At Solo.io, we work with a lot of customers or software providers that provide products to their customers that have compliance obligations around FIPS (Federal Information Processing Standards). These are typically customers in the US Government, but not exclusively. FIPS is a set of rules about how cryptographic modules are implemented and apply to any […]

As more and more organizations leveraging Istio service mesh turn to Solo.io for production support, FIPS compliance, and architecture/operations best practices, we start to see patterns emerge and common questions arise. When we see enough of those questions, we try to share when we have a few moments to write. In this blog post, I’ll show […]

WebAssembly (abbreviated Wasm) is a binary instruction format for a stack-based virtual machine. Wasm is designed as a portable compilation target for programming languages, enabling deployment on the web for client and server applications. At Solo.io, we are very excited about Web Assembly as a way to extend an Envoy-based data plane in frameworks like API Gateways (Gloo) and Service Meshes (Istio, AppMesh, […]

From day one, our mission with Gloo Mesh has been to provide a service mesh command center that will give users indispensable features to manage a “glooed” together mix of environments, and today I am excited to announce that Gloo Mesh Enterprise is now available in Beta. We are asking the Gloo community and customers […]

AWS recently announced EKS Distro which allows you to run self-managed and on-premises Kubernetes clusters using the same Kubernetes binaries that run on AWS EKS. With this consistent foundation for running containers comes the need for a consistent foundation for automating the networking of those containers, specifically the security, traffic, and extensibility policies. Istio is a […]

Istio releases a new minor version every quarter, and most recently the community released 1.8.0. VM support for Istio has been progressing along across the last few releases. For example, in  Istio 1.6 the WorkloadEntry resource was introduced. This allowed the mesh operator to specify VM instances and their IPs as part of the mesh. […]

In the previous posts, we covered how Gloo Mesh (previous known as Service Mesh Hub) makes it easy to federate the identity across clusters to allow cross-cluster communication, failover and access control based on policies. RBAC in Kubernetes In large organizations, several teams are using the same Kubernetes cluster. They use Kubernetes RBAC to define who can […]

Service Mesh Hub is a Kubernetes-native management plane that enables configuration and operational management of multiple clusters of the same service meshes and multiple clusters of heterogeneous service meshes through a unified API. Since the 0.7.2 release in September we’ve shipped more features and fixes leading to the latest release, version 0.9.1 New Features in […]

In this blog series, we will dig into specific challenge areas for multi-cluster Kubernetes and service mesh architecture, considerations and approaches in solving them. In a previous blog post we covered Identity Federation for Multi-Cluster Kubernetes and Service Mesh which is the foundation for multi-cluster global access control. We explained how to setup each Istio cluster with a different […]

Security is an evergreen requirement for any system, and in recent years, the concept of Zero Trust has gained in popularity as a different security model to protect organizations and their IT portfolio from the increasing business risk of security incidents. Traditional security practices and tools are designed to secure the perimeter and by default […]

In this blog series, we will dig into specific challenge areas for multi-cluster Kubernetes and service mesh architecture, considerations and approaches in solving them. The previous blog post covered Identity Federation for Multi-Cluster Kubernetes and Service Mesh which is the foundation for cross-cluster service communication. Istio is the most popular Service Mesh technology and is designed to handle […]

In this blog series, we will dig into specific challenge areas for multi-cluster Kubernetes and service mesh architecture, considerations and approaches in solving them. The previous blog posts focused on aspects of Failover and Fallback routing from a service mesh perspective and in comparison (and combined with) multi-cluster API gateway instances. In this blog post we start looking at […]