SoloCon is a global, virtual event covering Istio, Envoy Proxy, API gateways, service mesh, GraphQL, eBPF and cloud native technologies.
SoloCon 2022 Opening Keynote
Join Solo.io's CEO and Founder, Idit Levine as she kicks off SoloCon 2022 with Docker Founder Solomon Hykes, Istio Co-creator Louis Ryan, and VP Product Strategy, Brian Gracely, with exciting news, updates, and a warm welcome.
Founder and CEO
VP Product Strategy
Dagger.io and Docker
SoloCon 2022 Day 2 Keynote
Join Solo.io Director of Open Source, Lin Sun, and Director of Engineering, Neeraj Poddar to help us kick off the second day of SoloCon with updates and more.
Director of Open-
The Future of Service Mesh
Service mesh implementation and usage continues to gain momentum, but where is the technology headed? In this session, find out how service mesh is growing, and how it’s helping companies deliver greater value to their end users.
VP, Global Field CTO
Have you tried to create and run your own eBPF programs? There are several valid approaches for getting started with eBPF, but they can be intimidating to a newcomer. Most of these mechanisms have advanced toolchains to configure, require writing boilerplate code, require jumping between programming languages, in addition to other challenges. In this session, we will present our new open-source project BumbleBee, which intends to enable you to quickly and easily create, run, and share your eBPF programs with a low barrier of entry. Additionally, with a live demo, we will explore what is happening behind the scenes to give you a high-level understanding of eBPF and how to use BumbleBee to get started with writing and sharing your own programs.
Roll up your sleeves and prepare to dive into the end-to-end developer experience for GraphQL with Gloo Edge. Sai and Keith will walk through a set of common use cases for GraphQL APIs with a live demonstration implementing them with GraphQL support in Gloo. You will leave this talk with the knowledge you need to build GraphQL APIs with the platform along with an understanding of all the key GraphQL features we have to offer.
Interested in modernizing your microservice architecture? Join senior principal software engineer Dave Ortiz as he walks you through Constant Contact’s journey as they designed their microservices, exposed APIs, and integrated new and old services together.
The next generation of microservices leverage the service mesh pattern to resolve cross-cutting concerns such as: observability, traffic management, and security. In this session, we will show Istio an implementation of a service mesh and how it benefits developers, service operators, and security engineers. We will show how Istio utilizes the capabilities of the Envoy proxy to dynamically configure it according to the desired mesh behavior.
Service Mesh alleviates most common distributed computing pain points like smart routing, traffic splitting, smart canaries etc. In this session, we will explore how to download, setup Istio on your local laptop, deploy few services as part of the Istio Service Mesh. By virtue of adding a sidecar, the applications will be spiced with ability in splitting traffic between various version of services, smart layer 7 routing, access control etc., “ALL THESE WITHOUT CODE REDEPLOYS”
GraphQL is a powerful new query language for APIs that is transforming how modern applications are developed and architected. A key benefit of GraphQL is the ability for clients to leverage a single API endpoint to access data in any shape they need, unlocking massive performance and efficiency gains for front end applications. While most of the excitement with GraphQL focuses on the front end, the benefits to a well-architected back end GraphQL infrastructure are just as important. In this talk, Sai and Keith will introduce the new GraphQL support coming to Gloo Edge and Gloo Mesh. The talk will highlight the benefits that native Envoy GraphQL support and a declarative approach to GraphQL provides to developers and platform engineering teams, along with a feature overview and roadmap.
In this session, two Field Engineers who work with production Istio users everyday, share what they learned in the field with a focus on running it at scale. Istio is powerful, but managing it in a large environment with HA and stringent security requirements poses some challenges. Some of the topics that we will cover in this session include:
- No downtime Istio lifecycle management in production
- Establish security and configuration boundaries
- Leveraging existing observability systems to monitor health
- Debugging tools when things aren’t working as expected
If you’re looking to build modern applications and span multiple clouds, you’re going to need an advanced Kubernetes platform and an enhanced Istio service mesh. Join this session to learn how leading organizations are leveraging Anthos and Gloo Mesh together to make complex environments easy for developers and operators.
WebAssembly (Wasm) has evolved into a high-performance, cross-platform, and polyglot software sandbox environment for cloud native workloads. Straightforward Wasm extension to workloads is mandatory for many organizations we work with. In this talk, we will first dive into the state of the WebAssembly in Istio service mesh with the new WasmPlugin resource and support for OCI compliant images. Then, we will discuss the future of Wasm and its support in Gloo Mesh, how we improve developers’ Wasm experience among teams, and when you should use proper APIs vs. building your own Wasm extensions.
