SlideShare a Scribd company logo

How to Avoid Kubernetes Multi-tenancy Catastrophes

Weaveworks
Weaveworks

This document summarizes a webinar about implementing multi-tenancy in Kubernetes without catastrophes using GitOps. It recommends 5 easy steps: 1) implement a zero trust posture, 2) apply least privilege practices, 3) use policies to enforce governance, 4) leverage GitOps audit capabilities, and 5) reduce the blast radius. The webinar discusses how Weaveworks' Workspaces product establishes boundaries and defines access controls to securely support multiple teams deploying applications.

Technology
1 of 20
Download to read offline
Avoid Kubernetes Multi-Tenancy Catastrophes in 5 Easy Steps
2 Webinar Platform - FAQs Using Zoom • You are in listen only mode • This webinar is being recorded • Q&A session will follow the presentation, please use the Q&A panel to submit questions • Hit escape to exit full screen • Slides and recording will be shared after the webinar Technical Issues - please visit Zoom Help https://support.zoom.us/hc/en-us/articles/206175806-Top-Questions
3 Joe Dahlquist VP of Product Marketing, Weaveworks Joe Dahlquist leads product marketing at Weaveworks. An accomplished product leader with over 20 years of experience in PM and PMM roles, Joe has worked on software, hardware, and services products that have delighted millions of users and partners in cybersecurity, consumer electronics, financial services, access control, and more. Speaker introductions David Stauffer Senior Product Manager, Weaveworks David Stauffer is a Senior Product Manager at Weaveworks. For David, the most exciting job in the world is building the right product for the customer. Passionate about any and all end-users, he has experience working in different startups across the globe. He has worked on making the edge real through Kubernetes and working in the GSMA aligning on the architectural design for a federated edge.
Weaveworks is backed by amazing teams Weaveworks partners with all the major infrastructure and Kubernetes vendors We’re the GitOps Company Weaveworks is deeply committed to the Open Source Community
Confidential do not distribute Financial Services Companies Doing GitOps with Weaveworks Technology Other Industries
● Tenancy is ubiquitous ● Catastrophes can occur ● You can get it right ● 5 easy steps how to do it Tenancy in Weave GitOps Enterprise
7 WTF is Tenancy and why is it needed? ● A person, place or thing? ● Team? ● Application? Tenancy in the World of GitOps
8 ● Many ways to handle Tenancy in Kubernetes, which is right for you? ● Defining overall Tenancy posture can get really complicated ○ Companies need end-to-end tenancy solution ○ Granular control over all the moving parts ○ Policies, RBAC, Isolation, and more Tenancy in the World of GitOps
● Some real world examples Getting it Wrong can be Catastrophic
10 1. Implement a Zero Trust posture 2. Apply Least Privilege Practices 3. Use Policies to Enforce Governance 4. GitOps Audit Capabilities 5. Reduce the Blast Radius 5 Easy Things You Can Do
11 ● Implement a Zero Trust posture ○ Trust nothing, verify everything ○ Neighbours can be noisy ○ Flux is your gate/root of trust 5 Easy Things You Can Do 1
12 ● Apply Least Privilege Practices ○ Permissions and Role management ○ Distrust until proven otherwise ○ Continuous assessment 5 Easy Things You Can Do 2
13 ● Use Policies to Enforce Governance ○ Audit vs. Admission ○ Policy as Guardrails ○ Control Sources and Configs 5 Easy Things You Can Do 3
14 ● GitOps Audit Capabilities ○ Git history ○ Git gate to your cluster ○ Change control and checks 5 Easy Things You Can Do 4
15 ● Reduce the Blast Radius ○ Do all of the above… ○ Secrets rotation ○ Isolation (not all in one git repo) 5 Easy Things You Can Do 5
16 ● Workspaces establishes boundaries, defines what can be deployed by whom ● Creates trusted Workspaces for application teams ● Protects sensitive environments ● Adds governance and compliance Workspaces in Weave GitOps Namespace Policy Role RoleBinding
17 Team Workspaces gives the power to define: ● Access to sources ( Git repos, Helm repos, Buckets etc ) ● Access to targets ( Cluster + namespaces ) ● Definition of what can get deployed ( examples: Roles, Network Policies, Deployments, ... ) ● Use/set the correct Service Account and Role + Rolebindings Workspaces in Weave GitOps
18 ● Workspaces empowers app dev teams to go much faster ● Enables multiple DevOps teams to work seamlessly together ● Enables DevOps teams to focus on their area of concern ● Protects sensitive environments Result: Race Car with Seatbelts
19 Confidential do not distribute Questions? Please use the Q&A panel in your Zoom menu
20 Whitepaper: Trusted Application Delivery https://bit.ly/3A0JMOe Learn more about Weave GitOps www.weave.works/enterprise and a 5 min demo https://youtu.be/aqJaHNCz2lM Request a personal demo www.weave.works/contact Thank You

Recommended

Api gitlab: configurazione dei progetti as a service
Api gitlab: configurazione dei progetti as a serviceApi gitlab: configurazione dei progetti as a service
Api gitlab: configurazione dei progetti as a serviceEmerasoft, solutions to collaborate
 
Weave GitOps 2022.09 Release: A Fast & Reliable Path to Production with Progr...
Weave GitOps 2022.09 Release: A Fast & Reliable Path to Production with Progr...Weave GitOps 2022.09 Release: A Fast & Reliable Path to Production with Progr...
Weave GitOps 2022.09 Release: A Fast & Reliable Path to Production with Progr...Weaveworks
 
Deploying Stateful Applications Securely & Confidently with Ondat & Weave GitOps
Deploying Stateful Applications Securely & Confidently with Ondat & Weave GitOpsDeploying Stateful Applications Securely & Confidently with Ondat & Weave GitOps
Deploying Stateful Applications Securely & Confidently with Ondat & Weave GitOpsWeaveworks
 
Choosing Git hosting service
Choosing Git hosting serviceChoosing Git hosting service
Choosing Git hosting serviceYoram Michaeli
 
Don't Let Git Get Your Goat!
Don't Let Git Get Your Goat!Don't Let Git Get Your Goat!
Don't Let Git Get Your Goat!CollabNet
 
Strategies for on premise to Google Cloud migration - Mateusz Pytel, GetInData
Strategies for on premise to Google Cloud migration - Mateusz Pytel, GetInDataStrategies for on premise to Google Cloud migration - Mateusz Pytel, GetInData
Strategies for on premise to Google Cloud migration - Mateusz Pytel, GetInDataGetInData
 
