conferences | speakers | series

How Kubernetes used gRPC to encrypt secrets with an external Key Management Service

home

How Kubernetes used gRPC to encrypt secrets with an external Key Management Service
FOSDEM 2019

How Kubernetes used gRPC to encrypt secrets with an external Key Management Service

In recent headlines, there are increasing news about cloud resources getting hacked caused by attacks on Kubernetes clusters. Failing to properly secure your Kubernetes data can result in cloud resources getting hacked and your application secrets getting stolen. The etcd database contains information that may grant an attacker significant visibility into the state of your cluster.

This presentation focuses on how a gRPC-based implementation was added to Kubernetes to delegate encrypting secrets to an external Key Management Service and the benefits of using a gRPC-based design for this type of problem. Basic knowledge of Kubernetes and gRPC is a plus but not required.

Speakers: Rita Zhang