Istio: Making a Mesh of Microservices & Binary Authorization in GKE

Oteemo - 10701 Parkridge Blvd, Suite 150 Reston - View Map Reston
Wed, Sep 19, 2018, 6:00 PM (EDT)

About this event

Agenda:

6:00 pm : Meet, greet, & eat

6:30 pm : Presentation

Talk Descriptions:

Istio: Making a Mesh of Microservices (Don Schenck - Red Hat)

Microservice Architecture means a lot of ‘things’ you have to prepare and account for. Just to rattle off some concepts (buzzwords): Load balancing, routing, circuit breakers, Canary and Blue/Green deployments, pool ejection, tracing, monitoring, chaos engineering, dark launches STAHP. JUST STAHP!

To account for any (or all) of this ‘stuff’, you have historically had to include several libraries in your code and write code to support those libraries. But aren’t *micro* services supposed to be small … micro, even?

Enter Istio and sidecar containers and the Service Mesh. Implement all of the above without changing your code. Move these operational concerns away from developers and into the domain of the operations people. Go home Friday at 5.

This session will introduce Istio and show some of its capabilities, giving you the information you need to start using the next generation of microservice tools.
------
Binary Authorization in GKE (Brad Geesaman - Independent Security Consultant)

How do you ensure that only the desired container images are allowed to run inside your Kubernetes cluster? And how do you do that without placing an overly complex set of processes on your developers and operations teams? We’ll walk through a series of live demos for getting up and running with binary authorization using a GKE cluster, but don’t worry — the lessons learned apply to those running Grafeas/Kritis in non-GKE clusters.

Speakers

Don Schenck - Director of Developer Experience @ RedHAT
A developer who has seen it all, Don is a former Microsoft MVP, author of “Transitioning to .NET Core on Linux” by O’Reilly Media, and currently a Director of Developer Experience at Red Hat, with a focus on Microservices and Serverless computing. Prior to Red Hat, Don was a Developer Advocate at Rackspace where he was immersed in cloud technology. He enjoys cooking and studying human behavior, and loathes the designated hitter rule.

Don's overarching belief is this: "A program is not a communication between a developer and a machine; it's a communication between a developer and the next developer."
---------
Brad Geesaman - Independent Security Consultant
Brad is an independent cloud infrastructure security consultant helping secure container orchestration systems running inside the major cloud providers. Prior to this, he was the Cyber Skills Development Engineering Lead at Symantec Corporation where he designed, developed, supported, and delivered large-scale ethical hacking learning simulations inside Kubernetes on AWS. Although his first passions were penetration-testing and security system administration, his life-long passion is educating others on the real-world security risks inherent in complex infrastructure systems.

When

Wednesday, Sep 19
6:00 PM - 8:00 PM (EDT)

Where

Oteemo
10701 Parkridge Blvd, Suite 150 Reston