Upgrade to PRO for Only $50/Year—Limited-Time Offer! 🔥
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
DevOps Exchange London – Network Security at Monzo
Search
Oliver Beattie
January 26, 2017
Technology
0
250
DevOps Exchange London – Network Security at Monzo
Oliver Beattie
January 26, 2017
Tweet
Share
More Decks by Oliver Beattie
See All by Oliver Beattie
Anatomy of a Production Kubernetes Outage – Kubecon EU 2018
obeattie
4
4.6k
Building a Bank with Kubernetes – Kubecon 2016
obeattie
1
590
Building a Bank with Kubernetes – Kubernetes London Meetup, Autumn 2016
obeattie
10
47k
Other Decks in Technology
See All in Technology
【開発を止めるな】機能追加と並行して進めるアーキテクチャ改善/Keep Shipping: Architecture Improvements Without Pausing Dev
bitkey
PRO
1
130
Amazon Quick Suite で始める手軽な AI エージェント
shimy
1
1.9k
フルカイテン株式会社 エンジニア向け採用資料
fullkaiten
0
9.9k
Building Serverless AI Memory with Mastra × AWS
vvatanabe
0
580
Entity Framework Core におけるIN句クエリ最適化について
htkym
0
120
Strands AgentsとNova 2 SonicでS2Sを実践してみた
yama3133
1
1.9k
普段使ってるClaude Skillsの紹介(by Notebooklm)
zerebom
8
2.2k
202512_AIoT.pdf
iotcomjpadmin
0
140
ハッカソンから社内プロダクトへ AIエージェント「ko☆shi」開発で学んだ4つの重要要素
sonoda_mj
6
1.7k
20251218_AIを活用した開発生産性向上の全社的な取り組みの進め方について / How to proceed with company-wide initiatives to improve development productivity using AI
yayoi_dd
0
660
Bedrock AgentCore Memoryの新機能 (Episode) を試してみた / try Bedrock AgentCore Memory Episodic functionarity
hoshi7_n
2
1.9k
Oracle Database@AWS:サービス概要のご紹介
oracle4engineer
PRO
1
410
Featured
See All Featured
A brief & incomplete history of UX Design for the World Wide Web: 1989–2019
jct
1
260
Building Flexible Design Systems
yeseniaperezcruz
330
39k
What the history of the web can teach us about the future of AI
inesmontani
PRO
0
370
Leadership Guide Workshop - DevTernity 2021
reverentgeek
0
170
End of SEO as We Know It (SMX Advanced Version)
ipullrank
2
3.8k
Bridging the Design Gap: How Collaborative Modelling removes blockers to flow between stakeholders and teams @FastFlow conf
baasie
0
410
Ruling the World: When Life Gets Gamed
codingconduct
0
100
The State of eCommerce SEO: How to Win in Today's Products SERPs - #SEOweek
aleyda
2
9.1k
The Pragmatic Product Professional
lauravandoore
37
7.1k
Are puppies a ranking factor?
jonoalderson
0
2.4k
Art, The Web, and Tiny UX
lynnandtonic
304
21k
SEOcharity - Dark patterns in SEO and UX: How to avoid them and build a more ethical web
sarafernandez
0
89
Transcript
Oliver Beattie @obeattie Head of Engineering, Monzo
None
None
None
None
None
Pre-application 9 months Application 6 months Mobilisation 4–8 months
Isolation Authentication
Isolation Authentication
k8s-master Availability Zone A Availability Zone B Availability Zone C
admin user data k8s-worker dmz
k8s-master Availability Zone A Availability Zone B Availability Zone C
k8s-worker dmz
None
None
+
apiVersion: extensions/v1beta1 kind: NetworkPolicy metadata: name: com.monzo.mastercard.proxy spec: podSelector: matchLabels:
stage: prod routing-name: com.monzo.mastercard.proxy ingress: - from: - podSelector: matchLabels: stage: prod routing-name: com.monzo.mastercard.processor ports: - protocol: tcp port: 80
“Cluster-aware” netfilter/iptables under the hood Filtering at “both ends” No
control over egress Only understands TCP/UDP Proxies
Isolation Authentication
Host A Host B Service A linkerd Service B linkerd
Host A Host B Service A linkerd Service B linkerd
Host A Host B Service A linkerd Service B linkerd
CA CA CA Vault
Secret management Message signing Transaction authorisation Secure build Audit logging
WAN tunnels
IPSec StrongSwan (IPSec) Hardware VPN device Services Services Services AWS
Co-location Third parties
monzo.com/careers
& Questions
@obeattie
obeattie
bitkey
shimy
fullkaiten
vvatanabe
htkym
yama3133
zerebom
iotcomjpadmin
sonoda_mj
yayoi_dd
hoshi7_n
oracle4engineer
jct
yeseniaperezcruz
inesmontani
reverentgeek
ipullrank
baasie
codingconduct
aleyda
lauravandoore
jonoalderson
lynnandtonic
sarafernandez
