eBPF has exploded in popularity recently, and for good reason, as this quickly maturing Linux technology has unlocked tons of potential in just about every aspect of Linux computing. When looking at eBPF from the lens of the service mesh, it is clear that eBPF can have a major impact given the core tenets of connectivity, observability, and security. In this session we will explore the possibilities of eBPF and service mesh as well as how Gloo Mesh is in a unique position to provide users with a battle-tested service mesh deployment that can be extended and augmented with the burgeoning power of eBPF.

Cloud native has reached enterprise maturity for platform solutions and application architectures, but often without the required security. Transport encryption, zero trust application networks and resilience policies are all necessary and should be part of our application architectures out of the box. Service mesh goes further and decouples the application developer from coding these concerns into the application. Also platform operator productivity increases, since policies are declaratively driven. This talk will discuss cloud native security in the service mesh context and also help organisations with choosing a service mesh.

Join Chris Gaun and Neeraj Poddar to learn more about what’s coming up in the Gloo Mesh product roadmap.

The speakers of this session have a tremendous amount of experience architecting cloud native solutions for financial companies to run workloads in the strict compliance driven environments. Even if you are not required to adhere to a data compliance standard, there are many security best practice guidelines that every company should follow. In this session, we will share how to improve your application and platform security posture by covering topics such as certificate management, data isolation, authentication and authorization flows and more.

Service mesh provides connect, secure and observe benefits to application networks, yet it could be difficult to adopt for your organization. How does service mesh fit into your existing developer, operator and platform administrator roles? How to onboard teams and have proper boundaries? In this talk, we will go over the Gloo Mesh v2 API to demonstrate how easily teams can be onboarded, services and team can grow from single cluster to multi-clusters seamlessly, how to configure consistent security and networking behaviors for north-south and east-west traffic, and how to share and reuse policies from others while minimizing sidecar resource utilization.

The complexities of the observability landscape is ever-growing and it becomes even more complicated as you scale your architecture. However, it continues to be an essential aspect of operating any environment reliably. In this session, we will discuss the unique characteristics of observability for various types of architecture (from monolithic to micro-services to service meshes) and how the Gloo Mesh UI provides a “single pane of glass” that can supercharge your abilities for even the most complex service mesh architectures.

Scaling a single service mesh is hard! Now when you add to it the complexity of a unified mesh deployed across clusters running on different clouds/on-premises all driven by a single management plane that provides a single pane of glass for visibility and configuration management, the challenge can be daunting. In this session, we will explore how Gloo Mesh was architected to handle scaling of this magnitude while meeting the performance and high availability expectations of your complex environment. We will share improvements made in API v2 and primitives available to you to scale Gloo Mesh securely in production.

Numerous production environments already leverage Envoy as an edge or mesh proxy, and expose services behind Envoy via a separate GraphQL server. To avoid an extra network hop and enable route-level customizations to your Graph, we’ve written a GraphQL server into Envoy. This uniquely enables users to combine full edge and mesh capabilities at the GraphQL resolver level, such as rate limiting, authn/z, and DLP. We will explore the Envoy filter chain and how existing filters interact with GraphQL using a live demo to illustrate these ideas.

Disaster Recovery and Avoidance are critical to ensuring that applications continue to be available. In this lightning talk, we discuss how Gloo Mesh leverages Traffic Policies to mitigate disasters and downtime.

The rapid depletion of Public IPv4 addressing has led to increased usage and need of IPv6. In this lightning talk, we discuss how Service Meshes can support and extend application networking using IPv6.

Exposing on-premises workloads requires application networking changes, including provisioning new IP(s), load balancer(s), firewall(s), and Solo.io’s API gateways and service mesh. During this talk, we’ll help you get started quickly with EKS Anywhere by going through everything needed for you to quickly expose on-premises services using EKS Anywhere, AWS networking, and Gloo Edge and Gloo Mesh.

USAA provides financial services for millions of military members and their families. Join Jesus Mireles to hear how they are developing and running modern applications to delight their customers and deliver outstanding services. In this talk Jesus will discuss some of the challenges and requirements for USAA’s API Management Platform. You will hear a summary of the journey and see a high level overview of the solution.

