In distributed system architectures, a service mesh can help to make service communication more secure, reliable, and traceable. Along with the service mesh concept we may often think of concepts like microservices, containers or Kubernetes. Moreover, a modern service mesh also offers to integrate legacy workloads, for example on VMs. Even more so, it is possible to define a service mesh in such a way that it spans across multiple clusters or networks, e.g. in a multi-cloud setup, or in a mix of on-premises and cloud.
A service mesh, however, possesses even more capabilities such as observability and security. This session will focus on these areas and how in today's heterogeneous world a service mesh can help to address complex challenges here. Scenarios from real-world projects will be presented and individual aspects will be highlighted in a demo.
Achtung:Hier muss!!!! Der Sprechtext sitzen, weil hier unser Angebot formuliert wird.
Pfeile
Global Control Plane (AKS, Fabian)
Zone 1: OKE (Sven mit Data API)
Zone 2: AKS (Fabian)
Reliable connectivity
No longer Developer’s responsibility
Consistent, declarative management at infrastructure level
Self-service network management
Developer defines communication rules (traffic permissions)
No longer need to also involve network teams (firewall rules)
Zero-trust security
Secure communication via mTLS
Automated certificate management
Service Discovery