SlideShare a Scribd company logo

Securing Your App Deployments with Tunnels, OIDC, RBAC, and Progressive Delivery with Weave GitOps & Traefik Labs

Weaveworks
Weaveworks

In a joint webinar with Traefik Labs, we show how Traefik Hub, a SaaS-based cloud native networking platform, helps you publish your containers securely in seconds with tunnels, OIDC authentication and automated TLS certificate management. And, how you can combine that with Weave GitOps to achieve continuous application delivery using progressive delivery strategies for risk-free and reliable deployments. Security is key, so we showcase multi-tenancy for full RBAC across the different deployment stages, and trusted delivery best practices for continuous security and compliance baked in. Learn how: - To utilize canary deployments for reliable and risk-free application deployments. - GitOps lets you automate and secure the publishing of containers at the edge consistently. - Easy it is to deploy, update and manage your application workloads on Kubernetes. - To publish containers securely using tunnels, OIDC authentication and TLS certificate management.

Technology
1 of 27
Download to read offline
Securing your App Deployments with tunnels, OIDC, RBAC, and progressive delivery with Weave GitOps and Traefik Labs In partnership with:
2 Webinar Platform - FAQs Using Zoom • You are in listen only mode • This webinar is being recorded • Q&A session will follow the presentation, please use the Q&A panel to submit questions • Hit escape to exit full screen • Slides and recording will be shared after the webinar Technical Issues - please visit Zoom Help https://support.zoom.us/hc/en-us/articles/206175806-Top-Questions
3 Manuel Zapf Product Manager, Traefik Manuel creates and helps enact the vision for Traefik Labs products and roadmaps. With nearly a decade in product development and management, Manuel understands what will help make the jobs of engineers a little bit easier. Steve Fraser Consulting Reliability Engineer, Weaveworks Steve is passionate about delivering quality resilient software with as little friction as possible. He likes to spend his time thinking about how to deliver flawless deployments allowing his customers to increase their application and infrastructure deployment velocity. Steve has extensive knowledge in containerization technologies in supporting, maintaining, and architecting. Speaker introductions
Weaveworks is backed by solid investors Weaveworks is a key partner with all the major infrastructure and Kubernetes vendors Weaveworks: the GitOps company Weaveworks is deeply committed to the Open Source Community
5 Traefik Labs, an OSS Leader 3 Billion+ Downloads 35K+ Stars on Github 600+ Contributors 100,000s Nodes in Production Trusted by leading enterprises worldwide
6 Agenda Deployment ● Understanding GitOps ● Existing Solutions ● Today’s Emerging Challenges ● GitOps for Multi-Cluster Publishing ● Publishing Services Traditionally ● Secure Publishing Done Right ● Key Security Components (Tunneling, Access Control, & Certificate Management) Demo
7 Git as the single source of truth for Desired State ALL intended operations are committed by pull request ALL diffs between intended and observed state with automatic and continuous reconciliation ALL changes are observable, verifiable and auditable Test IDE Build Kubernetes GitOps Continuous Integration GIT “Immutability Firewall” Deployment (clusters, apps) Monitoring Logging (Observability) Management (operations) GitOps - The Operating Model for Cloud Native Unifies Deployment, Monitoring and Management
8 Test IDE Build Provides Separation of Concerns between the Development process and the Deployment process Transparency and Auditability at All Levels is Automatic Authentication & Authorization Isolated Between Concerns Risk Reduction: Complete Application Rollback and Logging Security Policy: enforced through code Kubernetes GitOps Continuous Integration GIT “Immutability Firewall” Deployment (clusters, apps) Monitoring Logging (Observability) Management (operations) GitOps - The Operating Model for Cloud Native
9 + flux flagger
Confidential do not distribute 10 ● Implements a control loop that continuously applies the desired state to your cluster, offering protection against harmful actions like deployments deletion or network policies altering. ● Implements a declarative APIs installations for your favorite installations types flux
● Shifts and routes traffic between app versions using service mesh (Such as Traefik Mesh) and ingress controllers (Such as Traefik) ● Reduces the risk of introducing a bad software change by continuously measuring performance and reverting with user defined gates flagger
12 Canary Deployment with Flagger + Traefik
13 Today’s emerging new challenges ● Creating prototype quickly in an isolated environment ● Promoting applications across multiple clusters ● Configuration sprawl ● The need for real time deployment feedback – at scale ● Lack of time for developing features
14 + flux flagger + Weave GitOps
Confidential do not distribute 15 ● Provides a single workflow for rapid prototypes and production environments ● Provides modern promotion across multi-region clusters with Canary deployments ● Ensures development occurs under organizational security policies ● Self-service pull based infrastructure and application deployment Weave GitOps
16 Battle Tested Weaveworks Approach Process Technical support Customer Reliability Engineering (CRE) ● Weaveworks approved expertise in Gitops, kubernetes & cloud native ● “Virtual” SRE ● Traditionally embeds in customers team ● Long term technical resourcing (6 month or 12 Months) Weave GitOps Services Weave GitOps Enterprise ● Curated platform- Clusters on-demand & Application Deployment ● Run Anywhere on any K8 platform ● Integrated security & Policy & Governance ● 24/7 Support Consulting, Professional Services, Training ● Workshops ○ Design, build, operate and Optimize ● POC Delivery ● Training ○ Skills Development ● Time and materials ○ Day Rate CAPABILITIES Reconciliation loop Monitor specific events in Git – repos, branches and/or folders Simple profile bootstrap Setup, provision and operate a custom, production-ready cluster Application management UI immediately detect drift between states as well as cluster health problems. Cluster fleet management Reuse cluster templates easily from git Team Management & Governance Segment responsibilities and enforce change control policies Advanced Security RBAC, Single Sign On (SSO)
17 Demo Use Case - Create a sandbox environment - Install Traefik Hub and Proxy - Create a GitOps Pipeline - Install my new prototype application - Share my prototype application with a colleague - Promote to production with canary
18 Agenda Deployment ● Understanding GitOps ● Existing Solutions ● Today’s Emerging Challenges ● GitOps for Multi-Cluster Publishing ● Publishing Services Traditionally ● Secure Publishing Done Right ● Key Security Components (Tunneling, Access Control, & Certificate Management) Demo
19 How to publish services traditionally ● Deploy Service on a Cluster ● For local development: Port-Forward ● For external Access: Install / Configure Ingress Controller ● Setup Networking, TLS et. all k apply my-app/ k port-forward svc/my-app 8000:80
20 Introducing Traefik Hub Publish and secure containers at the edge instantly. Traefik Hub provides a gateway to your services running on Kubernetes or other orchestrators.
21 What about security? ● Security is crucial when publishing services ● Consists of multiple pillars ○ Encryption of the connection ○ State of the Art and battle proven access Control ○ Minimal Attack Surface ● Ideally, in a central place and not distributed amongst different places
22 Secure tunnels and encryption ● Foundation for minimal attack footprint ● Encrypted connection between Cluster and the Edge ● Automated TLS Certificate Management to encrypt HTTP Traffic
23 Battle proven access control ● Access Control: Manage who can access a given application ● Should be flexible and simple / quick to add ● Most common once these days ○ OpenID Connect ○ JWT ● Dream case: Leverage access control without having to redeploy an entire stack / architecture
24 Agenda Deployment ● Understanding GitOps ● Existing Solutions ● Today’s Emerging Challenges ● GitOps for Multi-Cluster Publishing ● Publishing Services Traditionally ● Secure Publishing Done Right ● Key Security Components (Tunneling, Access Control, & Certificate Management) Demo
25 Q&A
26 Whitepaper: Progressive Delivery https://bit.ly/3K8oZwU Learn more about Weave GitOps www.weave.works/enterprise Join us for more webinars www.weave.works/events Thank You
Explore Learn More: Sign Up Free: Get Technical: traefik.io/traefik-hub/ hub.traefik.io doc.traefik.io/traefik-hub/

