はじめてのKong Konnect

Transcript

1. THE CLOUD CONNECTIVITY COMPANY 1 ƒŻƤƉƑ,POH
   Tokyo, Japan APRIL 2021

   THE CLOUD CONNECTIVITY COMPANY

2. THE CLOUD CONNECTIVITY COMPANY 2 Ϋϥ΢υίωΫςΟϏςΟͷ ͢΂ͯΛΧόʔ: • API Gateway

   • Ingress • Service Mesh • Integration (2021) αʔϏείωΫςΟϏςΟ ϓϥοτϑΥʔϜ

3. THE CLOUD CONNECTIVITY COMPANY 3 Basic Edge and Cross App

   Plugins Kuma Mesh Basic In-App Policies Kong Gateway Basic Edge and Cross App Plugins Kong Mesh Basic In-App Policies KIC decK Kong Gateway Enterprise RBAC OIDC AuthZ mTLS & JWT sig Advanced Transform Audit Logs Encryption of data at rest Distributed Caching GraphQL and Kafka OPA Hashicorp Vault Multi-Zone AutnZ FIPS-2 compliance Configuration Management UI Runtime Manager Developer Portal ServiceHub Immunity Anomaly Detection Vitals Analytics KIC decK KIC decK Open Source Projects Connectivity Fabric Services Connectivity Runtimes

4. THE CLOUD CONNECTIVITY COMPANY 4 σϓϩΠΠϝʔδ

5. THE CLOUD CONNECTIVITY COMPANY 5 Central Gateway ෳ਺ϨΠϠʔʹήʔτ΢ΣΠ഑ஔ Ingress
 Controller

   KONG KONG KONG KONG Ingress
 Controller KONG KONG Ingress
 Controller KONG KONG KONG Coarse-grained policies (e.g. global rate- limiting, user & app authentication, IP blacklist, etc.) Fine-grained policies (i.e. upstream TLS, specific microservice cluster rate-limiting)

6. THE CLOUD CONNECTIVITY COMPANY 6 Central Gateway KONG KONG KONG

   Any Kubernetes
 (EKS, AKS, GKE, OpenShift, etc.) Ingress Controller KONG KONG Service Sidecar Service Sidecar Service Sidecar Service Sidecar Sidecar ήʔτ΢ΣΠͱαʔϏεϝογϡʢk8sʣ

7. THE CLOUD CONNECTIVITY COMPANY 7 VM Central Gateway KONG KONG

   KONG Any Kubernetes
 (EKS, AKS, GKE, OpenShift, etc.) Ingress Controller KONG Service Sidecar Service Sidecar VM ήʔτ΢ΣΠͱαʔϏεϝογϡʢVMͱk8sࠞ߹ʣ

8. THE CLOUD CONNECTIVITY COMPANY 8 VM Central Gateway ౷߹͞ΕͨίϯτϩʔϧϓϨʔϯͷఏڙʢ= Konnectʣ

   KONG KONG KONG Any Kubernetes
 (EKS, AKS, GKE, OpenShift, etc.) Ingress Controller KONG Service Service VM

9. THE CLOUD CONNECTIVITY COMPANY 9 1ͭͷϓϩμΫτ - 2ͭͷύλʔϯ Konnect Self-managed

   Konnect Cloud

10. THE CLOUD CONNECTIVITY COMPANY 10 ηΩϡϦςΟͱ Ψόφϯε αʔϏε։ൃͷ εϐʔυΞοϓ 1

    3 2 αʔϏεͷެ։ ར༻ͷଅਐ Kong KonnectͷϝϦοτ

11. THE CLOUD CONNECTIVITY COMPANY 11 σ Ϟ

12. THE CLOUD CONNECTIVITY COMPANY 12 αʔϏε։ൃεϐʔυΞοϓ

13. THE CLOUD CONNECTIVITY COMPANY 13 αʔϏε։ൃεϐʔυΞοϓ ϙϦγʔద༻Λૉૣ͘؆୯ʹ • ։ൃͱσϓϩΠͷ଎౓্͕͕Γ·͢ νʔϜͰͷར༻͕؆୯ʹ

    • ։ൃνʔϜ͕ࣗ཯తʹϧʔςΟϯάઃఆՄೳɺRBACʹ ΑͬͯݖݶΛ෼͚Δͷ΋؆୯ʹ αʔϏεσϦόϦʔͷࣗಈԽ͕Մೳ • APIήʔτ΢ΣΠͷઃఆΛCI/CDʹ૊ΈࠐΉͷ͕༰қ 1

