Many organizations are discovering the networking complexity involved in running a microservice system. Over the last few years, many influential companies have investigated this problem, the technology that has emerged is now being referred to as a "service mesh." A service mesh allows you to replace traditional host-based network security with service-based security to accommodate the highly dynamic nature of modern runtime environments.
In this talk, we will see how the open source Consul Connect and Envoy can be used to solve both network segmentation and seamless transport security with mutual TLS within your Kubernetes cluster. In addition to this, we will see how Connect can provide encrypted and authorized access to services and data stores which are running outside the cluster and potentially in a separate and isolated network.