Everything you need to know about service meshes, including mTLS, zero trust, eBPF, sidecars, and more

What is a service mesh?
Do I need one? How do they work?
Which one is right for me?

The enterprise architect's guide to the service mesh

The enterprise architect's guide to the service mesh

In this guide, we'll arm you with all the service mesh knowledge you need to make informed decisions about service meshes, including:

  • The fundamentals of service meshes
  • When service meshes are relevant—and when they're not!
  • Mutual TLS: what it is and how it works
  • What is zero trust, and what can a service mesh do to support it?
  • eBPF, sidecars, per-host proxies, and how they relate.
  • And much more!

Everything you need to know about service meshes, including mTLS, zero trust, eBPF, sidecars, and more

What is a service mesh?
Do I need one? How do they work?
Which one is right for me?

The enterprise architect's guide to the service mesh

The enterprise architect's guide to the service mesh

In this guide, we'll arm you with all the service mesh knowledge you need to make informed decisions about service meshes, including:

  • The fundamentals of service meshes
  • When service meshes are relevant—and when they're not!
  • Mutual TLS: what it is and how it works
  • What is zero trust, and what can a service mesh do to support it?
  • eBPF, sidecars, per-host proxies, and how they relate.
  • And much more!

Table of Contents

Chapter 1: The Service Mesh: What every software engineer needs to know about the world’s most over-hyped technology

  • What is a service mesh?
  • Why does the service mesh make sense?
  • Why is the service mesh a good idea?
  • Who does the service mesh help?
  • Does the service mesh solve all my problems?
  • Example features of the service mesh
  • Why does the service mesh make sense now?

Chapter 2: Zero trust network security in Kubernetes

  • What is zero trust?
  • Why is zero trust suddenly important?
  • Identity
  • Policy
  • Enforcement
  • Zero trust for Kubernetes

Chapter 3: A Kubernetes engineer’s guide to mutual TLS

  • What is mTLS?
  • What kind of security does TLS provide?
  • When is mTLS useful?
  • Using mTLS to secure microservices
  • The hard part of TLS: certificate management
  • Kubernetes, mTLS, and the service mesh
  • Kubernetes mTLS mini-tutorial

Chapter 4: eBPF, sidecars, and the future of the service mesh

  • What is eBPF?
  • Contended multi-tenancy is hard
  • eBPF is limited
  • eBPF vs. the service mesh
  • The eBPF service mesh still requires proxies
  • Per-host proxies are significantly worse than sidecars
  • Can we just improve the proxy?
  • The future of the service mesh

Chapter 5: Which service mesh should I pick?

  • Linkerd is dramatically simpler than any other service mesh
  • Linkerd is the only service mesh designed for security
  • Linkerd is the only service mesh that can be fully automated

Table of Contents

Chapter 1: The Service Mesh: What every software engineer needs to know about the world’s most over-hyped technology

  • What is a service mesh?
  • Why does the service mesh make sense?
  • Why is the service mesh a good idea?
  • Who does the service mesh help?
  • Does the service mesh solve all my problems?
  • Example features of the service mesh
  • Why does the service mesh make sense now?

Chapter 2: Zero trust network security in Kubernetes

  • What is zero trust?
  • Why is zero trust suddenly important?
  • Identity
  • Policy
  • Enforcement
  • Zero trust for Kubernetes

Chapter 3: A Kubernetes engineer’s guide to mutual TLS

  • What is mTLS?
  • What kind of security does TLS provide?
  • When is mTLS useful?
  • Using mTLS to secure microservices
  • The hard part of TLS: certificate management
  • Kubernetes, mTLS, and the service mesh
  • Kubernetes mTLS mini-tutorial

Chapter 4: eBPF, sidecars, and the future of the service mesh

  • What is eBPF?
  • Contended multi-tenancy is hard
  • eBPF is limited
  • eBPF vs. the service mesh
  • The eBPF service mesh still requires proxies
  • Per-host proxies are significantly worse than sidecars
  • Can we just improve the proxy?
  • The future of the service mesh

Chapter 5: Which service mesh should I pick?

  • Linkerd is dramatically simpler than any other service mesh
  • Linkerd is the only service mesh designed for security
  • Linkerd is the only service mesh that can be fully automated
By clicking “Accept”, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. View our Privacy Policy for more information.
Only requiredAccept all