Identity Bootstrapping in Multi-tenant Multi-cluster Kubernetes
With the increasing popularity of Kubernetes, providing managed K8s has been a great way to convert enthusiasts into adopters. However, current solutions mainly focus on providing isolated clusters an …
| Talk Title | Identity Bootstrapping in Multi-tenant Multi-cluster Kubernetes |
| Speakers | Derek Suzuki (Director of DevOps, The Voleon Group), Manish Mehta (Chief Security Architect, Volterra) |
| Conference | KubeCon + CloudNativeCon North America |
| Conf Tag | |
| Location | San Diego, CA, USA |
| Date | Nov 15-21, 2019 |
| URL | Talk Page |
| Slides | Talk Slides |
| Video | |
With the increasing popularity of Kubernetes, providing managed K8s has been a great way to convert enthusiasts into adopters. However, current solutions mainly focus on providing isolated clusters and adopters are responsible for making workload identities work across clusters. If multi-tenancy is added to the mix, the challenges of bootstrapping identities that work across clusters - but within tenancy - are even greater.In this presentation, the speakers will share challenges of securely bootstrapping identities in such a setup (especially when the individual clusters could be running in untrusted environments), the tradeoffs, and possible solutions. Manish will also introduce planned open-source components of a solution used by Volterra Edge Services for identity bootstrapping and other security services.
