Microservices World: Service Mesh, Containers, Kubernetes

Wednesday, October 26, 2022

- PDT
OPEN TALK (API): You're Building Microservices Wrong
Jonathan Oliver
Jonathan Oliver
Smarty, Founder, CEO & CTO

In this presentation we will cover how microservices are typically implemented by ignoring The Fallacies of Distributed Computing. Further, we discuss solutions to make microservices much more robust and able to adapt to the realities of distributed systems. 

- PDT
OPEN TALK (API): Demystifying Microservice Testing
Wilhelm Haaker
Wilhelm Haaker
Parasoft, Sr. Solutions Architect

One of the biggest advantages of developing microservices is the ability to develop, deploy, and upgrade services individually, without disrupting the entire ecosystem. At the same time, microservice architectures are introducing new testing challenges, such as understanding how to isolate each component for testing.

In this webinar, learn about the different architectures and protocols employed in microservice development (including Kafka, Rabbit MQ, REST, and Protocol Buffers).

Actionable takeaways include:
Understanding the practical differences between some of the common microservice architectures.
How to effectively test in a synchronous ecosystem using REST, taking advantage of existing contracts to validate that changes you make will not break the system.
How to approach testing in an event-driven ecosystem, using Kafka event streams.
When and how service virtualization can help provide a stable test environment given the challenge of isolating components in microservice testing. 

Thursday, October 27, 2022

- PDT
OPEN TALK (API): Mr. Toad's Wild (Service Mesh) Ride
Jim Barton
Jim Barton
Solo.io, Field Engineer

The enterprise software community is accelerating its migration from monoliths to microservices. Service Mesh platforms like Istio are a key technology enabling this transition. Connecting, Securing, and Observing the elements of your Kubernetes service networks is no longer optional; it is an absolute imperative.

Come with us on a whirlwind tour of Gloo Mesh, an Istio-based platform that is optimized for multi-team and multi-cluster Service Meshes. In a fast-paced, no-slides session, we will build a fully functional example that illustrates:
• Establishing three multi-tenant workspaces to manage a half-dozen services;
• Enforcing Zero-Trust Networking policies;
• Configuring multi-cluster routing;
• Testing distributed failover; and
• Exploring the mesh's API Gateway features, including OIDC authentication, rate limiting, and Web Application Firewall security.

Buckle your seat belts! This Wild Ride will swiftly show you how to accelerate your Service Mesh adoption. 

- PDT
OPEN TALK (API): The Evolution of API Security
Ivan Novikov
Ivan Novikov
Wallarm, Co-founder & CEO

We're seeing a rapid evolution in web application security tools – from WAFs to WAAPs to API Threat Protection. Legacy vendors are scrambling to catch up – moving from appliances to cloud, adding API threat detection capabilities to existing platforms, providing a myriad of capabilities that don't contribute to security or duplicate other capabilities that already exist in the security stack.

In a replay of the bad old days, security teams are often brought in late to the game (or after). The move to "shift left" is absolutely important, but not sufficient -- security teams also need the ability to "shield right" (just like we had to with physical endpoints).

API-specific security tools need to account for a wide swath of challenges:
- Different protocols (like REST, GraphQL, gRPC, etc.) – each presenting a different security challenge.
- A myriad of deployment options – it's not a single network anymore, but rather a multiverse.
- An open target – API are, by definition & design, open so the job of protecting them is much more difficult than before.
- Continuous attacks – making continuous detection and response critical to modern organizations in order to continue to innovate, compete, and better serve customers.
- Public-facing APIs are just the tip of the iceberg – as the recent Uber hack demonstrated, we're back to the days of "hard shell / gooey tasty insides" (which failed before), so API security must really bring the "zero-trust" to protect organizations. 

Wednesday, November 2, 2022

- PDT
[#VIRTUAL] OPEN TALK (API): You're Building Microservices Wrong
Join on Hopin
Jonathan Oliver
Jonathan Oliver
Smarty, Founder, CEO & CTO

In this presentation we will cover how microservices are typically implemented by ignoring The Fallacies of Distributed Computing. Further, we discuss solutions to make microservices much more robust and able to adapt to the realities of distributed systems. 

