Building resilient systems inside the mesh:
abstraction and automation of Virtual Service
generationautomation of Virtual Service generation Vladimir Georgiev, Thought Machine #IstioCon Sync calls failures inside the mesh ● Everyone says to fail fast and retry quickly, but... ● How fast to timeout0 码力 | 9 页 | 1.04 MB | 1 年前3- Istio at Scale: How eBay is building a massive Multitenant Service Mesh using Istiothe AZ, e.g., AZ IPAM, Network Load-balancers, etc. ■ Full isolation by confining service failures to AZ boundary AZ 1 AZ 2 AZ n Data Center DC1 K8s Cluster K8s Cluster K8s Cluster K8s Control Plane AZ Control Plane Global Control Plane Region Rn Controllers Sync to AZ Controllers Sync to clusters in AZ K8s Cluster K8s Cluster #IstioCon Step 2: Replace Hardware0 码力 | 22 页 | 505.96 KB | 1 年前3
- Automate mTLS
communication with
GoPay partners with
Istiofew hundred developers ● Multiple Kubernetes Clusters ● 250+ microservices ● 150M+ internal API calls ● 3000+ deployments every week ● REST as well as gRPC services ● Services written in Golang, Java certificate management manage our certificate lifecycle for HTTPS and mutual TLS communication. ● Renew & sync to our Kubernetes cluster, also support syncing to VM with an agent installed, this is also used0 码力 | 16 页 | 1.45 MB | 1 年前3
- Moving large scale consumer
e-commerce Infrastructure to
Meshbalancing ● Offload application services from networking and configuration ● Avoid other sources of failures (Consul etc) ● Possible benefits on Observability #IstioCon Requirements and Improvements ●0 码力 | 14 页 | 1.76 MB | 1 年前3
- SberBank story:
moving Istio from PoC to productionLessons Learned 1. Init containers maybe not the best option • NET_RAW and NET_ADMIN • Traffic failures due to init restarts (#16768) 2. Be careful with secrets rotation 1. Hot restarts for TCP-traffic0 码力 | 14 页 | 1.68 MB | 1 年前3
- Developing & Debugging WebAssembly Filtersruns in isolated VM, can dynamically update w/o Envoy restarts, no hard dependencies or cascading failures Speed: Near native performance Sustainable: Eliminates need to recompile and maintain a build0 码力 | 22 页 | 2.22 MB | 1 年前3
- Leveraging Istio for Creating API Tests - Low Effort API Testing for MicroservicesSignificantly reduced time and cost for API testing for microservices architectures with Istio – Fewer failures higher up the test pyramid as a result of improved API tests • Istio benefits – Venky / Prasad0 码力 | 21 页 | 1.09 MB | 1 年前3
- Istio Security Assessmentruntime. This web interface also allows unauthenticated users to force force all Istio objects to sync their current configuration. This in itself is not malicious but could cause a denial-of-service if istio-operator roleRef: kind: ClusterRole name: istio-operator apiGroup: rbac.authorization.k8s.io --- # SYNC WITH manifests/charts/base/files apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition0 码力 | 51 页 | 849.66 KB | 1 年前3
- f5a Istio Adoption Cash App-> Cash App EKS Internal Presentation “New” Cash App EKS -> Square DC Internal Presentation ir-sync Internal Presentation Do you like ? We’re Hiring! cash.app/careers tetrate.io/careers Internal0 码力 | 15 页 | 2.20 MB | 1 年前3
Secure your microservices with istio step by stepservice mesh ● Reviews-v1 ○ doesn’t call the ratings service. ● Reviews-v2 ○ calls ratings, black stars ● Reviews-v3 ○ calls ratings, red stars Initializing services 1) Deploy bookinfo services with0 码力 | 34 页 | 67.93 MB | 1 年前3
共 14 条
- 1
- 2
相关搜索词
BuildingresilientsystemsinsidethemeshabstractionandautomationofVirtualServicegenerationg2sIstioAtScaleeBaySudhiAutomatemTLScommunicationwithGoPaypartnersIstioMovinglargescaleconsumercommerceInfrastructuretoMeshSberBankstorymovingfromPoCproductionDevelopingDebuggingWebAssemblyFiltersLeveragingforCreatingAPITestsLowEffortTestingMicroservicesSecurityAssessmentf5aIstioAdoptionCashAppSecureyourmicroservicesistiostepby