Recommended

The Power of GitOps with Flux & GitOps Toolkit
The Power of GitOps with Flux & GitOps ToolkitThe Power of GitOps with Flux & GitOps Toolkit
The Power of GitOps with Flux & GitOps ToolkitWeaveworks
 
Delivering Quality at Speed with GitOps
Delivering Quality at Speed with GitOpsDelivering Quality at Speed with GitOps
Delivering Quality at Speed with GitOpsWeaveworks
 
Free GitOps Workshop + Intro to Kubernetes & GitOps
Free GitOps Workshop + Intro to Kubernetes & GitOpsFree GitOps Workshop + Intro to Kubernetes & GitOps
Free GitOps Workshop + Intro to Kubernetes & GitOpsWeaveworks
 
GitOps and ArgoCD
GitOps and ArgoCDGitOps and ArgoCD
GitOps and ArgoCDOmar Fathy
 
Gitops Hands On
Gitops Hands OnGitops Hands On
Gitops Hands OnBrice Fernandes
 
SRE and GitOps for Building Robust Kubernetes Platforms.pdf
SRE and GitOps for Building Robust Kubernetes Platforms.pdfSRE and GitOps for Building Robust Kubernetes Platforms.pdf
SRE and GitOps for Building Robust Kubernetes Platforms.pdfWeaveworks
 
Gitops: a new paradigm for software defined operations
Gitops: a new paradigm for software defined operationsGitops: a new paradigm for software defined operations
Gitops: a new paradigm for software defined operationsMariano Cunietti
 
Gitlab, GitOps & ArgoCD
Gitlab, GitOps & ArgoCDGitlab, GitOps & ArgoCD
Gitlab, GitOps & ArgoCDHaggai Philip Zagury
 

Recommended

The Power of GitOps with Flux & GitOps Toolkit
The Power of GitOps with Flux & GitOps ToolkitThe Power of GitOps with Flux & GitOps Toolkit
The Power of GitOps with Flux & GitOps ToolkitWeaveworks
 
Delivering Quality at Speed with GitOps
Delivering Quality at Speed with GitOpsDelivering Quality at Speed with GitOps
Delivering Quality at Speed with GitOpsWeaveworks
 
Free GitOps Workshop + Intro to Kubernetes & GitOps
Free GitOps Workshop + Intro to Kubernetes & GitOpsFree GitOps Workshop + Intro to Kubernetes & GitOps
Free GitOps Workshop + Intro to Kubernetes & GitOpsWeaveworks
 
GitOps and ArgoCD
GitOps and ArgoCDGitOps and ArgoCD
GitOps and ArgoCDOmar Fathy
 
Gitops Hands On
Gitops Hands OnGitops Hands On
Gitops Hands OnBrice Fernandes
 
SRE and GitOps for Building Robust Kubernetes Platforms.pdf
SRE and GitOps for Building Robust Kubernetes Platforms.pdfSRE and GitOps for Building Robust Kubernetes Platforms.pdf
SRE and GitOps for Building Robust Kubernetes Platforms.pdfWeaveworks
 
Gitops: a new paradigm for software defined operations
Gitops: a new paradigm for software defined operationsGitops: a new paradigm for software defined operations
Gitops: a new paradigm for software defined operationsMariano Cunietti
 
Gitlab, GitOps & ArgoCD
Gitlab, GitOps & ArgoCDGitlab, GitOps & ArgoCD
Gitlab, GitOps & ArgoCDHaggai Philip Zagury
 
Intro to GitOps & Flux.pdf
Intro to GitOps & Flux.pdfIntro to GitOps & Flux.pdf
Intro to GitOps & Flux.pdfWeaveworks
 
Git Series. Episode 3. Git Flow and Github-Flow
Git Series. Episode 3. Git Flow and Github-FlowGit Series. Episode 3. Git Flow and Github-Flow
Git Series. Episode 3. Git Flow and Github-FlowMikhail Melnik
 
Meetup 23 - 03 - Application Delivery on K8S with GitOps
Meetup 23 - 03 - Application Delivery on K8S with GitOpsMeetup 23 - 03 - Application Delivery on K8S with GitOps
Meetup 23 - 03 - Application Delivery on K8S with GitOpsVietnam Open Infrastructure User Group
 
Shift left Observability
Shift left ObservabilityShift left Observability
Shift left ObservabilityEric D. Schabell
 
ArgoCD Meetup PPT final.pdf
ArgoCD Meetup PPT final.pdfArgoCD Meetup PPT final.pdf
ArgoCD Meetup PPT final.pdfamanmakwana3
 
Cloud-Native Observability
Cloud-Native ObservabilityCloud-Native Observability
Cloud-Native ObservabilityTyler Treat
 
