Loading…
This event has ended. Visit the official site or create your own event on Sched.
Customize your schedule by session topic and skill level:  Session Topic - Refer to the "Type" filter list to the right to find a session based on topic. Talk Difficulty - Sessions are categorized as [B]eginner, [I]ntermediate or [A]dvanced at the end of each talk title.
View analytic
Wednesday, March 29 • 16:20 - 16:55
Audit in Kubernetes Now, and in the Future [B] - Maciej Szulik, Red Hat

Sign up or log in to save this to your schedule and see who's attending!

Feedback form is now closed.
Quoting Wikipedia “an audit is a systematic and independent examination of (...)
records”. Now think for a second, how much information is floating through your
Kubernetes cluster. Deployments, Jobs and many other controllers creating and
destroying Pods. Administrators creating Users, granting Roles. Users creating
and modifying ConfigMaps, Secrets and many, many others. You can limit actions
performed by a single User creating Roles, controllers can be assigned ServiceAccounts,
etc, of course. But even with all that in place, are you sure you can easily
trace when a change was introduced, and most importantly who performed it?
This is when auditing comes into play.

During this presentation, I will introduce what auditing is, and what you can
expect from one of the best hidden features of Kubernetes, and why should you
care. I don't like just talking about ideas, so we’ll also walk through a live
demo showcasing the audit feature.
With all the current state laid out, I will discuss the future evolution of this
feature. Most importantly, I will cover the scope of the information that should
be gathered during processing each request. What policies should be implemented
to provide reasonable balance between performance and accountability. Lastly,
I will cover the most sensitive topic, how to store all that information.

After this session you will understand how auditing in Kubernetes works, and how
to leverage it to stay informed about what goes on in your cluster. Furthermore,
I am hoping this presentation will foster a discussion about advanced audit feature
and its shape in Kubernetes.

Speakers
avatar for Maciej Szulik

Maciej Szulik

Senior Software Engineer, Red Hat
Maciej is a passionate developer with over 10 years of experience in many languages. Currently, he is working on OpenShift and Kubernetes for Red Hat, whereas at night he is hacking on bugs.python.org and CPython's IMAP library. In his other spare time he organizes PyCon PL, talks at various events and meet ups around Europe.



Wednesday March 29, 2017 16:20 - 16:55
A 03 Berlin Congress Center, Alexanderstraße 11, 10178 Berlin, Germany