14. THE CLOUD CONNECTIVITY COMPANY 14 Demo

15. THE CLOUD CONNECTIVITY COMPANY 15 αʔϏε։ൃεϐʔυΞοϓ ϙϦγʔద༻Λૉૣ͘؆୯ʹ • ։ൃͱσϓϩΠͷ଎౓্͕͕Γ·͢ νʔϜͰͷར༻͕؆୯ʹ

    • ։ൃνʔϜ͕ࣗ཯తʹϧʔςΟϯάઃఆՄೳɺRBACʹ ΑͬͯݖݶΛ෼͚Δͷ΋؆୯ʹ αʔϏεσϦόϦʔͷࣗಈԽ͕Մೳ • APIήʔτ΢ΣΠͷઃఆΛCI/CDʹ૊ΈࠐΉͷ͕༰қ 1

16. THE CLOUD CONNECTIVITY COMPANY 16 Demo

17. THE CLOUD CONNECTIVITY COMPANY 17 αʔϏε։ൃεϐʔυΞοϓ ϙϦγʔద༻Λૉૣ͘؆୯ʹ • ։ൃͱσϓϩΠͷ଎౓্͕͕Γ·͢ νʔϜͰͷར༻͕؆୯ʹ

    • ։ൃνʔϜ͕ࣗ཯తʹϧʔςΟϯάઃఆՄೳɺRBACʹ ΑͬͯݖݶΛ෼͚Δͷ΋؆୯ʹ αʔϏεσϦόϦʔͷࣗಈԽ͕Մೳ • APIήʔτ΢ΣΠͷઃఆΛCI/CDʹ૊ΈࠐΉͷ͕༰қ 1

18. THE CLOUD CONNECTIVITY COMPANY 18 Demo

19. THE CLOUD CONNECTIVITY COMPANY 19 αʔϏε։ൃεϐʔυΞοϓ ϙϦγʔద༻Λૉૣ͘؆୯ʹ • ։ൃͱσϓϩΠͷ଎౓্͕͕Γ·͢ νʔϜͰͷར༻͕؆୯ʹ

    • ։ൃνʔϜ͕ࣗ཯తʹϧʔςΟϯάઃఆՄೳɺRBACʹ ΑͬͯݖݶΛ෼͚Δͷ΋؆୯ʹ αʔϏεσϦόϦʔͷࣗಈԽ͕Մೳ • APIήʔτ΢ΣΠͷઃఆΛCI/CDʹ૊ΈࠐΉͷ͕༰қ 1

