CNI or Service Mesh? Comparing Security Policies Across Cloud Native Networking Solutions

Explore the evolving landscape of cloud native networking solutions in this 33-minute conference talk from KubeCon + CloudNativeCon Europe. Delve into the comparison between Container Network Interface (CNI) and Service Mesh approaches for implementing security policies across different providers. Learn about the recent developments in popular projects like Cilium, Linkerd2, and Istio, examining their shifts in policy enforcement methods. Understand the trade-offs between kernel space and userland implementations, sidecar injection versus sidecarless models, and the increasing adoption of eBPF technology. Gain insights into the complexities of choosing the right networking solution for your cloud native infrastructure, considering factors such as performance, security, and ease of implementation.