Although Istio documentation does not specify how to enable GZIP compression, it is in fact possible to enable it via the built-in Compressor filter.

Assuming that you want to enable GZIP compression on specific applications, the following EnvoyFilter manifest will do the trick:

apiVersion: kind: EnvoyFilter metadata: name: gzip spec: workloadSelector: labels: # Put same labels that will identify your application my-application configPatches: - applyTo: HTTP_FILTER match: context: SIDECAR_INBOUND listener: filterChain: filter: name: envoy.http_connection_manager subFilter: name: envoy.router patch: operation: INSERT_BEFORE value: name: envoy.filters.http.compressor typed_config: # See for full options '@type': compressor_library: name: text_optimized typed_config: '@type':…

In complex environments where different teams run their own Google Cloud projects, it is challenging to make sure that a service in a project can be only accessed by specific applications running on other Google Cloud Projects. Complicated VPC peering and internal load balancing schemes are oftentimes unavoidable and sometimes it is even not possible to achieve a cross-project communication without exposing services to public Internet where multiple regions are involved.

We have recently came across an interesting challenge where a team wanted to expose their internal API as a Cloud Function and wanted to make sure that only authorized…

Let us say that you do not want to www. subdomain for your website and want to have a 301 redirect to non-www version. There are millions of way of doing that, but luckily you are on AWS, you serve your domain via Route53. You can then keep your application configuration clean from this redirect logic via native AWS tools: You can leverage S3 and Cloudfront to accomplish this goal.

Following the infrastructure as code principle, I do not paste here complicated steps or screenshots on AWS console, but here I share a Cloudformation template that will set up everything…

Update 02/18/2018: I’ve upgraded the Javascript file to ES6 and promises, updated the Cloudformation template to YAML for better readability, and improved the script to handle Cloudformation template deletion.

If you’ve ever worked in a corporate environment where the infrastructure is deployed on AWS, you should have dealt with resources protected behind VPC and sophisticated security groups. Normally we want only specific IP addresses to be able to access to our ELB to reduce the attack surface and block access from public Internet.

Many times it is a good idea to put a Cloudfront distribution in front of your ELB…

Serverless computing has become a hot topics since AWS Lambda and Amazon API Gateway started to offer an elegant way to build and deploy REST APIs without needing to maintain 24/7 running servers and infrastructure, with attractive pricing models.

Being the first language offered by Lambda, Node.JS seems to have the most online resources and tools but it is also possible to write Lambda functions natively with Java and Python. Java is especially interesting as a language because of its maturity, large community, and available codebase. …

HAproxy is a great load balancing solution that we use at Instela. We use HAProxy in a 8-Cores bare metal machine and we also use it to offload SSL encryption.

Although HAproxy is very effective solution in terms of CPU usage, SSL offloading obviously needs more CPU power, thus, using only one core could be easily a bottleneck. Apart from this, also we did not want to waste other cores and we decided to activate not recommended multi core support.

The configuration is pretty straightforward. At the global section of haproxy.cfg, we put these directives:

nbproc 15 cpu-map 1 1

As we all know, Zend Framework 2 handles 404 not found event, so whenever you set HttpResponse’s status code in a controller with

$response = $this->getResponse();

ZF2, by default, intercepts the request and prints the default 404 page. For SEO purposes we should use wisely the status codes. At Instela, when a user types a mispelled word or tries to reach a removed page, we show similar results rather than the default 404 page but also for search engine spiders we give 404 status code at the background. (A mispelling example:–9306406)

Loading a content via AJAX in a Bootstrap popover is a very common pattern and, although it is not supported out of the box by Bootstrap, it is very easy to get this functionality with jQuery.

First we should add a data-poload attribute to the elements you would like to add a pop over to. The content of this attribute should be the url to be loaded (absolute or relative):

<a href="#" title="blabla" data-poload="/test.php">blabla</a>

And in JavaScript, preferably in a $(document).ready();

off('hover') prevents loading data more than once and popover() binds a new hover event. If you want the data to be refreshed at every hover event, you should remove the off.

Please see the working JSFiddle of the example.

This blog post is created using my original answer on stackoverflow.

Çağatay Gürtürk

Software Development Manager @ebay, and Founder of @instelacom. Author of Building Serverless Architectures and AWS Certified Solutions Architect.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store