Service Mesh Istio
Envoy proxy & GetEnvoy, Istio, Open Source, Security

Istio and Envoy Security Advisories

September 29, 2020 — The Envoy Product Security Team (PST) announced  the availability of a security fix and a series of patches for Envoy versions 1.12,1.13, 1.14 and 1.15 to address two high-risk vulnerabilities related to header values and HTTP URL paths. In response to CVE-2020-25017. Additionally the Istio community recommends users to upgrade to 1.6.11+ for 1.6.x deployments or 1.7.3 or later for 1.7.x deployments.

Read More
Istio, Tetrate

What’s new in Istio 1.7? VM Identity, simplified cert management and more!

Istio, the leading Open Source service mesh offering, today announced the general availability of their 1.7 release. The new features make it easier to bootstrap clusters and to maintain their own versions of software add-ons like Prometheus and Jaeger.

Istio’s 1.7 release was highly anticipated because of its focus on extending the mesh to work in virtual machine-based cloud environments. Tetrate was founded to solve this problem and has been solving this problem for the past year in partnership with customers in real deployments. In the 1.6 release, we expanded the mesh to include the VM environment while the 1.7 release, managed by Tetrate’s Cynthia Coan, addressed the gap of needing a verifiable identity for the VM.

Read More
Nginx ingress proxies
Observability, Tetrate

Observability 101: What you see is what you get

One of the most repeated pieces of advice for anyone getting started with microservices is to make sure you can see everything that’s going on inside your services. Leverage the power of observability. However, observability is a loaded term – so it’s valuable to understand what that terms mean, and what’s involved.

Read More