Slide 1

Slide 1 text

Developer Portal for Istio Christian Posta (@christianposta) - Field CTO

Slide 2

Slide 2 text

2 | Copyright © 2020 Solo.io solves API connectivity and communication challenges across heterogeneous environments leveraging Envoy and Service Mesh technologies

Slide 3

Slide 3 text

3 | Copyright © 2020 December 11, 2018 2018 TOP WOMEN ENTREPRENEURS IN CLOUD INNOVATION Seventh Annual Award Honors Women Founders for Outstanding Accomplishments in Cloud and Emerging Technologies, Sponsored by Facebook, Intel, and Google. Award Winning Innovation Enterprise and Open Source Credibility Key Industry Collaborations

Slide 4

Slide 4 text

4 | Copyright © 2020 What our customers say ParkMobile partnered with Solo.io because we were looking for the most innovative and flexible solutions on the market to power our growing platform - Matt Ball, CTO Park Mobile With Gloo Enterprise, Vonage has access to a single, cloud native gateway that serves APIs spanning from legacy servers to modern serverless and Kubernetes-based services - Sagi Dudai, CTO Vonage We selected Gloo Enterprise from Solo.io to serve as the API Gateway for our new microservices based on the capabilities it provides us for advanced traffic routing and authentication in our cloud migration strategy. - Michael Souza, Engineer Carfax Gloo Gateway is really “Enterprise Envoy” - VP API technology, Nondisclosed Financial Co

Slide 5

Slide 5 text

5 | Copyright © 2020 Solo.io solves API connectivity & communication challenges

Slide 6

Slide 6 text

Why Envoy Proxy? • Where innovation happens around L7 • Neutral Foundation (CNCF) • Large, diverse, vibrant community • Built ground up for dynamic services environment • Dynamic configuration, driven by API • Highly extensible • L7 filters (HTTP/1, HTTP/2, gRPC, redis, mysql, Kafka, etc) • Deep signals telemetry out of the box • Versatile deployment options

Slide 7

Slide 7 text

7 | Copyright © 2020 SERVICE MESH JOURNEY INNOVATION MODERNIZE TO MICROSERVICES SERVICE MESH MANAGEMENT ANY MESH - ANYWHERE ADAPTIVE SERVICE MESH

Slide 8

Slide 8 text

SERVICE A SERVICE B SERVICE C SERVICE D SERVICE E NORTH-SOUTH TRAFFIC Solo.io solves API connectivity & communication challenges with decentralized, Envoy-based infrastructure

Slide 9

Slide 9 text

SERVICE A SERVICE B SERVICE C SERVICE D SERVICE E SERVICE F SERVICE G SERVICE H NORTH-SOUTH TRAFFIC Solo.io solves API connectivity & communication challenges with decentralized, Envoy-based infrastructure

Slide 10

Slide 10 text

Solo.io solves API connectivity & communication challenges with decentralized, Envoy-based infrastructure SERVICE A SERVICE C SERVICE B SERVICE D SERVICE E SERVICE F SERVICE G SERVICE H EAST - WEST TRAFFIC NORTH-SOUTH TRAFFIC

Slide 11

Slide 11 text

Solo.io solves API connectivity & communication challenges with decentralized, Envoy-based infrastructure SERVICE A SERVICE C SERVICE B SERVICE D SERVICE E SERVICE F SERVICE G SERVICE H NORTH-SOUTH TRAFFIC

Slide 12

Slide 12 text

Solo.io solves API connectivity & communication challenges with decentralized, Envoy-based infrastructure SERVICE A SERVICE C SERVICE B SERVICE D SERVICE E SERVICE F SERVICE G SERVICE H NORTH-SOUTH TRAFFIC API Developer Portal

Slide 13

Slide 13 text

13 | Copyright © 2020 13 | Copyright © 2020 Securing the edge

Slide 14

Slide 14 text

14 | Copyright © 2020 Role of an edge proxy / API Gateway • Enforce trust levels between boundaries • Authentication / Authorization / Encryption of traffic for end users, machines • Apply traffic policy and quota restrictions • Observe, log, transform, limit requests • Fit in with decentralized processes

Slide 15

Slide 15 text

15 | Copyright © 2020 Role of API Gateway: abstract implementation details

Slide 16

Slide 16 text

16 | Copyright © 2020 Edge proxy + service mesh • Encrypt / authentication / authorization for last-mile routing to backend services • Observe traffic from origin/edge to target endpoints including graph of services • Enable more sophisticated Zero-trust policies (trust tiers, integrating with policy engines,

Slide 17

Slide 17 text

17 | Copyright © 2020 17 | Copyright © 2020 Gloo API Gateway

Slide 18

Slide 18 text

18 | Copyright © 2020 Gloo Features

Slide 19

Slide 19 text

19 | Copyright © 2020 Why Gloo? Security Highly Extensible Multi-platform Web Assembly Integration Decentralized API ● Basic auth ● OIDC ● JWT ● API Keys ● Custom Auth ● TLS ● mTLS ● SNI ● Let’s Encrypt ● CORS ● OPA ● RBAC ● Delegation ● WAF ● Data Loss Prevention ● Rate Limit ● Circuit Breaker

Slide 20

Slide 20 text

20 | Copyright © 2020 Gloo architecture EXTERNAL AUTH RATE LIMITING GLOO FILTERS ROUTER UPSTREAM EXTERNAL AUTH SERVER RATE LIMITING SERVER CACHING DATA LOSS PREVENTION LAMBDA NATS.IO TRANSFORMATION WEB APPLICATION FIREWALL (WAF)

Slide 21

Slide 21 text

21 | Copyright © 2020 Developer Portal • Declarative Configuration - CRD based, No external database infrastructure • Customizable branding and web pages • Secure API publishing with API Keys • Improve developer onboarding and intuitive user experience

Slide 22

Slide 22 text

22 | Copyright © 2020 Gloo Gateway Complements Service Mesh • Extend with powerful edge capabilities (as seen previously) • Integrate with mTLS (SDS) • Integrate with telemetry collection • Integrate with distributed tracing • Provide full North-South & East-West networking abstraction

Slide 23

Slide 23 text

23 | Copyright © 2020 23 | Copyright © 2020 Ingress Proxy for Service Mesh

Slide 24

Slide 24 text

24 | Copyright © 2020 Simple ingress proxy • Single point passthrough • Accept already trusted traffic • Provide application specific routing • Participate in a service mesh • Expose “lightweight” APIs (as-is)

Slide 25

Slide 25 text

25 | Copyright © 2020 25 | Copyright © 2020 APIs within the mesh

Slide 26

Slide 26 text

26 | Copyright © 2020 Developer Portal for Istio

Slide 27

Slide 27 text

27 | Copyright © 2020 API Documentation

Slide 28

Slide 28 text

28 | Copyright © 2020 Simple ingress proxy + Developer Portal • Add light auth / rate limit capabilities • Catalog, document, expose APIs • Aggregate APIs into a single API • Self-service portal with customization • Intended to expose APIs “as-is” within your organization when you don’t need an Edge/API Gateway

Slide 29

Slide 29 text

29 | Copyright © 2020 How it works

Slide 30

Slide 30 text

30 | Copyright © 2020 How it works

Slide 31

Slide 31 text

31 | Copyright © 2020 31 | Copyright © 2020 Demo

Slide 32

Slide 32 text

32 | Copyright © 2020 LEARN MORE solo.io/gloo BLOG solo.io/blog GITHUB github.com/solo-io/gloo SOLO COMMUNITY slack.solo.io