We're off to a flying start in 2020 with a couple of amazing talks! Thanks to our wonderful sponsors for making this possible - Jetstack, xMatters, and D2iQ.
The evening's running order will be as follows:
6:30pm - Food and drink, sponsored by Jetstack
6:55pm - Welcome
7:00pm - Kubernetes Scalability: Federation & Cluster API (Katie Gamanji, Condé Nast International)
7:45pm - Break
8:00pm - kube-oidc-proxy: consistently authenticate to managed Kubernetes clusters, on multi-cloud, using OIDC (Josh Van Leeuwen, Jetstack)
8:45pm - Wrap up, pub
· Kubernetes Scalability: Federation & Cluster API (Katie Gamanji, Condé Nast International)
In the past years, Kubernetes has been the nucleus of container orchestration frameworks. With the growing number of microservices in a cluster, scalability is one of the core pillars for a fault-tolerant application. Additionally, from a technological landscape standpoint, the cloud platform teams are highly focused on delivering scalable, reliable and highly available platforms. Scalability on the Kubernetes clusters can be approached on the application level and cluster level. While the application level scaling techniques (e.g. HPA and VPA) are widely used, Federation v2 and Cluster API are emerging tools that still prove their worth in a production setup. During this talk you will learn some techniques to approach scalability on a Kubernetes centric infrastructure. Attendees will leave with an understanding of Federation v2 and Cluster API composition, and scenarios where these tools can be utilised.
· kube-oidc-proxy: consistently authenticate to managed Kubernetes clusters, on multi-cloud, using OIDC (Josh Van Leeuwen, Jetstack)
Provisioning and managing Kubernetes clusters has become much easier with services such as GKE, EKS and AKS. However, there is a trade-off for this convenience, with less opportunity for customisation with a managed control plane - including authentication to third-party systems. This is made all the more difficult with multi-cloud Kubernetes where you are locked into cloud IAM without any consistency and feature parity.
In this talk, I'll explain AuthN/Z in Kubernetes and how to use OIDC for authentication. With our newly open source and experimental tool, I'll show how we can help bring parity in authentication and authorization across clouds with an OIDC proxy for the Kubernetes API server.