Cilium Tech Talk Series
Join the engineers behind eBPF and Cilium for a tech talk about
the latest and greatest around these projects and Isovalent Cilium Enterprise
In this episode, we will discuss and demo: Egress Gateway, Kubernetes APIServer Policy Matching, and HA for FQDN
Integrating Kubernetes clusters in a legacy networking environment can be a challenge, especially when legacy firewalls are involved. Join us to learn how Isovalent Cilium Enterprise allows you to define highly-available groups of egress nodes and IP addresses, making it possible to fit Kubernetes egress traffic pretty much to any security policy that may be in place in your infrastructure.
Kubernetes APIServer Policy Matching
If we leave legacy behind and look at network policies for managed Kubernetes, there is another challenge: the IP address of the kube-apiserver is opaque. How do you write Network Policies to allow traffic to the kube-apiserver? Cilium understands these nuances and provides users a way to allow traffic to or from the apiserver with a dedicated policy primitive. Tune in to see how this works, and how this is particularly interesting to security teams as it provides a simple primitive to allow or disallow reachability to the kube-apiserver.
HA for FQDN
Of course we cannot talk about networks without DNS. In the end it is always DNS what causes trouble. This is especially true when the CNI is down, or being upgraded: customers will lose DNS resolution! But that means the apps can’t resolve URLs to send the traffic to the correct destination. Isovalent provides full high availability of the DNS resolution. This includes “traffic” being available all the time, even when the CNI is down. Ops teams don’t have to worry about downtimes anymore, because their DNS based security model still follows the deny-all security models and denies all traffic that is not explicitly allowed. In this demo you will see how HA DNS proxy takes care of that.
Not able to join the live webinar? Don't worry, sign up anyway and we will send you the recording afterwards!
Don't forget to also sign up for the upcoming Tech talk here.
Isovalent is cool because it enables Platform Teams to dramatically improve the performance, visibility, security, and scale of #Kubernetes networking by injecting security and logging capabilities directly into very low levels of the Kubernetes stack (the operating system kernel). Gartner
Senior Solutions Architect
Senior Solutions Architect
Watch on demand
Questions? Please reach out to firstname.lastname@example.org
Isovalent is the company founded by the creators of Cilium and eBPF. Isovalent builds open-source software and enterprise solutions solving networking, security, and observability needs for modern cloud native infrastructure. The flagship technology Cilium is the choice of leading global organizations including Adobe, AWS, Capital One, Datadog, GitLab, Google, and many more. Isovalent is headquartered in Mountain View, CA and is backed by Andreessen Horowitz, Google and Cisco Investments. To learn more, visit www.isovalent.com or follow @isovalent.