DevOps Conference
The Conference for Continuous Delivery, Microservices,
Containers, Clouds and Lean Business

Kubernetes Security: from Image Hygiene to Network Policies

Session

This talk originates from the archive. Click here for the current program of Munich or Singapore

Until Conference Starts:
✓ Group Discount
✓ Individual offers for
Freelancers and employees of scientific institutions

Register now
Bis Konferenzbeginn
✓ Kollegenrabatt

✓ Sonderkonditionen für Freelancer und
Mitarbeiter von wissenschaftlichen Einrichtungen

✓ Bis zu 375 € sparen
Jetzt anmelden
Until December 12:
✓ Workshop Day for free
✓ Raspberry Pi or C64 Mini for free
✓ Save up to $690
Register now
Until December 12:
✓ Workshop Day for free
✓ Raspberry Pi or C64 Mini for free
✓ Save up to $690
Register now
Until November 28:
✓ Transformation Day for free
✓ Raspberry Pi or C64 Mini for free
✓ Save over £689
Register Now

Until November 28:
✓ Transformation Day for free
✓ Raspberry Pi or C64 Mini for free
✓ Save over £689
Register Now

Until March 5:
✓ Transformation Day for free
✓ Raspberry Pi or C64 Mini for free
✓ Save over 850 €
Register now
Bis 5. März:
✓ Transformation Day for free
✓ Raspberry Pi oder C64 Mini for free
✓ Über 850 € sparen
Jetzt anmelden
Until June 18:
✓ Workshop Day for free
✓ Raspberry Pi or C64 Mini for free
✓ Save over $840
Register now
Until June 18:
✓ Workshop Day for free
✓ Raspberry Pi or C64 Mini for free
✓ Save over $840
Register now
Infos
Tuesday, May 29 2018
14:45 - 15:45
Room:
MOA 7+8

This talk provides an overview of security concerns in the context of Kubernetes. We will focus on security best practices as well as tooling from a developer’s point of view. The goal is to familiarise developers with security features and provide suggestion around the following areas:

  • container image hygiene (how to select base images, OpenSCAP, etc.)
  • handling sensitive data (secrets, auditing)
  • non-privileged containers (based on http://canihaznonprivilegedcontainers.info and PodSecurityPolicy)
  • using Kubernetes RBAC (service accounts, default roles, securing your app)
  • service communication control (Network Policies, Istio) 

All best practices/recipes will be made available via a GitHub repo and I’ll demo some of them live.

Stay tuned:

Behind the Tracks

 

Kubernetes Ecosystem

Docker, Kubernetes & Co

Microservices & Software Architecture

Maximize development productivity

Continuous Delivery & Automation

Build, test and deploy agile

Cloud Platforms & Serverless

Cloud-based & native apps

Monitoring, Traceability & Diagnostics

Handle the complexity of microservices applications

Security

DevSecOps for safer applications

Business & Company Culture

Radically optimize IT

Organizational Change

Overcome obstacles on the way towards DevOps

Live Demo #slideless

Showing how technology really works