crossplane
istio
Our great sponsors
crossplane | istio | |
---|---|---|
60 | 87 | |
8,728 | 34,983 | |
4.0% | 1.3% | |
9.9 | 10.0 | |
5 days ago | about 16 hours ago | |
Go | Go | |
Apache License 2.0 | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
crossplane
-
Rethinking Infrastructure as Code from Scratch
did anyone adopt in production https://crossplane.io ?
-
Understanding Crossplane is being hard
- https://github.com/crossplane/crossplane/blob/master/design/one-pager-composition-environment.md
-
Automated provisioning for data resources
In the overall scheme of things , look at services like backstage.io , crossplane.io and opslevel.com to get ideas. This is not necessarily an endorsement of the services. If all you want is to handle cloud resources and that's it, Terraform can be enough with what ever flavor of web technologies you and your team are comfortable with and can support it along the way. Doesn't take much to create a js based website to collect data from a form, or use other means to collecting data as long as its recorded and transparent for accountability.
- What are some Terraform automation tools you want to exist?
-
Crossplane: Unifying platform engineering based on Kubernetes API
XRs are written in a fully declarative manner. And when I am building my XR from underlying managed resources provided by some crossplane provider I need to parametrize resources, use conditionals and create arrays of resuorces The issues of declarativeness in the world of automation are well known- we typically resort to some form of templating and we invent some imperative expressions into that templating language/format. This is currently not very well supported with Crossplane however Crossplane team realizes this issue and they are conteptualizing solution here
- Anyway to automate the AKS cluster creation using Yaml?
-
What options are available for using internal code from a fully open source project?
I have an idea for a project that would interface with Crossplane. The project has some code that would save tons of time if I could use it directly in my project, but it is located in the internal directory. I can't import the modules directly, but the project is open sourced under an Apache 2.0 license, so the code itself is available for use under that license.
-
Azure vs AWS
There are always new projects like crossplane that sit on top on architecture systems like terraform, vagrant. The pressure to abstract away any sort of resources is mounting, companies can save a lot by for example by alt hosting S3 endpoints. The train is going the direction not to tie anything to a specific platform implementation if its not a must. Most of the companies I work with use AWS as a hosting provider, but Microsoft for github and related CI matters. As I learned, AWS quality is very dependent on location, eu-central-1 is dead stable for our use cases serving about millions requests a day.
- Crossplane on Amazon EKS with IRSA
-
One multi-container deployment vs. a separate deployment for each image?
Practically, you'll be replacing stock k8s resources (deployments) with custom ones like Argo Rollouts with Keda autoscaling, so you have to plan the respective Gitops CD pipeline (fluxcd/argocd with some crossplane), as well.
istio
-
Improve your EKS cluster with Istio and Cilium : Better networking and security
Istio is a popular open-source service mesh framework that provides a comprehensive solution for managing, securing, and observing microservices-based applications running on Kubernetes.
-
Optimal JMX Exposure Strategy for Kubernetes Multi-Node Architecture
Leverage a service mesh like Istio or Linkerd to manage communication between microservices within the Kubernetes cluster. These service meshes can be configured to intercept JMX traffic and enforce access control policies. Benefits:
-
Open Source Ascendant: The Transformation of Software Development in 2024
Open Source and Cloud Computing: A Match Made in Heaven The cloud is accelerating OSS adoption. Cloud-native technologies like Kubernetes [https://kubernetes.io/] and Istio [https://istio.io/], both open-source projects, are revolutionizing how applications are built and deployed across cloud platforms.
-
Delving Deeper: Enriching Microservices with Golang with CloudWeGo
Consider the case of Bookinfo, a sample application provided by Istio, rewritten using CloudWeGo's Kitex for superior performance and extensibility.
-
How to Build & Deploy Scalable Microservices with NodeJS, TypeScript and Docker || A Comprehesive Guide
It is a dedicated infrastructure layer that manages service-to-service communication, providing features like load balancing, encryption, authentication, and monitoring. Istio deploys sidecar proxies alongside each microservice instance. These proxies handle communication, providing features like load balancing, service discovery, encryption, monitoring and authentication.
-
Caddy for Certs and Istio for Reverse Proxy
5Y old post that sounds like they've done similar here: Caddy Issue Istio Issue but doesn't cover much of the implementation
- Understanding Istio: A Beginner's Guide to Service Mesh
-
Developer’s Guide to Building Kubernetes Cloud Apps ☁️🚀
In a production environment there will be a load balancer setup with an Ingress Controller, Service Mesh or some type of Custom Router. This allows all traffic to be sent to the single load balancer IP address and then route the traffic to a service based on the Domain name or subpath. We are using a NGINX ingress controller but service meshes like Istio have been becoming the most popular solution to use as they offer more segmentation, security and granular control.
-
Progressive Delivery on AKS: A Step-by-Step Guide using Flagger with Istio and FluxCD
Flagger is a progressive delivery tool that enables a Kubernetes operator to automate the promotion or rollback of deployments based on metrics analysis. It supports a variety of metrics including Prometheus, Datadog, and New Relic to name a few. It also works well with Istio service mesh, and can implement progressive traffic splitting between primary and canary releases.
-
Implementing TLS in Kubernetes
End-to-end data encryption with a service mesh: Using an end-to-end data encryption mechanism with a service mesh like Istio, TLS can secure communication between different microservices within a Kubernetes cluster. This is a popular approach for modern, distributed microservice architectures.
What are some alternatives?
kubevela - The Modern Application Platform.
osm - Open Service Mesh (OSM) is a lightweight, extensible, cloud native service mesh that allows users to uniformly manage, secure, and get out-of-the-box observability features for highly dynamic microservice environments.
Pulumi - Pulumi - Infrastructure as Code in any programming language. Build infrastructure intuitively on any cloud using familiar languages 🚀
keda - KEDA is a Kubernetes-based Event Driven Autoscaling component. It provides event driven scale for any container running in Kubernetes
terraform - Terraform enables you to safely and predictably create, change, and improve infrastructure. It is a source-available tool that codifies APIs into declarative configuration files that can be shared amongst team members, treated as code, edited, reviewed, and versioned.
anthos-service-mesh-packages - Packaged configuration for setting up a Kubernetes cluster with Anthos Service Mesh features enabled
terraform-cdk - Define infrastructure resources using programming constructs and provision them using HashiCorp Terraform
falco - Cloud Native Runtime Security
helm - The Kubernetes Package Manager
kratos - Your ultimate Go microservices framework for the cloud-native era.
external-dns - Configure external DNS servers (AWS Route53, Google CloudDNS and others) for Kubernetes Ingresses and Services
thanos - Highly available Prometheus setup with long term storage capabilities. A CNCF Incubating project.