Name: From Kubelet to Istio: Kubernetes Network Security Demystified - Andrew Martin, ControlPlane (Intermediate Skill Level) (Slides Attached)
Start: 2018-05-04T11:55:00+0200
End: 2018-05-04T12:30:00+0200

May 2-4, 2018 - Copenhagen, Denmark
Click Here For Information & Registration

Back To Schedule

From Kubelet to Istio: Kubernetes Network Security Demystified - Andrew Martin, ControlPlane (Intermediate Skill Level) (Slides Attached)

Feedback form is now closed.

Kubernetes provides multiple layers of network security including the control plane, etcd, the CNI network, network policies, and - with Istio on top - the requests between applications themselves. In this talk we explore the underlying technologies on which these layers are built using approachable examples and demonstrations. Attendees can expect to gain an understanding of these implementations and the principles behind encryption, identity, and trust in Kubernetes.
- What are TLS, X.509, and mutual authentication?
- Why cloud native communication should be encrypted by default
- Kubernetes component intercommunication
- CNI and network policy for applications
- Bootstrapping identity with SPIFFE
- Mutual TLS, route rules, and destination policies in Istio

Speakers

Andrew Martin

Security Engineer, Control Plane

Andrew has an incisive security engineering ethos gained building and destroying high-traffic web applications. Proficient in systems development, testing, and operations, he is comfortable profiling and securing every tier of a bare metal or cloud native system, and has battle-hardened... Read More →

Andrew Martin Kubernetes Network Security Demystified (Kubecon EU, May 2018) pdf

Friday May 4, 2018 11:55 - 12:30 CEST
C1-M3

Security+Identity+Signing, Intermediate

Intermediate Skill Level Intermediate
Link to Session Recording https://youtu.be/Uocf67aD5QQ

KubeCon + CloudNativeCon Europe 2018

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Andrew Martin