20. THE CLOUD CONNECTIVITY COMPANY 20 ηΩϡϦςΟͱΨόφϯε

21. THE CLOUD CONNECTIVITY COMPANY 21 αʔϏεΛೝূೝՄͰอޢ͢Δ • ίʔυΛॻ͘͜ͱͳ͘ೝূೝՄΛ௥ՃͰ͖Δ αʔϏεؒτϥϑΟοΫͷϞχλϦϯά •

    Vitals΍༷ʑͳϓϥάΠϯΛ༻͍ͯτϥϑΟοΫͷ؂ࢹΛ࣮ݱ 2 ηΩϡϦςΟͱΨόφϯε

22. THE CLOUD CONNECTIVITY COMPANY 22 Demo

23. THE CLOUD CONNECTIVITY COMPANY 23 αʔϏεΛೝূೝՄͰอޢ͢Δ • ίʔυΛॻ͘͜ͱͳ͘ೝূೝՄΛ௥ՃͰ͖Δ αʔϏεؒτϥϑΟοΫͷϞχλϦϯά •

    Vitals΍༷ʑͳϓϥάΠϯΛ༻͍ͯτϥϑΟοΫͷ؂ࢹΛ࣮ݱ 2 ηΩϡϦςΟͱΨόφϯε

24. THE CLOUD CONNECTIVITY COMPANY 24 Demo

25. THE CLOUD CONNECTIVITY COMPANY 25 αʔϏεΛೝূೝՄͰอޢ͢Δ • ίʔυΛॻ͘͜ͱͳ͘ೝূೝՄΛ௥ՃͰ͖Δ αʔϏεؒτϥϑΟοΫͷϞχλϦϯά •

    Vitals΍༷ʑͳϓϥάΠϯΛ༻͍ͯτϥϑΟοΫͷ؂ࢹΛ࣮ݱ 2 ηΩϡϦςΟͱΨόφϯε

26. THE CLOUD CONNECTIVITY COMPANY 26 αʔϏεͷެ։ͱར༻ଅਐ

27. THE CLOUD CONNECTIVITY COMPANY 27 εϖοΫυϦϒϯ։ൃͱAPIςετ • Insomnia Kong StudioΛ࢖ͬͨίϥϘϨʔγϣϯ

    αʔϏεͷެ։ɺσϕϩούʔϙʔλϧ • αʔϏεΛσϕϩούʔϙʔλϧʹެ։͠ɺར༻Λଅਐ 3 αʔϏεͷެ։ͱར༻ଅਐ

28. THE CLOUD CONNECTIVITY COMPANY 28 Demo

29. THE CLOUD CONNECTIVITY COMPANY 29 εϖοΫυϦϒϯ։ൃͱAPIςετ • Insomnia Kong StudioΛ࢖ͬͨίϥϘϨʔγϣϯ

    αʔϏεͷެ։ɺσϕϩούʔϙʔλϧ • αʔϏεΛσϕϩούʔϙʔλϧʹެ։͠ɺར༻Λଅਐ 3 αʔϏεͷެ։ͱར༻ଅਐ

30. THE CLOUD CONNECTIVITY COMPANY 30 Demo

31. THE CLOUD CONNECTIVITY COMPANY 31 εϖοΫυϦϒϯ։ൃͱAPIςετ • Insomnia Kong StudioΛ࢖ͬͨίϥϘϨʔγϣϯ

    αʔϏεͷެ։ɺσϕϩούʔϙʔλϧ • αʔϏεΛσϕϩούʔϙʔλϧʹެ։͠ɺར༻Λଅਐ 3 αʔϏεͷެ։ͱར༻ଅਐ

32. THE CLOUD CONNECTIVITY COMPANY 32 ηΩϡϦςΟͱ Ψόφϯε αʔϏε։ൃͷ εϐʔυΞοϓ 1

    3 2 αʔϏεͷެ։ ར༻ͷଅਐ Kong KonnectͷϝϦοτ

33. THE CLOUD CONNECTIVITY COMPANY 33 ๛෋ͳϓϥάΠϯ

34. THE CLOUD CONNECTIVITY COMPANY 34 ୅දతͳϓϥάΠϯ ๛෋ͳϓϥάΠϯ

35. THE CLOUD CONNECTIVITY COMPANY 35 αʔϏεϝογϡ

36. THE CLOUD CONNECTIVITY COMPANY 36 Kuma ▪ Kong ͷఏڙ͢Δ৽͍͠ OSS

    ▪ Envoy ্ʹߏங͞ΕͨϢχόʔαϧαʔϏεϝογϡ ▪ ඇৗʹܰྔͳσʔλϓϨʔϯͱίϯτϩʔϧϓϨʔϯ ▪ L4/L7 ͷτϥϑΟοΫͷ؂ࢹɺϧʔςΟϯάɺϩΪϯάɺ mTLSɺαʔϏεؒͷ૬ޓ઀ଓΛίʔυมߋͳ͠ʹ࣮ݱ ▪ k8s ωΠςΟϒͰ͋Δͱಉ࣌ʹඇ k8s ϕʔεʢVMɾϕΞ ϝλϧʣͷαʔϏε্Ͱ΋ಈ࡞͠ɺطଘͷγεςϜͱ͏ ·͘౷߹ ▪ ϚΠΫϩαʔϏεԽɾΫϥ΢υωΠςΟϒԽ΁εϜʔζ ʹҠߦ͢Δ͜ͱ͕Ͱ͖Δ ▪ OPAωΠςΟϒαϙʔτ ▪ Enterprise൛͸Kong Meshͱݺশ

37. THE CLOUD CONNECTIVITY COMPANY 37 Ϋϥ΢υίωΫςΟϏςΟͷ ͢΂ͯΛΧόʔ: • API Gateway

    • Ingress • Service Mesh • Integration (2021) αʔϏείωΫςΟϏςΟ ϓϥοτϑΥʔϜ

38. THE CLOUD CONNECTIVITY COMPANY 38 Thank You