New Agile Ways of Working Remotely
New Agile Ways of Working RemotelyNew Agile Ways of Working Remotely
New Agile Ways of Working RemotelyDipesh Pala
 
GitOps, Driving NGN Operations Teams 211127 #kcdgt 2021
GitOps, Driving NGN Operations Teams 211127 #kcdgt 2021GitOps, Driving NGN Operations Teams 211127 #kcdgt 2021
GitOps, Driving NGN Operations Teams 211127 #kcdgt 2021William Caban
 
Implementing Flux for Scale with Soft Multi-tenancy
Implementing Flux for Scale with Soft Multi-tenancyImplementing Flux for Scale with Soft Multi-tenancy
Implementing Flux for Scale with Soft Multi-tenancyWeaveworks
 
6. The Software Development Process - Evaluation
6. The Software Development Process - Evaluation6. The Software Development Process - Evaluation
6. The Software Development Process - EvaluationForrester High School
 
Gitlab ci-cd
Gitlab ci-cdGitlab ci-cd
Gitlab ci-cdDan MAGIER
 
Continuous Delivery, Continuous Integration
Continuous Delivery, Continuous Integration Continuous Delivery, Continuous Integration
Continuous Delivery, Continuous Integration Amazon Web Services
 
Git Branching Model
Git Branching ModelGit Branching Model
Git Branching ModelLemi Orhan Ergin
 
Gitops: the kubernetes way
Gitops: the kubernetes wayGitops: the kubernetes way
Gitops: the kubernetes waysparkfabrik
 
Zero-Trust SASE DevSecOps
Zero-Trust SASE DevSecOpsZero-Trust SASE DevSecOps
Zero-Trust SASE DevSecOpsAraf Karsh Hamid
 
Security Process in DevSecOps
Security Process in DevSecOpsSecurity Process in DevSecOps
Security Process in DevSecOpsOpsta
 
Git branching strategies
Git branching strategiesGit branching strategies
Git branching strategiesjstack
 
Argocd up and running
Argocd up and runningArgocd up and running
Argocd up and runningRaphaël PINSON
 
GitOps with ArgoCD
GitOps with ArgoCDGitOps with ArgoCD
GitOps with ArgoCDCloudOps2005
 
DevOps Roadmap.pptx
DevOps Roadmap.pptxDevOps Roadmap.pptx
DevOps Roadmap.pptxHARSH MANVAR
 
Deploying Stateful Applications Securely & Confidently with Ondat & Weave GitOps
Deploying Stateful Applications Securely & Confidently with Ondat & Weave GitOpsDeploying Stateful Applications Securely & Confidently with Ondat & Weave GitOps
Deploying Stateful Applications Securely & Confidently with Ondat & Weave GitOpsWeaveworks
 
Intro to GitOps with Weave GitOps, Flagger and Linkerd
Intro to GitOps with Weave GitOps, Flagger and LinkerdIntro to GitOps with Weave GitOps, Flagger and Linkerd
Intro to GitOps with Weave GitOps, Flagger and LinkerdWeaveworks
 

More Related Content

What's hot

Intro to GitOps & Flux.pdf
Intro to GitOps & Flux.pdfIntro to GitOps & Flux.pdf
Intro to GitOps & Flux.pdfWeaveworks
 
Git Series. Episode 3. Git Flow and Github-Flow
Git Series. Episode 3. Git Flow and Github-FlowGit Series. Episode 3. Git Flow and Github-Flow
Git Series. Episode 3. Git Flow and Github-FlowMikhail Melnik
 
ArgoCD Meetup PPT final.pdf
ArgoCD Meetup PPT final.pdfArgoCD Meetup PPT final.pdf
ArgoCD Meetup PPT final.pdfamanmakwana3
 
Cloud-Native Observability
Cloud-Native ObservabilityCloud-Native Observability
Cloud-Native ObservabilityTyler Treat
 
New Agile Ways of Working Remotely
New Agile Ways of Working RemotelyNew Agile Ways of Working Remotely
New Agile Ways of Working RemotelyDipesh Pala
 
GitOps, Driving NGN Operations Teams 211127 #kcdgt 2021
GitOps, Driving NGN Operations Teams 211127 #kcdgt 2021GitOps, Driving NGN Operations Teams 211127 #kcdgt 2021
GitOps, Driving NGN Operations Teams 211127 #kcdgt 2021William Caban
 
Implementing Flux for Scale with Soft Multi-tenancy
Implementing Flux for Scale with Soft Multi-tenancyImplementing Flux for Scale with Soft Multi-tenancy
Implementing Flux for Scale with Soft Multi-tenancyWeaveworks
 
6. The Software Development Process - Evaluation
6. The Software Development Process - Evaluation6. The Software Development Process - Evaluation
6. The Software Development Process - EvaluationForrester High School
 
Continuous Delivery, Continuous Integration
Continuous Delivery, Continuous Integration Continuous Delivery, Continuous Integration
Continuous Delivery, Continuous Integration Amazon Web Services
 
Gitops: the kubernetes way
Gitops: the kubernetes wayGitops: the kubernetes way
Gitops: the kubernetes waysparkfabrik
 
Security Process in DevSecOps
Security Process in DevSecOpsSecurity Process in DevSecOps
Security Process in DevSecOpsOpsta
 
Git branching strategies
Git branching strategiesGit branching strategies
Git branching strategiesjstack
 
GitOps with ArgoCD
GitOps with ArgoCDGitOps with ArgoCD
GitOps with ArgoCDCloudOps2005
 
DevOps Roadmap.pptx
DevOps Roadmap.pptxDevOps Roadmap.pptx
DevOps Roadmap.pptxHARSH MANVAR
 

What's hot (20)

Intro to GitOps & Flux.pdf
Intro to GitOps & Flux.pdfIntro to GitOps & Flux.pdf
Intro to GitOps & Flux.pdf
 
Git Series. Episode 3. Git Flow and Github-Flow
Git Series. Episode 3. Git Flow and Github-FlowGit Series. Episode 3. Git Flow and Github-Flow
Git Series. Episode 3. Git Flow and Github-Flow
 
Meetup 23 - 03 - Application Delivery on K8S with GitOps
Meetup 23 - 03 - Application Delivery on K8S with GitOpsMeetup 23 - 03 - Application Delivery on K8S with GitOps
Meetup 23 - 03 - Application Delivery on K8S with GitOps
 
Shift left Observability
Shift left ObservabilityShift left Observability
Shift left Observability
 
