We can't find the internet
Attempting to reconnect
Something went wrong!
Hang in there while we get back on track
Kubernetes Decision by Kobi Biton | Session at DevOpsCon Munich 2022
Explore the key considerations for deploying Kubernetes, from app-level isolation to network policies, and learn how to balance complexity and security in your decision-making process.
- Start by thinking about the application and whether it’s capable of isolation.
- Consider app-level isolation, tenant ID logging, and multi-tenancy.
- Think about application-specific questions, such as whether you need a service mesh for TLS.
- Ask the hard questions, including why you need clusters and how many tenants you need to support.
- Use a service mesh and cloud provider-specific solutions, but don’t overcomplicate it.
- Choose a container OS that is designed for containers, like CoreOS.
- Use Fargate and Kubelet to simplify cluster management.
- Consider isolating applications and data using Kubernetes’ network policies and namespace isolation.
- Don’t overcomplicate it with additional security mechanisms, and consider using WireGuard for encryption.
- Start with a solid foundation and gradually add complexity, not the other way around.
- Ask yourself who will own the clusters and who will manage them.
- Use Terraform and other automation tools to simplify management.
- Consider the operational overhead of managing updates and maintenance.
- Don’t forget about defense in depth and use multiple layers of security.