Puppet Camp San Francisco 2015: Puppet Adoption in a Mature Environment
Puppet Camp San Francisco 2015: Puppet Adoption in a Mature EnvironmentPuppet Camp San Francisco 2015: Puppet Adoption in a Mature Environment
Puppet Camp San Francisco 2015: Puppet Adoption in a Mature EnvironmentPuppet
 
Webinar: End to End Security & Operations with Chainguard and Weave GitOps
Webinar: End to End Security & Operations with Chainguard and Weave GitOpsWebinar: End to End Security & Operations with Chainguard and Weave GitOps
Webinar: End to End Security & Operations with Chainguard and Weave GitOpsWeaveworks
 

Recommended

Api gitlab: configurazione dei progetti as a service
Api gitlab: configurazione dei progetti as a serviceApi gitlab: configurazione dei progetti as a service
Api gitlab: configurazione dei progetti as a serviceEmerasoft, solutions to collaborate
 
Weave GitOps 2022.09 Release: A Fast & Reliable Path to Production with Progr...
Weave GitOps 2022.09 Release: A Fast & Reliable Path to Production with Progr...Weave GitOps 2022.09 Release: A Fast & Reliable Path to Production with Progr...
Weave GitOps 2022.09 Release: A Fast & Reliable Path to Production with Progr...Weaveworks
 
Deploying Stateful Applications Securely & Confidently with Ondat & Weave GitOps
Deploying Stateful Applications Securely & Confidently with Ondat & Weave GitOpsDeploying Stateful Applications Securely & Confidently with Ondat & Weave GitOps
Deploying Stateful Applications Securely & Confidently with Ondat & Weave GitOpsWeaveworks
 
Choosing Git hosting service
Choosing Git hosting serviceChoosing Git hosting service
Choosing Git hosting serviceYoram Michaeli
 
Don't Let Git Get Your Goat!
Don't Let Git Get Your Goat!Don't Let Git Get Your Goat!
Don't Let Git Get Your Goat!CollabNet
 
Strategies for on premise to Google Cloud migration - Mateusz Pytel, GetInData
Strategies for on premise to Google Cloud migration - Mateusz Pytel, GetInDataStrategies for on premise to Google Cloud migration - Mateusz Pytel, GetInData
Strategies for on premise to Google Cloud migration - Mateusz Pytel, GetInDataGetInData
 
Puppet Camp San Francisco 2015: Puppet Adoption in a Mature Environment
Puppet Camp San Francisco 2015: Puppet Adoption in a Mature EnvironmentPuppet Camp San Francisco 2015: Puppet Adoption in a Mature Environment
Puppet Camp San Francisco 2015: Puppet Adoption in a Mature EnvironmentPuppet
 
Webinar: End to End Security & Operations with Chainguard and Weave GitOps
Webinar: End to End Security & Operations with Chainguard and Weave GitOpsWebinar: End to End Security & Operations with Chainguard and Weave GitOps
Webinar: End to End Security & Operations with Chainguard and Weave GitOpsWeaveworks
 
Observe and command your fleets across any kubernetes with weave git ops
Observe and command your fleets across any kubernetes with weave git opsObserve and command your fleets across any kubernetes with weave git ops
Observe and command your fleets across any kubernetes with weave git opsWeaveworks
 
Ship Faster Without Breaking Everything - XebiaLabs + SaltStack Webinar
Ship Faster Without Breaking Everything - XebiaLabs + SaltStack WebinarShip Faster Without Breaking Everything - XebiaLabs + SaltStack Webinar
Ship Faster Without Breaking Everything - XebiaLabs + SaltStack WebinarXebiaLabs
 
Securing Your App Deployments with Tunnels, OIDC, RBAC, and Progressive Deliv...
Securing Your App Deployments with Tunnels, OIDC, RBAC, and Progressive Deliv...Securing Your App Deployments with Tunnels, OIDC, RBAC, and Progressive Deliv...
Securing Your App Deployments with Tunnels, OIDC, RBAC, and Progressive Deliv...Weaveworks
 
5 strategies for enterprise cloud infrastructure success
5 strategies for enterprise cloud infrastructure success5 strategies for enterprise cloud infrastructure success
5 strategies for enterprise cloud infrastructure successRogue Wave Software
 
DX, Guardrails, Golden Paths & Policy in Kubernetes
DX, Guardrails, Golden Paths & Policy in KubernetesDX, Guardrails, Golden Paths & Policy in Kubernetes
DX, Guardrails, Golden Paths & Policy in KubernetesWeaveworks
 
Shift Deployment Security Left with Weave GitOps & Upbound’s Universal Crossp...
Shift Deployment Security Left with Weave GitOps & Upbound’s Universal Crossp...Shift Deployment Security Left with Weave GitOps & Upbound’s Universal Crossp...
Shift Deployment Security Left with Weave GitOps & Upbound’s Universal Crossp...Weaveworks
 
Delivering Better Software Faster (Without Breaking Everything)
Delivering Better Software Faster (Without Breaking Everything)Delivering Better Software Faster (Without Breaking Everything)
Delivering Better Software Faster (Without Breaking Everything)XebiaLabs
 
Devops, Secops, Opsec, DevSec *ops *.* ?
Devops, Secops, Opsec, DevSec *ops *.* ?Devops, Secops, Opsec, DevSec *ops *.* ?
Devops, Secops, Opsec, DevSec *ops *.* ?Kris Buytaert
 
The GitOps Journey - Schlomo Schapiro - Berlin DevOps Meetup 2021-11
The GitOps Journey - Schlomo Schapiro - Berlin DevOps Meetup 2021-11The GitOps Journey - Schlomo Schapiro - Berlin DevOps Meetup 2021-11
The GitOps Journey - Schlomo Schapiro - Berlin DevOps Meetup 2021-11Schlomo Schapiro
 
Making Tough Open Core Product Decisions. Yves de Montcheuil, Talend.
Making Tough Open Core Product Decisions. Yves de Montcheuil, Talend.Making Tough Open Core Product Decisions. Yves de Montcheuil, Talend.
Making Tough Open Core Product Decisions. Yves de Montcheuil, Talend.OW2
 
