Admissions controllers play an important role in providing security and governance for Kubernetes. In this webinar, we will outline the Kubernetes Admission Controller architecture, and look in particular at the Validating Admission Controller function, along with the associated Open Policy Agent and Rego language components.
Having established the underlying infrastructure, we will look at several scenarios involving either misconfiguration or (potential) malice, and demonstrate appropriate admission control policies to combat them.
At the end of this talk, you will leave with:
- An overview of object creation in Kubernetes
- The basics of the Rego language (for writing admission controller policies)
- Sample admission controller policies for security and IT governance
Ashley Ward is the Technical Director, Office of the CTO at Palo Alto Networks where he aids customers in the secure deployment and scaling of container environments. Ashley has over 15 years’ experience in the operations and infrastructure architect space, from providing Unix administration and scoping private cloud deployments to bringing financial services organizations into public cloud and microservices. Ashley has a boat which he never seems to sail, beer-brewing equipment that he never seems to use, and a family that he loves spending time with. His spare time is spent volunteering as a justice of the peace.
