Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

CNCF [Cloud Native Computing Foundation]

Putting an Invisible Shield on Kubernetes Secrets

CNCF [Cloud Native Computing Foundation] via YouTube

Start learning Write review
Boot.dev Ad

The Most Addictive Python and SQL Courses

Learn More → Coursera Ad

Coursera Plus Annual Nearly 45% Off

Learn More →

Overview

Coursera Flash Sale
40% Off Coursera Plus for 3 Months!
Grab it
Explore an innovative approach to enhancing Kubernetes secrets protection in this conference talk. Learn about the implementation of Trusted Execution Environment (TEE) and enhanced authentication to create an end-to-end secret hardening solution for Kubernetes clusters. Discover how to guard secrets while in use, at rest, and in transit by making changes to kubectl, Kubernetes master, and node components. Gain insights into TEE transparency for developers and users, and witness a practical demonstration. Understand the real-world application of this technology at Alibaba and learn about the proposed Kubernetes Enhancement Proposal (KEP) for the community. Delve into topics such as confidential computing, TEE-based KMS plugins and providers, and the Occlum framework for simplified SGX development.

Syllabus

Intro
Background: K8s Secrets
Motivation: K8s Secrets Protection
Confidential Computing
TEE-based KMS Plugin
TEE-based KMS Provider
TEE-based Kubectl
TEE-based Secrets Protection (cont.)
KMS Plugin (cont.)
KMS Plugin as a Service
One binary: TEE Transparency
Occlum: SGX Dev Made Easy
Occlum: Major Features
Occlum: Container-Inspired Interface
Demo
Summary & Next Steps

Taught by

CNCF [Cloud Native Computing Foundation]

Reviews

Start your review of Putting an Invisible Shield on Kubernetes Secrets

Start learning

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free
Someone learning on their laptop while sitting on the floor.