This event has ended. Visit the official site or create your own event on Sched.
Customize your schedule by session topic and skill level:  Session Topic - Refer to the "Type" filter list to the right to find a session based on topic. Talk Difficulty - Sessions are categorized as [B]eginner, [I]ntermediate or [A]dvanced at the end of each talk title.
Back To Schedule
Wednesday, March 29 • 16:20 - 16:55
Audit in Kubernetes Now, and in the Future [B] - Maciej Szulik, Red Hat

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
Quoting Wikipedia “an audit is a systematic and independent examination of (...)
records”. Now think for a second, how much information is floating through your
Kubernetes cluster. Deployments, Jobs and many other controllers creating and
destroying Pods. Administrators creating Users, granting Roles. Users creating
and modifying ConfigMaps, Secrets and many, many others. You can limit actions
performed by a single User creating Roles, controllers can be assigned ServiceAccounts,
etc, of course. But even with all that in place, are you sure you can easily
trace when a change was introduced, and most importantly who performed it?
This is when auditing comes into play.

During this presentation, I will introduce what auditing is, and what you can
expect from one of the best hidden features of Kubernetes, and why should you
care. I don't like just talking about ideas, so we’ll also walk through a live
demo showcasing the audit feature.
With all the current state laid out, I will discuss the future evolution of this
feature. Most importantly, I will cover the scope of the information that should
be gathered during processing each request. What policies should be implemented
to provide reasonable balance between performance and accountability. Lastly,
I will cover the most sensitive topic, how to store all that information.

After this session you will understand how auditing in Kubernetes works, and how
to leverage it to stay informed about what goes on in your cluster. Furthermore,
I am hoping this presentation will foster a discussion about advanced audit feature
and its shape in Kubernetes.

avatar for Maciej Szulik

Maciej Szulik

Senior Principal Software Engineer, Red Hat
Maciej is a passionate developer with almost 2 decades of experience in many languages. Currently he's working on OpenShift and Kubernetes for Red Hat. Whereas at night he is hacking on side projects with python. In his spare time he enjoys reading a good book or taking photos.

Wednesday March 29, 2017 16:20 - 16:55 CEST
A 03 Berlin Congress Center, Alexanderstraße 11, 10178 Berlin, Germany