts-and-designs/oal.md • Extendable Aggregation Functions • Aggregation Function • Count • Calls per minute • Avg response time • Sum • Thermodynamic • P99/P95/P90/P75/P50Grammar0 码力 | 21 页 | 5.29 MB | 6 月前3
Secure your microservices with istio step by stepservice mesh ● Reviews-v1 ○ doesn’t call the ratings service. ● Reviews-v2 ○ calls ratings, black stars ● Reviews-v3 ○ calls ratings, red stars Initializing services 1) Deploy bookinfo services with0 码力 | 34 页 | 67.93 MB | 1 年前3- Building resilient systems inside the mesh:
abstraction and automation of Virtual Service
generationand automation of Virtual Service generation Vladimir Georgiev, Thought Machine #IstioCon Sync calls failures inside the mesh ● Everyone says to fail fast and retry quickly, but... ● How fast to timeout0 码力 | 9 页 | 1.04 MB | 1 年前3
- Automate mTLS
communication with
GoPay partners with
Istiofew hundred developers ● Multiple Kubernetes Clusters ● 250+ microservices ● 150M+ internal API calls ● 3000+ deployments every week ● REST as well as gRPC services ● Services written in Golang, Java0 码力 | 16 页 | 1.45 MB | 1 年前3
- Istio is a long wild river: how to navigate it safelytraffic sniffing (i.e. gRPC call discovery) to find out dependencies ● eBPF magic to get service calls? We use the first approach currently as it is protocol-agnostic and works before live traffic.0 码力 | 69 页 | 1.58 MB | 1 年前3
- Istio Security AssessmentNCC-GOIST2005-017 Category Access Controls Component Istio Location The ValidateVirtualService function defined in istio/pkg/config/validation/valid ation.go Impact An attacker that is able to create *kubeApiAdmission.AdmissionRequest parameter, such that the at-issue ValidateVirtualService function, and the validateGatewayNames() function, can ensure that the provided namespace is one wherein the client could perform PushContext.initGateways and PushContext.mergeGateways methods and the sortConfigByCreationTime function within istio/pilot/pkg/model/push_context.go Impact An attacker that is able to create an Istio0 码力 | 51 页 | 849.66 KB | 1 年前3
- Your laptop as part
of the service mesh#IstioCon What if ? #IstioCon EnvoyFilter - #IstioCon Envoy HTTP LuaFilter function envoy_on_request(request_handle) function envoy_on_response(request_handle) #IstioCon Who and where to reroute ? 1 X-devroute: { “foo”:”192.168.1.12:8001” } Accept: */* #IstioCon Pseudo implementation 1 function envoy_on_request(request_handle) 2 contract = request_handle:headers():get("x-devroute") 30 码力 | 30 页 | 555.24 KB | 1 年前3
- Using Istio to Build the Next 5G PlatformAuthorization between CNFs 5 ©2021 Aspen Mesh. All rights reserved. 5G Network Function Decomposition Microservice Network Function Implementation 5G Architecture Looks a Lot Like a Mesh? 6 ©2021 Aspen0 码力 | 18 页 | 3.79 MB | 1 年前3
- Accelerate Istio-CNI with ebpfprovide various programs type for different purpose ● We choose SOCK_OPS & SK_SKB to implement function #IstioCon ebpf Background Knowledge map ● Share collected information and to store state0 码力 | 15 页 | 658.90 KB | 1 年前3
- Istio audit report - ADA Logics - 2023-01-30 - v1.0to system resource exhaustion if a large byte buffer is read into memory. Case 1 A general Get function that makes an http request and reads the entire response into memory: https://github.com/istio/0 码力 | 55 页 | 703.94 KB | 1 年前3
共 10 条
- 1
相关搜索词
ObservabilityandIstioTelemetrySecureyourmicroserviceswithistiostepbyBuildingresilientsystemsinsidethemeshabstractionautomationofVirtualServicegenerationAutomatemTLScommunicationGoPaypartnersislongwildriverhowtonavigateitsafelySecurityAssessmentYourlaptopaspartservicea3pBuildNext5GPlatformNeerajDavee7pAccelerateIstioCNIwithebpfXuYizhouGuoRuijingauditreportADALogics20230130v1