Thursday, November 21 • 11:50am - 12:25pm
How Kubernetes Components Communicate Securely in Your Cluster - Maya Kaczorowski, Google

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
How *do* your cluster components talk to each other?

In this expository talk, we'll first cover the main Kubernetes components that need trusted communication - that is, the API server, kubelet, and etcd, and how this communication is protected. Then, we'll go over how the cluster certificate authority (CA) works, and how this grants certificates to Kubernetes components. Furthermore, we'll explain what authentication, integrity, and encryption means, and what options are available in Kubernetes, and what you need to configure to address these pieces of CIS benchmarks. Lastly, we'll explain how you can protect other communications within your cluster, if needed for your workload - like node to node and pod to pod.

You'll come away with a better understanding of how communications in Kubernetes work, cluster trust, and default protections.

avatar for Maya Kaczorowski

Maya Kaczorowski

Product Manager, Software Supply Chain Security, GitHub
Maya is a Product Manager for Software Supply Chain Security at GitHub. She was previously at Google, focused on container security, and encryption at rest and encryption key management. Prior to Google, she was at McKinsey & Company, and before that, completed her Master\'s in mathematics... Read More →

Thursday November 21, 2019 11:50am - 12:25pm
Ballroom Sec 20CD - San Diego Convention Center Upper Level