Banzai Cloud Logo Close
Home Products Benefits Blog Company Contact
Get Started
Today we've launched the 1.3 release of Backyards, Banzai Cloud's production ready Istio distribution. Along with some performance improvements and bug fixes, the 1.3 release is centered around three main topics: a brand new gateway management feature, a new declarative installation and configuration method, and support for Istio 1.6. If you're not familiar with Backyards, and want to know why we decided to build this product, we suggest reading the blog post about the first major release.
Read more...
Istio 1.6 is around the corner and it continues where 1.5 left off: it simplifies the architecture and improves the operational experience. In this post we'll review what's new in Istio 1.6 and dig deep on the important changes. The Backyards 1.3 release is already based on Istio 1.6. If you are interested in getting Istio up and running with Backyards make sure you register for the webinar! Istio 1.
Read more...

If you are a frequent reader of our blog, or if you’ve been using the open source Banzai Cloud Kafka operator, you might already be familiar with Supertubes, our product that delivers Kafka as a service on Kubernetes.

Read more...
If you've been reading our blog you already know that we're passionate about observability. We are convinced that the key to operating a reliable system is to know what happens where, and the correlated ability to rapidly dissect issues as they emerge. In previous posts we've gone over the base components of our suggested stack, which includes Prometheus, Thanos, Fluentd, Fluentbit, and many others. We've created several tools and operators to ease the management of these components, like the Istio operator, Logging operator, Thanos operator as well as using some other very popular operators, like the Prometheus one.
Read more...
At Banzai Cloud we write Kubernetes tools that, no surprise, require other tools to get installed. These tools handle resource lifecycle operations like the installation, upgrade, and removal of various components that need to be integrated together. Kubernetes Operators solve all these and even more for a given application's domain, but if the focus is simply on installation, upgrade and removal of a set of components - which are in our case operators themselves (operating operators), then we need a tool with different characteristics at hand.
Read more...
Network perimeter security is a focal point of any network admin. When it comes to network perimeter control, our first thought is always inbound security (ingress). However, securing what can leave the network (egress) and where is equally important. In this post, we're not going to go into the theoretical details of discussing why, exactly, controlling egress traffic is so important or where possible exploitations points are, because there are quite a few posts already.
Read more...
A few days ago we published a blog post about how to use Apache Kafka’s proprietary authentication and authorization (ACL) with Kubernetes Service Accounts via Supertubes. If you skimmed that post or have actually used it with Supertubes, you might think that this is (as Shakespeare put it) much ado about nothing, as things just work out-of-the-box. As the CTO of Banzai Cloud, and someone involved in the details of our product development, I can confirm that this has been our single biggest engineering push of 2020 so far (spoiler alert - that record won't last long: there are three or four parallel efforts already challenging it).
Read more...
Bank-Vaults already supports multiple KMS alternatives for encrypting and storing unseal-keys and root-tokens. However, during bootstrapping and configuring sometimes you need to source other secrets to configure Vault securely. In this post you will learn how to do that with the help of the valuable contributions of Pato Arvizu. Thank you! For those unfamiliar with Bank-Vaults, let's do a quick recap. Bank-Vaults is a Vault Swiss Army knife, which makes enterprise-grade security attainable on Kubernetes.
Read more...
Running Kafka on Istio with mTLS is, in of itself, an interesting topic, but before we can talk about how Banzai Cloud's Supertubes allows us to do that, let's take a step back and look at how SSL works in Kafka. Maybe then we can answer the question, why do we need Kafka in Istio with mTLS at all? Supertubes is Banzai Cloud's Kafka as a Service, which runs on Kubernetes inside an Istio service mesh.
Read more...
Pipeline is Banzai Cloud’s Kubernetes container management platform, which allows enterprises to develop, deploy and securely scale container-based applications in multi- and hybrid-cloud environments. While one of Pipeline's core features is to automate the provisioning of Kubernetes clusters across major cloud providers, including Amazon, Azure, Google, Oracle, Alibaba Cloud and on-premise environments (VMware and bare metal), we strongly believe that Kubernetes as a Service should be capable of much more.
Read more...