ArgoCD Meetup PPT final.pdf
ArgoCD Meetup PPT final.pdfArgoCD Meetup PPT final.pdf
ArgoCD Meetup PPT final.pdf
 
Cloud-Native Observability
Cloud-Native ObservabilityCloud-Native Observability
Cloud-Native Observability
 
New Agile Ways of Working Remotely
New Agile Ways of Working RemotelyNew Agile Ways of Working Remotely
New Agile Ways of Working Remotely
 
GitOps, Driving NGN Operations Teams 211127 #kcdgt 2021
GitOps, Driving NGN Operations Teams 211127 #kcdgt 2021GitOps, Driving NGN Operations Teams 211127 #kcdgt 2021
GitOps, Driving NGN Operations Teams 211127 #kcdgt 2021
 
Implementing Flux for Scale with Soft Multi-tenancy
Implementing Flux for Scale with Soft Multi-tenancyImplementing Flux for Scale with Soft Multi-tenancy
Implementing Flux for Scale with Soft Multi-tenancy
 
6. The Software Development Process - Evaluation
6. The Software Development Process - Evaluation6. The Software Development Process - Evaluation
6. The Software Development Process - Evaluation
 
Gitlab ci-cd
Gitlab ci-cdGitlab ci-cd
Gitlab ci-cd
 
Continuous Delivery, Continuous Integration
Continuous Delivery, Continuous Integration Continuous Delivery, Continuous Integration
Continuous Delivery, Continuous Integration
 
Git Branching Model
Git Branching ModelGit Branching Model
Git Branching Model
 
Gitops: the kubernetes way
Gitops: the kubernetes wayGitops: the kubernetes way
Gitops: the kubernetes way
 
Zero-Trust SASE DevSecOps
Zero-Trust SASE DevSecOpsZero-Trust SASE DevSecOps
Zero-Trust SASE DevSecOps
 
Security Process in DevSecOps
Security Process in DevSecOpsSecurity Process in DevSecOps
Security Process in DevSecOps
 
Git branching strategies
Git branching strategiesGit branching strategies
Git branching strategies
 
Argocd up and running
Argocd up and runningArgocd up and running
Argocd up and running
 
GitOps with ArgoCD
GitOps with ArgoCDGitOps with ArgoCD
GitOps with ArgoCD
 
DevOps Roadmap.pptx
DevOps Roadmap.pptxDevOps Roadmap.pptx
DevOps Roadmap.pptx
 

Similar to Securing Your App Deployments with Tunnels, OIDC, RBAC, and Progressive Delivery with Weave GitOps & Traefik Labs

Deploying Stateful Applications Securely & Confidently with Ondat & Weave GitOps
Deploying Stateful Applications Securely & Confidently with Ondat & Weave GitOpsDeploying Stateful Applications Securely & Confidently with Ondat & Weave GitOps
Deploying Stateful Applications Securely & Confidently with Ondat & Weave GitOpsWeaveworks
 
Intro to GitOps with Weave GitOps, Flagger and Linkerd
Intro to GitOps with Weave GitOps, Flagger and LinkerdIntro to GitOps with Weave GitOps, Flagger and Linkerd
Intro to GitOps with Weave GitOps, Flagger and LinkerdWeaveworks
 
Cloud Native Engineering with SRE and GitOps
Cloud Native Engineering with SRE and GitOpsCloud Native Engineering with SRE and GitOps
Cloud Native Engineering with SRE and GitOpsWeaveworks
 
Weave GitOps 2022.09 Release: A Fast & Reliable Path to Production with Progr...
Weave GitOps 2022.09 Release: A Fast & Reliable Path to Production with Progr...Weave GitOps 2022.09 Release: A Fast & Reliable Path to Production with Progr...
Weave GitOps 2022.09 Release: A Fast & Reliable Path to Production with Progr...Weaveworks
 
Expedite Enterprise Software Development with JIRA®, TeamForge® SCM, and Jenkins
Expedite Enterprise Software Development with JIRA®, TeamForge® SCM, and JenkinsExpedite Enterprise Software Development with JIRA®, TeamForge® SCM, and Jenkins
Expedite Enterprise Software Development with JIRA®, TeamForge® SCM, and JenkinsCollabNet
 
Shift Deployment Security Left with Weave GitOps & Upbound’s Universal Crossp...
Shift Deployment Security Left with Weave GitOps & Upbound’s Universal Crossp...Shift Deployment Security Left with Weave GitOps & Upbound’s Universal Crossp...
Shift Deployment Security Left with Weave GitOps & Upbound’s Universal Crossp...Weaveworks
 
Room 2 - 4 - Juncheng Anthony Lin - Redhat - A Practical Approach to Traditio...
Room 2 - 4 - Juncheng Anthony Lin - Redhat - A Practical Approach to Traditio...Room 2 - 4 - Juncheng Anthony Lin - Redhat - A Practical Approach to Traditio...
Room 2 - 4 - Juncheng Anthony Lin - Redhat - A Practical Approach to Traditio...Vietnam Open Infrastructure User Group
 
DevOps & DevSecOps in Swiss Banking
DevOps & DevSecOps in Swiss BankingDevOps & DevSecOps in Swiss Banking
DevOps & DevSecOps in Swiss BankingAarno Aukia
 
AzureDay Kyiv 2016 Release Management
AzureDay Kyiv 2016 Release ManagementAzureDay Kyiv 2016 Release Management
AzureDay Kyiv 2016 Release ManagementSergii Kryshtop
 
Robust Network Security and Observability with GitOps and Cilium
Robust Network Security and Observability with GitOps and CiliumRobust Network Security and Observability with GitOps and Cilium
Robust Network Security and Observability with GitOps and CiliumWeaveworks
 
DX, Guardrails, Golden Paths & Policy in Kubernetes
DX, Guardrails, Golden Paths & Policy in KubernetesDX, Guardrails, Golden Paths & Policy in Kubernetes
DX, Guardrails, Golden Paths & Policy in KubernetesWeaveworks
 
CI/CD on Google Cloud Platform
CI/CD on Google Cloud PlatformCI/CD on Google Cloud Platform
CI/CD on Google Cloud PlatformDevOps Indonesia
 
Free GitOps Workshop
Free GitOps WorkshopFree GitOps Workshop
Free GitOps WorkshopWeaveworks
 
