Back To Schedule
Friday, December 8 • 3:40pm - 4:15pm
Real Security for Services on Kubernetes [I] - Eric Wang & Yun Zhang, Databricks

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

We all love the ease-of-use Kubernetes provides to engineers to deploy and manage their services. But before you can start running production code and dealing with customer data, you need to ensure that everyone's favorite features are in place: audit logs and access control. (And the crowd goes wild!)

At Databricks, we know that the best way to do security is to make sure the simplest way to do something is the secure one. In this talk, we introduce a system called Genie which uses time-boxed TLS certificates to authorize engineers to talk to certain namespaces within Kubernetes. Additionally, we will discuss how we extended this framework to allow for continuous deployment/continuous integration without weakening our security story!

avatar for Eric Wang

Eric Wang

Software Engineer, Databricks
Eric is a software engineer on the Cloud team at Databricks. Before that, he worked at Cisco Meraki, developing core features for the time-series database Little Table. At Databricks, Eric and his colleagues on the Cloud team work on infrastructure to enable engineers to rapidly deliver... Read More →
avatar for Yun Zhang

Yun Zhang

Software Engineer, Databricks
Yun is a software engineer of the Cloud team at Databricks. He is experienced in building highly-available cloud infrastructure for data processing engines like Apache Spark and Amazon Redshift.

Friday December 8, 2017 3:40pm - 4:15pm CST
Meeting Room 12AB, Level 4