The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for KubeCon + CloudNativeCon Europe 2020 - Virtual to participate in the sessions. If you have not registered but would like to join us, please register here.
Please note: This schedule is automatically displayed in Central European Summer Time (CEST). To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date." The schedule is subject to change.
Conventional, the concept of Kubernetes multi-tenancy is realized by namespaces. Tenants access controls are limited within tenant namespaces using RBAC rules. The Pod level isolation is primarily done using network policy.
This model faces various problems when applied in production since Kubernetes is far from tenancy-ready. For example: 1) APIServer is lack of tenant-aware flow control. A single tenant may generate large amount of concurrent traffic making APIServer unresponsive to other tenants; 2) Tenants cannot install customized CRDs which requires cluster scope permission;
We proposed Virtual Cluster solution to resolve the multi-tenancy problem from a different angle. Basically, every tenant will be assigned a dedicated K8s control plane. All tenant K8s shares a big super master. Virtual cluster is built based on CRDs. The entire solution is open sourced in Github.