Upgrade to Pro — share decks privately, control downloads, hide ads and more …

はじめてのKong Konnect

Takafumi Ikeda
April 09, 2021
Technology
0
120

はじめてのKong Konnect

2021/04/09
HCCJP

Takafumi Ikeda

April 09, 2021
Tweet

More Decks by Takafumi Ikeda

See All by Takafumi Ikeda
APIゲートウェイとサービスメッシュ
ikeike443
0
150
Kuma
ikeike443
2
3.2k
10分で分るGitHub Actions
ikeike443
3
1.7k
GitHub Actionsはどのような未来を描くのか
ikeike443
3
2.4k
GitHubber@日本
ikeike443
6
11k
GitHub Business Seminar
ikeike443
1
120
How we ship GitHub with GitHub -- ChatOps
ikeike443
0
240
効果的にGitHubを使うために
ikeike443
10
3.6k
How People Build Software
ikeike443
0
180

Other Decks in Technology

See All in Technology
スタートアップのためのアジャイルプラクティス -論文100本ノック- #xpjug / Agile Practice for Startup - Papers -
kyonmm
PRO
0
590
230930_XP祭り_ビジネスへの越境を考える /230930_XP_Fest_Across_Your_Border_to_Business
mkwrd
PRO
0
340
ゼロイチプロダクトのプロダクトマネジメント
ryokaneoka0406
0
120
AWS CDKでインフラ、アプリを分離した際に困ったこと
smt7174
0
130
Develop Sales Automation Workflow on LINE
linedevth
0
210
よりよいペアローテーションを求めて
nakasho
0
310
Warningアラートを放置しない!アラート駆動でログやメトリックを自動収集する仕組みによる恩恵
mashiike
3
360
SLOを組織文化にするための挑戦
yukin01
1
170
Renovate を使った ライブラリアップデート 仕組み化の取り組み
andpad
0
260
2023-09-05_OCIJP_まれによくあるマルチクラウドでDB-AP分離構成のこと
hk_shino
2
230
Microservices - Where are my Transactions and my Consitency????
ewolff
2
160
React Suspenseを使って遷移体験を向上させる
kobayang
3
900

Featured

See All Featured
Thoughts on Productivity
jonyablonski
55
3.1k
A Philosophy of Restraint
colly
195
15k
jQuery: Nuts, Bolts and Bling
dougneiner
57
6.8k
Fireside Chat
paigeccino
18
2.2k
ピンチをチャンスに:未来をつくるプロダクトロードマップ #pmconf2020
aki_iinuma
36
22k
Visualization
eitanlees
131
13k
It's Worth the Effort
3n
179
27k
The Art of Programming - Codeland 2020
erikaheidi
39
12k
Responsive Adventures: Dirty Tricks From The Dark Corners of Front-End
smashingmag
239
20k
RailsConf & Balkan Ruby 2019: The Past, Present, and Future of Rails at GitHub
eileencodes
123
30k
Faster Mobile Websites
deanohume
296
29k
Bootstrapping a Software Product
garrettdimon
PRO
299
110k

Transcript

  1. THE CLOUD CONNECTIVITY COMPANY
    1
    ƒŻƤƉƑ,POH
    Tokyo, Japan
    APRIL 2021
    THE CLOUD
    CONNECTIVITY COMPANY

    View Slide

  2. THE CLOUD CONNECTIVITY COMPANY
    2
    Ϋϥ΢υίωΫςΟϏςΟͷ
    ͢΂ͯΛΧόʔ:
    ● API Gateway
    ● Ingress
    ● Service Mesh
    ● Integration (2021)
    αʔϏείωΫςΟϏςΟ
    ϓϥοτϑΥʔϜ

    View Slide

  3. THE CLOUD CONNECTIVITY COMPANY
    3
    Basic Edge and
    Cross App Plugins
    Kuma Mesh
    Basic In-App
    Policies
    Kong Gateway
    Basic Edge and
    Cross App Plugins
    Kong Mesh
    Basic In-App
    Policies
    KIC decK
    Kong Gateway
    Enterprise
    RBAC
    OIDC AuthZ
    mTLS & JWT sig
    Advanced Transform
    Audit Logs
    Encryption of data at rest
    Distributed Caching
    GraphQL and Kafka
    OPA
    Hashicorp Vault
    Multi-Zone AutnZ
    FIPS-2 compliance
    Configuration Management UI
    Runtime Manager
    Developer Portal
    ServiceHub
    Immunity Anomaly Detection
    Vitals Analytics
    KIC decK
    KIC decK
    Open Source Projects
    Connectivity
    Fabric
    Services
    Connectivity
    Runtimes

