Hardening Multi-Cloud Kubernetes Clusters as a Service – Dirk Marwinski, SAP SE & Alban Crequy, Kinvolk GmBH

less than 1 minute read

Abstract

SAP operates Kubernetes clusters at scale. We collaborate with partners to add new features and workloads across multiple cloud providers and on premise.This activity presents us with the unique challenge to secure clusters for multiple tenants, while taking cloud provider’s security best practices into consideration. In this talk, we share our security journey that we undertook together with Kinvolk and present surprising findings such as information leakages and breaches. We will also show and discuss our hardening activities and countermeasures which we have implemented for operating Kubernetes at SAP.This talk will be interesting to all conference participants operating Kubernetes. It will help them to think in different directions to identify possibly unknown attack vectors specific to their environment and how to mitigate them.

Sched URL

Video