Help us understand the problem. What is going on with this article?

Kubernetes Meetup Tokyo #17: セキュリティ & オブザーバビリティ 参加メモ

More than 1 year has passed since last update.

https://k8sjp.connpass.com/event/120074/

root権限無しでKubernetesを動かす (30min) Akihiro Suda ( @_AkihiroSuda_ ), NTT

https://www.slideshare.net/AkihiroSuda/rootkubernetes

Container Runtime Security with Falco (30min) Michael Ducy, sysdig

セキュリティモニタリングツール
https://falco.org/
https://github.com/falcosecurity/falco

Secure your K8s cluster from multi-layer (30min) JIANTANG HAO, Yahoo Japan

Enable RBAC
Enable TLS
Encripting Secret data
Enable audit log
Admission Controllers
Validation, Mutationg or Both
ValidationWebhookConfiguration resource
k8s workload layer
Run container as a Non-RootUser
Run a Cluster-wide Pod Security policy
Create and Define Cluster network policy
Use namespace for isolation
Controlling witch nodes pods may access
Controlling the capabilites by setting Resource Quota
Security Context
PodSecurityPolicy -> Binding Role or clusterRole.
KataContainers
https://kubesec.io/

LT 1: Kubernetes 1.12 から実装された Runtime Classについて @makocchi

https://speakerdeck.com/makocchi/what-is-kubernetes-runtimeclass
https://kubernetes.io/docs/concepts/containers/runtime-class/

LT 2: Kubernetes初心者がKubernetesの気持ちを理解したくてやったこと @_inductor_

https://speakerdeck.com/inductor/kubernetes-for-beginners

LT 3: kube-system意識出来ていますか? @tarosaiba

https://speakerdeck.com/tarosaiba/kube-systemluo-tositemimasita-870cca89-9f65-48d8-abda-a2a320c45384

LT 4: イベント駆動ワークフローArgo Eventsの紹介 @dtaniwaki

https://github.com/argoproj/argo
https://github.com/argoproj/argo-events

LT 5: k8sとOPAつなげてみた Kengo Suzuki

https://speakerdeck.com/ken5scal/k8stoopatunaketemita-admission-controllerbian

mercari
フリマアプリ「メルカリ」を、グローバルで開発しています。
https://tech.mercari.com/
Why not register and get more from Qiita?
  1. We will deliver articles that match you
    By following users and tags, you can catch up information on technical fields that you are interested in as a whole
  2. you can read useful information later efficiently
    By "stocking" the articles you like, you can search right away