Android Backstage, a podcast by and for Android developers. Hosted by developers from the Android engineering team, this show covers topics of interest to Android programmers, with in-depth discussions and interviews with engineers on the Android team at Google. Subscribe to Android Developers YouTube → https://goo.gle/AndroidDevs
…
continue reading
Content provided by Red Hat OpenShift. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Red Hat OpenShift or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.
Similar to PodCTL - Enterprise Kubernetes
The award-winning WIRED UK Podcast with James Temperton and the rest of the team. Listen every week for the an informed and entertaining rundown of latest technology, science, business and culture news. New episodes every Friday.
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
Hungry for Technology Talk? Get All You Can Eat at the Android Buffet
…
continue reading
Material is a weekly discussion about the Google and Android universe. Your intrepid hosts try to answer the question, “What holds up the digital world?” The answer, so far, is that it’s Google all the way down. Hosted by Andy Ihnatko and Florence Ion.
…
continue reading
The Android podcast for everyone. A weekly show about Android, Google, and the best of mobile technology.
…
continue reading
Every Friday and Sunday, Slate’s popular daily news podcast What Next brings you TBD, a clear-eyed look into the future. From fake news to fake meat, algorithms to augmented reality, Lizzie O’Leary is your guide to the tech industry and the world it’s creating for us to live in.
…
continue reading
A weekly podcast show about Indian startups, entrepreneurs, and more! Hosted by Neil Patel & Friends
…
continue reading
A podcast about web design and development.
…
continue reading
TechStuff is a show about technology. And it’s not just how technology works. Join host Jonathan Strickland as he explores the people behind the tech, the companies that market it and how technology affects our lives and culture.
…
continue reading
Player FM - Podcast App
Go offline with the Player FM app!
Go offline with the Player FM app!
))
Effective RBAC for Kubernetes
Manage episode 204322893 series 2285897
Content provided by Red Hat OpenShift. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Red Hat OpenShift or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.
Show: 21
Show Overview: Brian and Tyler talk about how Role-Based Access Control (RBAC) is implemented for Kubernetes.
Show Notes:
Topic 1 - The concept of RBAC is best described as “Can ______ (noun) ______ (verb) on ______ (object) at ______ (location)?” where “noun” is a person/service, “verb” is an action, “object” is a function of the API, and “location” is proximity to a Kubernetes cluster.
Topic 2 - RBAC operates on the concept of Roles and RoleBindings, which map actors to actions, and those actors and actions are defined either globally or locally, and the actions are also defined globally or locally.
Topic 3 - RBAC can be manually defined, or enabled (by default) by an installer or distribution. It comes with a default set of Roles. Everything is done within the scope of a cluster.
Topic 4 - By default, the kube-scheduler, kube-controller-manager, and kube-proxy all have RBAC roles defined. Kubelets (node-level) don’t use RBAC by default, but have their own authorizer, which can then be combined with an RBAC authorizer.
Topic 5 - “Add-ons” (networking, monitoring, logging, etc.) can have RBAC defined in their manifests, or you can grant them access to their service account.
Topic 6 - “If the element needs to be something other than those default roles, or using default authorizer services, then CustomRoles can be created. Can use audit logs to track the needs of a specific add-on. Can use “audit2rbac” tool to views the logs and create custom RBAC roles.
Topic 7 - “Aggregate Roles” are now available in Kubernetes 1.9.
Feedback?
- Email: PodCTL at gmail dot com
- Twitter: @PodCTL
- Web: http://podctl.com
89 episodes
Share
Manage episode 204322893 series 2285897
Content provided by Red Hat OpenShift. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Red Hat OpenShift or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.
Show: 21
Show Overview: Brian and Tyler talk about how Role-Based Access Control (RBAC) is implemented for Kubernetes.
Show Notes:
Topic 1 - The concept of RBAC is best described as “Can ______ (noun) ______ (verb) on ______ (object) at ______ (location)?” where “noun” is a person/service, “verb” is an action, “object” is a function of the API, and “location” is proximity to a Kubernetes cluster.
Topic 2 - RBAC operates on the concept of Roles and RoleBindings, which map actors to actions, and those actors and actions are defined either globally or locally, and the actions are also defined globally or locally.
Topic 3 - RBAC can be manually defined, or enabled (by default) by an installer or distribution. It comes with a default set of Roles. Everything is done within the scope of a cluster.
Topic 4 - By default, the kube-scheduler, kube-controller-manager, and kube-proxy all have RBAC roles defined. Kubelets (node-level) don’t use RBAC by default, but have their own authorizer, which can then be combined with an RBAC authorizer.
Topic 5 - “Add-ons” (networking, monitoring, logging, etc.) can have RBAC defined in their manifests, or you can grant them access to their service account.
Topic 6 - “If the element needs to be something other than those default roles, or using default authorizer services, then CustomRoles can be created. Can use audit logs to track the needs of a specific add-on. Can use “audit2rbac” tool to views the logs and create custom RBAC roles.
Topic 7 - “Aggregate Roles” are now available in Kubernetes 1.9.
Feedback?
- Email: PodCTL at gmail dot com
- Twitter: @PodCTL
- Web: http://podctl.com
89 episodes
All episodes
×
Welcome to Player FM!
Player FM is scanning the web for high-quality podcasts for you to enjoy right now. It's the best podcast app and works on Android, iPhone, and the web. Signup to sync subscriptions across devices.
Similar to PodCTL - Enterprise Kubernetes
Android Backstage, a podcast by and for Android developers. Hosted by developers from the Android engineering team, this show covers topics of interest to Android programmers, with in-depth discussions and interviews with engineers on the Android team at Google. Subscribe to Android Developers YouTube → https://goo.gle/AndroidDevs
…
continue reading
The award-winning WIRED UK Podcast with James Temperton and the rest of the team. Listen every week for the an informed and entertaining rundown of latest technology, science, business and culture news. New episodes every Friday.
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
Hungry for Technology Talk? Get All You Can Eat at the Android Buffet
…
continue reading
Material is a weekly discussion about the Google and Android universe. Your intrepid hosts try to answer the question, “What holds up the digital world?” The answer, so far, is that it’s Google all the way down. Hosted by Andy Ihnatko and Florence Ion.
…
continue reading
The Android podcast for everyone. A weekly show about Android, Google, and the best of mobile technology.
…
continue reading
Every Friday and Sunday, Slate’s popular daily news podcast What Next brings you TBD, a clear-eyed look into the future. From fake news to fake meat, algorithms to augmented reality, Lizzie O’Leary is your guide to the tech industry and the world it’s creating for us to live in.
…
continue reading
A weekly podcast show about Indian startups, entrepreneurs, and more! Hosted by Neil Patel & Friends
…
continue reading
A podcast about web design and development.
…
continue reading
TechStuff is a show about technology. And it’s not just how technology works. Join host Jonathan Strickland as he explores the people behind the tech, the companies that market it and how technology affects our lives and culture.
…
continue reading
Player FM - Podcast App
Go offline with the Player FM app!
Go offline with the Player FM app!
