December 20, 2019

208 words 1 min read

Navigating Workload Identity in Kubernetes

Navigating Workload Identity in Kubernetes

If your application accepts network connections, you need to know with confidence who is on the other end. If your application is composed of many microservices, it pays to take a managed approach to …

Talk Title Navigating Workload Identity in Kubernetes
Speakers Spike Curtis (Senior Software Engineer, Tigera), Mike Danese (Software Engineer, Google)
Conference KubeCon + CloudNativeCon North America
Conf Tag
Location Seattle, WA, USA
Date Dec 9-14, 2018
URL Talk Page
Slides Talk Slides
Video

If your application accepts network connections, you need to know with confidence who is on the other end. If your application is composed of many microservices, it pays to take a managed approach to this identity question. Identity is a foundational but complex component of secure systems. This talk provides a conceptual overview of how workload identity is established with a focus on practical application. In this talk Mike and Spike will compare and contrast some different options for establishing identity in your Kubernetes cluster. We will explore recent work in the Kubernetes Container Identity working group and discuss patterns and pitfalls in case studies like Istio and SPIFFE. You’ll learn how to decide between these different approaches and how to go about integrating them into your cluster and your application.

comments powered by Disqus