Dates
Conferences
Tags
Sort by:
Most recent
Conference: KubeCon + CloudNativeCon Europe 2023
Authors: Stephen Kitt, Rob Scott, Laura Lorenz, Mike Morris
2023-04-21
Gateway API and the MCS API are two pieces of your multicluster traffic management puzzle: Gateway API provides advanced routing capabilities and the MCS API provides cross cluster service discovery. These two Kubernetes native APIs are sponsored by SIG-Network and SIG-Multicluster, respectively. How can these two APIs work together? How have they evolved, separately and as part of a larger upstream initiative to make the multicluster experience feel native? Both APIs are CRD-based, and each SIG focused on standards over details, leaving implementers plenty of room; so how have users dealt with the challenges to discover, install, and maintain synergistic controllers? Finally, where do they fit with the larger ecosystem of service discovery solutions, including service meshes and vendor specific tooling? Another project, the GAMMA initiative, sits smack between all of these, seeking to unify the east-west traffic management puzzle along one coherent, standards-driven direction. Answering these questions and more, join us for a panel style discussion with representatives from the Gateway API project, MCS API project, and GAMMA initiative. Our panelists will speak from their experience both developing the upstream standard and actually implementing the APIs with different vendors.
Conference: KubeCon + CloudNativeCon Europe 2023
Authors: Nick Young, Rob Scott
2023-04-19
The Gateway API subproject of Kubernetes SIG-Network is making great strides towards the goal of being the description language for inbound traffic that’s portable, extensible, expressive, and role-oriented. With nearly 20 implementations in progress, interest is high. This session is about what’s happening now and next. We’ll update on: The state of the API, and when we’re planning to move to GA and 1.0 Our plans for conformance testing and certification What’s happening with the GAMMA initiative and how the efforts work together Maintainer Q+A And a lot more!
Conference: KubeCon + CloudNativeCon North America 2022
Authors: Alex Leong
2022-10-27
tldr - powered by Generative AI
Overview and State of Linkerd - A service mesh for transparent mtls between all services on by default
- Linkerd is a service mesh that intercepts all network traffic for a pod and adds functionality like observability, reliability features, and transparent mtls between all services on by default
- Philosophy behind Linkerd is to make it easy to use and install without requiring extensive configuration
- Linkerd integrates with startmanager for automatic certificate rotation
- Linkerd uses HTTP back pressure mechanism for back pressure
- Linkerd is focused on workload identity rather than user identity
- Linkerd provides East West traffic for service to service within the cluster
Conference: KubeCon + CloudNativeCon North America 2022
Authors: Rob Scott, Shane Utt
2022-10-27
tldr - powered by Generative AI
The presentation discusses the advantages of using Gateway API over Ingress API in Kubernetes for advanced use cases such as traffic splitting and secure certificate management.
- Gateway API is more expressive, extensible, and portable than Ingress API
- Gateway API offers easier and safer ways to implement advanced use cases such as traffic splitting and secure certificate management
- Automated transition processes for traffic shifting may require additional tools such as Flagger or Argo
Conference: KubeCon + CloudNativeCon North America 2022
Authors: Jason Morgan, Sanskar Jaiswal
2022-10-26
In this session, you’ll learn about Flagger, Linkerd, and the Gateway API specification. You’ll also learn how to use Flagger and Linkerd to enable automated progressive delivery. The Gateway API specification is gaining momentum in the Kubernetes space as it attempts to change how users manage traffic. Both Flagger and Linkerd were able to standardize on the Gateway API to enable their users to simplify how they define traffic management within, and between, their clusters. Join Jason and Sanskar to discuss how each project independently implemented the Gateway API, how those implementations benefitted their respective projects, and how this allowed them to work together without any explicit configuration.
Conference: KubeCon + CloudNativeCon Europe 2022
Authors: Nick Young, Rob Scott
2022-05-19
tldr - powered by Generative AI
The presentation discusses the goals and scope of the Gateway API and its role in service mesh implementation in Kubernetes.
- The Gateway API aims to solve foundational problems of representing mesh binding services and routes together.
- The API wants to establish a core set of terms for having conversations about service mesh policy routes.
- The API wants to ensure that Gateway API implementations can co-exist and interoperate with nested implementations.
- The API wants to create a turnkey experience for people coming from the ingress background.
- The API wants to make the journey to service mesh as smooth as possible.
Conference: KubeCon + CloudNativeCon North America 2021
Authors: Tim Hockin, Bowei Du
2021-10-13
tldr - powered by Generative AI
Updates and directions on Kubernetes Network Components presented at SIG-NETWORK conference
- SIG-NETWORK is responsible for Kubernetes network components such as pod networking, ingress and egress traffic, service abstractions, and network policies
- The SIG is focused on major projects such as dual stack support, gateway API for L4 and L7, and network policy improvements
- IPv4 v6 dual stack is now GA and services and pods now support both IPv4 and IPv6
- Gateway API has made significant progress towards v1 alpha 2 and aims to be role-oriented and extensible
- Reference policy governs whether or not a given resource is allowed to be referenced from another namespace
- A CVE was discovered in the 122-123 cycle regarding endpoint or endpoint slice APIs directing traffic with unintended effects
- The mitigation for this issue is to treat the ability to create, modify endpoint and endpoint slices as a privileged operation and remove this capability from the ordinary users of your cluster