Service mesh implementation and usage continues to gain momentum, but where is the technology headed? With new developments related to Wasm, eBPF, GraphQL, and more playing an increasingly important role in how service mesh works and what it can provide for teams and users, it’s important to understand what evolution in the space means for you. In this session, find out how service mesh is growing, and how it’s helping companies deliver greater value to their end users.
Dive in to how Gloo Mesh can be used to install and upgrade Istio in your managed clusters.
and Lessons Learned
Review the anatomy of a Log4Shell attack. Discuss how Solo customers can protect against it and similar attacks with policy-based solutions that require no changes to protected systems.
Review Istio support for virtual machines and how Gloo Mesh can support joining virtual machines into the mesh.
eBPF has exploded in popularity recently, and for good reason, as this quickly maturing Linux technology has unlocked tons of potential in just about every aspect of Linux computing. When looking at eBPF from the lens of the service mesh, it is clear that eBPF can have a major impact given the core tenets of connectivity, observability, and security. In this session we will explore the possibilities of eBPF and service mesh as well as how Gloo Mesh is in a unique position to provide users with a battle-tested service mesh deployment that can be extended and augmented with the burgeoning power of eBPF.
Cloud native has reached enterprise maturity for platform solutions and application architectures, but often without the required security. Transport encryption, zero trust application networks and resilience policies are all necessary and should be part of our application architectures out of the box. Service mesh goes further and decouples the application developer from coding these concerns into the application. Also platform operator productivity increases, since policies are declaratively driven. This talk will discuss cloud native security in the service mesh context and also help organisations with choosing a service mesh.
Join Chris Gaun and Neeraj Poddar to learn more about what’s coming up in the Gloo Mesh product roadmap.
The speakers of this session have a tremendous amount of experience architecting cloud native solutions for financial companies to run workloads in the strict compliance driven environments. Even if you are not required to adhere to a data compliance standard, there are many security best practice guidelines that every company should follow. In this session, we will share how to improve your application and platform security posture by covering topics such as certificate management, data isolation, authentication and authorization flows and more.
Service mesh provides connect, secure and observe benefits to application networks, yet it could be difficult to adopt for your organization. How does service mesh fit into your existing developer, operator and platform administrator roles? How to onboard teams and have proper boundaries? In this talk, we will go over the Gloo Mesh v2 API to demonstrate how easily teams can be onboarded, services and team can grow from single cluster to multi-clusters seamlessly, how to configure consistent security and networking behaviors for north-south and east-west traffic, and how to share and reuse policies from others while minimizing sidecar resource utilization.
The complexities of the observability landscape is ever-growing and it becomes even more complicated as you scale your architecture. However, it continues to be an essential aspect of operating any environment reliably. In this session, we will discuss the unique characteristics of observability for various types of architecture (from monolithic to micro-services to service meshes) and how the Gloo Mesh UI provides a “single pane of glass” that can supercharge your abilities for even the most complex service mesh architectures.
Scaling a single service mesh is hard! Now when you add to it the complexity of a unified mesh deployed across clusters running on different clouds/on-premises all driven by a single management plane that provides a single pane of glass for visibility and configuration management, the challenge can be daunting. In this session, we will explore how Gloo Mesh was architected to handle scaling of this magnitude while meeting the performance and high availability expectations of your complex environment. We will share improvements made in API v2 and primitives available to you to scale Gloo Mesh securely in production.
Numerous production environments already leverage Envoy as an edge or mesh proxy, and expose services behind Envoy via a separate GraphQL server. To avoid an extra network hop and enable route-level customizations to your Graph, we’ve written a GraphQL server into Envoy. This uniquely enables users to combine full edge and mesh capabilities at the GraphQL resolver level, such as rate limiting, authn/z, and DLP. We will explore the Envoy filter chain and how existing filters interact with GraphQL using a live demo to illustrate these ideas.
Disaster Recovery and Avoidance are critical to ensuring that applications continue to be available. In this lightning talk, we discuss how Gloo Mesh leverages Traffic Policies to mitigate disasters and downtime.
The rapid depletion of Public IPv4 addressing has led to increased usage and need of IPv6. In this lightning talk, we discuss how Service Meshes can support and extend application networking using IPv6.
