首页 文库资料 文章资讯  上传文档  发布文章  登录账户

分类

全部云计算&大数据(6)Istio(6)

语言

全部英语(6)

格式

全部PDF文档 PDF(6)
 
本次搜索耗时 0.017 秒,为您找到相关结果约 6 个.

  • pdf文档 Accelerate Istio-CNI with ebpf

    #IstioCon Accelerate Istio-CNI with ebpf Xu Yizhou & Guo Ruijing #IstioCon Agenda ● Istio-CNI ● tcp/ip stack overhead between sidecar and service ● Background knowledge of ebpf ● Acceleration for for Inbound/Outbound/Envoy to Envoy #IstioCon Istio-CNI ● The Istio CNI plugin performs the Istio mesh pod traffic redirection in the Kubernetes pod life-cycle’s network setup phase, ● Removing the NET_ADMIN and NET_RAW capabilities for users deploying pods into the Istio mesh. ● The Istio CNI plugin replaces the functionality provided by the istio-init container. #IstioCon Tcp/ip stack overhead
    0 码力 | 15 页 | 658.90 KB | 1 年前
    3

  • pdf文档 Performance tuning and best practices in a Knative based, large-scale serverless platform with Istio

    mesh on Knative – Impact without optimization #IstioCon o With istio CNI plugin, we can move the iptables configuration parts to CNI. But another init- container, the istio-validation is introduced. injection template. Mitigations: o When adding new worker node, make sure daemonset pod of istio CNI plugin is up and running before knative pods scheduling on the node. o Crontab job could help to Istio features in Knative with service mesh enabled • Enable Istio mesh on Knative – enable istio CNI plugin #IstioCon o User cases: no service access cross user namespace. o The sidecar CR helps
    0 码力 | 23 页 | 2.51 MB | 1 年前
    3

  • pdf文档 Service mesh security best practices: from implementation to verification

    RBAC Audit Logging Image Verification Admission Control Workload Identity K8s RBAC K8s CNI AuthZ Policy Peer AuthN Policy KMS Control Plane Hardening Istio Security Releases Complete vulnerabilities Verify images Gatekeeper Binary authorization Restrict privileges Gatekeeper Istio CNI Cluster security Edge security Workload security Operation security best practices
    0 码力 | 29 页 | 1.77 MB | 1 年前
    3

  • pdf文档 Istio 2021 Roadmap A heartwarming work of staggering predictability

    https://istio.io/latest/blog/2020/tradewinds-2020/ #IstioCon Feature Graduation ● Enhancement workflow ○ CNI ○ IPv6 ○ Dual-stack (IPv6/IPv6) ○ Virtual Machine Expansion ○ Multi cluster mesh ○ Helm v3 life-cycle
    0 码力 | 17 页 | 633.89 KB | 1 年前
    3

  • pdf文档 Using Istio to Build the Next 5G Platform

    DB SMF App X Control Plane UDM Identity 11 ©2021 Aspen Mesh. All rights reserved. ● CNI to avoid escalated pod privileges ● Integrate with PKI minted Intermediate CA ● Enable ECC certificates
    0 码力 | 18 页 | 3.79 MB | 1 年前
    3

  • pdf文档 Is Your Virtual Machine Really Ready-to-go with Istio?

    certificate attributes #IstioCon Security & Usability Limitations (cont.) ● Access management: CNI needs improvements ○ Much required to avoid escalated Pod privileges ○ No support for smart DNS proxying
    0 码力 | 50 页 | 2.19 MB | 1 年前
    3
共 6 条
  • 1
前往
相关搜索词
e7pAccelerateIstioCNIwithebpfXuYizhouGuoRuijingIstioService meshd1kIstio2021RoadmapNeerajLouisa3pBuildNext5GPlatformDave