    View Slide

  4. THE CLOUD CONNECTIVITY COMPANY
    4
    σϓϩΠΠϝʔδ

    View Slide

  5. THE CLOUD CONNECTIVITY COMPANY
    5
    Central
    Gateway
    ෳ਺ϨΠϠʔʹήʔτ΢ΣΠ഑ஔ
    Ingress

    Controller
    KONG
    KONG
    KONG
    KONG
    Ingress

    Controller
    KONG KONG
    Ingress

    Controller
    KONG KONG
    KONG
    Coarse-grained
    policies
    (e.g. global rate-
    limiting, user & app
    authentication, IP
    blacklist, etc.)
    Fine-grained policies
    (i.e. upstream TLS, specific
    microservice cluster rate-limiting)

    View Slide

  6. THE CLOUD CONNECTIVITY COMPANY
    6
    Central
    Gateway
    KONG
    KONG
    KONG
    Any Kubernetes

    (EKS, AKS, GKE, OpenShift, etc.)
    Ingress
    Controller
    KONG
    KONG
    Service
    Sidecar
    Service
    Sidecar
    Service
    Sidecar
    Service
    Sidecar
    Sidecar
    ήʔτ΢ΣΠͱαʔϏεϝογϡʢk8sʣ

    View Slide

  7. THE CLOUD CONNECTIVITY COMPANY
    7
    VM
    Central
    Gateway
    KONG
    KONG
    KONG
    Any Kubernetes

    (EKS, AKS, GKE, OpenShift, etc.)
    Ingress
    Controller
    KONG
    Service
    Sidecar
    Service
    Sidecar
    VM
    ήʔτ΢ΣΠͱαʔϏεϝογϡʢVMͱk8sࠞ߹ʣ

    View Slide

  8. THE CLOUD CONNECTIVITY COMPANY
    8
    VM
    Central
    Gateway
    ౷߹͞ΕͨίϯτϩʔϧϓϨʔϯͷఏڙʢ= Konnectʣ
    KONG
    KONG
    KONG
    Any Kubernetes

    (EKS, AKS, GKE, OpenShift, etc.)
    Ingress
    Controller
    KONG
    Service
    Service
    VM

    View Slide

  9. THE CLOUD CONNECTIVITY COMPANY
    9
    1ͭͷϓϩμΫτ - 2ͭͷύλʔϯ
    Konnect Self-managed Konnect Cloud

    View Slide

  10. THE CLOUD CONNECTIVITY COMPANY
    10
    ηΩϡϦςΟͱ
    Ψόφϯε
    αʔϏε։ൃͷ
    εϐʔυΞοϓ
    1 3
    2
    αʔϏεͷެ։
    ར༻ͷଅਐ
    Kong KonnectͷϝϦοτ

    View Slide

  11. THE CLOUD CONNECTIVITY COMPANY
    11
    σ Ϟ

    View Slide

  12. THE CLOUD CONNECTIVITY COMPANY
    12
    αʔϏε։ൃεϐʔυΞοϓ

    View Slide

  13. THE CLOUD CONNECTIVITY COMPANY
    13
    αʔϏε։ൃεϐʔυΞοϓ
    ϙϦγʔద༻Λૉૣ͘؆୯ʹ
    ● ։ൃͱσϓϩΠͷ଎౓্͕͕Γ·͢
    νʔϜͰͷར༻͕؆୯ʹ
    ● ։ൃνʔϜ͕ࣗ཯తʹϧʔςΟϯάઃఆՄೳɺRBACʹ
    ΑͬͯݖݶΛ෼͚Δͷ΋؆୯ʹ
    αʔϏεσϦόϦʔͷࣗಈԽ͕Մೳ
    ● APIήʔτ΢ΣΠͷઃఆΛCI/CDʹ૊ΈࠐΉͷ͕༰қ
    1

    View Slide

  14. THE CLOUD CONNECTIVITY COMPANY
    14
    Demo

    View Slide

  15. THE CLOUD CONNECTIVITY COMPANY
    15
    αʔϏε։ൃεϐʔυΞοϓ
    ϙϦγʔద༻Λૉૣ͘؆୯ʹ
    ● ։ൃͱσϓϩΠͷ଎౓্͕͕Γ·͢
    νʔϜͰͷར༻͕؆୯ʹ
    ● ։ൃνʔϜ͕ࣗ཯తʹϧʔςΟϯάઃఆՄೳɺRBACʹ
    ΑͬͯݖݶΛ෼͚Δͷ΋؆୯ʹ
    αʔϏεσϦόϦʔͷࣗಈԽ͕Մೳ
    ● APIήʔτ΢ΣΠͷઃఆΛCI/CDʹ૊ΈࠐΉͷ͕༰қ
    1

