Banzai Cloud Logo Close
Home Products Benefits Blog Company Contact
Get Started
Today we've launched the 1.3 release of Backyards, Banzai Cloud's production ready Istio distribution. Along with some performance improvements and bug fixes, the 1.3 release is centered around three main topics: a brand new gateway management feature, a new declarative installation and configuration method, and support for Istio 1.6. If you're not familiar with Backyards, and want to know why we decided to build this product, we suggest reading the blog post about the first major release.
Read more...
Istio 1.6 is around the corner and it continues where 1.5 left off: it simplifies the architecture and improves the operational experience. In this post we'll review what's new in Istio 1.6 and dig deep on the important changes. The Backyards 1.3 release is already based on Istio 1.6. If you are interested in getting Istio up and running with Backyards make sure you register for the webinar! Istio 1.
Read more...
Network perimeter security is a focal point of any network admin. When it comes to network perimeter control, our first thought is always inbound security (ingress). However, securing what can leave the network (egress) and where is equally important. In this post, we're not going to go into the theoretical details of discussing why, exactly, controlling egress traffic is so important or where possible exploitations points are, because there are quite a few posts already.
Read more...
One of the Istio service mesh's most popular and robust features is its advanced observability. Because all service-to-service communication is routed through Envoy proxies, and Istio's control plane is able to gather logs and metrics from these proxies, the service mesh can provide us with deep insights about the state of the network and the behavior of services. This provides operators with unique ways of troubleshooting, managing, and optimizing their services, without imposing any additional burdens on application developers.
Read more...
When something goes wrong in your mesh, the first thing you'll probably notice is an alert about your services: error rate or latency is increasing. But it's only a symptom and the real root cause can be a whole bunch of different things, like underlying Kubernetes problems, application bugs or node failures. This blog post shows you how to track such an issue and find the root cause: in this example, a misconfiguration in a Kubernetes cluster.
Read more...
Today we are happy to announce the 1.2 release of Backyards, Banzai Cloud's automated and operationalized service mesh product built on Istio. This is an announcement post describing the new features of Backyards 1.2. If you're not familiar with Backyards yet, and want to know why we decided to build this product, we suggest reading the blog post about the first major release. Check out Backyards in action on your own clusters!
Read more...
As the recent CNCF survey suggests (page 7), Istio is one of the most popular service mesh technologies on the market today. The biggest obstacle in Istio's production adoption so far has probably been that the complexity and domain knowledge required to operate a mesh was too high. The Istio community has realized this and has taken multiple steps to improve the usability and reduce the complexity of Istio. In Istio 1.
Read more...
Istio, and in general the service mesh has changed the way of service to service communication (from dumb pipes and smart endpoints to sidecar-to-sidecar). While this has lots of benefits, it can increase the complexity of troubleshooting microservice to microservice communication. One of the typical places developers are checking when comes to troubleshoot is the Envoy sidecar proxy container's access logs, both on the source and destination side. With the increased number of microservices deployed to distributed environments, this process can be tedious, and it's very inconvenient trying to pair source and destination access log pairs.
Read more...
Almost every blog post or lecture explaining how Istio service meshes route traffic takes the time to go over how sidecar containers capture outgoing traffic - how that traffic is routed to another service with another sidecar. However, in the real world, a large amount of network traffic passes through the boundaries of the service mesh itself. That traffic might be from a public facing app that receives traffic from the internet, an internal service that needs to connect to a legacy application running outside the mesh, or a workload that consumes an external, third party API.
Read more...
In today's blogpost we're going to be discussing ingress and egress gateways. First, we'll cover the basics, then we'll go into detail and explore how they work through a series of practical examples. Ingress and egress gateways are load balancers that operate at the edges of any network receiving incoming or outgoing HTTP/TCP connections. Ingress gateways make it possible to define an entry points into an Istio mesh for all incoming traffic to flow through.
Read more...