Istio Succinctly
Apr 21, 2020 · 4 min read
I am super happy to announce the release of my new eBook: Istio Succictly, published by Syncfusion. You can grab a copy of the book for free by clicking this link. If you are familiar with Kubernetes and want to augment your Kubernetes clusters with the most popular Service Mesh implementation, Istio, then this book is for you. In Istio Succinctly, we have tried to comprehensively cover the quintessence of Istio without sacrificing the necessary concepts and theory behind it.
Origin Authentication and RBAC in Istio with Custom Identity Provider
Nov 11, 2019 · 15 min read
The concept of access control can be boiled down to two factors: authentication (AuthN) and authorization (AuthZ). While authentication determines the identity of a client based on the data presented to the identity provider (e.g., Google and Microsoft AD), authorization determines whether an authenticated principal may interact with the resource. I am not going to delve deep into the security architecture of Istio since I have covered this topic in detail in my upcoming FREE quick start guide on Istio.
Read more of Origin Authentication and RBAC in Istio with Custom Identity Provider
Using CoreDNS to Conceal Network Identities of Services in Istio
Oct 31, 2019 · 11 min read
A crucial feature of the Istio Service Mesh is that it grants you absolute control over how you want to route traffic to a service. Each service on the Istio service mesh has a unique network identity that it receives from the underlying host, i.e., Kubernetes. For example, a service named foo provisioned in a namespace named bar will have the FQDN (Fully Qualified Domain Name) foo.bar.svc.cluster.local, which also serves as its network identity.
Read more of Using CoreDNS to Conceal Network Identities of Services in Istio