Successfully reported this slideshow.
Your SlideShare is downloading. ×

The Need For A Cloud Native Tunnel

Ad
Ad
Ad
Ad
Ad
Ad
Ad
Ad
Ad
Ad
Ad
Loading in …3
×

Check these out next

1 of 28 Ad

The Need For A Cloud Native Tunnel

Download to read offline

The Need For A Cloud Native Tunnel by Alex Ellis, CNCF Ambassador and Founder @ OpenFaaS Ltd

Why do we need a tunnel? What are the alternatives? What can inlets and inlets-operator do?

The Need For A Cloud Native Tunnel by Alex Ellis, CNCF Ambassador and Founder @ OpenFaaS Ltd

Why do we need a tunnel? What are the alternatives? What can inlets and inlets-operator do?

Advertisement
Advertisement

More Related Content

Slideshows for you (20)

Similar to The Need For A Cloud Native Tunnel (20)

Advertisement

Recently uploaded (20)

Advertisement

The Need For A Cloud Native Tunnel

  1. 1. The Need For A Cloud Native Tunnel Alex Ellis, CNCF Ambassador and Founder @ OpenFaaS Ltd inlets @inletsdev
  2. 2. @inletsdev AGENDA 2 • The network is the problem 🚧 • inlets and the alternatives 🚇 • Case-studies 👔 • inlets-operator • Recap 📝
  3. 3. @inletsdev THE NETWORK WAS ALWAYS THE PROBLEM • 13 year-old me • Centre-parting hairstyle • Geocities user • Pete Sampras fan 3
  4. 4. @inletsdev • 13 year-old me • Centre-parting hairstyle • Geocities user • Pete Sampras fan 4 THE NETWORK WAS ALWAYS THE PROBLEM
  5. 5. @inletsdev • 13 year-old me • Centre-parting hairstyle • Geocities user • Pete Sampras fan 5 THE NETWORK WAS ALWAYS THE PROBLEM
  6. 6. @inletsdev 6 THE NETWORK WAS ALWAYS THE PROBLEM https://en.wikipedia.org/wiki/The_Demon_Headmaster_(TV_series)
  7. 7. @inletsdev 7 THE NETWORK WAS ALWAYS THE PROBLEM
  8. 8. @inletsdev FAST FORWARD “A FEW” YEARS ⏩ • 30-year old me • Software developer • Integrating with webhooks • Restricted corporate network • No “cloud” budget 8 1 2
  9. 9. @inletsdev THE NETWORK IS STILL THE PROBLEM • 30-year old me • Software developer • Integrates with GitHub • Builds open source deployment platforms 9
  10. 10. @inletsdev • Incoming webhooks (HTTPS) • Stable URL • Kubernetes integration • Low-cost • Easy to use 10 WHAT DID WE NEED?
  11. 11. @inletsdev A STORY OF TWO NETWORKS 11 Private network Public network No public IP NAT Firewall Captive portal Corporate proxy Hotel WiFi Public IP IPv4 capacity Additional cost Vs.
  12. 12. @inletsdev 12 ..BUT WHAT ABOUT… • IPv6 • “Every Atom of the surface of the Earth” • Adoption • Dual stack • VPNs • Virtual Private Network • OpenVPN • Wireguard/Tailscale • UDP / Double VPN • AWS Direct connect • 1 or 10 gigabit fibre-optic • $$$$ • MetalLB • Not a tunnel • NAT traversal? 👎 • SSH -R • Encryption tax • Baby-sitting • Hard to automate
  13. 13. @inletsdev INLETS - NETWORK TUNNEL & PROXY Exit Node
  14. 14. @inletsdev INLETS - NETWORK TUNNEL & PROXY 14Vendor: OpenFaaS Ltd
  15. 15. @inletsdev 15 INLETS DEMO Try it at: http://inlets.myfaas.club
  16. 16. @inletsdev 16 INLETS DEMO Try it at: http://inlets.myfaas.club
  17. 17. @inletsdev INLETS VS. • Two proxies • inlets - HTTP L7 • inlets PRO - TCP L4
 • Deploy Manually
 • Automate exit-servers • Go SDK • inlets-operator • inletsctl 17 Ngrok • Limited K8s integration • ngrok.io often blocked • Limited # connections • Sign-up 👎 • Disconnects after 7 hours • Closed-source Cloudflare Argo • Not free, locked-in • Closed-source backend Chisel etc • No integrations • GitHub only
  18. 18. @inletsdev 18 COMMUNITY 6k
  19. 19. @inletsdev 19 USE-CASES Platform engineering • CI/CD, billing, partner data • ChatOps • Alerting Developers/freelancers • Share work • Collaborate IoT • Command and control • VSHN - proxy OpenShift from customer VPCs • DX, Norway - Point of sales for cinemas • Edge CDNs • Banzai Cloud - K8s controllers CASE-STUDIES
  20. 20. @inletsdev 20Images copyright varian.com REAL-WORLD CASE-STUDY
  21. 21. @inletsdev 21https://www.extrahop.com/company/blog/2016/introduction-to-dicom-protocol/ • HL7 - TCP • DICOM - TCP • REST - HTTP MEDICAL PROTOCOLS
  22. 22. @inletsdev 22 TRADITIONAL TUNNEL/VPN
  23. 23. @inletsdev 23 SPLIT-PLANE ARCHITECTURE
  24. 24. @inletsdev 24 INLETS OPERATOR
  25. 25. @inletsdev 25 INLETS OPERATOR
  26. 26. @inletsdev 26 INLETS OPERATOR
  27. 27. @inletsdev • Pick your proxy: • inlets OSS - HTTP / L7 • inlets PRO - TCP / TLS encryption
 • Then automate: • inletsctl - ad-hoc tunnels via CLI • inlets-operator - Kubernetes • Or go bespoke (split-plane) 27 RECAP https:// docs.inlets.dev
  28. 28. docs.inlets.dev Thank you! Email me: alex@openfaas.com for Cloud Native Consulting from OpenFaaS Ltd inlets @inletsdev

×