CILIUM:A microservices- based application is split into small independent services that communicate with each other via APIs using lightweight protocols like HTTP, gRPC, Kafka and more. However, existing Linux network security mechanisms (e.g., iptables) only operate at the network and transport layers (i.e., IP addresses and ports) and lack visibility into the microservices layer.
Cilium brings API-aware network security filtering to Linux container frameworks like Docker &Kubernetes. Using a new Linux kernel technology called BPF, Cilium provides a simple and efficient way to define and enforce both network-layer and application-layer security policies based on container/pod identity.
We believe in a future where Linux has deep network visibility and control for microservice at the API layer, making applications more secure than ever before. If this goal excites you too, we invite you to join us by contributing ideas, code, and documentation to Cilium.
Identity Based Security:Cilium visibility and security policies are based on the container orchestrator identity (e.g., Kubernetes labels). Never again worry about network subnets or container IP addresses when writing security policies, auditing, or troubleshooting.
Blazing Performance:BPF is the underlying Linux superpower to do the heavy lifting on the datapath by providing sandboxed programmability of the Linux kernel with incredible performance
API-Protocol Visibility + Security:
Traditional firewalls only see and filter packets based on network headers like IP address and ports. Cilium can do this as well, but also understands and filters the individual HTTP, gRPC, and Kafka requests that stitch microservices together.
Designed for Scale:
Cilium was designed for scale, with no node-to-node interactions required when new pods are deployed, and all coordination through a highly scalable key-value store.
Spinnaker is an open source, multi-cloud continuous delivery platform for releasing software changes with high velocity and confidence.
Created at Netflix, it has been battle-tested in production by hundreds of teams over millions of deployments. It combines a powerful and flexible pipeline management system with integrations to the major cloud providers.
Deploy across multiple cloud providers including AWS EC2, Kubernetes, Google Compute Engine, Google Kubernetes Engine, Google App Engine, Microsoft Azure, and Openstack, with Oracle Bare Metal and DC/OS coming soon.
Create deployment pipelines that run integration and system tests, spin up and down server groups, and monitor your rollouts. Trigger pipelines via git events, Jenkins, Travis CI, Docker, CRON, or other Spinnaker pipelines.
Built-in Deployment Best Practices
Create and deploy immutable images for faster rollouts, easier rollbacks, and the elimination of hard to debug configuration drift issues. Leverage an immutable infrastructure in the cloud with built-in deployment strategies such as red/black and canary deployments.
Join a community that includes Netflix, Google, Microsoft, Veritas, Target, Kenzan, Schibsted, and many others, actively working to maintain and improve Spinnaker.
Many companies are moving away from “big bang” software releases every six months or so to a continuous delivery (CD) model that enables IT to release updates frequently, even if that means several times a day. Using Netflix and its open source Spinnaker CD platform as examples, this practical ebook demonstrates how a new host of tools can help you deploy software changes to production quickly, safely, and automatically.
A team of experts from Netflix and Google show you how to automate deployments with Spinnaker across multiple cloud accounts, regions, and even across multiple cloud platforms into continuous deployment pipelines. You’ll learn how Spinnaker enables your company to design and automate a delivery process that not only fits your release cadence, but also the business criticality of your application.
- Learn about the organizational and technical practices that enable continuous delivery
- Understand the fundamental considerations you need to solve before successfully deploying software to the cloud
- Manage cloud resources for consistency across accounts, regions, and cloud providers
- Use Spinnaker’s pipelines to structure deployments from customizable pieces
- Understand how CD pipelines to Kubernetes differ from pipelines to VM-based clouds
- Examine how Spinnaker ensures safety across cluster deployments and pipeline executions
- Learn how to integrate automated testing techniques such as chaos engineering or automated canary analysis into the delivery process