Cloud Native Transformation (Alexis Richardson) - Continuous Lifecycle 2018 ...
Cloud Native Transformation (Alexis Richardson) - Continuous Lifecycle 2018 ... Cloud Native Transformation (Alexis Richardson) - Continuous Lifecycle 2018 ...
Cloud Native Transformation (Alexis Richardson) - Continuous Lifecycle 2018 ...Weaveworks
 
Devops, the future is here, it's just not evenly distributed yet.
Devops, the future is here, it's just not evenly distributed yet.Devops, the future is here, it's just not evenly distributed yet.
Devops, the future is here, it's just not evenly distributed yet.Kris Buytaert
 
Hybrid Development Workshop Presentation (San Francisco)
Hybrid Development Workshop Presentation (San Francisco)Hybrid Development Workshop Presentation (San Francisco)
Hybrid Development Workshop Presentation (San Francisco)Brian Dawson
 
PuppetConf 2016: A Tale of Two Hierarchies: Group Policy & Puppet – Matt Ston...
PuppetConf 2016: A Tale of Two Hierarchies: Group Policy & Puppet – Matt Ston...PuppetConf 2016: A Tale of Two Hierarchies: Group Policy & Puppet – Matt Ston...
PuppetConf 2016: A Tale of Two Hierarchies: Group Policy & Puppet – Matt Ston...Puppet
 
Excalibur: best practices for virtual desktop operations leveraging Citrix Di...
Excalibur: best practices for virtual desktop operations leveraging Citrix Di...Excalibur: best practices for virtual desktop operations leveraging Citrix Di...
Excalibur: best practices for virtual desktop operations leveraging Citrix Di...Citrix
 
Expedite Enterprise Software Development with JIRA®, TeamForge® SCM, and Jenkins
Expedite Enterprise Software Development with JIRA®, TeamForge® SCM, and JenkinsExpedite Enterprise Software Development with JIRA®, TeamForge® SCM, and Jenkins
Expedite Enterprise Software Development with JIRA®, TeamForge® SCM, and JenkinsCollabNet
 
Weave GitOps Core Overview (Free GitOps Workshop)
Weave GitOps Core Overview (Free GitOps Workshop)Weave GitOps Core Overview (Free GitOps Workshop)
Weave GitOps Core Overview (Free GitOps Workshop)Weaveworks
 
Develop, deploy, and operate services at reddit scale oscon 2018
Develop, deploy, and operate services at reddit scale oscon 2018Develop, deploy, and operate services at reddit scale oscon 2018
Develop, deploy, and operate services at reddit scale oscon 2018Gregory Taylor
 
Becoming the Docker Champion: Bringing Docker Back to Work
Becoming the Docker Champion: Bringing Docker Back to WorkBecoming the Docker Champion: Bringing Docker Back to Work
Becoming the Docker Champion: Bringing Docker Back to WorkDocker, Inc.
 
Devops, the future is here it's not evenly distributed yet
Devops, the future is here it's not evenly distributed yetDevops, the future is here it's not evenly distributed yet
Devops, the future is here it's not evenly distributed yetKris Buytaert
 
Weave AI Controllers (Weave GitOps Office Hours)
Weave AI Controllers (Weave GitOps Office Hours)Weave AI Controllers (Weave GitOps Office Hours)
Weave AI Controllers (Weave GitOps Office Hours)Weaveworks
 
Flamingo: Expand ArgoCD with Flux (Office Hours)
Flamingo: Expand ArgoCD with Flux (Office Hours)Flamingo: Expand ArgoCD with Flux (Office Hours)
Flamingo: Expand ArgoCD with Flux (Office Hours)Weaveworks
 

More Related Content

Similar to How to Avoid Kubernetes Multi-tenancy Catastrophes

Observe and command your fleets across any kubernetes with weave git ops
Observe and command your fleets across any kubernetes with weave git opsObserve and command your fleets across any kubernetes with weave git ops
Observe and command your fleets across any kubernetes with weave git opsWeaveworks
 
Ship Faster Without Breaking Everything - XebiaLabs + SaltStack Webinar
Ship Faster Without Breaking Everything - XebiaLabs + SaltStack WebinarShip Faster Without Breaking Everything - XebiaLabs + SaltStack Webinar
Ship Faster Without Breaking Everything - XebiaLabs + SaltStack WebinarXebiaLabs
 
Securing Your App Deployments with Tunnels, OIDC, RBAC, and Progressive Deliv...
Securing Your App Deployments with Tunnels, OIDC, RBAC, and Progressive Deliv...Securing Your App Deployments with Tunnels, OIDC, RBAC, and Progressive Deliv...
Securing Your App Deployments with Tunnels, OIDC, RBAC, and Progressive Deliv...Weaveworks
 
5 strategies for enterprise cloud infrastructure success
5 strategies for enterprise cloud infrastructure success5 strategies for enterprise cloud infrastructure success
5 strategies for enterprise cloud infrastructure successRogue Wave Software
 
DX, Guardrails, Golden Paths & Policy in Kubernetes
DX, Guardrails, Golden Paths & Policy in KubernetesDX, Guardrails, Golden Paths & Policy in Kubernetes
DX, Guardrails, Golden Paths & Policy in KubernetesWeaveworks
 
Shift Deployment Security Left with Weave GitOps & Upbound’s Universal Crossp...
Shift Deployment Security Left with Weave GitOps & Upbound’s Universal Crossp...Shift Deployment Security Left with Weave GitOps & Upbound’s Universal Crossp...
Shift Deployment Security Left with Weave GitOps & Upbound’s Universal Crossp...Weaveworks
 
Delivering Better Software Faster (Without Breaking Everything)
Delivering Better Software Faster (Without Breaking Everything)Delivering Better Software Faster (Without Breaking Everything)
Delivering Better Software Faster (Without Breaking Everything)XebiaLabs
 
Devops, Secops, Opsec, DevSec *ops *.* ?
Devops, Secops, Opsec, DevSec *ops *.* ?Devops, Secops, Opsec, DevSec *ops *.* ?
Devops, Secops, Opsec, DevSec *ops *.* ?Kris Buytaert
 
The GitOps Journey - Schlomo Schapiro - Berlin DevOps Meetup 2021-11
The GitOps Journey - Schlomo Schapiro - Berlin DevOps Meetup 2021-11The GitOps Journey - Schlomo Schapiro - Berlin DevOps Meetup 2021-11
The GitOps Journey - Schlomo Schapiro - Berlin DevOps Meetup 2021-11Schlomo Schapiro
 