Cncf checkov and bridgecrew
Cncf checkov and bridgecrewCncf checkov and bridgecrew
Cncf checkov and bridgecrewLibbySchulze
 
Accelerating Hybrid Multistage Delivery with Weave GitOps on EKS
Accelerating Hybrid Multistage Delivery with Weave GitOps on EKSAccelerating Hybrid Multistage Delivery with Weave GitOps on EKS
Accelerating Hybrid Multistage Delivery with Weave GitOps on EKSWeaveworks
 
Observe and command your fleets across any kubernetes with weave git ops
Observe and command your fleets across any kubernetes with weave git opsObserve and command your fleets across any kubernetes with weave git ops
Observe and command your fleets across any kubernetes with weave git opsWeaveworks
 
Webinar: Capabilities, Confidence and Community – What Flux GA Means for You
Webinar: Capabilities, Confidence and Community – What Flux GA Means for YouWebinar: Capabilities, Confidence and Community – What Flux GA Means for You
Webinar: Capabilities, Confidence and Community – What Flux GA Means for YouWeaveworks
 
Free GitOps Workshop (with Intro to Kubernetes & GitOps)
Free GitOps Workshop (with Intro to Kubernetes & GitOps)Free GitOps Workshop (with Intro to Kubernetes & GitOps)
Free GitOps Workshop (with Intro to Kubernetes & GitOps)Weaveworks
 
Weave GitOps - continuous delivery for any Kubernetes
Weave GitOps - continuous delivery for any KubernetesWeave GitOps - continuous delivery for any Kubernetes
Weave GitOps - continuous delivery for any KubernetesWeaveworks
 

Similar to Securing Your App Deployments with Tunnels, OIDC, RBAC, and Progressive Delivery with Weave GitOps & Traefik Labs (20)

Deploying Stateful Applications Securely & Confidently with Ondat & Weave GitOps
Deploying Stateful Applications Securely & Confidently with Ondat & Weave GitOpsDeploying Stateful Applications Securely & Confidently with Ondat & Weave GitOps
Deploying Stateful Applications Securely & Confidently with Ondat & Weave GitOps
 
Intro to GitOps with Weave GitOps, Flagger and Linkerd
Intro to GitOps with Weave GitOps, Flagger and LinkerdIntro to GitOps with Weave GitOps, Flagger and Linkerd
Intro to GitOps with Weave GitOps, Flagger and Linkerd
 
Cloud Native Engineering with SRE and GitOps
Cloud Native Engineering with SRE and GitOpsCloud Native Engineering with SRE and GitOps
Cloud Native Engineering with SRE and GitOps
 
Weave GitOps 2022.09 Release: A Fast & Reliable Path to Production with Progr...
Weave GitOps 2022.09 Release: A Fast & Reliable Path to Production with Progr...Weave GitOps 2022.09 Release: A Fast & Reliable Path to Production with Progr...
Weave GitOps 2022.09 Release: A Fast & Reliable Path to Production with Progr...
 
Api gitlab: configurazione dei progetti as a service
Api gitlab: configurazione dei progetti as a serviceApi gitlab: configurazione dei progetti as a service
Api gitlab: configurazione dei progetti as a service
 
Expedite Enterprise Software Development with JIRA®, TeamForge® SCM, and Jenkins
Expedite Enterprise Software Development with JIRA®, TeamForge® SCM, and JenkinsExpedite Enterprise Software Development with JIRA®, TeamForge® SCM, and Jenkins
Expedite Enterprise Software Development with JIRA®, TeamForge® SCM, and Jenkins
 
Shift Deployment Security Left with Weave GitOps & Upbound’s Universal Crossp...
Shift Deployment Security Left with Weave GitOps & Upbound’s Universal Crossp...Shift Deployment Security Left with Weave GitOps & Upbound’s Universal Crossp...
Shift Deployment Security Left with Weave GitOps & Upbound’s Universal Crossp...
 
Room 2 - 4 - Juncheng Anthony Lin - Redhat - A Practical Approach to Traditio...
Room 2 - 4 - Juncheng Anthony Lin - Redhat - A Practical Approach to Traditio...Room 2 - 4 - Juncheng Anthony Lin - Redhat - A Practical Approach to Traditio...
Room 2 - 4 - Juncheng Anthony Lin - Redhat - A Practical Approach to Traditio...
 
DevOps & DevSecOps in Swiss Banking
DevOps & DevSecOps in Swiss BankingDevOps & DevSecOps in Swiss Banking
DevOps & DevSecOps in Swiss Banking
 
AzureDay Kyiv 2016 Release Management
AzureDay Kyiv 2016 Release ManagementAzureDay Kyiv 2016 Release Management
AzureDay Kyiv 2016 Release Management
 
Robust Network Security and Observability with GitOps and Cilium
Robust Network Security and Observability with GitOps and CiliumRobust Network Security and Observability with GitOps and Cilium
Robust Network Security and Observability with GitOps and Cilium
 
DX, Guardrails, Golden Paths & Policy in Kubernetes
DX, Guardrails, Golden Paths & Policy in KubernetesDX, Guardrails, Golden Paths & Policy in Kubernetes
DX, Guardrails, Golden Paths & Policy in Kubernetes
 
CI/CD on Google Cloud Platform
CI/CD on Google Cloud PlatformCI/CD on Google Cloud Platform
CI/CD on Google Cloud Platform
 
Free GitOps Workshop
Free GitOps WorkshopFree GitOps Workshop
Free GitOps Workshop
 
Cncf checkov and bridgecrew
Cncf checkov and bridgecrewCncf checkov and bridgecrew
Cncf checkov and bridgecrew
 
Accelerating Hybrid Multistage Delivery with Weave GitOps on EKS
Accelerating Hybrid Multistage Delivery with Weave GitOps on EKSAccelerating Hybrid Multistage Delivery with Weave GitOps on EKS
Accelerating Hybrid Multistage Delivery with Weave GitOps on EKS
 
Observe and command your fleets across any kubernetes with weave git ops
Observe and command your fleets across any kubernetes with weave git opsObserve and command your fleets across any kubernetes with weave git ops
Observe and command your fleets across any kubernetes with weave git ops
 
Webinar: Capabilities, Confidence and Community – What Flux GA Means for You
Webinar: Capabilities, Confidence and Community – What Flux GA Means for YouWebinar: Capabilities, Confidence and Community – What Flux GA Means for You
Webinar: Capabilities, Confidence and Community – What Flux GA Means for You
 
