Overview
Explore the new Ambient Mesh, a sidecar-less and faster Istio implementation for zero trust, in this conference talk from Conf42 Kube Native 2023. Dive into the limitations of traditional sidecar architecture and discover how Ambient Mesh addresses these challenges. Learn about the HTTPS connect tunnel, its security features, and the benefits of adopting this innovative approach. Follow along with a comprehensive demo that covers installation, enabling Ambient Mesh, applying L4 authorization policies, configuring ingress gateway traffic, implementing canary releases, and leveraging observability and debugging tools. Gain insights into the future of service mesh technology and its potential to enhance Kubernetes-native environments.
Syllabus
intro
preamble
about us
agenda
istio
istio service mesh architecture
limitations of sidecar
let's break it down!
the ambient mesh
https connect tunnel
is ztunnel truly secure?
benefits of ambient mesh
demo:
- install istio with ambient mesh
- enable ambient mesh
- apply l4 authorization policies
- allow traffic through ingress gateway
- traffic management: canary release
- observability and debugging
good job
Taught by
Conf42