Rootconf Hyderabad edition

On SRE, systems engineering and distributed systems

Istio and Auth0 securing our applications on Kubernetes cluster

Submitted by Mamta Jha (@mjha) on Aug 10, 2019

Section: Full talk (40 mins) Category: Security Status: Awaiting details

Abstract

This session will have key takeaways and tangible lessons that participants can apply as growth levers within their own companies. We will secure the Kubernetes cluster and the applications deployed on it with Istio and Auth0. In microservices-based architecture, authentication becomes one of the crucial things to keep in mind. We learn to integrate Istio with Auth0 to secure our applications running on the Kubernetes cluster. I will be using DigitalOcean’s managed Kubernetes service to demo this.

Istio statistics
Originally launched in May 2017, version 1.0 became generally available on 1 August 2018. 53 companies reportedly use Istio in their tech stacks. Git hub: Istio is 19400* and 3.3k forks


When we have Kubernetes cluster running thousand of services we need not break our heads in implementing traffic splitting, feature rollouts on each service level rather do this on the cluster level. And thus we take away the complexity like monitoring, security away from the software and place it on cluster level.

As we are seeking very high adoption rate of Kubernetes, when our clusters grow in size we would need to automate the control plane work items and that is what Istio does it for us. Istio is about automation. It goes beyond service mesh. It gives us the power of applying policy and control to services let it be 3 services or 300 services deployment. A single rule can provide wonders like with single rule I can make each and every service authenticate to each other. It has inbuilt metric, monitoring, logging tracing, networking control and policy driven security.

Outline

  • Learn to use Istio and Auth0 together to secure a microservices application * Create Kubernetes cluster on DigitalOcean
  • Configure Istio in the cluster
  • Deploy a sample application which would be unsecured
  • Learn to secure this sample application with Istio and Auth0

Requirements

None

Speaker bio

I am Mamta Jha. With 15 years of industry experience and in that 6 years in is Cloud and DevOps. I am presently working with DigitalOcean as a Senior Developer Advocate. I have delivered more than 50 Kubernetes workshops with various MNC in my previous role as a Trainer. In my past job I have been a Corporate trainer delivering AWS, GCP, Kubernetes, Docker and various other DevOps technologies trainings, workshops and have been a Red Hat Certified Instructor too.
I have strong technical hands on background in architecting and designing cloud, DevOps and Automation based solutions. My core competency is in architecting solutions around Kubernetes, DevOps, Data Science and ML services.
• Experienced in migrating, deploying and managing cluster of containers using various Orchestration tools.
• Designed/Migrate large & complex applications for various clients.
• Passionate about Automating Configuration Management with Ansible/Chef and setting up Kubernetes cluster either on on-Prem or cloud
• Experienced in architecting and implementing DevOps E2E solutions, implementing the complete CI/CD pipeline for clients and also implement DevOps in Cloud using various tools.
Certification: RHCE RHEL 7, RHCE OpenStack, OpenShift, Ansible, Chef, Docker and Google Cloud.
LinkedIn handle : www.linkedin.com/in/mamta-jha- cloud-n-devops-architect
Few of the previous speaking experiences are listed at: http://mamtajha.in

Links

Slides

https://drive.google.com/file/d/1rb8IMl-6UEJe2M6Z_W_P9-kYU8Zz4T_q/view?usp=sharing

Comments

{{ gettext('Login to leave a comment') }}

{{ gettext('You need to be a participant to comment.') }}

{{ formTitle }}
{{ gettext('Post a comment...') }}
{{ gettext('New comment') }}

{{ errorMsg }}