Name: Real Security for Services on Kubernetes [I] - Eric Wang & Yun Zhang, Databricks
Start: 2017-12-08T15:40:00-0600
End: 2017-12-08T16:15:00-0600

Back To Schedule

Real Security for Services on Kubernetes [I] - Eric Wang & Yun Zhang, Databricks

We all love the ease-of-use Kubernetes provides to engineers to deploy and manage their services. But before you can start running production code and dealing with customer data, you need to ensure that everyone's favorite features are in place: audit logs and access control. (And the crowd goes wild!)

At Databricks, we know that the best way to do security is to make sure the simplest way to do something is the secure one. In this talk, we introduce a system called Genie which uses time-boxed TLS certificates to authorize engineers to talk to certain namespaces within Kubernetes. Additionally, we will discuss how we extended this framework to allow for continuous deployment/continuous integration without weakening our security story!

Speakers

Eric Wang

Software Engineer, Databricks

Eric is a software engineer on the Cloud team at Databricks. Before that, he worked at Cisco Meraki, developing core features for the time-series database Little Table. At Databricks, Eric and his colleagues on the Cloud team work on infrastructure to enable engineers to rapidly deliver... Read More →

Yun Zhang

Software Engineer, Databricks

Yun is a software engineer of the Cloud team at Databricks. He is experienced in building highly-available cloud infrastructure for data processing engines like Apache Spark and Amazon Redshift.

KubeCon Slides Databricks pdf

Friday December 8, 2017 3:40pm - 4:15pm CST
Meeting Room 12AB, Level 4

Policy + Security - KubeCon

Audience Intermediate
Link to Session Recording https://youtu.be/zvXQjpy5Pu8

KubeCon + CloudNativeCon North America 2017

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Eric Wang

Yun Zhang