    View Slide

  16. THE CLOUD CONNECTIVITY COMPANY
    16
    Demo

    View Slide

  17. THE CLOUD CONNECTIVITY COMPANY
    17
    αʔϏε։ൃεϐʔυΞοϓ
    ϙϦγʔద༻Λૉૣ͘؆୯ʹ
    ● ։ൃͱσϓϩΠͷ଎౓্͕͕Γ·͢
    νʔϜͰͷར༻͕؆୯ʹ
    ● ։ൃνʔϜ͕ࣗ཯తʹϧʔςΟϯάઃఆՄೳɺRBACʹ
    ΑͬͯݖݶΛ෼͚Δͷ΋؆୯ʹ
    αʔϏεσϦόϦʔͷࣗಈԽ͕Մೳ
    ● APIήʔτ΢ΣΠͷઃఆΛCI/CDʹ૊ΈࠐΉͷ͕༰қ
    1

    View Slide

  18. THE CLOUD CONNECTIVITY COMPANY
    18
    Demo

    View Slide

  19. THE CLOUD CONNECTIVITY COMPANY
    19
    αʔϏε։ൃεϐʔυΞοϓ
    ϙϦγʔద༻Λૉૣ͘؆୯ʹ
    ● ։ൃͱσϓϩΠͷ଎౓্͕͕Γ·͢
    νʔϜͰͷར༻͕؆୯ʹ
    ● ։ൃνʔϜ͕ࣗ཯తʹϧʔςΟϯάઃఆՄೳɺRBACʹ
    ΑͬͯݖݶΛ෼͚Δͷ΋؆୯ʹ
    αʔϏεσϦόϦʔͷࣗಈԽ͕Մೳ
    ● APIήʔτ΢ΣΠͷઃఆΛCI/CDʹ૊ΈࠐΉͷ͕༰қ
    1

    View Slide

  20. THE CLOUD CONNECTIVITY COMPANY
    20
    ηΩϡϦςΟͱΨόφϯε

    View Slide

  21. THE CLOUD CONNECTIVITY COMPANY
    21
    αʔϏεΛೝূೝՄͰอޢ͢Δ
    ● ίʔυΛॻ͘͜ͱͳ͘ೝূೝՄΛ௥ՃͰ͖Δ
    αʔϏεؒτϥϑΟοΫͷϞχλϦϯά
    ● Vitals΍༷ʑͳϓϥάΠϯΛ༻͍ͯτϥϑΟοΫͷ؂ࢹΛ࣮ݱ
    2 ηΩϡϦςΟͱΨόφϯε

    View Slide

  22. THE CLOUD CONNECTIVITY COMPANY
    22
    Demo

    View Slide

  23. THE CLOUD CONNECTIVITY COMPANY
    23
    αʔϏεΛೝূೝՄͰอޢ͢Δ
    ● ίʔυΛॻ͘͜ͱͳ͘ೝূೝՄΛ௥ՃͰ͖Δ
    αʔϏεؒτϥϑΟοΫͷϞχλϦϯά
    ● Vitals΍༷ʑͳϓϥάΠϯΛ༻͍ͯτϥϑΟοΫͷ؂ࢹΛ࣮ݱ
    2 ηΩϡϦςΟͱΨόφϯε

    View Slide

  24. THE CLOUD CONNECTIVITY COMPANY
    24
    Demo

    View Slide

  25. THE CLOUD CONNECTIVITY COMPANY
    25
    αʔϏεΛೝূೝՄͰอޢ͢Δ
    ● ίʔυΛॻ͘͜ͱͳ͘ೝূೝՄΛ௥ՃͰ͖Δ
    αʔϏεؒτϥϑΟοΫͷϞχλϦϯά
    ● Vitals΍༷ʑͳϓϥάΠϯΛ༻͍ͯτϥϑΟοΫͷ؂ࢹΛ࣮ݱ
    2 ηΩϡϦςΟͱΨόφϯε

