Journey of an IT Architect

  • Thumbnail for Istio External Authorization via OIDC

    Istio External Authorization via OIDC

    Istio service mesh allows application developers to offload non-core features to infrastructure layer. We explored authentication and authorization with Istio in a basic lab. In…

    Read
  • Thumbnail for Istio Lab – Authentication and Authorization

    Istio Lab – Authentication and Authorization

    My previous blog discussed as service mesh what Istio can offer in terms of authentication and authorization capabilities. Istio can authenticate an incoming HTTP request,…

    Read
  • Thumbnail for Istio Authentication and Authorization

    Istio Authentication and Authorization

    Applications running on Kubernetes platform seeks to offload common non-business features to the platform. Istio helps Kubernetes bridge that gap. It can enforce mTLS communication,…

    Read
  • Thumbnail for Traffic Segmentation on Kubernetes Platform

    Traffic Segmentation on Kubernetes Platform

    When operating Kubernetes as a platform for multiple tenants, one of the concerns is controlling the network traffic. This is sometimes referred to as traffic…

    Read
  • Thumbnail for FluxCD: Continuous Deployment with GitOps

    FluxCD: Continuous Deployment with GitOps

    This post explains why I land on FluxCD GitOps for my project. Let’s star Background In the Korthweb project, I landed on Istio for the…

    Read
  • Thumbnail for Kubernetes Admission Control

    Kubernetes Admission Control

    This post discusses admission control, and its implementation – the OPA Gatekeeper. I also discuss Azure Policy as a different Gatekeeper implementation. Admission Webhooks Admission…

    Read