Free GitOps Workshop (with Intro to Kubernetes & GitOps)
Free GitOps Workshop (with Intro to Kubernetes & GitOps)Free GitOps Workshop (with Intro to Kubernetes & GitOps)
Free GitOps Workshop (with Intro to Kubernetes & GitOps)
 
Weave GitOps - continuous delivery for any Kubernetes
Weave GitOps - continuous delivery for any KubernetesWeave GitOps - continuous delivery for any Kubernetes
Weave GitOps - continuous delivery for any Kubernetes
 

More from Weaveworks

Weave AI Controllers (Weave GitOps Office Hours)
Weave AI Controllers (Weave GitOps Office Hours)Weave AI Controllers (Weave GitOps Office Hours)
Weave AI Controllers (Weave GitOps Office Hours)Weaveworks
 
Flamingo: Expand ArgoCD with Flux (Office Hours)
Flamingo: Expand ArgoCD with Flux (Office Hours)Flamingo: Expand ArgoCD with Flux (Office Hours)
Flamingo: Expand ArgoCD with Flux (Office Hours)Weaveworks
 
Six Signs You Need Platform Engineering
Six Signs You Need Platform EngineeringSix Signs You Need Platform Engineering
Six Signs You Need Platform EngineeringWeaveworks
 
Webinar: End to End Security & Operations with Chainguard and Weave GitOps
Webinar: End to End Security & Operations with Chainguard and Weave GitOpsWebinar: End to End Security & Operations with Chainguard and Weave GitOps
Webinar: End to End Security & Operations with Chainguard and Weave GitOpsWeaveworks
 
Flux Beyond Git Harnessing the Power of OCI
Flux Beyond Git Harnessing the Power of OCIFlux Beyond Git Harnessing the Power of OCI
Flux Beyond Git Harnessing the Power of OCIWeaveworks
 
Automated Provisioning, Management & Cost Control for Kubernetes Clusters
Automated Provisioning, Management & Cost Control for Kubernetes ClustersAutomated Provisioning, Management & Cost Control for Kubernetes Clusters
Automated Provisioning, Management & Cost Control for Kubernetes ClustersWeaveworks
 
How to Avoid Kubernetes Multi-tenancy Catastrophes
How to Avoid Kubernetes Multi-tenancy CatastrophesHow to Avoid Kubernetes Multi-tenancy Catastrophes
How to Avoid Kubernetes Multi-tenancy CatastrophesWeaveworks
 
Building internal developer platform with EKS and GitOps
Building internal developer platform with EKS and GitOpsBuilding internal developer platform with EKS and GitOps
Building internal developer platform with EKS and GitOpsWeaveworks
 
GitOps Testing in Kubernetes with Flux and Testkube.pdf
GitOps Testing in Kubernetes with Flux and Testkube.pdfGitOps Testing in Kubernetes with Flux and Testkube.pdf
GitOps Testing in Kubernetes with Flux and Testkube.pdfWeaveworks
 
The Story of Flux Reaching Graduation in the CNCF
The Story of Flux Reaching Graduation in the CNCFThe Story of Flux Reaching Graduation in the CNCF
The Story of Flux Reaching Graduation in the CNCFWeaveworks
 
Flux’s Security & Scalability with OCI & Helm Slides.pdf
Flux’s Security & Scalability with OCI & Helm Slides.pdfFlux’s Security & Scalability with OCI & Helm Slides.pdf
Flux’s Security & Scalability with OCI & Helm Slides.pdfWeaveworks
 
Flux Security & Scalability using VS Code GitOps Extension
Flux Security & Scalability using VS Code GitOps Extension Flux Security & Scalability using VS Code GitOps Extension
Flux Security & Scalability using VS Code GitOps Extension Weaveworks
 
Simplifying Hybrid Kubernetes with Weaveworks and EKS.pdf
Simplifying Hybrid Kubernetes with Weaveworks and EKS.pdfSimplifying Hybrid Kubernetes with Weaveworks and EKS.pdf
Simplifying Hybrid Kubernetes with Weaveworks and EKS.pdfWeaveworks
 
Building a Security First Approach Across Hybrid Cloud with GitOps and Policy...
Building a Security First Approach Across Hybrid Cloud with GitOps and Policy...Building a Security First Approach Across Hybrid Cloud with GitOps and Policy...
Building a Security First Approach Across Hybrid Cloud with GitOps and Policy...Weaveworks
 
Security & Resiliency of Cloud Native Apps with Weave GitOps & Tetrate Servic...
Security & Resiliency of Cloud Native Apps with Weave GitOps & Tetrate Servic...Security & Resiliency of Cloud Native Apps with Weave GitOps & Tetrate Servic...
Security & Resiliency of Cloud Native Apps with Weave GitOps & Tetrate Servic...Weaveworks
 
DevOps Automation with GitOps: Consistent and Secure End to End Deployments
DevOps Automation with GitOps: Consistent and Secure End to End DeploymentsDevOps Automation with GitOps: Consistent and Secure End to End Deployments
DevOps Automation with GitOps: Consistent and Secure End to End DeploymentsWeaveworks
 
Trusted Application Delivery: Achieving Ultimate Security
Trusted Application Delivery: Achieving Ultimate SecurityTrusted Application Delivery: Achieving Ultimate Security
Trusted Application Delivery: Achieving Ultimate SecurityWeaveworks
 
Terraform and Weave GitOps: Build a Fully Automated Application Stack
Terraform and Weave GitOps: Build a Fully Automated Application StackTerraform and Weave GitOps: Build a Fully Automated Application Stack
Terraform and Weave GitOps: Build a Fully Automated Application StackWeaveworks
 
KubeCon 2022 EU Flux Security.pdf
KubeCon 2022 EU Flux Security.pdfKubeCon 2022 EU Flux Security.pdf
KubeCon 2022 EU Flux Security.pdfWeaveworks
 
KubeCon EU 2022 Istio, Flux & Flagger.pdf
KubeCon EU 2022 Istio, Flux & Flagger.pdfKubeCon EU 2022 Istio, Flux & Flagger.pdf
KubeCon EU 2022 Istio, Flux & Flagger.pdfWeaveworks
 

More from Weaveworks (20)