Making Tough Open Core Product Decisions. Yves de Montcheuil, Talend.
Making Tough Open Core Product Decisions. Yves de Montcheuil, Talend.Making Tough Open Core Product Decisions. Yves de Montcheuil, Talend.
Making Tough Open Core Product Decisions. Yves de Montcheuil, Talend.OW2
 
Cloud Native Transformation (Alexis Richardson) - Continuous Lifecycle 2018 ...
Cloud Native Transformation (Alexis Richardson) - Continuous Lifecycle 2018 ... Cloud Native Transformation (Alexis Richardson) - Continuous Lifecycle 2018 ...
Cloud Native Transformation (Alexis Richardson) - Continuous Lifecycle 2018 ...Weaveworks
 
Devops, the future is here, it's just not evenly distributed yet.
Devops, the future is here, it's just not evenly distributed yet.Devops, the future is here, it's just not evenly distributed yet.
Devops, the future is here, it's just not evenly distributed yet.Kris Buytaert
 
Hybrid Development Workshop Presentation (San Francisco)
Hybrid Development Workshop Presentation (San Francisco)Hybrid Development Workshop Presentation (San Francisco)
Hybrid Development Workshop Presentation (San Francisco)Brian Dawson
 
PuppetConf 2016: A Tale of Two Hierarchies: Group Policy & Puppet – Matt Ston...
PuppetConf 2016: A Tale of Two Hierarchies: Group Policy & Puppet – Matt Ston...PuppetConf 2016: A Tale of Two Hierarchies: Group Policy & Puppet – Matt Ston...
PuppetConf 2016: A Tale of Two Hierarchies: Group Policy & Puppet – Matt Ston...Puppet
 
Excalibur: best practices for virtual desktop operations leveraging Citrix Di...
Excalibur: best practices for virtual desktop operations leveraging Citrix Di...Excalibur: best practices for virtual desktop operations leveraging Citrix Di...
Excalibur: best practices for virtual desktop operations leveraging Citrix Di...Citrix
 
Expedite Enterprise Software Development with JIRA®, TeamForge® SCM, and Jenkins
Expedite Enterprise Software Development with JIRA®, TeamForge® SCM, and JenkinsExpedite Enterprise Software Development with JIRA®, TeamForge® SCM, and Jenkins
Expedite Enterprise Software Development with JIRA®, TeamForge® SCM, and JenkinsCollabNet
 
Weave GitOps Core Overview (Free GitOps Workshop)
Weave GitOps Core Overview (Free GitOps Workshop)Weave GitOps Core Overview (Free GitOps Workshop)
Weave GitOps Core Overview (Free GitOps Workshop)Weaveworks
 
Develop, deploy, and operate services at reddit scale oscon 2018
Develop, deploy, and operate services at reddit scale oscon 2018Develop, deploy, and operate services at reddit scale oscon 2018
Develop, deploy, and operate services at reddit scale oscon 2018Gregory Taylor
 
Becoming the Docker Champion: Bringing Docker Back to Work
Becoming the Docker Champion: Bringing Docker Back to WorkBecoming the Docker Champion: Bringing Docker Back to Work
Becoming the Docker Champion: Bringing Docker Back to WorkDocker, Inc.
 
Devops, the future is here it's not evenly distributed yet
Devops, the future is here it's not evenly distributed yetDevops, the future is here it's not evenly distributed yet
Devops, the future is here it's not evenly distributed yetKris Buytaert
 

Similar to How to Avoid Kubernetes Multi-tenancy Catastrophes (20)

Observe and command your fleets across any kubernetes with weave git ops
Observe and command your fleets across any kubernetes with weave git opsObserve and command your fleets across any kubernetes with weave git ops
Observe and command your fleets across any kubernetes with weave git ops
 
Ship Faster Without Breaking Everything - XebiaLabs + SaltStack Webinar
Ship Faster Without Breaking Everything - XebiaLabs + SaltStack WebinarShip Faster Without Breaking Everything - XebiaLabs + SaltStack Webinar
Ship Faster Without Breaking Everything - XebiaLabs + SaltStack Webinar
 
Securing Your App Deployments with Tunnels, OIDC, RBAC, and Progressive Deliv...
Securing Your App Deployments with Tunnels, OIDC, RBAC, and Progressive Deliv...Securing Your App Deployments with Tunnels, OIDC, RBAC, and Progressive Deliv...
Securing Your App Deployments with Tunnels, OIDC, RBAC, and Progressive Deliv...
 
5 strategies for enterprise cloud infrastructure success
5 strategies for enterprise cloud infrastructure success5 strategies for enterprise cloud infrastructure success
5 strategies for enterprise cloud infrastructure success
 
DX, Guardrails, Golden Paths & Policy in Kubernetes
DX, Guardrails, Golden Paths & Policy in KubernetesDX, Guardrails, Golden Paths & Policy in Kubernetes
DX, Guardrails, Golden Paths & Policy in Kubernetes
 
Shift Deployment Security Left with Weave GitOps & Upbound’s Universal Crossp...
Shift Deployment Security Left with Weave GitOps & Upbound’s Universal Crossp...Shift Deployment Security Left with Weave GitOps & Upbound’s Universal Crossp...
Shift Deployment Security Left with Weave GitOps & Upbound’s Universal Crossp...
 
Delivering Better Software Faster (Without Breaking Everything)
Delivering Better Software Faster (Without Breaking Everything)Delivering Better Software Faster (Without Breaking Everything)
Delivering Better Software Faster (Without Breaking Everything)
 
Devops, Secops, Opsec, DevSec *ops *.* ?
Devops, Secops, Opsec, DevSec *ops *.* ?Devops, Secops, Opsec, DevSec *ops *.* ?
Devops, Secops, Opsec, DevSec *ops *.* ?
 
The GitOps Journey - Schlomo Schapiro - Berlin DevOps Meetup 2021-11
The GitOps Journey - Schlomo Schapiro - Berlin DevOps Meetup 2021-11The GitOps Journey - Schlomo Schapiro - Berlin DevOps Meetup 2021-11
The GitOps Journey - Schlomo Schapiro - Berlin DevOps Meetup 2021-11
 
Making Tough Open Core Product Decisions. Yves de Montcheuil, Talend.
Making Tough Open Core Product Decisions. Yves de Montcheuil, Talend.Making Tough Open Core Product Decisions. Yves de Montcheuil, Talend.
Making Tough Open Core Product Decisions. Yves de Montcheuil, Talend.
 
