logo
Dates

Author


Conferences

Tags

Sort by:  

Authors: Pushkar Joglekar
2022-10-28

tldr - powered by Generative AI

The presentation discusses how to secure Kubernetes clusters using built-in security features and open-source tools.
  • Verifying signed container images
  • Using package name registry.k8s.io to get all images in a release
  • Running vulnerability scans with Trivy
  • Enabling network policies to control traffic flow
  • Using RBAC to control access to resources
  • Implementing pod security policies to restrict container behavior
  • Using audit logging to monitor cluster activity
Authors: Stefan Büringer, Shivani Singhal, Yuvaraj Balaji Rao Kakaraparthi, Killian Muldoon, Jack Francis
2022-10-28

Attention: Please note this tutorial requires that some tools like Docker are already locally installed. To provide a smooth experience during the tutorial, please install the preqrequistes already before the session. Detailed instructions can be found under Prerequisites. MacOS and Linux are fully supported, but Windows support is best-effort only. Minimum Resources: 4 CPU, 16 GB RAM and 32 GB free disk space.Did you know you can create and manage a fleet of Kubernetes clusters just as easily as deploying Pods? Learn how to leverage Cluster API to create, update and manage your infrastructure, whether in the cloud or on-premises. Cluster API brings declarative management of entire clusters to the infrastructure provider of your choice.Using your local machine you will learn how to create a fleet of clusters with Cluster API, scale up and down the number of nodes, and run a one-touch upgrade of entire clusters, all in just a few minutes.This tutorial is designed for people who have some experience managing Kubernetes, and are interested in a new approach to solving the problem of operating clusters. You will leave this tutorial with the skills to automate fleets of clusters running production-grade Kubernetes.Please note, this tutorial focuses on showcasing Cluster API features with the Docker provider which is using Docker on the local machine.