Apache SkyWalking application performance monitoring tool
Apache SkyWalking, Observability

Apache SkyWalking: The New Stack features “the APM for the Heterogeneous New Stack”

Apache SkyWalking, the open source APM that Tetrate has embraced as the path to observability, was featured yestreday by the New Stack, the podcast and DevOps tech blog.

In “[SkyWalking: APM for the Heterogeneous New Stack] (https://thenewstack.io/skywalking-apm-for-the-heterogeneous-new-stack/),” Susan Hall describes SkyWalking founder Sheng Wu– who is now a Tetrate engineer– grew SkyWalking in just four years from a small project supported by a handful of volunteers into an Apache Top Level Project with hundreds of contributors, used in more than 70 companies. SkyWalking provides a “holistic platform for collection, aggregation and domain specific query system,” Wu told the New Stack. “It also is truly heterogeneous, in that it not only has agents for different systems, it also seamlessly blends service mesh in.”

Tetrate has endorsed SkyWalking as an essential tool for any company looking for a complete and meaningful map of their entire, distributed system. SkyWalking went service-mesh ready with its last, 6.0 release, and will soon support service mesh observability directly from Envoy.

New Stack highlighted the following SkyWalking features:

  • A polyglot agent-based instrumentation mechanism.
  • Tools that focus solely on distributed tracing usually don’t provide agents. Multiple language agents provided, especially with auto instrumentation supported, in Java, .NET and Nodejs.
  • Performance: Its impact CPU on the monitored application is less than 10%, even with a payload instance of just over 5k transactions per second/requests per second. This lightweight payload would support 100% trace sampling in production environments.
  • Observability for distributed systems based on traditional, agent-based and service mesh architectures, with consistent analysis and visualization.
  • Topology and dependency analysis without sampling.
  • Easy operation and maintenance achieved directly by our clusters, without reliance on big data technology

Check back soon for SkyWalking’s performance-boosting 6.1 release, expected at the end of May.

Contact us to learn more about Apache SkyWalking!

Read More
Service Mesh - Managing Service-to-Service
AWS, Envoy proxy & GetEnvoy, Istio, Open Source, Service Mesh, Tetrate

451’s take on service mesh: The ‘Swiss Army Knife’ of modern software

Analysts Jean Atelsek and William Fellows of 451 Research give their take on the role of service mesh as a cloud-native enabler, calling it a potential “Swiss Army Knife of modern-day software, solving for the most vexing challenges of distributed microservices based applications.”

 

The role of service mesh as a cloud-native enabler is building fast

In a multi-cloud, hybrid IT architecture world, where applications are deployed as microservices, the use of service meshes is becoming an important (although not mandatory) component of cloud- native architecture. Early deployments of the technology – which promises network routing, security and configuration control for microservices-based applications – are largely based on open source code, with Envoy emerging as a de facto standard data plane.

Read More
CVE Fixes, Envoy proxy & GetEnvoy, Security

Envoy CVE security fixes for GetEnvoy

The Envoy security team today [announced] the availability of Envoy 1.9.1 to address two high-risk vulnerabilities related to header values and HTTP URL paths.

We also released the GetEnvoy build of Envoy 1.9.1 and the latest master build that fixes the vulnerability. Users are encouraged to upgrade to 1.9.1 or latest master build to address the following CVEs:

  • CVE-2019-9900: When parsing HTTP/1.x header values, Envoy 1.9 and before does not reject embedded zero characters (NUL, ASCII 0x0). This allows remote attackers crafting header values containing embedded NUL characters to potentially bypass header matching rules, gaining access to unauthorized resources.
  • CVE-2019-9901: Envoy does not normalize HTTP URL paths in Envoy 1.9 and before. A remote attacker may craft a path with a relative path, e.g. something/../admin, to bypass access control, e.g. a block on /admin. A backend server could then interpret the unnormalized path and provide an attacker access beyond the scope provided for by the access control policy.
Read More
Security, Tetrate

Introducing Tetrate Q

By SHRIRAM RAJAGOPALAN, IGNASI BARERRA, and DAVID FERRAIOLO

Editors note: Tetrate Q has been folded into Tetrate Service Bridge, making Next Generation Access Control (NIST) a built-in feature for Tetrate’s service bridge platform.

The modern enterprise infrastructure is a mishmash of legacy infrastructure, SaaS services, a smattering of cloud-native platforms like Kubernetes, along with an aging access control system that struggles to keep up with all the changes in the enterprise as it marches toward modernization. We no longer live in a world where the infrastructure is full of pets and the users come from set geographies with fixed access patterns. Technology has enabled users to access applications from the convenience of their mobile phones, anytime, anywhere on the planet. The security perimeter that was once synonymous with the network perimeter has now disappeared.

Read More
AWS, Tetrate

BusinessWire – Tetrate works with Amazon Web Services to bring enterprise-grade Envoy to AWS App Mesh users

Tetrate, the recently launched enterprise service mesh company, today announced its support for the launch of Amazon Web Services (AWS) App Mesh, a cloud service that makes it easy to run microservices by providing consistent visibility and network traffic controls for each microservice in an application. The two companies will demonstrate AWS App Mesh and Tetrate GetEnvoy for Global 2000 enterprises for the first time at Service Mesh Day on March 29, 2019 in San Francisco.

Read More
AWS, Service Mesh, Tetrate

SDxCentral – Amazon’s Werner Vogels: Dance like nobody’s watching. Encrypt like everyone is

AWS also rolled out new tools that make it easier for developers to navigate this new world across compute instances, containers, and serverless applications. One of these is App Mesh, a service mesh that allows customers to monitor and control communications across applications running in AWS Fargate (its serverless containers product), EC2 (compute instances), ECS (containers), Elastic Container Service for Kubernetes (managed Kubernetes containers), or Kubernetes.

It’s generally available today, and integrates with Tetrate, Datadog, HashiCorp, Sysdig, and SignalFx.

Read More
AWS, Service Mesh, Tetrate

Tetrate works With Amazon Web Services to bring enterprise-grade Envoy to AWS App Mesh users

Support for AWS App Mesh will be showcased for the first time at ​Service Mesh Day on March 29, 2019 in San Francisco

SAN FRANCISCO – March 27, 2019 – Tetrate​, the ​recently launched​ enterprise service mesh company, today announced its support for the launch of Amazon Web Services (AWS) App Mesh, a cloud service that makes it easy to run microservices by providing consistent visibility and network traffic controls for each microservice in an application. The two companies will demonstrate AWS App Mesh and Tetrate GetEnvoy for Global 2000 enterprises for the first time at ​Service Mesh Day on March 29, 2019 in San Francisco.

Read More