Save 37% off PRO during our Black Friday Sale! »

Microsoft and Tigera Collaborating to Secure Container Networking

Microsoft and Tigera Collaborating to Secure Container Networking

I presented these slides at Microsoft Build 2018, in collaboration with Saurya Das, product manager for Azure Kubernetes Service.

7a1af5a69aeacaba5042ee2f332fdaf6?s=128

Andy Randall

May 08, 2018
Tweet

Transcript

  1. None
  2. None
  3. 25x shorter lifetime 10x workloads 900x start time 250x network

    churn 10x attack surface area
  4. None
  5. key: value

  6. apiVersion: networking.k8s.io/v1 kind: NetworkPolicy metadata: name: my-network-policy namespace: my-namespace spec:

    podSelector: matchLabels: role: db ingress: - from: - podSelector: matchLabels: role: frontend ports: - protocol: TCP port: 6379 Role: db Role: db role: db role: frontend role: helper TCP 6379 role: frontend
  7. apiVersion: networking.k8s.io/v1 kind: NetworkPolicy metadata: name: my-network-policy namespace: my-namespace spec:

    podSelector: matchLabels: role: db ingress: - from: - podSelector: matchLabels: role: frontend ports: - protocol: TCP port: 6379 Role: db Role: db role: db role: frontend role: helper TCP 6379 role: frontend
  8. apiVersion: networking.k8s.io/v1 kind: NetworkPolicy metadata: name: my-network-policy namespace: my-namespace spec:

    podSelector: matchLabels: role: db ingress: - from: - podSelector: matchLabels: role: frontend ports: - protocol: TCP port: 6379 Role: db Role: db role: db role: frontend role: helper TCP 6379 role: frontend
  9. apiVersion: networking.k8s.io/v1 kind: NetworkPolicy metadata: name: my-network-policy namespace: my-namespace spec:

    podSelector: matchLabels: role: db ingress: - from: - podSelector: matchLabels: role: frontend ports: - protocol: TCP port: 6379 Role: db Role: db role: db role: frontend role: helper TCP 6379 role: frontend
  10. apiVersion: networking.k8s.io/v1 kind: NetworkPolicy metadata: name: my-network-policy namespace: my-namespace spec:

    podSelector: matchLabels: role: db ingress: - from: - podSelector: matchLabels: role: frontend ports: - protocol: TCP port: 6379 Role: db Role: db role: db role: frontend role: helper TCP 6379 role: frontend
  11. None
  12. None
  13. None
  14. M ulti-cloud and legacy Zero trust Enterprise control and com

    pliance O perationally sim ple Secure Application Connectivity
  15. None