Interesting thread about Nginx Service Mesh by Daniele Polencic
So yeah, Nginx had a service mesh too!
- Read on Threadapp
- Read on Twitter
I'm not sure, if anybody gonna use it for real, though
#kubernetes #nginx #networking
So yeah, Nginx had a service mesh too!
- Read on Threadapp
- Read on Twitter
I'm not sure, if anybody gonna use it for real, though
#kubernetes #nginx #networking
Threadreaderapp
Thread by @danielepolencic on Thread Reader App
Thread by @danielepolencic: THREAD Nginx has a service mesh too. Is it any good? Let's find out. 1/ Most service meshes use Envoy as a proxy and for good reasons: 1. It's fully open-source 2. It...
Some best practices for GKE networking by, well, Google.
As was said in one book:unless you've actually done the work, you're in no position to encode it as a best practice.
#gcp #gke #kubernetes #networking
As was said in one book:unless you've actually done the work, you're in no position to encode it as a best practice.
#gcp #gke #kubernetes #networking
Google Cloud
Best practices for GKE networking | Google Kubernetes Engine (GKE) | Google Cloud
This page provides best practices for configuring networking policies in GKE.
Cilium 1.10 is out with Wireguard, BGP Support, Egress IP Gateway, New Cilium CLI, XDP Load Balancer, Alibaba Cloud Integration and more. As well as a lot of performance improvements.
And that's great news! Especially, the Wireguard part, because now Cilium supports not only IPSec for traffic encryption between the pods.
#networking #kubernetes
And that's great news! Especially, the Wireguard part, because now Cilium supports not only IPSec for traffic encryption between the pods.
#networking #kubernetes
cilium.io
Cilium 1.10: WireGuard, BGP Support, Egress IP Gateway, New Cilium CLI, XDP Load Balancer, Alibaba Cloud Integration and more
The Cilium core team are excited to announce the Cilium 1.10 release. A total of 2042 new commits have been contributed by a growing ...
QUIC - a planned successor of TCP - is now formalized as RFC 9000.
QUIC was initially developed at Google, but later adopted by IETF. It provides some TCP-like features on top of UDP in order to overcome latency and packet loss, especially in the last mile.
HTTP/3, which is built on top of QUIC is not formalized yet, but it's following closely behind. So, it will be likely released soon as well.
So, with HTTP/3 around the corner, have you already switched to HTTP/2?
#networking #quic
QUIC was initially developed at Google, but later adopted by IETF. It provides some TCP-like features on top of UDP in order to overcome latency and packet loss, especially in the last mile.
HTTP/3, which is built on top of QUIC is not formalized yet, but it's following closely behind. So, it will be likely released soon as well.
So, with HTTP/3 around the corner, have you already switched to HTTP/2?
#networking #quic
Fastly
QUIC is now RFC 9000
QUIC version 1 is officially formalized, and QUIC deployments will now move away from using temporary draft versions to the newly minted version 1.
Consul Service Mesh for Amazon ECS is now in the Tech Preview.
This means that you can deploy Consul Service Mesh on Fargate type ECS using official Terraform modules. However, only setups for Dev are supported right now, i.e. the official module deploys only a single dev/testing Consul task for now. This will be changed before Consul Service Mesh for AWS ECS hits GA.
#consul #hashicorp #aws #networking
This means that you can deploy Consul Service Mesh on Fargate type ECS using official Terraform modules. However, only setups for Dev are supported right now, i.e. the official module deploys only a single dev/testing Consul task for now. This will be changed before Consul Service Mesh for AWS ECS hits GA.
#consul #hashicorp #aws #networking
HashiCorp
Announcing Tech Preview of Consul Service Mesh for Amazon ECS
AWS users may now select Consul as their service mesh for ECS deployments.
There is a saying that there are only two ways to learn something: to build it or to fix it.
Sam Lewis have built his own mesh VPN solution to learn better how those mesh VPNs work. And also because he could.
