November 13–15, 2018 - Shanghai, China
Click Here For Information & Registration

To view the Chinese version of this schedule please go here.

Simultaneous translation will be provided for all keynote and breakout sessions.
Back To Schedule
Wednesday, November 14 • 16:20 - 16:55
Managing RBAC Cross Multiple Kubernetes Clusters - Alena Prokharchyk, Rancher Labs, Inc.

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
Having several Kubernetes clusters in the organization quickly became de facto. The need could be driven by geographical separation, where clusters are located in different regions; or logical when cluster is dedicated to a particular team or department. With that comes a new challenge for an administrator - managing users and their permissions in heterogeneous Kubernetes cloud.

During this session I want to share my team's experience building an open source authentication/authorization framework leveraging Kubernetes CRDs, that makes cross clusters auth and RBAC easy by having:

* Multiple clusters, but single authentication and authorization point
* Managing users RBAC permissions cross clusters, and automatic permission grant to the user
* Effective way of grouping cluster's resources into manageable subsets to make RBAC/PodSecurity/NetworkPolicy application easier.

avatar for Alena Prokharchyk

Alena Prokharchyk

Software Engineer, Apple
Alena Prokharchyk is a Software Engineer at Apple where she works on Kubernetes clusters management system with the focus on an end user experience. For the past 11 years Alena has been building open source orchestration software, first for VMs as a part of Apache CloudStack, followed... Read More →

Wednesday November 14, 2018 16:20 - 16:55 CST
305 A