implementing-seamless-connectivity-and-service-governance-in-multi-kubernetes-cluster-with-ztm-nanokuberneteszhong-shi-zhi-ztmjiong-niao-pu-re-lia-xiaohui-zhang-flomesh.pdf

《implementing-seamless-connectivity-and-service-governance-in-multi-kubernetes-cluster-with-ztm-nanokuberneteszhong-shi-zhi-ztmjiong-niao-pu-re-lia-xiaohui-zhang-flomesh.pdf》由会员分享，可在线阅读，更多相关《implementing-seamless-connectivity-and-service-governance-in-multi-kubernetes-cluster-with-ztm-nanokuberneteszhong-shi-zhi-ztmjiong-niao-pu-re-lia-xiaohui-zhang-flomesh.pdf（34页珍藏版）》请在三个皮匠报告上搜索。

1、ZTM-based MulticlusterImplementing Seamless Connectivity and Service GovernanceIntroductionXiaohui ZhangSenior Architect/Technical Evangelist at FlomeshSenior programmer,CNCF Ambassador,LFAPAC Open Source Evangelist,Microsoft MVP.Years of practical experience in microservices and cloud-native,the ma

2、in work involves microservices,containers,Kubernetes,DevOps,etc.Agenda Discussion of Mutlicluster Multicluster Service API Introduce Zero Trust Mesh Mutlicluster Traffic Management with ZTMMulticlusterDrivers of MulticlusterGeographic distribution and latency optimizationScale and resource isolation

3、Multi-cloud and hybrid cloud strategiesFault isolation and disaster recoverySeamless upgrades reduce riskLocationIsolationReliabilitySingle ClusterOld Multi ClusterNew Multi ClusterMultiCluster ModeMutliCluster in Single DCMutliCluster in Multi DCsEach pod has a unique IP address across clusters.All

4、 clusters have different CIDR range.Flat Network:Pod-to-Pod MulticlusterDirect communicationHandle traffic through multicluster gateways.Gateways are IP-reachable.Introduce slight latency,but noticeable.Hierarchical network:Gateway-based MulticlusterGWMulticluster Service APIMulticluster Service API

5、MCS API is the bridge of multiclsuter service discovery.ServiceExportServiceImportEndpointSliceMulticluster Service APIMCS API is the bridge of multiclsuter service discovery.ServiceExportServiceImportEndpointSliceZero Trust MeshZTM:Zero Trust MeshOpen source network infrastructure softwareFor runni

6、ng a decentralized networkBuilt upon HTTP/2 tunnels Run on any sort of IP networks such as LANs,containerized networks and the Internet,etc.https:/ CapabilitiesNetwork connectivity across Internet gateways and firewallsTLS-encrypted communication channelsCertificate-based authentication and access c