Rootconf Hyderabad edition

On SRE, systems engineering and distributed systems

Tickets

Vault on Kubernetes hand-on

Submitted by Anubhav Mishra (@anubhavmishra) on Monday, 26 August 2019

Section: Workshop Category: SRE

Abstract

Kubernetes is a popular application delivery platform, but its builtin secret management system does not serve the diverse needs of many organizations. In this hands-on workshop, Anubhav Mishra demonstrates how to run HashiCorp Vault on Kubernetes and use Vault to store and retrieve secrets for applications running on Kubernetes.

Outline

Anubhav Mishra offers a hands-on workshop on Vault, a single binary secrets management system, to build secrets management system for a production Kubernetes environment from scratch.

The first part of this interactive tutorial showcases how to run Vault as an infrastructure service on Kubernetes. We will then walk through a guide to secure Vault itself on Kubernetes.

The second part of this talk focuses on how applications running on Kubernetes can interact and use Vault. We will explore how services can retrieve dynamic credentials like IAM credentials for cloud providers and database passwords.

Requirements

The participants should have followed the instructions shown here.

Speaker bio

Anubhav Mishra is a developer advocate at HashiCorp. Previously, he worked at Hootsuite, where he created Atlantis - An Open Source project that helps teams collaborate on Infrastructure using Terraform. Anubhav loves working with distributed systems and sharing his experience with microservice delivery platforms. He also loves open source software and is continuously finding ways to contribute to projects that excite him and helping developers and operators do better. That has led him to contribute to projects like Virtual Kubelet and Helm (CNCF projects). In his free time, he DJs, makes music and plays football. He’s a huge Manchester United supporter.

Links

Slides

https://speakerdeck.com/joatmon08/hands-on-with-vault-on-kubernetes

Comments

Login with Twitter or Google to leave a comment