David Frappart
Cloud architect & IaC Geek
Soissons, France
IT guy since 2004
Cloud architect, (mainly on Azure) since 2015
Still exploring the Cloud platform capabilities (which get new stuff all the time)
Breath IaC and Automation (but more Hashicorp stuff than other ^^)
Still struggles in the K8S landscape
MVP Azure since 2019
MCT since 2020
https://www.linkedin.com/in/david-frappart-66625627/
https://blog.teknews.cloud
Links
Awards
Area of Expertise
Topics
Please Azure Arc, give me a hybrid Kubernetes
The demand for hybrid cloud is rising, and with It the need for managing multi cloud resources.
Unfortunately, it's not as simple to get a hybrid kubernetes as, let's say a sheep drawing.
Or is it ?
In this session we'll take a look at the Azure Arc proposal.
We'll start looking at what is behind the Azure Arc offer.
Then we'll focus on Azure Arc Enabled Kubernetes and what we can achieve from Azure plane with Kubernetes plane... well everywhere.
We'll take a look at the "how to" with Azure Arc and Kubernetes and try to find what level of integration with the Azure platform can be achieved for Azure engineer so they can manage other (cloud managed) Kubernetes.
Granular AAD authorization management in Kubernetes with Workload Identity
Kubernetes is more than ever at the center of projects.
Workloads hosted in Kubernetes thus need to interact with various other systems.
Managing authorizations can be complex, especially when limiting the use of credential in Kubernetes secrets is a strong constraint.
In Azure cas, we usually leverage managed identity with RBAC assignment.
Problem: a pod has no knowledge of Managed Identity.
In this session we'll have a look at how Azure AD workload Identity can help to federate various Identity provider to manage access in Azure and take the case of workload identity to manage granular authorization at the pod level.
We will dtail a use case with the Key Vault CSI Secret provider which will definitely help to reduce the global footprint of Kubenetes secrets.
Take away: a better grasp of Identity management for Kubernetes hosted workloads and an implementation of the Key Vault CSI Secret provider.
AKS & Cilium, a love story?
Have you ever felt that network for AKS was a pain?
Even more, have you ever felt that some feature were missing?
Well, there are some good news.
In the recent months (years?), Cilium imposed its print in the Kubernetes landscape.
And also in the Azure landscape!
In this session, we'll take a look at the new networking options for AKS & clarify the different offers available to use Cilium.
Then we'll look at some of Cilium features that make a difference for a kubernetes environment.
Leave with a clarified view of Azure CNI options and Cilium features for your Azure Kubernetes hosted workloads.
GPS for network routing with Azure Virtual WAN
Azure Virtual WAN, with the Virtual Hubs, change the way we build a Hub & Spokes topology.
On the paper, evrtything seems nice.
What about in real life?
In this session, we'll walktrhough the differents steps of a Hub & Spoke configuration with Virtual WAN and become familiar with our options for configuring routing, and build a Secure Hub.
After this session, hopefully, you'll be much more clear on the way to find your network route in Azure ^^, hence the GPS/
Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.
Jump to top