Cloud Native Transformation (Alexis Richardson) - Continuous Lifecycle 2018 ...
Cloud Native Transformation (Alexis Richardson) - Continuous Lifecycle 2018 ... Cloud Native Transformation (Alexis Richardson) - Continuous Lifecycle 2018 ...
Cloud Native Transformation (Alexis Richardson) - Continuous Lifecycle 2018 ...
 
Devops, the future is here, it's just not evenly distributed yet.
Devops, the future is here, it's just not evenly distributed yet.Devops, the future is here, it's just not evenly distributed yet.
Devops, the future is here, it's just not evenly distributed yet.
 
Hybrid Development Workshop Presentation (San Francisco)
Hybrid Development Workshop Presentation (San Francisco)Hybrid Development Workshop Presentation (San Francisco)
Hybrid Development Workshop Presentation (San Francisco)
 
PuppetConf 2016: A Tale of Two Hierarchies: Group Policy & Puppet – Matt Ston...
PuppetConf 2016: A Tale of Two Hierarchies: Group Policy & Puppet – Matt Ston...PuppetConf 2016: A Tale of Two Hierarchies: Group Policy & Puppet – Matt Ston...
PuppetConf 2016: A Tale of Two Hierarchies: Group Policy & Puppet – Matt Ston...
 
Excalibur: best practices for virtual desktop operations leveraging Citrix Di...
Excalibur: best practices for virtual desktop operations leveraging Citrix Di...Excalibur: best practices for virtual desktop operations leveraging Citrix Di...
Excalibur: best practices for virtual desktop operations leveraging Citrix Di...
 
Expedite Enterprise Software Development with JIRA®, TeamForge® SCM, and Jenkins
Expedite Enterprise Software Development with JIRA®, TeamForge® SCM, and JenkinsExpedite Enterprise Software Development with JIRA®, TeamForge® SCM, and Jenkins
Expedite Enterprise Software Development with JIRA®, TeamForge® SCM, and Jenkins
 
Weave GitOps Core Overview (Free GitOps Workshop)
Weave GitOps Core Overview (Free GitOps Workshop)Weave GitOps Core Overview (Free GitOps Workshop)
Weave GitOps Core Overview (Free GitOps Workshop)
 
Develop, deploy, and operate services at reddit scale oscon 2018
Develop, deploy, and operate services at reddit scale oscon 2018Develop, deploy, and operate services at reddit scale oscon 2018
Develop, deploy, and operate services at reddit scale oscon 2018
 
Becoming the Docker Champion: Bringing Docker Back to Work
Becoming the Docker Champion: Bringing Docker Back to WorkBecoming the Docker Champion: Bringing Docker Back to Work
Becoming the Docker Champion: Bringing Docker Back to Work
 
Devops, the future is here it's not evenly distributed yet
Devops, the future is here it's not evenly distributed yetDevops, the future is here it's not evenly distributed yet
Devops, the future is here it's not evenly distributed yet
 

More from Weaveworks

Weave AI Controllers (Weave GitOps Office Hours)
Weave AI Controllers (Weave GitOps Office Hours)Weave AI Controllers (Weave GitOps Office Hours)
Weave AI Controllers (Weave GitOps Office Hours)Weaveworks
 
Flamingo: Expand ArgoCD with Flux (Office Hours)
Flamingo: Expand ArgoCD with Flux (Office Hours)Flamingo: Expand ArgoCD with Flux (Office Hours)
Flamingo: Expand ArgoCD with Flux (Office Hours)Weaveworks
 
Webinar: Capabilities, Confidence and Community – What Flux GA Means for You
Webinar: Capabilities, Confidence and Community – What Flux GA Means for YouWebinar: Capabilities, Confidence and Community – What Flux GA Means for You
Webinar: Capabilities, Confidence and Community – What Flux GA Means for YouWeaveworks
 
Six Signs You Need Platform Engineering
Six Signs You Need Platform EngineeringSix Signs You Need Platform Engineering
Six Signs You Need Platform EngineeringWeaveworks
 
SRE and GitOps for Building Robust Kubernetes Platforms.pdf
SRE and GitOps for Building Robust Kubernetes Platforms.pdfSRE and GitOps for Building Robust Kubernetes Platforms.pdf
SRE and GitOps for Building Robust Kubernetes Platforms.pdfWeaveworks
 
Flux Beyond Git Harnessing the Power of OCI
Flux Beyond Git Harnessing the Power of OCIFlux Beyond Git Harnessing the Power of OCI
Flux Beyond Git Harnessing the Power of OCIWeaveworks
 
Automated Provisioning, Management & Cost Control for Kubernetes Clusters
Automated Provisioning, Management & Cost Control for Kubernetes ClustersAutomated Provisioning, Management & Cost Control for Kubernetes Clusters
Automated Provisioning, Management & Cost Control for Kubernetes ClustersWeaveworks
 
Building internal developer platform with EKS and GitOps
Building internal developer platform with EKS and GitOpsBuilding internal developer platform with EKS and GitOps
Building internal developer platform with EKS and GitOpsWeaveworks
 
GitOps Testing in Kubernetes with Flux and Testkube.pdf
GitOps Testing in Kubernetes with Flux and Testkube.pdfGitOps Testing in Kubernetes with Flux and Testkube.pdf
GitOps Testing in Kubernetes with Flux and Testkube.pdfWeaveworks
 
Intro to GitOps with Weave GitOps, Flagger and Linkerd
Intro to GitOps with Weave GitOps, Flagger and LinkerdIntro to GitOps with Weave GitOps, Flagger and Linkerd
Intro to GitOps with Weave GitOps, Flagger and LinkerdWeaveworks
 
Implementing Flux for Scale with Soft Multi-tenancy
Implementing Flux for Scale with Soft Multi-tenancyImplementing Flux for Scale with Soft Multi-tenancy
Implementing Flux for Scale with Soft Multi-tenancyWeaveworks
 
Accelerating Hybrid Multistage Delivery with Weave GitOps on EKS
Accelerating Hybrid Multistage Delivery with Weave GitOps on EKSAccelerating Hybrid Multistage Delivery with Weave GitOps on EKS
Accelerating Hybrid Multistage Delivery with Weave GitOps on EKSWeaveworks
 
The Story of Flux Reaching Graduation in the CNCF
The Story of Flux Reaching Graduation in the CNCFThe Story of Flux Reaching Graduation in the CNCF
The Story of Flux Reaching Graduation in the CNCFWeaveworks
 
