Subscription

Explore Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Learning Hub

Conferences

Free Learning

You're reading from Mastering Service Mesh Enhance, secure, and observe cloud-native applications with Istio, Linkerd, and Consul

Product type Paperback

Published in Mar 2020

Publisher Packt

ISBN-13 9781789615791

Length 626 pages

Edition 1st Edition

Languages

Tools

Consul

Concepts

Microservices

Authors (2):

Vikram Khatri

Anjali Khatri

View More author details

Table of Contents (31) Chapters

Preface

1. Section 1: Cloud-Native Application Management

2. Monolithic Versus Microservices FREE CHAPTER

3. Cloud-Native Applications

4. Section 2: Architecture

5. Service Mesh Architecture

6. Service Mesh Providers

7. Service Mesh Interface and SPIFFE

8. Section 3: Building a Kubernetes Environment

9. Building Your Own Kubernetes Environment

10. Section 4: Learning about Istio through Examples

11. Understanding the Istio Service Mesh

12. Installing a Demo Application

13. Installing Istio

14. Exploring Istio Traffic Management Capabilities

15. Exploring Istio Security Features

16. Enabling Istio Policy Controls

17. Exploring Istio Telemetry Features

18. Section 5: Learning about Linkerd through Examples

19. Understanding the Linkerd Service Mesh

20. Installing Linkerd

21. Exploring the Reliability Features of Linkerd

22. Exploring the Security Features of Linkerd

23. Exploring the Observability Features of Linkerd

24. Section 6: Learning about Consul through Examples

25. Understanding the Consul Service Mesh

26. Installing Consul

27. Exploring the Service Discovery Features of Consul

28. Exploring Traffic Management in Consul

29. Assessment

30. Other Books You May Enjoy

Leave a review - let other readers know what you think

Overview of Istio's security

Security in Istio is very comprehensive. The high-level overview starts with Citadel, which is a key and certificate manager. It acts as a Certificate Authority (CA) for Istio. An additional component, node_agent, needs to be enabled for certificate and key rotation. The node agent runs as a daemon set on all of the nodes to take care of the certificate and key rotations. The sidecar proxies implement a secure protocol communication between microservices, and this is a self-service model that is enabled through a parameter with no changes being made to the microservices. The following control plane components are used:

Pilot: Pilot in Istio distributes authentication and provides secure naming conventions for sidecar proxies. Secure naming is a new concept that is gaining traction since it identifies services securely if they are part of the...

The rest of the chapter is locked

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at €18.99/month. Cancel anytime

Authors (2)

Anjali Khatri

Anjali Khatri is an enterprise cloud architect at DivvyCloud, advancing the cloud-native growth for the company by helping customers maintain security and compliance for resources running on AWS, Google, Azure, and other cloud providers. She is a technical leader in the adoption, scaling, and maturity of DivvyCloud's capabilities. In collaboration with product and engineering, she works with customer success around feature request architecture, case studies, account planning, and continuous solution delivery. Prior to Divvycloud, Anjali worked at IBM and Merlin. She has 9+ years of professional experience in program management for software development, open source analytics sales, and application performance consulting.

See other products by Anjali Khatri

Khatri

Vikram Khatri is the chief architect of Cloud Pak for Data System at IBM. Vikram has 20 years of experience leading and mentoring high-performing, cross-functional teams to deliver high-impact, best-in-class technology solutions. Vikram is a visionary thought leader when it comes to architecting large-scale transformational solutions from monolithic to cloud-native applications that include data and AI. He is an industry-leading technical expert with a track record of leveraging deep technical expertise to develop solutions, resulting in revenues exceeding $1 billion over 14 years, and is also a technology subject matter expert in cloud-native technologies who frequently speaks at industry conferences and trade shows.

See other products by Khatri