Loading…
Thursday, November 21 • 11:50am - 12:25pm
How Kubernetes Components Communicate Securely in Your Cluster - Maya Kaczorowski, Google

Sign up or log in to save this to your schedule and see who's attending!

Feedback form is now closed.
How *do* your cluster components talk to each other?

In this expository talk, we'll first cover the main Kubernetes components that need trusted communication - that is, the API server, kubelet, and etcd, and how this communication is protected. Then, we'll go over how the cluster certificate authority (CA) works, and how this grants certificates to Kubernetes components. Furthermore, we'll explain what authentication, integrity, and encryption means, and what options are available in Kubernetes, and what you need to configure to address these pieces of CIS benchmarks. Lastly, we'll explain how you can protect other communications within your cluster, if needed for your workload - like node to node and pod to pod.

You'll come away with a better understanding of how communications in Kubernetes work, cluster trust, and default protections.

Speakers
avatar for Maya Kaczorowski

Maya Kaczorowski

Product Manager, Google
Maya is a Product Manager in Security & Privacy at Google, focused on container security. She previously worked on encryption at rest and encryption key management. Prior to Google, she was at McKinsey & Company, and before that, completed her Master's in mathematics focusing on cryptography... Read More →



Thursday November 21, 2019 11:50am - 12:25pm
Ballroom Sec 20CD - San Diego Convention Center Upper Level