    View Slide

  26. THE CLOUD CONNECTIVITY COMPANY
    26
    αʔϏεͷެ։ͱར༻ଅਐ

    View Slide

  27. THE CLOUD CONNECTIVITY COMPANY
    27
    εϖοΫυϦϒϯ։ൃͱAPIςετ
    ● Insomnia Kong StudioΛ࢖ͬͨίϥϘϨʔγϣϯ
    αʔϏεͷެ։ɺσϕϩούʔϙʔλϧ
    ● αʔϏεΛσϕϩούʔϙʔλϧʹެ։͠ɺར༻Λଅਐ
    3 αʔϏεͷެ։ͱར༻ଅਐ

    View Slide

  28. THE CLOUD CONNECTIVITY COMPANY
    28
    Demo

    View Slide

  29. THE CLOUD CONNECTIVITY COMPANY
    29
    εϖοΫυϦϒϯ։ൃͱAPIςετ
    ● Insomnia Kong StudioΛ࢖ͬͨίϥϘϨʔγϣϯ
    αʔϏεͷެ։ɺσϕϩούʔϙʔλϧ
    ● αʔϏεΛσϕϩούʔϙʔλϧʹެ։͠ɺར༻Λଅਐ
    3 αʔϏεͷެ։ͱར༻ଅਐ

    View Slide

  30. THE CLOUD CONNECTIVITY COMPANY
    30
    Demo

    View Slide

  31. THE CLOUD CONNECTIVITY COMPANY
    31
    εϖοΫυϦϒϯ։ൃͱAPIςετ
    ● Insomnia Kong StudioΛ࢖ͬͨίϥϘϨʔγϣϯ
    αʔϏεͷެ։ɺσϕϩούʔϙʔλϧ
    ● αʔϏεΛσϕϩούʔϙʔλϧʹެ։͠ɺར༻Λଅਐ
    3 αʔϏεͷެ։ͱར༻ଅਐ

    View Slide

  32. THE CLOUD CONNECTIVITY COMPANY
    32
    ηΩϡϦςΟͱ
    Ψόφϯε
    αʔϏε։ൃͷ
    εϐʔυΞοϓ
    1 3
    2
    αʔϏεͷެ։
    ར༻ͷଅਐ
    Kong KonnectͷϝϦοτ

    View Slide

  33. THE CLOUD CONNECTIVITY COMPANY
    33
    ๛෋ͳϓϥάΠϯ

    View Slide

  34. THE CLOUD CONNECTIVITY COMPANY
    34
    ୅දతͳϓϥάΠϯ
    ๛෋ͳϓϥάΠϯ

    View Slide

  35. THE CLOUD CONNECTIVITY COMPANY
    35
    αʔϏεϝογϡ

    View Slide

  36. THE CLOUD CONNECTIVITY COMPANY
    36
    Kuma
    ■ Kong ͷఏڙ͢Δ৽͍͠ OSS
    ■ Envoy ্ʹߏங͞ΕͨϢχόʔαϧαʔϏεϝογϡ
    ■ ඇৗʹܰྔͳσʔλϓϨʔϯͱίϯτϩʔϧϓϨʔϯ
    ■ L4/L7 ͷτϥϑΟοΫͷ؂ࢹɺϧʔςΟϯάɺϩΪϯάɺ
    mTLSɺαʔϏεؒͷ૬ޓ઀ଓΛίʔυมߋͳ͠ʹ࣮ݱ
    ■ k8s ωΠςΟϒͰ͋Δͱಉ࣌ʹඇ k8s ϕʔεʢVMɾϕΞ
    ϝλϧʣͷαʔϏε্Ͱ΋ಈ࡞͠ɺطଘͷγεςϜͱ͏
    ·͘౷߹
    ■ ϚΠΫϩαʔϏεԽɾΫϥ΢υωΠςΟϒԽ΁εϜʔζ
    ʹҠߦ͢Δ͜ͱ͕Ͱ͖Δ
    ■ OPAωΠςΟϒαϙʔτ
    ■ Enterprise൛͸Kong Meshͱݺশ

    View Slide

  37. THE CLOUD CONNECTIVITY COMPANY
    37
    Ϋϥ΢υίωΫςΟϏςΟͷ
    ͢΂ͯΛΧόʔ:
    ● API Gateway
    ● Ingress
    ● Service Mesh
    ● Integration (2021)
    αʔϏείωΫςΟϏςΟ
    ϓϥοτϑΥʔϜ

    View Slide

  38. THE CLOUD CONNECTIVITY COMPANY
    38
    Thank You

    View Slide