Exposing on-premises workloads requires application networking changes, including provisioning new IP(s), load balancer(s), firewall(s), and Solo.io’s API gateways and service mesh. During this talk, we’ll help you get started quickly with EKS Anywhere by going through everything needed for you to quickly expose on-premises services using EKS Anywhere, AWS networking, and Gloo Edge and Gloo Mesh.
USAA provides financial services for millions of military members and their families. Join Jesus Mireles to hear how they are developing and running modern applications to delight their customers and deliver outstanding services. In this talk Jesus will discuss some of the challenges and requirements for USAA’s API Management Platform. You will hear a summary of the journey and see a high level overview of the solution.
At T-Mobile we have a diverse application landscape that runs on top of a variety of platforms including Kubernetes, Cloud Foundry, Virtual Machines, and Baremetal servers. As we pushed Development teams to strive for higher levels of resiliency and security, we began to see an ocean of solutions pop up and an increase in complexity due to too many choices and too much overhead for individual Development teams to manage their own gateway solutions. We took a multi-year journey to build out a common Edge Gateway solution that would work for all platforms and remove the non-functional requirements for resiliency, security, and observability from our Development teams. This is the story of that journey including the paths we took, the lessons we learned, and how things look now.
GitOps has become a valuable approach to manage configuration for applications and infrastructure. Having a source of truth that can be automated, auditable, and is easy to understand is increasingly important when expanding to many deployments. However, enabling multi-cluster capabilities typically presents new challenges: not every cluster is the same, context is important, and managing every lower-level configuration across multiple environments can get cumbersome (and dangerous) quickly.
This talk will focus on a specific example where multi-cluster GitOps is difficult: application-networking and security with service mesh. The goal is for platform teams to provide the right point of demarcation with abstractions that focus on the intent, while abstracting away the translation and orchestration of lower-level config (mesh-specific API resources in this case). We share our experiences building these abstractions with some of the largest deployments of service mesh in the world.
Gloo Edge is exceptional in its function-level routing; its support for legacy apps, microservices and serverless; its discovery capabilities; its numerous features; and its tight integration with leading open-source projects. However, it is also known for its learning curve when you’re just starting out!
The platform has been around long enough now, however, that individuals and teams who are new to the platform don’t have to figure everything out on their own. There’s plenty of help out there.
How do I compose a proper security workflow? Is my control plane production-ready? How can I get to know the filter flow? We will share our experiences and try to answer these questions.
In this session, Solo.io’s Head of Product, Chris Gaun will lead you through the product roadmap for Gloo Edge.
In this session, learn more about Gloo Portal from Solo.io’s Director of Product, Chris Gaun, and Field Engineer, Jim Barton.
Application network security flashes in the headlines on a near-daily basis in 2022. Gloo Edge is a cloud-native API Gateway that offers a number of security-enhancing tools: transport layer security (TLS and mTLS), rate limiting, user authentication via OIDC, and authorization with Open Policy Agent, just to name a few. This talk will discuss the security tools and techniques available to Gloo Edge Enterprise users, plus drill into a recent example in the headlines. We will discuss and demonstrate how Gloo Edge’s web application firewall (WAF) feature can be used as a key weapon in your arsenal to block log4shell attacks.
The edge gateway in a kubernetes environment is a key component for exposing you application and delivering your business use-cases. As applications move into a distributed multi-cloud architecture, adopting a modern api gateway become crucial for connecting and securing micro-services. In this session, we will discuss how upgrading your gateway can significantly improve your application’s security, resilience and advanced routing capabilities. We will also share edge gateway architecture best practices in multi-cloud environments.
The faster an organization can deliver new features and fixes, the better. GitOps enables the speed, and when used with progressive delivery, it provides the safety net.
This session will showcase progressive delivery for Kubernetes using technologies such as Weave GitOps alongside Solo.io’s Gloo Edge. Learn how to create best in class GitOps workflows while ensuring High Availability and Disaster Recovery.
In this lightning talk, join CARFAX Director of Platform Engineering Mark Portofe and Solutions Architect Sebastian Chacko to learn more about using Gloo Edge at scale.
EnvoyUI lets you upload a raw Envoy config dump to easily understand the overall configuration (listeners, matchers, routes, clusters, …). The file is analyzed in your browser, so it never leaves your computer. In this lightning talk, we’ll go through an Envoy config dump generated by Istio to demonstrate how this tool can be used to troubleshoot an issue.
Learn all about Gloo Edge’s new lambda invocation features and how they make invoking functions easier and safer then ever before.