Name: Envoy Namespaces - Operating an Envoy-based Service Mesh at a Fraction of the Cost - Thomas Graf, Cilium / Isovalent
Start: 2019-11-18T09:50:00-0800
End: 2019-11-18T10:00:00-0800

November 18, 2019 | San Diego, California
View More Details

Back To Schedule

Envoy Namespaces - Operating an Envoy-based Service Mesh at a Fraction of the Cost - Thomas Graf, Cilium / Isovalent

Feedback form is now closed.

The most common architecture currently includes running Envoy as a sidecar proxy inside of application pods. This provides an excellent resource and security isolation but comes at a steep resource consumption cost. Each individual sidecar proxy is running as a separate process and is duplicating all required resources.

This session will introduce the concept of namespaces to Envoy. Similar to namespacing in the Linux kernel which serves as the foundation for containerization, namespaces for Envoy allow to isolate resources and thus share an Envoy instance among multiple application pods running on a single node without losing any of the isolation properties. We’ll look at how a service mesh can be operated at a fraction of the required resources while still providing virtualized logical Envoy instances which present themselves to Envoy control planes as if they were running as a sidecar.

Speakers

Thomas Graf

CTO & Co-Founder, Isovalent

Thomas is the Co-Founder and CTO of Isovalent, long-time kernel and eBPF developer, and one of the creators of the Cilium project. Before working on Cilium, Thomas was a Linux kernel developer for 15+ years focusing on networking, security, and eBPF. When not working on open source... Read More →

Monday November 18, 2019 9:50am - 10:00am PST
Pacific Ballroom 16/17/19

Lightning Talk

EnvoyCon 2019

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Thomas Graf