PRO WORKSHOP (MICROSERVICES): Multicluster Service Mesh Best Practices

Denis Jannot, Director of Field Engineering - EMEA

Denis is the Director of Field Engineering at, a company building application networking solutions for the edge and service mesh. Denis is a passionate engineer who has spent his career in technical roles working directly with customers and users in architecting and adopting technologies like Object Storage, Big Data, Containerization, Service Mesh into their infrastructure. He enjoys sharing what he learns with the community and can be found creating demos, writing blogs, and speaking at events.

Adoption of Service Mesh is rising and deploying Service Mesh on multiple clusters (on premise, in the cloud, in different clouds, ...) is becoming a standard requirement. But it's also introducing new challenges: - how to ensure each service has a unique identity across the clusters - how to secure the communications between the clusters - how to manage RBAC globally In this talk, I'll focus on Istio and show how to overcome these challenges. I'll introduce SPIFFE and explain how to use trust domains and service accounts to ensure a unique identity globally. I'll also demonstrate how service discovery can be performed natively or using a third party solution, how to simplify cross cluster communications and allow service failover. Finally, I'll cover how a global RBAC can be put in place."