How DigitalOcean Manages, Monitors, and Secures Kubernetes for App Platform
About the Talk
Kubernetes is often referred to as a platform for building platforms. Join DigitalOcean software engineers Nan Zhong and Cody Baker in a discussion of some of the strategies, tools and lessons learned from building App Platform on DigitalOcean Kubernetes.
What You’ll Learn
- Kubernetes cluster lifecycle best practices.
- Network and runtime isolation in multi-tenant Kubernetes clusters.
- Open source strategies for cluster-level monitoring and logging.
This Talk Is Designed For
Kubernetes users that are ready to scale and take your applications to production.
A basic understanding of Kubernetes.
- Slides, presented by Cody & Nan
- gVisor, an application kernel for containers that provides efficient defense-in-depth anywhere.
- Kata Containers, an open source container runtime, building lightweight virtual machines that seamlessly plug into the containers ecosystem.
- Kaniko, an open-source tool for building container images from a Dockerfile even without privileged root access.
- Introduction to Cilium & Hubble. Cilium is open source software for transparently securing the network connectivity between application services deployed using Linux container management platforms like Docker and Kubernetes.
- Cilium Network Policy Editor facilitates the creation of Kubernetes network policies.
- Fluent Bit, an open source Log Processor and Forwarder which allows you to collect any data like metrics and logs from different sources, enrich them with filters and send them to multiple destinations. Fluent Bit is a CNCF (Cloud Native Computing Foundation) subproject under the umbrella of Fluentd.
- Kubernetes Monitoring Stack distills operational knowledge of integrating Prometheus, Grafana, and metrics-server for deployment onto DigitalOcean Kubernetes clusters.