
Michael Bright
Technical Trainer at @mjbright Consulting
Actions
Michael Bright is a consultant / trainer on emerging technologies such as Kubernetes, Terraform and related technologies.
Created in 2018, @mjbright Consulting provides training / workshops to customers worldwide in English or in French on Kubernetes, Docker, Terraform, Ansible.
List of previous talks available at https://mjbright.github.io/Talks.
A Compendium of Policy Engines
In this session we will take a look at the various open source policy engines available and why we need a policy engine.
There will be a particular focus on choices for Kubernetes and/or OpenTofu/Terraform implementations. We will look at real-time policy application as well as "shift-left" policy checking.
Will this talk tell you which one is best, which one to use ?
No, there is much choice, but the speaker will give his preferences influenced by his experience and highlight the tradeoffs involved.
The presentation of the choice available should help you make the appropriate choice for your organization based on it's preferences and constraints.
Policing the state with OPA
Open Policy Agent is an _Open Source_ generalized policy engine allowing to specify your security policies in a declarative form, for your whole heterogenous IT infrastructure. Policies can be expressed in the Rego declarative language independently of the individual subsystems of your infrastructure.
OPA, pour les intimes, can be used to validate files such as the output of a Terraform plan, provide access control for a web server or API, or for a container orchestration system.
We will look at Rego the language used to express policy and how OPA might be used to enforce policy for
- a web server
- a Kubernetes cluster
- a Terraform plan
- a web site through the use of WebAssembly
Kubernetes Application Troubleshooting
This workshop is for those familiar with the basic concepts of Kubernetes, who want to have some fun debugging some application configs.
If you know how to launch a Pod, a Deployment or a Service already this workshop is for you.
We'll work in small teams each of which has a Kubernetes cluster and a tool which allows to choose a scenario and deploy that to the cluster with maybe a hint or two about what needs to be fixed.
The goal is to have fun and learn from each other as we look at some typical application misconfigurations.
The aim is to work in small groups of 3 people ideally of differing levels of experience.
A working cluster will be provided to each group.
Bring your own laptop with the ability to connect with ssh.
Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.
Jump to top