November 25, 2019

206 words 1 min read

How Kubernetes Components Communicate Securely in Your Cluster

How Kubernetes Components Communicate Securely in Your Cluster

How do your cluster components talk to each other?In this expository talk, we'll first cover the main Kubernetes components that need trusted communication - that is, the API server, kubelet, and et …

Talk Title How Kubernetes Components Communicate Securely in Your Cluster
Speakers Maya Kaczorowski (Product Manager, Software Supply Chain Security, GitHub)
Conference KubeCon + CloudNativeCon North America
Conf Tag
Location San Diego, CA, USA
Date Nov 15-21, 2019
URL Talk Page
Slides Talk Slides
Video

How do your cluster components talk to each other?In this expository talk, we’ll first cover the main Kubernetes components that need trusted communication - that is, the API server, kubelet, and etcd, and how this communication is protected. Then, we’ll go over how the cluster certificate authority (CA) works, and how this grants certificates to Kubernetes components. Furthermore, we’ll explain what authentication, integrity, and encryption means, and what options are available in Kubernetes, and what you need to configure to address these pieces of CIS benchmarks. Lastly, we’ll explain how you can protect other communications within your cluster, if needed for your workload - like node to node and pod to pod.You’ll come away with a better understanding of how communications in Kubernetes work, cluster trust, and default protections.

comments powered by Disqus