So You Want to Run Vault in Kubernetes? - Seth Vargo, Google

less than 1 minute read


Kubernetes is great for running applications, but can it run secure workloads like HashiCorp Vault, a popular open source secrets management tool? This two-part, demo-driven talk explores the answers to that question. The first part showcases how to run Vault securely on Kubernetes. We walk through different deployment architectures and strategies for making sure Vault is run in the most secure manner on Kubernetes. The second part focuses on how services deployed in Kubernetes interact with Vault. We discuss the implementation details and tradeoffs for authenticating pods and services to Vault to retrieve dynamic credentials like database passwords and Google Cloud IAM credentials. Attendees we leave with an understanding of how to operationalize better run secure workloads like Vault inside Kubernetes and how to expose secure workloads to other services in the cluster.

Sched URL