Denis is the Director of Field Engineering at Solo.io, a company building application networking solutions for the edge and service mesh. Denis is a passionate engineer who has spent his career in technical roles working directly with customers and users in architecting and adopting technologies like Object Storage, Big Data, Containerization, Service Mesh into their infrastructure. He enjoys sharing what he learns with the community and can be found creating demos, writing blogs, and speaking at events.
Multicluster Service Mesh Best Practices
Adoption of Service Mesh is rising and deploying Service Mesh on multiple clusters (on-premise, in the cloud, in different clouds, …) is becoming a standard requirement.
But it’s also introducing new challenges:
– how to ensure each service has a unique identity across the clusters
– how to secure the communications between the clusters
– how to manage RBAC globally
– how to discover workloads at scale
In this talk, Denis will focus on Istio and show how to overcome these challenges.
He will introduce SPIFFE and explain how to use trust domains and service accounts to ensure a unique identity globally. Denis will demonstrate how service discovery can be performed natively or using a third party solution, how to simplify cross-cluster communications, and allow service failover. Finally, he will cover how global observability and RBAC can be put in place.