Virtual Event
August 17–August 20, 2020
Learn More and Register to Attend This Event

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for KubeCon + CloudNativeCon Europe 2020 - Virtual to participate in the sessions. If you have not registered but would like to join us, please register here.

Please note: This schedule is automatically displayed in Central European Summer Time (CEST). To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date." The schedule is subject to change.
Tuesday, August 18 • 14:30 - 15:05
Mesh in a Mesh: A Model for Stronger Multi-tenancy of Kubernetes Workloads - Nitish Malhotra & Akash Baid, Affirmed Networks

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
Most organizations use some flavor of multi-tenancy in their clusters for their teams, applications or customers. Namespaces paired with RBAC, ResourceQuota & NetworkPolicy provide ways to isolate tenants at some level. However these primitives are insufficient for setting L7 policies on the ingress/egress traffic per tenant.

If you’re administering clusters for multiple tenants, attend this talk to learn a new model for deploying workloads in tenant specific sub-meshes within your service mesh. This model uses Envoy based ingress/egress gateways per-tenant, which helps:
- set traffic policies and scale resources per-tenant
- hide tenant application topology when communicating with external entities
- assign per-tenant identities (SPIFFE) for use with transport authentication (mTLS), authorization (OAuth2) & origin authentication (JWT)
- share mesh control plane resources across tenants


Akash Baid

Engineering Manager, Affirmed Networks
Akash Baid works in the Cloud Native Platform Engineering team at Affirmed Networks. In his current role, he leads a team of developers working on integrating open source projects such as Kubernetes, Envoy, Istio, etcd, EFK, Prometheus, Grafana, Consul and others. He has previously... Read More →

Nitish Malhotra

Technology Architect - Office of the CTO, Affirmed Networks
Nitish Malhotra is a Senior Principal Software Engineer at Affirmed Networks. As a member of the Cloud Native Infra team, he works on improving developer workflows for deploying 5G core VNFs on Kubernetes by contributing to and building abstractions for open-source projects like Envoy... Read More →

Tuesday August 18, 2020 14:30 - 15:05 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259
  Service Mesh