Virtual Event
May 4 - May 7
Learn More and Register to Attend

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for KubeCon + CloudNativeCon Europe 2021 Virtual to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

Please note: This schedule is automatically displayed in Central European Summer Time (UTC +2). To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date." The schedule is subject to change.

Back To Schedule
Friday, May 7 • 14:35 - 15:10
Understanding Isolation Levels in the Kubernetes Landscape - Jiaqi Liu, University of Chicago

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
In building open-source software with Kubernetes, it becomes important to understand the support and limitations for isolation and security at different levels. The ecosystem can be complex and it might be challenging to verify or fully understand the guarantees for isolation at each layer - from the cluster level to the container level. More importantly, how do you know what level of isolation you need at each level? Maybe if your cluster is secure, there is less of a concern for container level isolation? This talk will go over the impact and tradeoffs for optimizing for isolation at a given layer and help you understand what can be done at the cluster level, the namespace level, the pod, the container. As an example, this talk will present the case study of running Jupyter Notebooks within Kubernetes and supporting the requirement to provide isolation between each pod in order to create separate user spaces for each notebook launched in the cluster.

avatar for Jiaqi Liu

Jiaqi Liu

Senior Engineering Manager, GitHub
Jiaqi is an Engineering Manager at GitHub, where she leads the database infrastructure team. Previously, she was at the University of Chicago's Center for Translational Data Science working on Gen3 Data Commons. Gen3 Data Commons is an open source platform for sharing and hosting... Read More →

Friday May 7, 2021 14:35 - 15:10 CEST
Security Theater
  Security + Identity + Policy