He put it all into a blog post. So, you can find some insights about mesh VPNs there. Probably, you won't even need to build your own.
In any case, this is not a tool you should get into production right away. Just an interesting read. No more, no less.
#networking #security #vpn
Sam Lewis have built his own mesh VPN solution to learn better how those mesh VPNs work. And also because he could.
He put it all into a blog post. So, you can find some insights about mesh VPNs there. Probably, you won't even need to build your own.
In any case, this is not a tool you should get into production right away. Just an interesting read. No more, no less.
#networking #security #vpn
www.samlewis.me
Sam Lewis
Sam Lewis is a Melbourne based geek who develops cool bits of code. He likes data, embedded stuff and AFL.
I remember being on a meetup in the Twitter HQ where people were talking about the success of Finagle and eventually presented an idea and some first versions of Linkerd.
It was in 2017 and now Linkerd is a graduated project of CNCF.
Congratulations!
These is an interesting part:
Linkerd is the first service mesh to rise to the level of graduation. But Linkerd has a long history of firsts: Linkerd was the first service mesh project and the one to coin the term itself. It was the first project to enter the CNCF’s inception (now sandbox) phase. It was the first CNCF project to adopt Rust
P.S. A nostalgic photo from the Twitter HQ
#networking
It was in 2017 and now Linkerd is a graduated project of CNCF.
Congratulations!
These is an interesting part:
Linkerd is the first service mesh to rise to the level of graduation. But Linkerd has a long history of firsts: Linkerd was the first service mesh project and the one to coin the term itself. It was the first project to enter the CNCF’s inception (now sandbox) phase. It was the first CNCF project to adopt Rust
P.S. A nostalgic photo from the Twitter HQ
#networking
Consul API Gateway is now in beta.
It also got TCPRoute Support as well as now it's supported in the official Helm Chart.
There is also a new learning material for you to take a closer look at it.
#hashicorp #kubernetes #networking #consul
It also got TCPRoute Support as well as now it's supported in the official Helm Chart.
There is also a new learning material for you to take a closer look at it.
#hashicorp #kubernetes #networking #consul
HashiCorp
Consul API Gateway Now Generally Available
The Consul API Gateway has now reached its first GA release, adding TCPRoute support, Helm chart support, and a new HashiCorp Learn tutorial.
Ever wondered, how a TCP connection works in slow-mo?
Here's an article just about that. There's a video as well. The link is in the article.
TBH, would be nice if this article covers not only the basics of TCP, but other features as well. Like RST packets.
Also, here's an interesting investigative read, which is not exactly about TCP, but it's features played thy key role for the investigation. Or this case, that actually happened in my company
#networking #tcp
Here's an article just about that. There's a video as well. The link is in the article.
TBH, would be nice if this article covers not only the basics of TCP, but other features as well. Like RST packets.
Also, here's an interesting investigative read, which is not exactly about TCP, but it's features played thy key role for the investigation. Or this case, that actually happened in my company
#networking #tcp
federico.defaveri.org
TCP connection in slow motion
I’ve always been curious about the netstat output: what is the meaning of the different TCP connection states? How the connection transit from a state to another? I am also working on a different post on TCP errors, so I need to understand better the different…
Back in a day, a friend of mine was ranting that this is not that obvious to spin up a VPN server in Kubernetes as online tutorials suggested.
Now, you can make a Wireguard operator do it for you. I haven't personally tested this operator. Yet, it has some positive comments on Reddit.
#kubernetes #networking
Now, you can make a Wireguard operator do it for you. I haven't personally tested this operator. Yet, it has some positive comments on Reddit.
#kubernetes #networking
GitHub
GitHub - jodevsa/wireguard-operator: Painless deployment of wireguard on kubernetes
Painless deployment of wireguard on kubernetes. Contribute to jodevsa/wireguard-operator development by creating an account on GitHub.