February 1-2, 2023 | Seattle, WA
View More Details | Registration Information

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for CloudNativeSecurityCon North America 2023 to participate in these sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

Please note: This schedule is automatically displayed in Pacific Standard Time (PST), UTC -8. To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date."

The schedule is subject to change.
Back To Schedule
Wednesday, February 1 • 3:50pm - 4:25pm
Securing User to Service Access in Kubernetes - Maya Kaczorowski & Maisem Ali, Tailscale

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
Kubernetes makes it easy to run and scale your microservices, and Kubernetes automatically assigns the pods running your service an IP address and a DNS name for discovery and routing. Network security concerns for Kubernetes, however, seem to focus on user access to the control plane, using a bastion; or on service-to-service communication within a cluster, using a service mesh. So how should your development team secure access to the internal services you’re running on Kubernetes — is it enough to just use Kubernetes Ingress and a web proxy? In this talk, we’ll focus on the networking and security questions you should consider when exposing Kubernetes services to your users, including authentication and authorization, load balancing, traffic filtering, and encryption. We’ll discuss different options you have for managing access to these services, using Kubernetes Ingress, Kubernetes load balancer objects, service meshes, web proxies, IPsec, and WireGuard. You’ll come away with a better understanding of how to give service access to users, and how these complement other network solutions you might already have in your cluster.


Maya Kaczorowski

Head of Product, Tailscale
Maya is a Product Manager at Tailscale, providing secure networking for the long tail. She was mostly recently at GitHub in software supply chain security, and previously at Google working on container security, encryption at rest and encryption key management. Prior to Google, she... Read More →

Maisem Ali

Member of Technical Staff, Tailscale
Maisem is a Member of Technical Staff at Tailscale, building secure human-scale networks for everyone. He was previously at VMWare and Google working on Kubernetes Control Plane management at VMWare and Google before that. Prior to Google, he was at Microsoft providing Just-in-Time... Read More →

Wednesday February 1, 2023 3:50pm - 4:25pm PST
Room 609