Source: thenewstack.io
Implementing a Secure Service Mesh
https://www.linkedin.com/in/jonathandkelley/ I’m currently working toward integrating all of our workloads under what is known as a service mesh. A service mesh is a network layer that sits between every pod in all clusters.
One of our main goals with using a service mesh was to get Mutual Transport Layer Security (mTLS) between internal pod services for security.
When a developer merges some change, adding new services to an application, Kuma transparently detects and injects the required bits to proxy traffic automatically across its own network data plane. Kuma service mesh has three major components: Kuma CNI: A CNI plugin that identifies user application pods with sidecars, based on annotations, to set up traffic redirection.
One of our main goals with using a service mesh was to get Mutual Transport Layer Security (mTLS) between internal pod services for security.
When a developer merges some change, adding new services to an application, Kuma transparently detects and injects the required bits to proxy traffic automatically across its own network data plane. Kuma service mesh has three major components: Kuma CNI: A CNI plugin that identifies user application pods with sidecars, based on annotations, to set up traffic redirection.
Related Articles
Community Partners
DevOps Careers