Hector Monsalve
Kubernetes Platform Engineer at Roche
Basel, Switzerland
Actions
Hector is a Platform Engineer at Roche currently focused on developing the Kubernetes stack for edge locations. With more than 15 years of experience in IT infrastructure he felt in love with Cloud Native in the last years and since then loves to get up to date with techs around it.
Area of Expertise
Topics
Meshing it Up Dynamically: Advance Network Security with Cilium, Talos, and Custom k8s Operators
In this talk, we will dive deeper into Roche's innovative approach to securing network connectivity across over 1000 edge clusters. Building on last year's talk, we will focus on the dynamic configuration of Cilium network policies to accommodate customer proxies using Cilium, Talos, and custom Kubernetes operators.
We will explore practical solutions for navigating the complexities of dynamic network environments, particularly in highly regulated industries like healthcare, where maintaining security and compliance is paramount. By leveraging Cilium's advanced service mesh capabilities, Talos's secure operating system, and our bespoke Kubernetes operator, we'll demonstrate how to efficiently manage and automate network configurations.
Meshing it Up Securely: How Roche Manages Network Connectivity for 1000+ Edge Clusters
Roche, one of the largest global healthcare companies, has embarked on the challenging journey of building a modern, cloud native edge compute platform that helps to run applications on customer premises, like laboratories or hospitals.
In this talk, we will discuss the challenges of highly protected environments and show how leveraging Cilium Service Mesh can bring “the firewall” closer to the workloads. This not only allows for more fine-grained traffic control, but also simplifies the operations and configuration of network policies using a GitOps approach, alongside the deployment of workloads.
Going beyond this, we’ll also look at some of the more advanced features of Cilium - like sending cluster traffic that targets the cloud via a specific forward proxy before it leaves the customer premises.
CNCF-hosted Co-located Events Europe 2024 Sessionize Event
Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.
Jump to top