Subscription

Explore Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Learning Hub

Conferences

Free Learning

You're reading from Mastering Service Mesh Enhance, secure, and observe cloud-native applications with Istio, Linkerd, and Consul

Product type Paperback

Published in Mar 2020

Publisher Packt

ISBN-13 9781789615791

Length 626 pages

Edition 1st Edition

Languages

Tools

Consul

Concepts

Microservices

Authors (2):

Vikram Khatri

Anjali Khatri

View More author details

Table of Contents (31) Chapters

Preface

1. Section 1: Cloud-Native Application Management

2. Monolithic Versus Microservices FREE CHAPTER

3. Cloud-Native Applications

4. Section 2: Architecture

5. Service Mesh Architecture

6. Service Mesh Providers

7. Service Mesh Interface and SPIFFE

8. Section 3: Building a Kubernetes Environment

9. Building Your Own Kubernetes Environment

10. Section 4: Learning about Istio through Examples

11. Understanding the Istio Service Mesh

12. Installing a Demo Application

13. Installing Istio

14. Exploring Istio Traffic Management Capabilities

15. Exploring Istio Security Features

16. Enabling Istio Policy Controls

17. Exploring Istio Telemetry Features

18. Section 5: Learning about Linkerd through Examples

19. Understanding the Linkerd Service Mesh

20. Installing Linkerd

21. Exploring the Reliability Features of Linkerd

22. Exploring the Security Features of Linkerd

23. Exploring the Observability Features of Linkerd

24. Section 6: Learning about Consul through Examples

25. Understanding the Consul Service Mesh

26. Installing Consul

27. Exploring the Service Discovery Features of Consul

28. Exploring Traffic Management in Consul

29. Assessment

30. Other Books You May Enjoy

Leave a review - let other readers know what you think

Implementing mutual TLS

The communication between services is encrypted through sidecar proxies using mutual TLS. Each service is provided an identity through the SPIFFE X.509 certificate (please refer to Chapter 5, Service Mesh Interface and SPIFFE, for a discussion on SPIFFE). Since the services are not tied to fixed IP addresses, the SPIFFE-based identity can be used to connect and accept requests between SPIFFE-compliant services.

Consul has a built-in Certificate Authority, through which it assigns leaf certificates to sidecar proxies. These sidecar proxies can be configured for upstream configuration to specify alternate data centers that services can access for high availability. The CA federation can be enabled between multiple data centers. The CA federation helps the alternate data center to continue issuing leaf SPIFFE X509 certificates in the case of WAN disruptions...

The rest of the chapter is locked

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at $19.99/month. Cancel anytime

Authors (2)

Anjali Khatri

Anjali Khatri is an enterprise cloud architect at DivvyCloud, advancing the cloud-native growth for the company by helping customers maintain security and compliance for resources running on AWS, Google, Azure, and other cloud providers. She is a technical leader in the adoption, scaling, and maturity of DivvyCloud's capabilities. In collaboration with product and engineering, she works with customer success around feature request architecture, case studies, account planning, and continuous solution delivery. Prior to Divvycloud, Anjali worked at IBM and Merlin. She has 9+ years of professional experience in program management for software development, open source analytics sales, and application performance consulting.

See other products by Anjali Khatri

Khatri

Vikram Khatri is the chief architect of Cloud Pak for Data System at IBM. Vikram has 20 years of experience leading and mentoring high-performing, cross-functional teams to deliver high-impact, best-in-class technology solutions. Vikram is a visionary thought leader when it comes to architecting large-scale transformational solutions from monolithic to cloud-native applications that include data and AI. He is an industry-leading technical expert with a track record of leveraging deep technical expertise to develop solutions, resulting in revenues exceeding $1 billion over 14 years, and is also a technology subject matter expert in cloud-native technologies who frequently speaks at industry conferences and trade shows.

See other products by Khatri