Istio multi-cluster on Red Hat OpenShift with Gloo Mesh

Many of you have chosen Red Hat OpenShift to orchestrate Kubernetes containers on-premises. At the same time, most of you are also adopting (or about to adopt) a service mesh to connect your containerized applications, and Istio is becoming the de facto industry standard for service mesh management. Open source Istio has many useful features, […]

Denis Jannot | May 10, 2021
Read More

Web Assembly at Scale with Gloo Edge

WebAssembly (abbreviated Wasm) is a binary instruction format for a stack-based virtual machine. Wasm is designed as a portable compilation target for programming languages, enabling deployment on the web for client and server applications. At Solo.io, we are very excited about Web Assembly as a way to extend our Envoy Proxy-based API Gateway (Gloo Edge) and the […]

Denis Jannot | April 21, 2021
Read More

Security at Scale with Gloo Edge

Gloo Edge is our Kubernetes native API gateway based on Envoy. It provides authentication (with OAuth, JWT, API keys, and JWT), authorization (with OPA or custom approaches), a web application firewall (WAF – based on ModSecurity), function discovery (with OpenAPI and AWS Lambda), advanced transformations, and much more. In our previous blog post, Envoy at […]

Denis Jannot | April 14, 2021
Read More

Envoy at Scale with Gloo Edge

Gloo Edge is our Kubernetes-native API gateway based on the open source Envoy Proxy. It provides authentication (using OAuth, JWT, API keys, and JWT), authorization (with OPA or custom approaches), a web application firewall (WAF – based on ModSecurity), function discovery (OpenAPI-based and AWS Lambda), and advanced transformations. One of the first question our customers […]

Denis Jannot | April 2, 2021
Read More

Extending Gloo Edge Made Easy

Extending Gloo Edge Made Easy Introduction Gloo Edge is a cloud-native API Gateway and Ingress Controller built on Envoy Proxy to facilitate and secure application traffic at the edge. When you implement Gloo Edge Enterprise, you can take advantage of a large number of features: you can easily transform your requests (headers, body, …), secure […]

Denis Jannot | January 22, 2021
Read More

Making Web Assembly a first-class citizen on Gloo Mesh Enterprise Beta

WebAssembly (abbreviated Wasm) is a binary instruction format for a stack-based virtual machine. Wasm is designed as a portable compilation target for programming languages, enabling deployment on the web for client and server applications. At Solo.io, we are very excited about Web Assembly as a way to extend an Envoy-based data plane in frameworks like API Gateways (Gloo) and Service Meshes (Istio, AppMesh, […]

Denis Jannot | December 15, 2020
Read More

The evolution of multicluster support in Istio 1.8

Istio 1.8 has just been released and one of the area that has evolved is its multicluster support. If you are familiar with Istio, you probably know the 2 multicluster deployment models that were available in the previous versions: Shared control plane In this configuration a single Istio control plane was deployed and Pods running […]

Denis Jannot | November 23, 2020
Read More

Multi-Cluster Service Mesh Role-Based-Access-Control

In the previous posts, we covered how Gloo Mesh (previous known as Service Mesh Hub) makes it easy to federate the identity across clusters to allow cross-cluster communication, failover and access control based on policies. RBAC in Kubernetes In large organizations, several teams are using the same Kubernetes cluster. They use Kubernetes RBAC to define who can […]

Denis Jannot | November 12, 2020
Read More

Advanced Authentication Workflows with OpenID Connect using Gloo API Gateway – Part 2

In the previous Blog post, we covered how Gloo can be used to authenticate users with OIDC and how it can process the JWT token returned by the identity provider. The JWT token was stored as a cookie in the web browser and sent with each HTTP request as a header. We configured Gloo to […]

Denis Jannot | November 9, 2020
Read More

Advanced Authentication Workflows with OpenID Connect using Gloo API Gateway

Gloo supports authentication via OpenID Connect (OIDC). OIDC is an identity layer on top of the OAuth 2.0 protocol. In OAuth 2.0 flows, authentication is performed by an external Identity Provider (IdP) which, in case of success, returns an Access Token representing the user identity. The protocol does not define the contents and structure of […]

Denis Jannot | October 26, 2020
Read More

Multi-cluster global access control for Kubernetes and Service Mesh

In this blog series, we will dig into specific challenge areas for multi-cluster Kubernetes and service mesh architecture, considerations and approaches in solving them. In a previous blog post we covered Identity Federation for Multi-Cluster Kubernetes and Service Mesh which is the foundation for multi-cluster global access control. We explained how to setup each Istio cluster with a different […]

Denis Jannot | October 19, 2020
Read More

Cross-cluster service communication with service mesh

In this blog series, we will dig into specific challenge areas for multi-cluster Kubernetes and service mesh architecture, considerations and approaches in solving them. The previous blog post covered Identity Federation for Multi-Cluster Kubernetes and Service Mesh which is the foundation for cross-cluster service communication. Istio is the most popular Service Mesh technology and is designed to handle […]

Denis Jannot | October 6, 2020
Read More