Weave AI Controllers (Weave GitOps Office Hours)
Weave AI Controllers (Weave GitOps Office Hours)Weave AI Controllers (Weave GitOps Office Hours)
Weave AI Controllers (Weave GitOps Office Hours)
 
Flamingo: Expand ArgoCD with Flux (Office Hours)
Flamingo: Expand ArgoCD with Flux (Office Hours)Flamingo: Expand ArgoCD with Flux (Office Hours)
Flamingo: Expand ArgoCD with Flux (Office Hours)
 
Six Signs You Need Platform Engineering
Six Signs You Need Platform EngineeringSix Signs You Need Platform Engineering
Six Signs You Need Platform Engineering
 
Webinar: End to End Security & Operations with Chainguard and Weave GitOps
Webinar: End to End Security & Operations with Chainguard and Weave GitOpsWebinar: End to End Security & Operations with Chainguard and Weave GitOps
Webinar: End to End Security & Operations with Chainguard and Weave GitOps
 
Flux Beyond Git Harnessing the Power of OCI
Flux Beyond Git Harnessing the Power of OCIFlux Beyond Git Harnessing the Power of OCI
Flux Beyond Git Harnessing the Power of OCI
 
Automated Provisioning, Management & Cost Control for Kubernetes Clusters
Automated Provisioning, Management & Cost Control for Kubernetes ClustersAutomated Provisioning, Management & Cost Control for Kubernetes Clusters
Automated Provisioning, Management & Cost Control for Kubernetes Clusters
 
How to Avoid Kubernetes Multi-tenancy Catastrophes
How to Avoid Kubernetes Multi-tenancy CatastrophesHow to Avoid Kubernetes Multi-tenancy Catastrophes
How to Avoid Kubernetes Multi-tenancy Catastrophes
 
Building internal developer platform with EKS and GitOps
Building internal developer platform with EKS and GitOpsBuilding internal developer platform with EKS and GitOps
Building internal developer platform with EKS and GitOps
 
GitOps Testing in Kubernetes with Flux and Testkube.pdf
GitOps Testing in Kubernetes with Flux and Testkube.pdfGitOps Testing in Kubernetes with Flux and Testkube.pdf
GitOps Testing in Kubernetes with Flux and Testkube.pdf
 
The Story of Flux Reaching Graduation in the CNCF
The Story of Flux Reaching Graduation in the CNCFThe Story of Flux Reaching Graduation in the CNCF
The Story of Flux Reaching Graduation in the CNCF
 
Flux’s Security & Scalability with OCI & Helm Slides.pdf
Flux’s Security & Scalability with OCI & Helm Slides.pdfFlux’s Security & Scalability with OCI & Helm Slides.pdf
Flux’s Security & Scalability with OCI & Helm Slides.pdf
 
Flux Security & Scalability using VS Code GitOps Extension
Flux Security & Scalability using VS Code GitOps Extension Flux Security & Scalability using VS Code GitOps Extension
Flux Security & Scalability using VS Code GitOps Extension
 
Simplifying Hybrid Kubernetes with Weaveworks and EKS.pdf
Simplifying Hybrid Kubernetes with Weaveworks and EKS.pdfSimplifying Hybrid Kubernetes with Weaveworks and EKS.pdf
Simplifying Hybrid Kubernetes with Weaveworks and EKS.pdf
 
Building a Security First Approach Across Hybrid Cloud with GitOps and Policy...
Building a Security First Approach Across Hybrid Cloud with GitOps and Policy...Building a Security First Approach Across Hybrid Cloud with GitOps and Policy...
Building a Security First Approach Across Hybrid Cloud with GitOps and Policy...
 
Security & Resiliency of Cloud Native Apps with Weave GitOps & Tetrate Servic...
Security & Resiliency of Cloud Native Apps with Weave GitOps & Tetrate Servic...Security & Resiliency of Cloud Native Apps with Weave GitOps & Tetrate Servic...
Security & Resiliency of Cloud Native Apps with Weave GitOps & Tetrate Servic...
 
DevOps Automation with GitOps: Consistent and Secure End to End Deployments
DevOps Automation with GitOps: Consistent and Secure End to End DeploymentsDevOps Automation with GitOps: Consistent and Secure End to End Deployments
DevOps Automation with GitOps: Consistent and Secure End to End Deployments
 
Trusted Application Delivery: Achieving Ultimate Security
Trusted Application Delivery: Achieving Ultimate SecurityTrusted Application Delivery: Achieving Ultimate Security
Trusted Application Delivery: Achieving Ultimate Security
 
Terraform and Weave GitOps: Build a Fully Automated Application Stack
Terraform and Weave GitOps: Build a Fully Automated Application StackTerraform and Weave GitOps: Build a Fully Automated Application Stack
Terraform and Weave GitOps: Build a Fully Automated Application Stack
 
KubeCon 2022 EU Flux Security.pdf
KubeCon 2022 EU Flux Security.pdfKubeCon 2022 EU Flux Security.pdf
KubeCon 2022 EU Flux Security.pdf
 
KubeCon EU 2022 Istio, Flux & Flagger.pdf
KubeCon EU 2022 Istio, Flux & Flagger.pdfKubeCon EU 2022 Istio, Flux & Flagger.pdf
KubeCon EU 2022 Istio, Flux & Flagger.pdf
 

Recently uploaded

Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilV3cube
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024The Digital Insurer
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 

Recently uploaded (20)

Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of Brazil
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 

Securing Your App Deployments with Tunnels, OIDC, RBAC, and Progressive Delivery with Weave GitOps & Traefik Labs

