logo
Dates

Author


Conferences

Tags

Sort by:  

Authors: Federico Bongiovanni, David Eads, Jeffrey Ying
2022-10-26

- The power and the Danger of Aggregated API Servers: we plan to explain the architecture around the Aggregated API servers in the Kubernetes API Machinery domain, and how they work chained together. What can you do with them and what you can't. More importantly we will go into concrete examples and recommendations on when to use it in concrete.- OpenAPIv3, a powerful feature in Beta right now, and graduating to GA very soon. What is it good for? How can I use it? Advanced use cases, and GA Plan.
Authors: Nick Young, Rob Scott
2022-05-19

tldr - powered by Generative AI

The presentation discusses the goals and scope of the Gateway API and its role in service mesh implementation in Kubernetes.
  • The Gateway API aims to solve foundational problems of representing mesh binding services and routes together.
  • The API wants to establish a core set of terms for having conversations about service mesh policy routes.
  • The API wants to ensure that Gateway API implementations can co-exist and interoperate with nested implementations.
  • The API wants to create a turnkey experience for people coming from the ingress background.
  • The API wants to make the journey to service mesh as smooth as possible.
Authors: Lachie Evenson
2022-05-18

tldr - powered by Generative AI

The presentation discusses the importance of pod security in Kubernetes clusters and how it can be used to improve the security of workloads. It also covers the migration from pod security policy to pod security.
  • Pod security is a built-in admission controller in Kubernetes that evaluates pod specifications against a predefined set of pod security standards.
  • It provides policy standards to restrict pod privileges, reducing the surface area of attacks and making the cluster more secure.
  • Pod security is simple and easy to use, with pre-defined standards that align with Kubernetes security best practices.
  • Pod security policy, which is being deprecated, can be migrated to pod security using a well-defined process.
  • Pod security does not support mutation, which is the ability to change Kubernetes resources server-side.