Securing Cluster Networking with Network Policies

Securing Cluster Networking with Network Policies - Ahmet Balkan, Google

Рет қаралды 29,602

CNCF [Cloud Native Computing Foundation]

Күн бұрын

Пікірлер

@nfonseca1979 2 ай бұрын

Best video I have watched about explaining NetworkPolicies !

@7aydarah Жыл бұрын

Perfect explination with hand drawn schema.

@veramentegina 6 жыл бұрын

Great talk. Network Policies are definitely being underutilized. Thanks for clarifying all that.

@phannguyen1556 6 жыл бұрын

Wonderful talk about Network Policies!!! It's very useful, Ahmet. Cheers!

@khalidgraysen4848 3 жыл бұрын

i dont mean to be offtopic but does someone know of a method to get back into an Instagram account?? I somehow forgot the account password. I would appreciate any assistance you can offer me.

@cristianobrayden8712 3 жыл бұрын

@Khalid Graysen instablaster ;)

@khalidgraysen4848 3 жыл бұрын

@Cristiano Brayden i really appreciate your reply. I got to the site on google and im waiting for the hacking stuff atm. Takes quite some time so I will reply here later when my account password hopefully is recovered.

@khalidgraysen4848 3 жыл бұрын

@Cristiano Brayden it worked and I now got access to my account again. I'm so happy:D Thanks so much, you saved my ass !

@cristianobrayden8712 3 жыл бұрын

@Khalid Graysen Happy to help :)

@msohan01 5 жыл бұрын

Great explanation and overview of Network Policies

@Monu-modi 4 жыл бұрын

Truly amazing....

@tejsinghranaofficial 4 жыл бұрын

Nicely Explained!!

@dineshkumarsaravanan5893 6 жыл бұрын

tq so much ahmet its very useful

@pythonsriracha4944 3 жыл бұрын

at 8:47 , don't you mean all ports are closed by default? or am I missing something?

@arunpln 4 жыл бұрын

Very useful.

@AbdoTawdy Жыл бұрын

27:38 he is saying that he would ask this question to a "community " called "signal works" , dose anyone know exactly this community name , thanks

@thebsv Жыл бұрын

#sig-network channel on kubernetes in Slack

@cptechno 6 жыл бұрын

It's a useful tool indeed, but I profoundly disagree with logic that's being used in writing rules. Empty should mean Empty. An empty bracket ( [ ] ) should mean NO node! If ALL nodes want to be specified than a symbol like '*' (wildcard) should be used. The set could be read as [ * ]. That's the way it has always been and I don't see any reasons why we should stray from that true and tested historic symbolic protocol. Allowing the reverse of logic, where empty bracket means 'all nodes' can be the source of costly errors in big projects.

@matthartstonge 6 жыл бұрын

Had a quick think about this, I compare it to NoSQL(mongo) and RESTful APIs, where if you specify nothing to filter by, you get all the things!

@yahyabilge9765 5 жыл бұрын

Some little confusion about cdir vs cidr :) But gorgeous explanation and presentation

@dsinghr 4 жыл бұрын

Isn't RBAC does the same thing? It allows specific microservices to talk to specific microservices. Similar to what NetworkPolicies does..

@Aliennnaa 4 жыл бұрын

network policies usually works on layer 4 or 3 of osi ,where is rbac are at the endpoint talking to the api server to get authorization so layer 7

@TiexinGuo 4 жыл бұрын

I wouldn’t listen to a guy talking about network who reads CIDR as CDIR multiple times.

@zamboz01 4 жыл бұрын

Yeaa like he is doing it on purpose not because there are hundreds of people in front of him. He miss spoke a few times but it is normal in that setting. But you will never know.