Upgrade to Pro — share decks privately, control downloads, hide ads and more …

apidays Paris 2022 - Blurred Lines, Denis Jannot, Solo.io

apidays
January 08, 2023

apidays Paris 2022 - Blurred Lines, Denis Jannot, Solo.io

apidays Paris 2022 - APIs the next 10 years: Software, Society, Sovereignty, Sustainability
December 14, 15 & 16, 2022

Blurred Lines - When North/South meets East/West
Denis Jannot, Director of Field Engineering at EMEA, Solo.io
------

Check out our conferences at https://www.apidays.global/

Do you want to sponsor or talk at one of our conferences?
https://apidays.typeform.com/to/ILJeAaV8

Learn more on APIscene, the global media made by the community for the community:
https://www.apiscene.io

Explore the API ecosystem with the API Landscape:
https://apilandscape.apiscene.io/

Deep dive into the API industry with our reports:
https://www.apidays.global/industry-reports/

Subscribe to our global newsletter:
https://apidays.typeform.com/to/i1MPEW

apidays

January 08, 2023
Tweet

More Decks by apidays

Other Decks in Programming

Transcript

  1. 1 | Copyright © 2022 APIs the next 10 years:

    Software, Society, Sovereignty, Sustainability December 14, 15 & 16, 2022 In-Person & Virtual Conference
  2. APIs the next 10 years: Software, Society, Sovereignty, Sustainability December

    14, 15 & 16, 2022 Denis Jannot Director of Field Engineering - EMEA, Solo.io
  3. 2023 SERIES OF EVENT New York May 16&17 Australia October

    11&12 Singapore April 12&13 Helsinki & North June 5&6 Paris SEPTEMBER London November 15&16 June 28-30 SILICON VALLEY March 14&15 Dubai & Middle East February 22&23
  4. 3 | Copyright © 2022 3 | Copyright © 2022

    TODAY’S BUSINESS DIGITAL BUSINESS Sa tisfied Customers (120% Renewa ls) Well Funded ($135M) & Growing (300%) The Modern, Integra ted API Pla tform a nd Service Mesh for Kubernetes | Zero-Trust | Microservices | Multi-Cloud Accelera te a nd Simplify Applica tion Modernisa tion through Applica tion Networking Cloud-na tive Technology Lea dership Cloud-na tive Educa tion Lea dership
  5. 7 | Copyright © 2022 How applications are connected on

    Kubernetes MICROSERVICES API GATEWAY Rate limiting WAF
  6. 8 | Copyright © 2022 Service Mesh Control Plane Encryption

    Telemetry Traffic management Access control Identity Management Certificate management Health check Data Plane Ingress gateway
  7. 9 | Copyright © 2022 Accelerate application development … API

    Gateway Service Mesh Secure Encryption (mTLS) Authentication (Oauth, API keys, JWT, …) Authentication (JWT, …) Authorization (OPA, …) Authorization (L4 and L7) Web Application Firewall … and provides visibility to the security team
  8. 10 | Copyright © 2022 Accelerate application development … API

    Gateway Service Mesh Control Retries & timeouts Retries & timeouts Blue/Green & canary Blue/Green & canary Fault injection Fault injection Circuit breaking Circuit breaking Rate limiting … and simplify collaboration between teams
  9. 11 | Copyright © 2022 Accelerate application development … API

    Gateway Service Mesh Observe Access logging Access logging Metrics Metrics Tracing Tracing … and allow standardization
  10. 12 | Copyright © 2022 2017 Istio Launched 2022 Ambient

    Mesh Launched Data Plane Enhancements 2019-20 7 New Community Releases 1000s Production Customers ~ 1000 Community Contributors 2022 CNCF 2019-2022 Istio - The Industry’s Leading Service Mesh
  11. 13 | Copyright © 2022 Istio Ambient Mesh A new,

    open source contribution to the Istio project, that defines a new sidecar-less data plane. Solo.io and Google are the lead contributors to Istio Ambient Mesh. Cost Reduction Simplify Operations Improve Performance
  12. 14 | Copyright © 2022 istiod ingress gateway Istio provides

    security and observability out of the box for east/west traffic => accelerate release cycles => reduce security risks => reduce down times (< TTR) But the Istio Ingress Gateway doesn’t solve the challenges for north/south traffic. And Istio introduce new challenges (complexity, lack of multi tenancy, …). Client productpage details ratings reviews v1 v2 v3 standard Pod Pod with Envoy Istio Pod mTLS Legend
  13. 15 | Copyright © 2022 Gloo Platform productpage details ratings

    reviews istiod Gloo Mesh agent Kubernetes API server v1 v2 v3 Gloo Platform automates the Istio lifecycle and provides a simpler API with multi tenancy built-in => reduce management costs Client standard Pod Pod with Envoy Gloo Platform Pod Istio Pod mTLS Legend VirtualGateway RouteTable RetryTimeoutPolicy … Gateway VirtualService DestinationRule … ingress gateway
  14. 16 | Copyright © 2022 Gloo Platform productpage details ratings

    reviews istiod Gloo Mesh agent Kubernetes API server extauth rate limiter redis v1 v2 v3 ingress gateway Gloo Platform enhances the Istio Ingress Gateway to provide all the functionalities you expect from an Enterprise API gateway (extauth, rate limiting, WAF, …) => accelerate release cycles => reduce security risks Client standard Pod Pod with Envoy Gloo Platform Pod Istio Pod mTLS Legend
  15. 17 | Copyright © 2022 Gloo Platform ingress gateway eastwest

    gateway istiod Gloo Mesh agent productpage details ratings reviews productpage details ratings reviews extauth rate limiter redis istiod Gloo Mesh agent Kubernetes API server Kubernetes API server extauth rate limiter redis v1 v2 v1 v2 v3 eastwest gateway ingress gateway Gloo Platform simplifies the management of multiple Istio meshes => reduce management costs Client standard Pod Pod with Envoy Gloo Platform Pod Istio Pod mTLS Legend
  16. 18 | Copyright © 2022 Gloo Platform ingress gateway istiod

    Gloo Mesh agent productpage details ratings reviews productpage details ratings reviews extauth rate limiter redis istiod Gloo Mesh agent Kubernetes API server Kubernetes API server extauth rate limiter redis v1 v2 v1 v2 v3 eastwest gateway ingress gateway Gloo Platform makes it insanely easy for services to communicate across cluster securely and with high availability => reduce security risks => reduce down times eastwest gateway Client standard Pod Pod with Envoy Gloo Platform Pod Istio Pod mTLS Legend
  17. 19 | Copyright © 2022 ingress gateway eastwest gateway istiod

    Gloo Mesh agent bookinfo workspace gateways workspace productpage details ratings reviews productpage details ratings reviews extauth rate limiter redis istiod Gloo Mesh agent Gloo Platform Kubernetes API server Kubernetes API server eastwest gateway extauth rate limiter redis v1 v2 v1 v2 v3 Gloo Platform has multi tenancy built-in, base on Workspaces => reduce security risks => reduce management costs The productpage service is exported by the bookinfo Workspace to the gateways Workspace ingress gateway Client standard Pod Pod with Envoy Gloo Platform Pod Istio Pod mTLS Legend