- PDT
[#VIRTUAL] OPEN TALK (API): Demystifying Microservice Testing
Join on Hopin
Wilhelm Haaker
Wilhelm Haaker
Parasoft, Sr. Solutions Architect

One of the biggest advantages of developing microservices is the ability to develop, deploy, and upgrade services individually, without disrupting the entire ecosystem. At the same time, microservice architectures are introducing new testing challenges, such as understanding how to isolate each component for testing.

In this webinar, learn about the different architectures and protocols employed in microservice development (including Kafka, Rabbit MQ, REST, and Protocol Buffers).

Actionable takeaways include:
Understanding the practical differences between some of the common microservice architectures.
How to effectively test in a synchronous ecosystem using REST, taking advantage of existing contracts to validate that changes you make will not break the system.
How to approach testing in an event-driven ecosystem, using Kafka event streams.
When and how service virtualization can help provide a stable test environment given the challenge of isolating components in microservice testing. 

- PDT
[#VIRTUAL] OPEN TALK (API): Proxies, Gateways, and Meshes: Cloud Connectivity Pattern for the Curious
Join on Hopin
Viktor Gamov
Viktor Gamov
Kong, Developer Advocate

API gateway technology has evolved a lot in the past decade, capturing more prominent and comprehensive use cases in what the industry calls “full lifecycle API management.”
API gateways were a management of the network runtime that allows us to expose and consume the APIs, secure them, and govern our API traffic. They provide a series of functionalities to support the development cycle, including creating, testing, documentation, monitoring, and overall exposure of our APIs.
Then around 2017, another pattern emerged from the industry: service mesh! Service mesh is an infrastructure layer for microservices communication. It abstracts the underlying network details and provides discovery, routing, and a variety of other functionality.
In this talk, Viktor Gamov will illustrate the differences between API gateways and service mesh — and when to use one or the other pragmatically.
This talk will also discuss the similarities and differences between the communication layer provided by gateways and service mesh. 

Thursday, November 3, 2022

- PDT
[#VIRTUAL] OPEN TALK (API): Mr. Toad's Wild (Service Mesh) Ride
Join on Hopin
Jim Barton
Jim Barton
Solo.io, Field Engineer

The enterprise software community is accelerating its migration from monoliths to microservices. Service Mesh platforms like Istio are a key technology enabling this transition. Connecting, Securing, and Observing the elements of your Kubernetes service networks is no longer optional; it is an absolute imperative.

Come with us on a whirlwind tour of Gloo Mesh, an Istio-based platform that is optimized for multi-team and multi-cluster Service Meshes. In a fast-paced, no-slides session, we will build a fully functional example that illustrates:
• Establishing three multi-tenant workspaces to manage a half-dozen services;
• Enforcing Zero-Trust Networking policies;
• Configuring multi-cluster routing;
• Testing distributed failover; and
• Exploring the mesh's API Gateway features, including OIDC authentication, rate limiting, and Web Application Firewall security.

Buckle your seat belts! This Wild Ride will swiftly show you how to accelerate your Service Mesh adoption. 

- PDT
[#VIRTUAL] OPEN TALK (API): The Evolution of API Security
Join on Hopin
Ivan Novikov
Ivan Novikov
Wallarm, Co-founder & CEO

We're seeing a rapid evolution in web application security tools – from WAFs to WAAPs to API Threat Protection. Legacy vendors are scrambling to catch up – moving from appliances to cloud, adding API threat detection capabilities to existing platforms, providing a myriad of capabilities that don't contribute to security or duplicate other capabilities that already exist in the security stack.

In a replay of the bad old days, security teams are often brought in late to the game (or after). The move to "shift left" is absolutely important, but not sufficient -- security teams also need the ability to "shield right" (just like we had to with physical endpoints).

API-specific security tools need to account for a wide swath of challenges:
- Different protocols (like REST, GraphQL, gRPC, etc.) – each presenting a different security challenge.
- A myriad of deployment options – it's not a single network anymore, but rather a multiverse.
- An open target – API are, by definition & design, open so the job of protecting them is much more difficult than before.
- Continuous attacks – making continuous detection and response critical to modern organizations in order to continue to innovate, compete, and better serve customers.
- Public-facing APIs are just the tip of the iceberg – as the recent Uber hack demonstrated, we're back to the days of "hard shell / gooey tasty insides" (which failed before), so API security must really bring the "zero-trust" to protect organizations.