Tag: cloud native
-
Service Proxy – from Nginx to Envoy
ReadUpdate (Nov 20, 2022): 1. Envoy’s configuration schema can be hard to get used to. It is lacking examples because the documentation is mostly generated.…
-
Istio External Authorization via OIDC
ReadIstio service mesh allows application developers to offload non-core features to infrastructure layer. We explored authentication and authorization with Istio in a basic lab. In…
-
Istio Lab – Authentication and Authorization
ReadMy previous blog discussed as service mesh what Istio can offer in terms of authentication and authorization capabilities. Istio can authenticate an incoming HTTP request,…
-
Istio Authentication and Authorization
ReadApplications running on Kubernetes platform seeks to offload common non-business features to the platform. Istio helps Kubernetes bridge that gap. It can enforce mTLS communication,…
-
FluxCD: Continuous Deployment with GitOps
ReadThis post explains why I land on FluxCD GitOps for my project. Let’s star Background In the Korthweb project, I landed on Istio for the…
-
Kubernetes Admission Control
ReadThis post discusses admission control, and its implementation – the OPA Gatekeeper. I also discuss Azure Policy as a different Gatekeeper implementation. Admission Webhooks Admission…