Your app design, container platform, and underlying infrastructure provider all impact the security posture of your apps. Review the following recommendations and best practices for developing apps in your Gloo Gateway environment.

App design and deployment

The following general practices can help you deploy your apps securely.

For example, you might use those guides to make sure that your app deployment includes the following capabilities.

Istio and Kubernetes reserved ports

For more information, see Reserved ports and pod requirements.

App traffic

Use Gloo networking and policy resources to secure the traffic that reaches your app and make your apps more resilient. For example, you can implement features, such as the following:

The Gloo resources that you created are automatically translated to the Istio resources that you need to enforce these policies in your Gloo workspaces, Kubernetes namespaces, and clusters.

The following guides can help you set up secure traffic policies for the apps in your cluster:

Logging and monitoring

Review the performance and health of your ingress gateway with the built-in logging and monitoring tools.

This data can help you monitor the health and performance of your apps, find bottlenecks, or troubleshoot issues. In particular, you might use this data to improve the following aspects of your app: