Intro: SPIFFE
Modern software development relies on many microservices working together, that in production may be distributed over different middleware systems, container schedulers, PaaS platforms, and varying cl …
| Talk Title | Intro: SPIFFE |
| Speakers | Daniel Feldman (Software Engineer, Scytale), Andrew Jessup (Recovering Engineer, Scytale) |
| Conference | KubeCon + CloudNativeCon North America |
| Conf Tag | |
| Location | Seattle, WA, USA |
| Date | Dec 9-14, 2018 |
| URL | Talk Page |
| Slides | Talk Slides |
| Video | |
Modern software development relies on many microservices working together, that in production may be distributed over different middleware systems, container schedulers, PaaS platforms, and varying cloud providers. As production environments become more complex, and dynamic - establishing trust between microservices is becomes more difficult, creating challenges for developers, operations teams, and security teams alike.Enter SPIFFE (Secure Production Infrastructure for Everyone) and which builds on designs first championed at Google, Twitter and elsewhere to provide robust authentication and trust between disparate micro-services. SPIFFE and SPIRE make it trivial to establish trust between workloads that may be elastically scaled and dynamically scheduled and deployed in deeply heterogeneous environments.We’ll walk through the design goals for SPIFFE (a specification) and SPIRE (a multi-cloud implementation of SPIFFE), an overview of SPIRE’s modular architecture, and an overview of how it can be used in conjunction with other tools such as secret stores and service meshes to build secure and scalable microservice architectures.
