November 2, 2019

203 words 1 min read

Lifecycle of a kubectl Command: Harden Kubernetes Setup with Automation

Lifecycle of a kubectl Command: Harden Kubernetes Setup with Automation

We at Booking.com run tens of on-premise multi-tenant Kubernetes clusters at scale. To automate integration with our existing bare-metal infrastructure and for running kubectl auth pipeline, we run an …

Talk Title Lifecycle of a kubectl Command: Harden Kubernetes Setup with Automation
Speakers Sanjary Rahman (Site Reliability Engineer, Booking.com)
Conference KubeCon + CloudNativeCon Europe
Conf Tag
Location Barcelona, Spain
Date May 19-23, 2019
URL Talk Page
Slides Talk Slides
Video

We at Booking.com run tens of on-premise multi-tenant Kubernetes clusters at scale. To automate integration with our existing bare-metal infrastructure and for running kubectl auth pipeline, we run an ecosystem using custom Kubernetes Controllers, Pod Security Policies and Kubernetes Auth & Admission Webhooks. Kubernetes provides end users with limitless possibilities of automation to harden cluster setup, secure authentication and authorization pipelines and validate workload definition as per organization requirements which most of the users are not aware of or make use of. Most of the time hardening Kubernetes setup in a multi-tenant cluster with per namespace based setup itself can turn into a huge toil for the operators. In this talk, you will see how we at Booking.com have achieved the aforementioned features in a fully automated fashion with zero human intervention involved.

comments powered by Disqus