Microsoft and Tigera Collaborating to Secure Container Networking

Transcript

1. None
2. None

3. 25x shorter lifetime 10x workloads 900x start time 250x network

   churn 10x attack surface area
4. None

5. key: value

6. apiVersion: networking.k8s.io/v1 kind: NetworkPolicy metadata: name: my-network-policy namespace: my-namespace spec:

   podSelector: matchLabels: role: db ingress: - from: - podSelector: matchLabels: role: frontend ports: - protocol: TCP port: 6379 Role: db Role: db role: db role: frontend role: helper TCP 6379 role: frontend

7. apiVersion: networking.k8s.io/v1 kind: NetworkPolicy metadata: name: my-network-policy namespace: my-namespace spec:

   podSelector: matchLabels: role: db ingress: - from: - podSelector: matchLabels: role: frontend ports: - protocol: TCP port: 6379 Role: db Role: db role: db role: frontend role: helper TCP 6379 role: frontend

8. apiVersion: networking.k8s.io/v1 kind: NetworkPolicy metadata: name: my-network-policy namespace: my-namespace spec:

   podSelector: matchLabels: role: db ingress: - from: - podSelector: matchLabels: role: frontend ports: - protocol: TCP port: 6379 Role: db Role: db role: db role: frontend role: helper TCP 6379 role: frontend

9. apiVersion: networking.k8s.io/v1 kind: NetworkPolicy metadata: name: my-network-policy namespace: my-namespace spec:

   podSelector: matchLabels: role: db ingress: - from: - podSelector: matchLabels: role: frontend ports: - protocol: TCP port: 6379 Role: db Role: db role: db role: frontend role: helper TCP 6379 role: frontend

10. apiVersion: networking.k8s.io/v1 kind: NetworkPolicy metadata: name: my-network-policy namespace: my-namespace spec:

    podSelector: matchLabels: role: db ingress: - from: - podSelector: matchLabels: role: frontend ports: - protocol: TCP port: 6379 Role: db Role: db role: db role: frontend role: helper TCP 6379 role: frontend
11. None
12. None
13. None

14. M ulti-cloud and legacy Zero trust Enterprise control and com

    pliance O perationally sim ple Secure Application Connectivity
15. None