From Ingress to Gateway: why my solution needs Istio Gateways on Kubernetes platforms

In my Korthweb project I was researching for the best ingress mechanism for HTTP and TCP workload, both of which need to be secured. I started with Kubernetes Ingress but eventually decided to go with Istio Gateway. This blog post is about the justification. In this essay, I will make the distinction between Ingress and … Read moreFrom Ingress to Gateway: why my solution needs Istio Gateways on Kubernetes platforms

File storage vs object storage in the cloud

The competition Traditionally, enterprise storage product lines are built around three capabilities, as listed in this table below: Capability Typical Implementation Data served T1 – Block stroage DAS (e.g. SAS cable) or SAN (Fibre Cable for FCP protocol, or Ethernet for iSCSI protocol) Mission critical data that are extremely sensitive to latency (e.g. database). Client … Read moreFile storage vs object storage in the cloud

Secure web application deployment

In Nov 2020, I created OrthWeb project, a deployment of Orthanc’s server. Orthanc is a DICOM viewer and repo shipped in Docker container. In the deployment project, I use Terraform to provision infrastructure, including a managed PostgreSQL instance, an EC2 instance for docker runtime, and the init script to bring up the web service. I … Read moreSecure web application deployment

Public Key Infrastructure (PKI)

A public-key infrastructure (PKI) is a set of roles, policies, hardware, software and procedures needed to create, manage, distribute, use, store and revoke digital certificates and manage public-key encryption. The algorithms are based on Publick-key cryptography. The format of the digital certificate is defined in X.509 standard.  Certificate Authority – CA digitally signs and publishes … Read morePublic Key Infrastructure (PKI)

Automatic deployment of Orthanc – a medical imaging web service

[Update] Some security improvement was introduced in may 2021. Here‘s detail. In this project we introduce a medical imaging web service based on Orthanc, an open-source project of DICOM server, and a pipeline to deploy such server automatically and consistently. This little project involves a number of technical deets in DevOps, to deliver a web … Read moreAutomatic deployment of Orthanc – a medical imaging web service

Zookeeper Summary

Distributed systems Distributed system involves independent computing entities linked together by network. The components communicate and coordinate with each other to achieve a common goal. In early days, designers and developers often had made some assumptions (aka. fallacies) of distributed computing: The network is reliable Latency is zero Bandwidth is infinite Network is secure Topology … Read moreZookeeper Summary