Flux’s Security & Scalability with OCI & Helm Slides.pdf
Flux’s Security & Scalability with OCI & Helm Slides.pdfFlux’s Security & Scalability with OCI & Helm Slides.pdf
Flux’s Security & Scalability with OCI & Helm Slides.pdfWeaveworks
 
Flux Security & Scalability using VS Code GitOps Extension
Flux Security & Scalability using VS Code GitOps Extension Flux Security & Scalability using VS Code GitOps Extension
Flux Security & Scalability using VS Code GitOps Extension Weaveworks
 
Robust Network Security and Observability with GitOps and Cilium
Robust Network Security and Observability with GitOps and CiliumRobust Network Security and Observability with GitOps and Cilium
Robust Network Security and Observability with GitOps and CiliumWeaveworks
 
Intro to GitOps & Flux.pdf
Intro to GitOps & Flux.pdfIntro to GitOps & Flux.pdf
Intro to GitOps & Flux.pdfWeaveworks
 
Simplifying Hybrid Kubernetes with Weaveworks and EKS.pdf
Simplifying Hybrid Kubernetes with Weaveworks and EKS.pdfSimplifying Hybrid Kubernetes with Weaveworks and EKS.pdf
Simplifying Hybrid Kubernetes with Weaveworks and EKS.pdfWeaveworks
 
Building a Security First Approach Across Hybrid Cloud with GitOps and Policy...
Building a Security First Approach Across Hybrid Cloud with GitOps and Policy...Building a Security First Approach Across Hybrid Cloud with GitOps and Policy...
Building a Security First Approach Across Hybrid Cloud with GitOps and Policy...Weaveworks
 
Security & Resiliency of Cloud Native Apps with Weave GitOps & Tetrate Servic...
Security & Resiliency of Cloud Native Apps with Weave GitOps & Tetrate Servic...Security & Resiliency of Cloud Native Apps with Weave GitOps & Tetrate Servic...
Security & Resiliency of Cloud Native Apps with Weave GitOps & Tetrate Servic...Weaveworks
 

More from Weaveworks (20)

Weave AI Controllers (Weave GitOps Office Hours)
Weave AI Controllers (Weave GitOps Office Hours)Weave AI Controllers (Weave GitOps Office Hours)
Weave AI Controllers (Weave GitOps Office Hours)
 
Flamingo: Expand ArgoCD with Flux (Office Hours)
Flamingo: Expand ArgoCD with Flux (Office Hours)Flamingo: Expand ArgoCD with Flux (Office Hours)
Flamingo: Expand ArgoCD with Flux (Office Hours)
 
Webinar: Capabilities, Confidence and Community – What Flux GA Means for You
Webinar: Capabilities, Confidence and Community – What Flux GA Means for YouWebinar: Capabilities, Confidence and Community – What Flux GA Means for You
Webinar: Capabilities, Confidence and Community – What Flux GA Means for You
 
Six Signs You Need Platform Engineering
Six Signs You Need Platform EngineeringSix Signs You Need Platform Engineering
Six Signs You Need Platform Engineering
 
SRE and GitOps for Building Robust Kubernetes Platforms.pdf
SRE and GitOps for Building Robust Kubernetes Platforms.pdfSRE and GitOps for Building Robust Kubernetes Platforms.pdf
SRE and GitOps for Building Robust Kubernetes Platforms.pdf
 
Flux Beyond Git Harnessing the Power of OCI
Flux Beyond Git Harnessing the Power of OCIFlux Beyond Git Harnessing the Power of OCI
Flux Beyond Git Harnessing the Power of OCI
 
Automated Provisioning, Management & Cost Control for Kubernetes Clusters
Automated Provisioning, Management & Cost Control for Kubernetes ClustersAutomated Provisioning, Management & Cost Control for Kubernetes Clusters
Automated Provisioning, Management & Cost Control for Kubernetes Clusters
 
Building internal developer platform with EKS and GitOps
Building internal developer platform with EKS and GitOpsBuilding internal developer platform with EKS and GitOps
Building internal developer platform with EKS and GitOps
 
GitOps Testing in Kubernetes with Flux and Testkube.pdf
GitOps Testing in Kubernetes with Flux and Testkube.pdfGitOps Testing in Kubernetes with Flux and Testkube.pdf
GitOps Testing in Kubernetes with Flux and Testkube.pdf
 
Intro to GitOps with Weave GitOps, Flagger and Linkerd
Intro to GitOps with Weave GitOps, Flagger and LinkerdIntro to GitOps with Weave GitOps, Flagger and Linkerd
Intro to GitOps with Weave GitOps, Flagger and Linkerd
 
Implementing Flux for Scale with Soft Multi-tenancy
Implementing Flux for Scale with Soft Multi-tenancyImplementing Flux for Scale with Soft Multi-tenancy
Implementing Flux for Scale with Soft Multi-tenancy
 
Accelerating Hybrid Multistage Delivery with Weave GitOps on EKS
Accelerating Hybrid Multistage Delivery with Weave GitOps on EKSAccelerating Hybrid Multistage Delivery with Weave GitOps on EKS
Accelerating Hybrid Multistage Delivery with Weave GitOps on EKS
 
The Story of Flux Reaching Graduation in the CNCF
The Story of Flux Reaching Graduation in the CNCFThe Story of Flux Reaching Graduation in the CNCF
The Story of Flux Reaching Graduation in the CNCF
 
Flux’s Security & Scalability with OCI & Helm Slides.pdf
Flux’s Security & Scalability with OCI & Helm Slides.pdfFlux’s Security & Scalability with OCI & Helm Slides.pdf
Flux’s Security & Scalability with OCI & Helm Slides.pdf
 
Flux Security & Scalability using VS Code GitOps Extension
Flux Security & Scalability using VS Code GitOps Extension Flux Security & Scalability using VS Code GitOps Extension
Flux Security & Scalability using VS Code GitOps Extension
 
Robust Network Security and Observability with GitOps and Cilium
Robust Network Security and Observability with GitOps and CiliumRobust Network Security and Observability with GitOps and Cilium
Robust Network Security and Observability with GitOps and Cilium
 
Intro to GitOps & Flux.pdf
Intro to GitOps & Flux.pdfIntro to GitOps & Flux.pdf
Intro to GitOps & Flux.pdf
 
Simplifying Hybrid Kubernetes with Weaveworks and EKS.pdf
Simplifying Hybrid Kubernetes with Weaveworks and EKS.pdfSimplifying Hybrid Kubernetes with Weaveworks and EKS.pdf
Simplifying Hybrid Kubernetes with Weaveworks and EKS.pdf
 
Building a Security First Approach Across Hybrid Cloud with GitOps and Policy...
Building a Security First Approach Across Hybrid Cloud with GitOps and Policy...Building a Security First Approach Across Hybrid Cloud with GitOps and Policy...
Building a Security First Approach Across Hybrid Cloud with GitOps and Policy...
 
