Tiffany is a technology advocate, content creator, and community enabler in the Cloud Native space. She most recently was a senior developer advocate at VMware. She also formerly worked as a software developer and developer advocate at Amazon, Docker, and Intel. Before that, she graduated from Georgia Tech with a degree in electrical engineering. In her free time, she likes to travel and dabble in photography. You can find her on Twitter @tiffanyfayj.
Do you know how to…
…wait for a Pod to be Running, or for a Deployment to be Available?
…"turn off and on again" a Deployment?
…connect to a Service in a different Namespace when the client is hardcoded to connect to "db"?
… generate a YAML manifest without copy-pasting it from the docs or ChatGPT?
… switch between namespaces (or even clusters!) super quickly?
… get an image with (almost) any tool you need without having to write and build a Dockerfile?
If you answered "no" to any of these questions, then this talk is for you, since you'll see how to do all these things (and a few more). You're invited to a parade of tips, tricks, and techniques, to improve your productivity and reduce your frustration with Kubernetes!
We've all done it: working on our Kubernetes clusters with "cluster-admin" access, the infamous equivalent of "root". It makes sense when we're just getting started and learning about Pods, Deployments, and Services and we're the only one accessing the clusters anyway; but soon enough, we have entire teams of devs and ops and CI/CD pipelines that require access to our precious clusters and namespaces. Are we going to YOLO and give them our admin certificate, token, or whatever else we use to authenticate? Hopefully not!
In this talk, we're going to look at how to implement users and permissions on a new Kubernetes cluster. First, we'll review various ways to provision users, including certificates and tokens. We'll see examples showing how to provision users in both managed and self-hosted clusters, since the strategies tend to differ significantly. Then, we'll see how to leverage RBAC to give fine-grained permissions to these users.
Searching for speaker images...