Security: Kubernetes - Istio
Details
*** Collaboration Event ***
##########################################################
1800 - Doors Open + Food/Drinks
1830 - Talks
· Kubernetes Security
· Introduction to Istio
· Security Rationale for Istio
1930 - Networking + hoover up the remaining Food/Drinks
2100 - Finish
##########################################################
This month we have some talks from Istio London detailing how to secure Kubernetes workloads and clusters, and looking at how Istio fits in to the picture with an introductory talk, and then a discussion of its security features.
Kubernetes is the predominant Docker container orchestrator, but it is complex and insecure by default. Istio is the new Kubernetes hotness - a service mesh to securely link together applications, and provide distributed systems high availability.
Kubernetes Security
A look at historical Kubernetes breaches, the high level security primitives, and an overview of multi-tenancy models in Kubernetes.
Introduction to Istio
I’ll show what Istio is, and how it does what it does. We’ll explore that from the point of view of one packet travelling in from the internet and back out again, to show us all the major data and control plane components.
Security Rationale for Istio
An introduction to Istio security, looking at how Istio helps to keeps your security team happy by satisfying Kubernetes security requirements for multi-tenancy, and your developers happy by reducing implementation effort. Istio is still an evolving technology, and outstanding issues and impending improvements will be discussed.
##########################################################
Speakers Profiles
Matt is a software engineer at Tetrate, working on Istio-related products. He's been doing Dev, sometimes with added Ops, for 10 years. His idea of "full-stack" is Linux, Kubernetes, and now Istio too. He's given several talks and workshops on Kubernetes and Istio, and is a co-organiser of the Istio London meetup.
Andrew has a strong test-first engineering ethos gained architecting and deploying high-traffic web applications. Proficient in systems development, testing, and operations, he is comfortable profiling and securing every tier of a bare metal or cloud native application, and has battle-hardened experience delivering containerised solutions to enterprise clients. He is a co-founder at https://control-plane.io.
Rowan has extensive experience auditing, accrediting, and developing Kubernetes and containerised systems for high compliance commercial and public sector organisations. He is Head of Security at ControlPlane.
Security: Kubernetes - Istio