Network Isolation and Security Policies for Kubernetes Bare-metal Nodes
Offered By: CNCF [Cloud Native Computing Foundation] via YouTube
Course Description
Overview
Explore network isolation and security policies for Kubernetes bare-metal nodes in this 29-minute conference talk by Girish Moodalbail and Liel Shoshan. Discover how to implement strong network isolation and flexible stateful security policy enforcement for multi-tenant cloud environments using Kubernetes at scale. Learn about a high-performance implementation based on Software Defined Networking (SDN) for Kubernetes node networking, utilizing Open Virtual Network (OVN) and Open vSwitch (OVS) offloaded to "bump-in-the-wire" Smart NICs. Gain insights into topics such as logical topology, multitenancy, trusted zones, and datapath hardware offload. Understand how this approach minimizes host resource consumption while maintaining immunity to potentially malicious host root users, all while remaining compatible with high-performance Kubernetes CNI implementations.
Syllabus
Introduction
Bump in the Wire
Logical Topology
One Kubernetes
Smartening
Smartnic
Network Diagram
Multitenancy
Trusted Zones
Datapass Hardware Offload
Taught by
CNCF [Cloud Native Computing Foundation]
Related Courses
Introduction to Cloud Infrastructure TechnologiesLinux Foundation via edX Scalable Microservices with Kubernetes
Google via Udacity Google Cloud Fundamentals: Core Infrastructure
Google via Coursera Introduction to Kubernetes
Linux Foundation via edX Fundamentals of Containers, Kubernetes, and Red Hat OpenShift
Red Hat via edX