Security & Resiliency of Cloud Native Apps with Weave GitOps & Tetrate Servic...
Security & Resiliency of Cloud Native Apps with Weave GitOps & Tetrate Servic...Security & Resiliency of Cloud Native Apps with Weave GitOps & Tetrate Servic...
Security & Resiliency of Cloud Native Apps with Weave GitOps & Tetrate Servic...
 

Recently uploaded

WebAssembly is Key to Better LLM Performance
WebAssembly is Key to Better LLM PerformanceWebAssembly is Key to Better LLM Performance
WebAssembly is Key to Better LLM PerformanceSamy Fodil
 
Integrating Telephony Systems with Salesforce: Insights and Considerations, B...
Integrating Telephony Systems with Salesforce: Insights and Considerations, B...Integrating Telephony Systems with Salesforce: Insights and Considerations, B...
Integrating Telephony Systems with Salesforce: Insights and Considerations, B...CzechDreamin
 
PLAI - Acceleration Program for Generative A.I. Startups
PLAI - Acceleration Program for Generative A.I. StartupsPLAI - Acceleration Program for Generative A.I. Startups
PLAI - Acceleration Program for Generative A.I. StartupsStefano
 
Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...
Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...
Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...FIDO Alliance
 
FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...
FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...
FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...FIDO Alliance
 
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptxUnpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptxDavid Michel
 
Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)
Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)
Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)Julian Hyde
 
Syngulon - Selection technology May 2024.pdf
Syngulon - Selection technology May 2024.pdfSyngulon - Selection technology May 2024.pdf
Syngulon - Selection technology May 2024.pdfSyngulon
 
Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...
Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...
Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...FIDO Alliance
 
SOQL 201 for Admins & Developers: Slice & Dice Your Org’s Data With Aggregate...
SOQL 201 for Admins & Developers: Slice & Dice Your Org’s Data With Aggregate...SOQL 201 for Admins & Developers: Slice & Dice Your Org’s Data With Aggregate...
SOQL 201 for Admins & Developers: Slice & Dice Your Org’s Data With Aggregate...CzechDreamin
 
Powerful Start- the Key to Project Success, Barbara Laskowska
Powerful Start- the Key to Project Success, Barbara LaskowskaPowerful Start- the Key to Project Success, Barbara Laskowska
Powerful Start- the Key to Project Success, Barbara LaskowskaCzechDreamin
 
The Metaverse: Are We There Yet?
The Metaverse: Are We There Yet?The Metaverse: Are We There Yet?
The Metaverse: Are We There Yet?Mark Billinghurst
 
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo DiehlFuture Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo DiehlPeter Udo Diehl
 
Salesforce Adoption – Metrics, Methods, and Motivation, Antone Kom
Salesforce Adoption – Metrics, Methods, and Motivation, Antone KomSalesforce Adoption – Metrics, Methods, and Motivation, Antone Kom
Salesforce Adoption – Metrics, Methods, and Motivation, Antone KomCzechDreamin
 
Where to Learn More About FDO _ Richard at FIDO Alliance.pdf
Where to Learn More About FDO _ Richard at FIDO Alliance.pdfWhere to Learn More About FDO _ Richard at FIDO Alliance.pdf
Where to Learn More About FDO _ Richard at FIDO Alliance.pdfFIDO Alliance
 
Intro in Product Management - Коротко про професію продакт менеджера
Intro in Product Management - Коротко про професію продакт менеджераIntro in Product Management - Коротко про професію продакт менеджера
Intro in Product Management - Коротко про професію продакт менеджераMark Opanasiuk
 
How we scaled to 80K users by doing nothing!.pdf
How we scaled to 80K users by doing nothing!.pdfHow we scaled to 80K users by doing nothing!.pdf
How we scaled to 80K users by doing nothing!.pdfSrushith Repakula
 
Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf
Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdfSimplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf
Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdfFIDO Alliance
 
Oauth 2.0 Introduction and Flows with MuleSoft
Oauth 2.0 Introduction and Flows with MuleSoftOauth 2.0 Introduction and Flows with MuleSoft
Oauth 2.0 Introduction and Flows with MuleSoftshyamraj55
 
Structuring Teams and Portfolios for Success
Structuring Teams and Portfolios for SuccessStructuring Teams and Portfolios for Success
Structuring Teams and Portfolios for SuccessUXDXConf
 

Recently uploaded (20)

WebAssembly is Key to Better LLM Performance
WebAssembly is Key to Better LLM PerformanceWebAssembly is Key to Better LLM Performance
WebAssembly is Key to Better LLM Performance
 
Integrating Telephony Systems with Salesforce: Insights and Considerations, B...
Integrating Telephony Systems with Salesforce: Insights and Considerations, B...Integrating Telephony Systems with Salesforce: Insights and Considerations, B...
Integrating Telephony Systems with Salesforce: Insights and Considerations, B...
 
PLAI - Acceleration Program for Generative A.I. Startups
PLAI - Acceleration Program for Generative A.I. StartupsPLAI - Acceleration Program for Generative A.I. Startups
PLAI - Acceleration Program for Generative A.I. Startups
 
Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...
Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...
Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...
 
FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...
FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...
FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...
 
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptxUnpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
 
Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)
Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)
Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)
 
Syngulon - Selection technology May 2024.pdf
Syngulon - Selection technology May 2024.pdfSyngulon - Selection technology May 2024.pdf
Syngulon - Selection technology May 2024.pdf
 
Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...
Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...
Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...
 
SOQL 201 for Admins & Developers: Slice & Dice Your Org’s Data With Aggregate...
SOQL 201 for Admins & Developers: Slice & Dice Your Org’s Data With Aggregate...SOQL 201 for Admins & Developers: Slice & Dice Your Org’s Data With Aggregate...
SOQL 201 for Admins & Developers: Slice & Dice Your Org’s Data With Aggregate...
 
