Kubernetes is famously a “platform for building platforms”. In this talk, we will un-pack the primitives Kubernetes provides for enabling microservices to securely communicate with each other without relying on a service mesh. Together, we’ll explore how technologies like NetworkPolicy, token projection, API gateways, cert-manager, and language runtimes play poorly or nicely together. We’ll cover authentication options, encryption, rate limiting, multi-tenant infrastructur eservices, and the interplay between L4 and L7 features with an eye on compliance as well developer ease of use. Drawing on his experience as Knative Security Working Group lead and background solving application runtime challenges on Kubernetes, Evan will teach participants about how to build without a service mesh, as well as a deeper understanding of the value that service meshes provide.