No code changes needed to secure your application on Kubernetes

In that blog post I want to highlight how I did my first configuration of the App Identity and Access Adapter for Istio Mixer in my Cloud Native Starter system on a free IBM Cloud Kubernetes cluster.

In my last blog post I described how I did the installation of the App Identity and Access Adapter.

Once more I want to highlight, that the cool thing from my perspective of App Identity and Access Adapter is “that the adapter can be configured to work with any OIDC compliant identity provider, which enables it to control authentication and authorization policies in all environments including frontend and backend applications. And, it does it all without any change to your code or the need to redeploy your application.

I did a combination of the steps from the videos inside the IBM Cloud App ID service documentation and of the videos from Anton Aleksandrov. With that in mind I applied needed changes of that configurations in the videos to run it on our Cloud Native Starter setup.

Continue reading

Install the App Identity and Access Adapter on a free IBM Cloud Kubernetes Cluster

In that blog post I want to highlight that I started to integrate the open source App Identity and Access Adapter for Istio Mixer into our open source Cloud Native Starter sample that uses the free IBM Cloud Kubernetes cluster setup with a manual Istio installation.

The cool thing from my perspective of the App Identity and Access Adapter is “that the adapter can be configured to work with any OIDC compliant identity provider, which enables it to control authentication and authorization policies in all environments including frontend and backend applications. And, it does it all without any change to your code or the need to redeploy your application. I had a short problem with the installation you can find on stackoverflow.

Continue reading

Definition of a Dockerfile to use bash scripts on a Windows 10 machine for our Cloud-Native-Starter workshop

We defined a Dockerfile to create a Docker image for our Cloud-Native-Starter workshop especially for Windows 10 users. The users can now simply create a Docker image on the local Windows 10 machine and then follow the guided steps in the hands-on workshop documentation and use the bash scripts. The reason why we don’t build a Docker image and share the image on Dockerhub is, we want to provide users the freedom of own customizations.

These are some challenges we had during the testing of the Dockerfile definition:

  • File sharing for Docker images on Windows
  • Docker port forwarding
  • Docker in Docker
  • Istio Virtual service configuration
  • Linux tools missing

Continue reading

Traffic management in Kubernetes with Istio – a short teaser video

Today it is time for Part 5 of my   “Let’s get started with cloud native Java applications on Kubernetes hands-on workshop”  3-minutes teaser videos series on youtube.

This short 3-minute teaser video is about: Traffic management in Kubernetes with Istio in context of the cloud native starter project and workshop on GitHub project.

Check it out:

You can get more detailed information about the topic: Traffic management in Kubernetes with Istio in one of the blog posts of @Harald.

Continue reading