Powerful Start- the Key to Project Success, Barbara Laskowska
Powerful Start- the Key to Project Success, Barbara LaskowskaPowerful Start- the Key to Project Success, Barbara Laskowska
Powerful Start- the Key to Project Success, Barbara Laskowska
 
The Metaverse: Are We There Yet?
The Metaverse: Are We There Yet?The Metaverse: Are We There Yet?
The Metaverse: Are We There Yet?
 
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo DiehlFuture Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
 
Salesforce Adoption – Metrics, Methods, and Motivation, Antone Kom
Salesforce Adoption – Metrics, Methods, and Motivation, Antone KomSalesforce Adoption – Metrics, Methods, and Motivation, Antone Kom
Salesforce Adoption – Metrics, Methods, and Motivation, Antone Kom
 
Where to Learn More About FDO _ Richard at FIDO Alliance.pdf
Where to Learn More About FDO _ Richard at FIDO Alliance.pdfWhere to Learn More About FDO _ Richard at FIDO Alliance.pdf
Where to Learn More About FDO _ Richard at FIDO Alliance.pdf
 
Intro in Product Management - Коротко про професію продакт менеджера
Intro in Product Management - Коротко про професію продакт менеджераIntro in Product Management - Коротко про професію продакт менеджера
Intro in Product Management - Коротко про професію продакт менеджера
 
How we scaled to 80K users by doing nothing!.pdf
How we scaled to 80K users by doing nothing!.pdfHow we scaled to 80K users by doing nothing!.pdf
How we scaled to 80K users by doing nothing!.pdf
 
Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf
Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdfSimplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf
Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf
 
Oauth 2.0 Introduction and Flows with MuleSoft
Oauth 2.0 Introduction and Flows with MuleSoftOauth 2.0 Introduction and Flows with MuleSoft
Oauth 2.0 Introduction and Flows with MuleSoft
 
Structuring Teams and Portfolios for Success
Structuring Teams and Portfolios for SuccessStructuring Teams and Portfolios for Success
Structuring Teams and Portfolios for Success
 

How to Avoid Kubernetes Multi-tenancy Catastrophes

  • 2. 2 Webinar Platform - FAQs Using Zoom • You are in listen only mode • This webinar is being recorded • Q&A session will follow the presentation, please use the Q&A panel to submit questions • Hit escape to exit full screen • Slides and recording will be shared after the webinar Technical Issues - please visit Zoom Help https://support.zoom.us/hc/en-us/articles/206175806-Top-Questions
  • 3. 3 Joe Dahlquist VP of Product Marketing, Weaveworks Joe Dahlquist leads product marketing at Weaveworks. An accomplished product leader with over 20 years of experience in PM and PMM roles, Joe has worked on software, hardware, and services products that have delighted millions of users and partners in cybersecurity, consumer electronics, financial services, access control, and more. Speaker introductions David Stauffer Senior Product Manager, Weaveworks David Stauffer is a Senior Product Manager at Weaveworks. For David, the most exciting job in the world is building the right product for the customer. Passionate about any and all end-users, he has experience working in different startups across the globe. He has worked on making the edge real through Kubernetes and working in the GSMA aligning on the architectural design for a federated edge.
  • 4. Weaveworks is backed by amazing teams Weaveworks partners with all the major infrastructure and Kubernetes vendors We’re the GitOps Company Weaveworks is deeply committed to the Open Source Community
  • 5. Confidential do not distribute Financial Services Companies Doing GitOps with Weaveworks Technology Other Industries
  • 6. ● Tenancy is ubiquitous ● Catastrophes can occur ● You can get it right ● 5 easy steps how to do it Tenancy in Weave GitOps Enterprise
  • 7. 7 WTF is Tenancy and why is it needed? ● A person, place or thing? ● Team? ● Application? Tenancy in the World of GitOps
  • 8. 8 ● Many ways to handle Tenancy in Kubernetes, which is right for you? ● Defining overall Tenancy posture can get really complicated ○ Companies need end-to-end tenancy solution ○ Granular control over all the moving parts ○ Policies, RBAC, Isolation, and more Tenancy in the World of GitOps
  • 9. ● Some real world examples Getting it Wrong can be Catastrophic
  • 10. 10 1. Implement a Zero Trust posture 2. Apply Least Privilege Practices 3. Use Policies to Enforce Governance 4. GitOps Audit Capabilities 5. Reduce the Blast Radius 5 Easy Things You Can Do
  • 11. 11 ● Implement a Zero Trust posture ○ Trust nothing, verify everything ○ Neighbours can be noisy ○ Flux is your gate/root of trust 5 Easy Things You Can Do 1
  • 12. 12 ● Apply Least Privilege Practices ○ Permissions and Role management ○ Distrust until proven otherwise ○ Continuous assessment 5 Easy Things You Can Do 2
  • 13. 13 ● Use Policies to Enforce Governance ○ Audit vs. Admission ○ Policy as Guardrails ○ Control Sources and Configs 5 Easy Things You Can Do 3
  • 14. 14 ● GitOps Audit Capabilities ○ Git history ○ Git gate to your cluster ○ Change control and checks 5 Easy Things You Can Do 4
  • 15. 15 ● Reduce the Blast Radius ○ Do all of the above… ○ Secrets rotation ○ Isolation (not all in one git repo) 5 Easy Things You Can Do 5
  • 16. 16 ● Workspaces establishes boundaries, defines what can be deployed by whom ● Creates trusted Workspaces for application teams ● Protects sensitive environments ● Adds governance and compliance Workspaces in Weave GitOps Namespace Policy Role RoleBinding
  • 17. 17 Team Workspaces gives the power to define: ● Access to sources ( Git repos, Helm repos, Buckets etc ) ● Access to targets ( Cluster + namespaces ) ● Definition of what can get deployed ( examples: Roles, Network Policies, Deployments, ... ) ● Use/set the correct Service Account and Role + Rolebindings Workspaces in Weave GitOps
  • 18. 18 ● Workspaces empowers app dev teams to go much faster ● Enables multiple DevOps teams to work seamlessly together ● Enables DevOps teams to focus on their area of concern ● Protects sensitive environments Result: Race Car with Seatbelts
  • 19. 19 Confidential do not distribute Questions? Please use the Q&A panel in your Zoom menu
  • 20. 20 Whitepaper: Trusted Application Delivery https://bit.ly/3A0JMOe Learn more about Weave GitOps www.weave.works/enterprise and a 5 min demo https://youtu.be/aqJaHNCz2lM Request a personal demo www.weave.works/contact Thank You