Journey of an IT Architect

  • Thumbnail for Autoscaling on Kubernetes Platform

    Autoscaling on Kubernetes Platform

    Edit Post Introduction The concept of autoscaling on Kubernetes platform dates from the era where virtualization first became widespread and the overhead of provisioning a…

    Read
  • Thumbnail for Istio Operation Gotchas

    Istio Operation Gotchas

    In this post I discuss a few aspects when putting istio in operation. Installation Istio installation can be confusing, due to architectural and guideline changes…

    Read
  • Thumbnail for Service Proxy – from Nginx to Envoy

    Service Proxy – from Nginx to Envoy

    Update (Nov 20, 2022): 1. Envoy’s configuration schema can be hard to get used to. It is lacking examples because the documentation is mostly generated.…

    Read
  • Thumbnail for Istio External Authorization via OIDC

    Istio External Authorization via OIDC

    Istio service mesh allows application developers to offload non-core features to infrastructure layer. We explored authentication and authorization with Istio in a basic lab. In…

    Read
  • Thumbnail for Istio Lab – Authentication and Authorization

    Istio Lab – Authentication and Authorization

    My previous blog discussed as service mesh what Istio can offer in terms of authentication and authorization capabilities. Istio can authenticate an incoming HTTP request,…

    Read
  • Thumbnail for Istio Authentication and Authorization

    Istio Authentication and Authorization

    Applications running on Kubernetes platform seeks to offload common non-business features to the platform. Istio helps Kubernetes bridge that gap. It can enforce mTLS communication,…

    Read