Comprehensive Secure Connectivity for Composite Applications.
Service Mesh, Tetrate

Gartner’s CASCE Proposal for Securing Composite Applications

Background

Many applications today rely on components from multiple providers, accessed via web APIs – referred to as “composite applications,” according to Techopedia. Securing these applications, including communication across components, is challenging. 

Now Gartner is promoting a solution to these challenges in a report, 2021 Gartner® Innovation Insight for Comprehensive Secure Connectivity for Composite Applications. The report describes composite applications as “a security architecture challenge” and proposes techniques “to implement these applications with greater consistency, flexibility and integrity.” Joe Skorupa of Gartner also spoke about these issues at the third annual ZTA and DevSecOps for Cloud-Native Applications conference, held in January. (Mr. Secorro’s talk was not recorded.) 

Read More
Tetrate Service Bridge: Golden Gate Release
Announcements, API Gateway, Kubernetes, Service Mesh, Tetrate Service Bridge

Tetrate Service Bridge: Golden Gate Release

Centralized governance, local enforcement for your application traffic

We are pleased to announce the general availability of the Golden Gate release of our flagship product, Tetrate Service Bridge (TSB). TSB Golden Gate adds capabilities that enable application developers to define traffic and security controls for all their applications and APIs. Importantly, it adds Web Application Firewall (WAF) and API gateway capabilities to the Envoy data plane and lets application developers and platform owners collaborate on the same platform to configure them properly for their applications, while enabling an end-to-end zero trust implementation. There is an entirely new developer experience for configuring applications and troubleshooting configurations for both personae.

Read More
Building HA microservice with Istio service mesh
API Gateway, Kubernetes, Resiliency, Service Mesh, Tetrate Service Bridge

Building highly available (HA) and resilient microservices using Istio Service Mesh

What is High Availability in microservices

High availability systems are designed to provide continuous and uninterrupted service to the end customer by using redundant software performing similar functions. In highly available microservices, all the hosts must point to the same storage. So, in case of failure of one host, the workload in one host can failover to another host without downtime. The redundant software can be installed in another virtual machine (VM), or Kubernetes clusters in multicloud or hybrid cloud.

Read More
US govt zta memo
Security, Service Mesh, Zero Trust

The US Government Endorses Zero Trust Architecture for Security

Tetrate is among the leading proponents of zero-trust architectures, helping NIST define the standards, and enabling public and private enterprises to pursue a zero-trust strategy — powered by the service mesh at its core. We’re recognized leaders in this space: we have been the exclusive co-hosts of an annual conference with the National Institute of Standards and Technology (NIST) on this topic for three years so far, and counting, as mentioned below. We’ve recently been recognized by Gartner as a Cool Vendor for Cloud Computing, and we were recognized by IDC as an IDC Innovator 2021. We were also named one of the Top 10 Hottest Cloud Computing Startups of 2021 by CRN. 

Read More
DevSecOps
Announcements, Kubernetes, Security, Service Mesh, Tetrate, Zero Trust

Why You Should Attend the ZTA and DevSecOps Conference with NIST and Tetrate

Tetrate and NIST are hosting their third annual ZTA conference, ZTA and DevSecOps for Cloud Native Applications (virtual), on Wednesday, Jan. 26th (training) and Thursday, Jan. 27th (sessions). The conference provides the most valuable opportunity this year for organizations to gather a practical understanding of how to secure critical infrastructure. You will learn how to put together a ZTA stack for end-user traffic from the ground up.

With the severity of data breaches escalating, including damage to critical US infrastructure, executive orders have been issued, calling for federal agencies to adopt Zero Trust Architecture (ZTA). The DevSecOps approach is seen as essential to achieving high operational assurance for microservices-based applications. But many organizations face challenges in implementation. NIST and Tetrate are presenting the third annual edition of this conference to dive deeply into this new architectural model, which yields enhanced security and other benefits. Their work to date has already yielded ZTA standards for cloud-native applications. 

Read More
Istio, Kubernetes, Service Mesh

Service Mesh in 2021: the ecosystem is emerging

As the service mesh architecture concept gains traction and the scenarios for its applications emerge, there is no shortage of discussions about it in the community. I have worked on service mesh with the community for 4 years now, and will summarize the development of service mesh in 2021 from this perspective. Since Istio is the most popular service mesh, this article will focus on the technical and ecological aspects of Istio.

Read More
AWS + Tetrate
Announcements, AWS, Istio, Kubernetes, Service Mesh, Tetrate Service Bridge

EKS is Anywhere and so is Tetrate

Tetrate works with Amazon EKS and EKS Anywhere to bring seamless connectivity and management to Kubernetes applications both on-premises and in the cloud. One of Tetrate’s founding goals is to enable our customers to manage their applications everywhere––from edge to workload, between services and VMs, in datacenters and the cloud––and to do it securely, reliably, and scalably while providing a consistent experience to IT ops and developers across these environments.

That goal aligns perfectly with EKS Anywhere, Amazon’s new Kubernetes offering that reaches beyond AWS. Amazon Elastic Kubernetes Service (EKS) is a managed compute platform for containers that allows customers to avoid the undifferentiated heavy lifting involved in using roll-your-own Kubernetes to run modern applications on AWS. EKS Anywhere is a new deployment option for Amazon EKS that enables customers to easily create and operate Kubernetes clusters on-premises, including virtual machines (VMs) and bare metal servers. With EKS Anywhere, Amazon offers its customers a consistent Kubernetes experience both on-premises and in the cloud.

Read More
API Gateway, Istio, Kubernetes, Service Mesh

Using Istio service mesh as API Gateway

API gateways have been around for a long time as the entry point for clients to access the back-end, mainly to manage “north-south” traffic, In recent years, service mesh architectures have become popular, mainly for managing internal systems,(i.e. “east-west” traffic), while a service mesh like Istio also has built-in gateways that bring traffic inside and outside the system under unified control. This often creates confusion for first-time users of Istio. What is the relationship between the service mesh and the API gateway? How does Istio’s gateway work? What are the ways to expose the services in the Istio mesh? This article gives you the answer.

Read More
Kubernetes, Service Mesh, Tetrate

Multicluster Management with Kubernetes and Istio

Do you have multiple Kubernetes clusters and a service mesh? Do your virtual machines and services in a Kubernetes cluster need to interact? This article will take you through the process and considerations of building a hybrid cloud using Kubernetes and an Istio Service Mesh. Together, Kubernetes and Istio can be used to bring hybrid workloads into a mesh and achieve interoperability for multicluster. But another layer of infrastructure — a management plane — is helpful for managing multicluster or multimesh deployments.

Read More