Kubernetes operator that helps you to set up the RBAC rules for your application. If requested, it scans the application's log files for authorization errors and adds them as exceptions/rights to the associated {Cluster}Role. It is like having a sudo command for your service accounts. However, with great power comes great responsibility. The goal of the tool is to find the minimum set of rights that is needed for your workload to run instead of using the cluster admin for everything.
Analysis of Blockchain transaction captured in a project that uses Jupyter notebook with GraphFrames and NetworkX, spark-notebook with GrapX. Notebooks attaches to a Spark cluster deployed in a standalone mode, everything containerized and running in Kubernetes or OpenShift.
These days k8s namespaces don't provide enough isolation for our cloud native experiments. It's much easier to give a user the whole cluster to play with. Let them to break it; repeat. However, this assumes the cluster creation and deletion is an easy thing to do. Also there should be a nice API for that, not just some 5 years old web. Have you ever heard about clusterctl? If not, then come to this talk to learn how easy it is to start using it. If yes, then come to this talk to learn how hard it is to use it in production. Cluster API (CAPI) is a unique standardization effort among multiple cloud providers such as GCP, AWS, Azure but can also work with on-prem solutions such as OpenStack, KVM or vSphere. It allows you to dedicate one cluster in your infra as a control plane for creating the workload clusters. If you are into self-replicating robots, you are going to love this API!
If you have ever developed an operator pattern for Kubernetes, you have probably had to tweak your service account and assign it to a role. Setting up the RBAC correctly is not that hard, but it's not fun and it distracts you from the real problem the operator is about to solve. This often leads to assigning the cluster admin to the operator and neglecting the security altogether.
Log2rbac is a tool (yet another operator) that aims to solve this issue. It assists you with setting up your RBAC roles that are tailored for your application's needs. Come to see this talk and learn more.
Let's go together through the cloud native landscape and explore all the goodies that may help you to develop scalable and reliable distributed systems. Hopefully, you will leave this talk with basic understanding of Kubernetes and motivated to use it in production.