Gerardo Lopez Falcon
CNCF Ambassador & Docker Captain & Google Developer Expert
Heredia, Costa Rica
Actions
Gerardo is a big fan of DevOps and cloud technologies. He loves to code interesting backend stuff in languages like NodeJs, Java, etc..... He participates as speaker and mentor in different software communities in Costa Rica. He is the first Google Developer Expert in Cloud and Docker captain of America Central.
Links
Awards
Area of Expertise
Topics
Multi-Tenancy strategies in Kubernetes with Kyverno
Multi-tenancy in Kubernetes requires control and isolation. Learn how Kyverno helps manage different teams or clients in the same cluster, ensuring proper resource usage and configurations for each. A live demo will showcase how to set clear boundaries and rules between namespaces.
Securing GitOps: Preventing Privilege Escalation in ArgoCD
GitOps has revolutionized infrastructure and application management by using Git as the single source of truth. However, this approach comes with security challenges, especially around privilege escalation. In this session, we will explore the most common attacks targeting GitOps workflows, focusing on ArgoCD, and demonstrate how attackers can exploit misconfigurations. We'll also dive into practical strategies to secure your GitOps system, including repository protection, RBAC configuration, secret management, and policy enforcement using tools like OPA/Gatekeeper. Learn how to defend your pipelines and ensure a robust and secure GitOps environment.
This talk is essential for anyone leveraging GitOps practices and seeking to enhance their security posture in cloud-native ecosystems.
Breaking barriers in Kubernetes multitenancy: The power of virtual clusters with Vcluster
Are namespaces enough for multitenancy in Kubernetes? In this session, we’ll dive into the world of virtual clusters and how they address the limitations of namespace-based isolation. With a focus on Vcluster, we’ll explore how virtual clusters improve security, reduce operational costs, and enhance flexibility by offering complete control and isolation for each tenant.
This talk is designed for Kubernetes practitioners and decision-makers seeking advanced strategies for multitenancy. We’ll start with the theoretical foundation, comparing traditional approaches with virtual clusters. Then, we’ll proceed to a live demo showcasing the deployment and management of virtual clusters using Vcluster, demonstrating:
- How to create a virtual cluster.
- Isolation and multi-version Kubernetes capabilities.
- Key benefits in real-world scenarios.
- Walk away equipped with the knowledge and tools to transform your Kubernetes multitenancy approach and embrace the future with virtual clusters!
Kubernetes API Server Event Auditing with Falco and Falcosidekick
In this hands-on workshop, you’ll learn how to audit Kubernetes API Server events using Falco, the real-time intrusion detection tool, and Falcosidekick, its powerful integration companion. We’ll cover setting up API Server audit logging, customizing Falco rules to detect specific activities, and forwarding these events to destinations like Slack, Elasticsearch, or Prometheus using Falcosidekick.
By the end of this session, you’ll gain a comprehensive understanding of how to enhance the security and observability of your Kubernetes cluster while implementing effective strategies to monitor and respond to suspicious or unwanted activities.
Gerardo Lopez Falcon
CNCF Ambassador & Docker Captain & Google Developer Expert
Heredia, Costa Rica
Links
Actions
Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.
Jump to top