Tag: kubernetes

Origin Authentication and RBAC in Istio with Custom Identity Provider

Nov 11, 2019 · 15 min read

The concept of access control can be boiled down to two factors: authentication (AuthN) and authorization (AuthZ). While authentication determines the identity of a client based on the data presented to the identity provider (e.g., Google and Microsoft AD), authorization determines whether an authenticated principal may interact with the resource. I am not going to delve deep into the security architecture of Istio since I have covered this topic in detail in my upcoming FREE quick start guide on Istio.

#kubernetes#service-mesh

Read more of Origin Authentication and RBAC in Istio with Custom Identity Provider

Using CoreDNS to Conceal Network Identities of Services in Istio

Oct 31, 2019 · 11 min read

A crucial feature of the Istio Service Mesh is that it grants you absolute control over how you want to route traffic to a service. Each service on the Istio service mesh has a unique network identity that it receives from the underlying host, i.e., Kubernetes. For example, a service named foo provisioned in a namespace named bar will have the FQDN (Fully Qualified Domain Name) foo.bar.svc.cluster.local, which also serves as its network identity.

#kubernetes#service-mesh

Read more of Using CoreDNS to Conceal Network Identities of Services in Istio

Appropriately Release Resources From DotNet Core Application Deployed in Kubernetes Cluster

Sep 08, 2018 · 4 min read

You have deployed your DNC (Dot Net Core) application on your Kubernetes cluster and to make it efficient, you have initialized resources, kept a database channel open, and did a ton of other things during the initialization of your application. Did you miss something? One of the critical tasks that you must do is cleaning up the resources, shutting down the open channels, and gracefully shutting off what you turned on and so on from your application when Kubernetes instructs your container to shut down.

#kubernetes

Read more of Appropriately Release Resources From DotNet Core Application Deployed in Kubernetes Cluster