Jim Barton
Field Engineer at Solo.io
Actions
Jim Barton is a Field Engineer at Solo.io, a Cambridge-based company specializing in service mesh and Kubernetes-native API gateway technology. Jim’s career in enterprise software spans 30 years. He has enjoyed roles as a project engineer, sales and consulting engineer, product development manager, and executive leader of tech startups. Prior to Solo, he spent a decade architecting, building and operating systems based on enterprise open-source technologies, at the likes of Red Hat, Amazon, and Zappos. After two years of COVID-driven, Zoom-encrusted isolation, Jim especially enjoys sharing with and learning from three-dimensional people at technical conferences around the world.
Links
Awards
Holy Configuration-As-Code, Batman! How Wayne Telecom Unleashed Declarative Data Access with GraphQL
Join this Dynamic Duo as they Bang! Pow! And Splat! their way to operational excellence with GraphQL. Follow the journey of Wayne Telecom from slow services, unhappy front-end developers, and over-taxed infrastructure past the Joker of unnecessary server deployments to a peaceful Gotham where declarative and immutable configuration win the day.
GraphQL is redefining the way that developers interact with APIs, putting application clients in control of the data they consume and placing new requirements on platforms hosting these APIs. Understanding when to write code and when to let the platform do the work is a critical tradeoff to understand as you scale GraphQL adoption. This will be a hands-on session with a live demonstration, focusing on lessons learned implementing GraphQL at scale.
* Can Wayne Telecom SPLAT the inflexibility of conventional APIs with GraphQL for its front-end developers?
* Can the Caped Crusaders reduce stress on backend systems while slashing request latency?
* Will the Joker of extra server deployments plunge Gotham back into darkness?
Found out the Answers at this Talk!
Same Bat-Time!
Same Bat-Channel!
Tokens and OPAs and Keys, Oh My! Toward Better AuthNZ Patterns at the Service Mesh Edge
As enterprises build out application networks in modern service meshes, one critical objective is to formulate effective, repeatable, and consistent security policies when publishing your underlying applications to the world. But it often devolves into an every-project-for-itself mentality. What if you could offload this Undifferentiated Heavy Lifting from individual project teams and apply it consistently using declarative configuration across entire swaths of the organization?
We'll explore this and similar topics in this talk:
• Application-managed code vs. externalized policies
• Imperative vs. declarative security configuration
• Opaque keys vs. content-rich tokens
• Homegrown authZ vs. policy-driven Open Policy Agent
The talk will conclude with a live demonstration of applying these principles in an Istio-based service mesh environment.
Getting Started with Istio Ambient Mesh: An Interactive Workshop
Istio is the most widely used service mesh platform in the world. In September 2022, Google and Solo.io announced the release of Istio Ambient Mesh to the community. Ambient offers a revolutionary data-plane architecture that allows service mesh users to ditch sidecars. It slashes operational complexity and enables incremental mesh adoption, all while reducing cost and computational overhead within a service mesh.
This interactive workshop provides a hands-on tour of the new Ambient capabilities, including:
• Mesh on-boarding without sidecars
• Layer 4-7 authorization policies
• Layer 7 observability
• Fault injection
• Traffic shifting
Each session participant will have access to their own sandboxed Kubernetes environment hosted on the Instruqt platform. A Solo-sponsored, Credly-managed "Foundation for Ambient Mesh" badge will be issued to workshop participants who choose to take and pass a free certification exam offered at the end of the session.
Mr. Toad's Wild (Service Mesh) Ride
The enterprise software community is accelerating its migration from monoliths to microservices. Service Mesh platforms like Istio are a key technology enabling this transition. Connecting, Securing, and Observing the elements of your Kubernetes service networks is no longer optional; it is an absolute imperative.
Come with us on a whirlwind tour of Gloo Mesh, an Istio-based platform that is optimized for multi-team and multi-cluster Service Meshes. In a fast-paced, no-slides session, we will build a fully functional example that illustrates:
• Establishing three multi-tenant workspaces to manage a half-dozen services;
• Enforcing Zero-Trust Networking policies;
• Configuring multi-cluster routing;
• Testing distributed failover; and
• Exploring the mesh's API Gateway features, including OIDC authentication, rate limiting, and Web Application Firewall security.
Buckle your seat belts! This Wild Ride will swiftly show you how to accelerate your Service Mesh adoption.
Quenching the Fire: Evaluating Log4Shell Mitigation Strategies
Headlines screamed “The Internet’s on fire!” when the Log4Shell zero-day vulnerability emerged in December 2021. The Spring4Shell vulnerability revealed three months later underscored the seriousness of these challenges. What have we collectively learned from these infernos and their aftermath? How can we improve our posture for the next one?
This session will include an examination of popular mitigation strategies, including:
* Updating individual application dependencies;
* Network-focused lockdowns at the container platform and service mesh levels, including Kubernetes and Istio; and
* Edge mitigation strategies including Web Application Firewall.
This session will include both slides and a brief demonstration of relevant technologies like WAF with ModSecurity rules.
Fewer Moving Parts: Simplify Service Mesh Operations with Istio Ambient Mesh
Istio is the most widely used service mesh platform in the world. In September 2022, Google and Solo.io announced the release of Istio Ambient Mesh to the community. Ambient offers a revolutionary data-plane architecture that allows service mesh users to ditch sidecars. It slashes operational complexity and enables incremental mesh adoption, all while reducing cost and computational overhead within a service mesh.
Injected sidecars can be replaced by two new components. First is a node-level zero-trust-tunnel (ztunnel) that provides mTLS and Layer-4 capabilities. A service-account-level proxy called a waypoint leverages Envoy to deliver Layer-7 capabilities.
This talk will help you understand both the why and how of Istio Ambient Mesh. It includes a demo showcasing the new capabilities, including on-boarding new services without sidecars and mixing Ambient with traditional sidecar-injected services. It will also provide pointers to further no-cost educational opportunities and user certification options.
Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.
Jump to top