Loading…
Back To Schedule
Monday, November 18 • 5:44pm - 5:49pm
Lightning Talk: CRDs All the Way Down – Using OPA for Complex CRD Validation and Defaulting - Puja Abbassi, Giant Swarm

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Tweet Share
Feedback form is now closed.
Custom Resource Definitions (CRDs) and custom controllers (aka the operator pattern) are becoming the main way we extend Kubernetes. From etcd and Prometheus to full-on Kubernetes extensions a la Cluster API and Service Broker API - a lot of teams are building operators.

As the CRD concept is maturing SIG API machinery is adding useful features like validation, defaulting, structural schemas, etc. In more complex extensions with multiple CRDs and multiple controllers, we run into validation and defaulting use cases that can only be modeled with custom validation and mutation webhooks.

This talk will discuss use cases for complex CRD validation and defaulting, incl. common use cases like validating a CRD against another CRD. Furthermore, the speaker will make a point of why to use Open Policy Agent as a common agent to implement such use cases.
Speakers
avatar for Puja

Puja

Developer Relations & Product, Giant Swarm
Puja Abbassi is a Developer Advocate and Product Owner at Giant Swarm. As a CNCF ambassador, he's passionate about bringing cloud native technologies to more developers and their companies around the globe. In Kubernetes he focuses on security and authentication as well as extending... Read More →

Advanced CRD Validation and Defaulting with OPA pdf
Monday November 18, 2019 5:44pm - 5:49pm
Exhibit Hall AB - San Diego Convention Center Ground Level
  Lightning Talk Sessions, Customizing + Extending Kubernetes