Ask Sendai

To start this off, I want to make it totally clear, that I think mTLS in Istio is a pretty awesome feature, almost a unique selling point for Istio. But it also has some pitfalls, that can be hard to spot. And yes, this is documented, but it took me a while to understand anyway. In this article I want to provide some information about setup, but also about debugging.

Booking.com is proud to announce the first public release of Shipper, an open source project that provides powerful, customizable rollouts to one or manyKubernetes clusters. Shipper uses Helm charts and native Kubernetes concepts to make it easy for anyone to set up blue/green or canary rollouts for their applications. The current release uses vanilla Kubernetes traffic shifting, so you don’t need a service mesh provider to get started. We intend to add support for other traffic shifting backends like Istio in the coming months.

Did you know there is more than one NGINX Ingress controller for Kubernetes? You do now. We help you figure out which one makes sense for you, based on their differences around authorship, development philosophy, production readiness, security, and support. Source: nginx.com

Open Virtual Network (OVN) is a subproject of Open vSwitch (OVS), a performant, programmable, multi-platform virtual switch. OVN adds to the OVS existing capabilities the support for overlay networks by introducing virtual network abstractions such as virtual switches and routers. Moreover, OVN provides native methods for setting up Access Control Lists (ACLs) and network services such as DHCP.Many Red Hat products, such as Red Hat OpenStack Platform and Red Hat Virtualization, are now using OVN, andRed Hat OpenShift Container Platform will be using OVN soon.

Container security orchestration allows to define within your security policy how you are going to respond to your different container security incidents. These responses can be automated in what is called security playbooks. This way, you can define and orchestrate multiple workflows involving different software both for sourcing and responding. This is how Falco and Splunk Phantom can be integrated together to do this. Phantom is a security orchestration platform, part of Splunk product portfolio.

Today we’re very happy to announce the release of Linkerd 2.1. This is our first stable update to 2.0, and introduces a host of goodies, including per-route metrics, service profiles, and a vastly improved dashboard UI. We’ve also added a couple exciting experimental features: proxy auto-injection, single namespace installs, and a high-availability mode for the control plane. Source: linkerd.io

DeepMind, the London-based subsidiary of Alphabet, has createda system that can quickly master anygame in the classthat includes chess, Go, and Shogi, and do sowithouthuman guidance. The system, called AlphaZero, began its lifelast yearby beating a DeepMind system that had been specialized just for Go. That earlier system haditself made history by beating one of the world’s best Go players, but it needed human help to get through a months-long course of improvement.

To ensure the stable, scalable growth of our diverse tech stack, we leverage a microservices-oriented architecture, letting engineers deploy thousands of services on a dynamic, high-velocity release cycle. These services enable new features to greatly improve the experiences of riders, drivers, and eaters on our platform. Although this paradigm supported hypergrowth in both scale and application complexity, it resulted in serious growing pains given the size and scope of our business.

Scalability is often a key issue for many growing organizations. That’s why many organizations use Apache Kafka, a popular messaging and streaming platform. It is horizontally scalable, cloud-native, and versatile. It can serve as a traditional publish-and-subscribe messaging system, as a streaming platform, or as a distributed state store. Companies around the world use Apache Kafka to build real-time streaming applications, streaming data pipelines, and event-driven architectures. Source: redhat.com

During a September 2018 meetup, Uber’s Payments Platform team discusses how this technology supports our company’s growth through an active-active architecture, exactly-once payment processing, and scalability across businesses. From ridesharing, food delivery, and new modalities to freight, healthcare, and business travel, our technology helps create billions of moments of human connection around the world. Building a reliable, scalable, and flexible payment processing system is critical to making these moments possible.