  • 1. Securing your App Deployments with tunnels, OIDC, RBAC, and progressive delivery with Weave GitOps and Traefik Labs In partnership with:
  • 2. 2 Webinar Platform - FAQs Using Zoom • You are in listen only mode • This webinar is being recorded • Q&A session will follow the presentation, please use the Q&A panel to submit questions • Hit escape to exit full screen • Slides and recording will be shared after the webinar Technical Issues - please visit Zoom Help https://support.zoom.us/hc/en-us/articles/206175806-Top-Questions
  • 3. 3 Manuel Zapf Product Manager, Traefik Manuel creates and helps enact the vision for Traefik Labs products and roadmaps. With nearly a decade in product development and management, Manuel understands what will help make the jobs of engineers a little bit easier. Steve Fraser Consulting Reliability Engineer, Weaveworks Steve is passionate about delivering quality resilient software with as little friction as possible. He likes to spend his time thinking about how to deliver flawless deployments allowing his customers to increase their application and infrastructure deployment velocity. Steve has extensive knowledge in containerization technologies in supporting, maintaining, and architecting. Speaker introductions
  • 4. Weaveworks is backed by solid investors Weaveworks is a key partner with all the major infrastructure and Kubernetes vendors Weaveworks: the GitOps company Weaveworks is deeply committed to the Open Source Community
  • 5. 5 Traefik Labs, an OSS Leader 3 Billion+ Downloads 35K+ Stars on Github 600+ Contributors 100,000s Nodes in Production Trusted by leading enterprises worldwide
  • 6. 6 Agenda Deployment ● Understanding GitOps ● Existing Solutions ● Today’s Emerging Challenges ● GitOps for Multi-Cluster Publishing ● Publishing Services Traditionally ● Secure Publishing Done Right ● Key Security Components (Tunneling, Access Control, & Certificate Management) Demo
  • 7. 7 Git as the single source of truth for Desired State ALL intended operations are committed by pull request ALL diffs between intended and observed state with automatic and continuous reconciliation ALL changes are observable, verifiable and auditable Test IDE Build Kubernetes GitOps Continuous Integration GIT “Immutability Firewall” Deployment (clusters, apps) Monitoring Logging (Observability) Management (operations) GitOps - The Operating Model for Cloud Native Unifies Deployment, Monitoring and Management
  • 8. 8 Test IDE Build Provides Separation of Concerns between the Development process and the Deployment process Transparency and Auditability at All Levels is Automatic Authentication & Authorization Isolated Between Concerns Risk Reduction: Complete Application Rollback and Logging Security Policy: enforced through code Kubernetes GitOps Continuous Integration GIT “Immutability Firewall” Deployment (clusters, apps) Monitoring Logging (Observability) Management (operations) GitOps - The Operating Model for Cloud Native
  • 10. Confidential do not distribute 10 ● Implements a control loop that continuously applies the desired state to your cluster, offering protection against harmful actions like deployments deletion or network policies altering. ● Implements a declarative APIs installations for your favorite installations types flux
  • 11. ● Shifts and routes traffic between app versions using service mesh (Such as Traefik Mesh) and ingress controllers (Such as Traefik) ● Reduces the risk of introducing a bad software change by continuously measuring performance and reverting with user defined gates flagger
  • 12. 12 Canary Deployment with Flagger + Traefik
  • 13. 13 Today’s emerging new challenges ● Creating prototype quickly in an isolated environment ● Promoting applications across multiple clusters ● Configuration sprawl ● The need for real time deployment feedback – at scale ● Lack of time for developing features
  • 15. Confidential do not distribute 15 ● Provides a single workflow for rapid prototypes and production environments ● Provides modern promotion across multi-region clusters with Canary deployments ● Ensures development occurs under organizational security policies ● Self-service pull based infrastructure and application deployment Weave GitOps
  • 16. 16 Battle Tested Weaveworks Approach Process Technical support Customer Reliability Engineering (CRE) ● Weaveworks approved expertise in Gitops, kubernetes & cloud native ● “Virtual” SRE ● Traditionally embeds in customers team ● Long term technical resourcing (6 month or 12 Months) Weave GitOps Services Weave GitOps Enterprise ● Curated platform- Clusters on-demand & Application Deployment ● Run Anywhere on any K8 platform ● Integrated security & Policy & Governance ● 24/7 Support Consulting, Professional Services, Training ● Workshops ○ Design, build, operate and Optimize ● POC Delivery ● Training ○ Skills Development ● Time and materials ○ Day Rate CAPABILITIES Reconciliation loop Monitor specific events in Git – repos, branches and/or folders Simple profile bootstrap Setup, provision and operate a custom, production-ready cluster Application management UI immediately detect drift between states as well as cluster health problems. Cluster fleet management Reuse cluster templates easily from git Team Management & Governance Segment responsibilities and enforce change control policies Advanced Security RBAC, Single Sign On (SSO)
  • 17. 17 Demo Use Case - Create a sandbox environment - Install Traefik Hub and Proxy - Create a GitOps Pipeline - Install my new prototype application - Share my prototype application with a colleague - Promote to production with canary
  • 18. 18 Agenda Deployment ● Understanding GitOps ● Existing Solutions ● Today’s Emerging Challenges ● GitOps for Multi-Cluster Publishing ● Publishing Services Traditionally ● Secure Publishing Done Right ● Key Security Components (Tunneling, Access Control, & Certificate Management) Demo
  • 19. 19 How to publish services traditionally ● Deploy Service on a Cluster ● For local development: Port-Forward ● For external Access: Install / Configure Ingress Controller ● Setup Networking, TLS et. all k apply my-app/ k port-forward svc/my-app 8000:80
  • 20. 20 Introducing Traefik Hub Publish and secure containers at the edge instantly. Traefik Hub provides a gateway to your services running on Kubernetes or other orchestrators.
  • 21. 21 What about security? ● Security is crucial when publishing services ● Consists of multiple pillars ○ Encryption of the connection ○ State of the Art and battle proven access Control ○ Minimal Attack Surface ● Ideally, in a central place and not distributed amongst different places
  • 22. 22 Secure tunnels and encryption ● Foundation for minimal attack footprint ● Encrypted connection between Cluster and the Edge ● Automated TLS Certificate Management to encrypt HTTP Traffic
  • 23. 23 Battle proven access control ● Access Control: Manage who can access a given application ● Should be flexible and simple / quick to add ● Most common once these days ○ OpenID Connect ○ JWT ● Dream case: Leverage access control without having to redeploy an entire stack / architecture
  • 24. 24 Agenda Deployment ● Understanding GitOps ● Existing Solutions ● Today’s Emerging Challenges ● GitOps for Multi-Cluster Publishing ● Publishing Services Traditionally ● Secure Publishing Done Right ● Key Security Components (Tunneling, Access Control, & Certificate Management) Demo
  • 26. 26 Whitepaper: Progressive Delivery https://bit.ly/3K8oZwU Learn more about Weave GitOps www.weave.works/enterprise Join us for more webinars www.weave.works/events Thank You
  • 27. Explore Learn More: Sign Up Free: Get Technical: traefik.io/traefik-hub/ hub.traefik.io doc.traefik.io/traefik-hub/