At T-Mobile we have a diverse application landscape that runs on top of a variety of platforms including Kubernetes, Cloud Foundry, Virtual Machines, and Baremetal servers. As we pushed Development teams to strive for higher levels of resiliency and security, we began to see an ocean of solutions pop up and an increase in complexity due to too many choices and too much overhead for individual Development teams to manage their own gateway solutions. We took a multi-year journey to build out a common Edge Gateway solution that would work for all platforms and remove the non-functional requirements for resiliency, security, and observability from our Development teams. This is the story of that journey including the paths we took, the lessons we learned, and how things look now.

GitOps has become a valuable approach to manage configuration for applications and infrastructure. Having a source of truth that can be automated, auditable, and is easy to understand is increasingly important when expanding to many deployments. However, enabling multi-cluster capabilities typically presents new challenges: not every cluster is the same, context is important, and managing every lower-level configuration across multiple environments can get cumbersome (and dangerous) quickly.

This talk will focus on a specific example where multi-cluster GitOps is difficult: application-networking and security with service mesh. The goal is for platform teams to provide the right point of demarcation with abstractions that focus on the intent, while abstracting away the translation and orchestration of lower-level config (mesh-specific API resources in this case). We share our experiences building these abstractions with some of the largest deployments of service mesh in the world.

Gloo Edge is exceptional in its function-level routing; its support for legacy apps, microservices and serverless; its discovery capabilities; its numerous features; and its tight integration with leading open-source projects. However, it is also known for its learning curve when you’re just starting out!

The platform has been around long enough now, however, that individuals and teams who are new to the platform don’t have to figure everything out on their own. There’s plenty of help out there.

How do I compose a proper security workflow? Is my control plane production-ready? How can I get to know the filter flow? We will share our experiences and try to answer these questions.

In this session, Solo.io’s Head of Product, Chris Gaun will lead you through the product roadmap for Gloo Edge.

In this session, learn more about Gloo Portal from Solo.io’s Director of Product, Chris Gaun, and Field Engineer, Jim Barton.

Application network security flashes in the headlines on a near-daily basis in 2022. Gloo Edge is a cloud-native API Gateway that offers a number of security-enhancing tools: transport layer security (TLS and mTLS), rate limiting, user authentication via OIDC, and authorization with Open Policy Agent, just to name a few. This talk will discuss the security tools and techniques available to Gloo Edge Enterprise users, plus drill into a recent example in the headlines. We will discuss and demonstrate how Gloo Edge’s web application firewall (WAF) feature can be used as a key weapon in your arsenal to block log4shell attacks.

The edge gateway in a kubernetes environment is a key component for exposing you application and delivering your business use-cases. As applications move into a distributed multi-cloud architecture, adopting a modern api gateway become crucial for connecting and securing micro-services. In this session, we will discuss how upgrading your gateway can significantly improve your application’s security, resilience and advanced routing capabilities. We will also share edge gateway architecture best practices in multi-cloud environments.

The faster an organization can deliver new features and fixes, the better. GitOps enables the speed, and when used with progressive delivery, it provides the safety net.

This session will showcase progressive delivery for Kubernetes using technologies such as Weave GitOps alongside Solo.io’s Gloo Edge. Learn how to create best in class GitOps workflows while ensuring High Availability and Disaster Recovery.

In this lightning talk, join CARFAX Director of Platform Engineering Mark Portofe and Solutions Architect Sebastian Chacko to learn more about using Gloo Edge at scale.

EnvoyUI lets you upload a raw Envoy config dump to easily understand the overall configuration (listeners, matchers, routes, clusters, …). The file is analyzed in your browser, so it never leaves your computer. In this lightning talk, we’ll go through an Envoy config dump generated by Istio to demonstrate how this tool can be used to troubleshoot an issue.

Learn all about Gloo Edge’s new lambda invocation features and how they make invoking functions easier and safer then ever before.