5 posts in categories networking

• kubernetes
• istio
• linkerd
• service-mesh
• mtls
• networking
• security

Comparing Istio 1.29 (sidecar mode) and Linkerd 2.19: data plane, mTLS, egress, resource overhead, observability, and when to use each.

• kubernetes
• istio
• envoy
• gateway-api
• networking
• security
• mtls
• service-mesh
• cilium
• aks
• gke

Comparing Istio and Envoy Gateway as Gateway API implementations: mTLS, egress, Cilium, managed cloud specifics (AKS, GKE, OVH MKS), and real client IP.

• envoy
• envoy-gateway
• rate-limiting
• kubernetes
• kustomize
• helm
• valkey
• redis
• xds
• gateway-api

How to wire envoyproxy/ratelimit as a self-hosted service into Envoy Gateway v1.7 using EnvoyPatchPolicy — three xDS patches, namespace-admin self-service, and the pitfalls to avoid.

• rust
• haproxy
• spoe
• deployment
• container
• podman
• kubernetes
• openshift
• systemd

Deploying the haproxy-spoe-rs SPOA agent in production — container image, podman-compose, Kubernetes, HAProxy configuration, health checking, logging, and systemd.

• rust
• haproxy
• spoe
• networking
• performance
• benchmark
• tokio
• async

Building a HAProxy Stream Processing Offload Agent (SPOA) library in Rust — zero-dependency async design, mpsc write batching, 95.9% test coverage, and 2.8–4.9× higher throughput than the Go reference implementation.