KubeCon North America 2017 Notes - Part 2Jan 30, 2018
Continuing my notes on KubeCon talks (see part 1).
Hacking and Hardening Kubernetes Clusters by Example - This was one of the top talks. It’s condensed enough that you should watch it entirely. It was interesting for me to learn more about Pod Security Policies and Network Security Policies. Something I never really thought much about was the metadata services available at cloud deployments, must learn more about that. The talk ends with a lot of useful resources (pdf). Keep take away: learn all the components, where the API endpoints are, deploy policies and verify them.
Vault and Secret Management in Kubernetes - This talk was more useful to understand, at a high-level, what Vault is about. I’m torn between the immediate need of making Kubernetes Secrets more secure and all the added functionality that Vault provides. It seems the integration isn’t too difficult with v0.9 but it still is a major piece of technology you’re adding to your environment. That being said, it’s worth investigating it further and seeing how, not only the Kubernetes cluster, but the apps running on it can benefit from using Vault’s features directly.
Kubernetes Deconstructed: Understanding Kubernetes by Breaking It Down - Fast-paced overview about almost everything that composes a Kubernetes cluster and various features. Very enjoyable to watch, nice presentation and transitions. Good well rounded refresher talk. An unabridged version is available here.
I think this will be all the time I have for watching talks for a while. I might make a post or two investigating some talk in more detail but this will be it for KubeCon 2017 and these notes. Thanks!