Mesh in a Mesh - A Model for Stronger Multi-tenancy of Kubernetes Workloads
CNCF [Cloud Native Computing Foundation] via YouTube
Overview
Explore a conference talk that delves into a novel approach for enhancing multi-tenancy in Kubernetes workloads. Learn about the concept of deploying workloads in tenant-specific sub-meshes within a service mesh, utilizing Envoy-based ingress/egress gateways for each tenant. Discover how this model addresses limitations of traditional multi-tenancy methods, enabling more granular control over L7 policies for ingress/egress traffic. Understand the benefits of this approach, including improved traffic policy management, resource scaling per tenant, enhanced application topology privacy, and the ability to assign tenant-specific identities for various authentication and authorization purposes. Gain insights into sharing mesh control plane resources across tenants while maintaining strong isolation.
Syllabus
Mesh in a Mesh: A Model for Stronger Multi-tenancy of Kubernetes Wo... Nitish Malhotra & Akash Baid
Taught by
CNCF [Cloud Native Computing Foundation]