San Jose, CA
2019-06-10 to 2019-06-13
Co-presented with Lachie Evenson
Description
Microsoft supports and contributes to open source. It also works with many enterprises that, like Microsoft itself, view security as a primary concern. Striking the right balance between the control Microsoft needs and the flexibility it wants means finding (or creating) the right tool for the job.
Because the company believes in open technologies and customer choice, it expanded the scope of Azure Policy Controller to Kubernetes Policy Controller, then donated it to the Cloud Native Computing Foundation’s Open Policy Agent, where it was renamed Gatekeeper. Gatekeeper is a community-driven approach for enforcing policy on any Kubernetes cluster, with automatic enforcement ranging from authorization and admission control to data filtering. The contributor community includes Google, Red Hat, and Styra.
Lachlan Evenson and Bridget Kromhout discuss the journey to build Gatekeeper in the open and explain how the tool helped inform how an enterprise offering on Azure was built. You’ll learn how flexible and fine-grained control enables you to set the necessary guardrails while expressing policies consistently, no matter the language or service.
We create the most secure software when we collaborate in the open to ensure a broad base of community support. Join in for pragmatic tips on how to effectively contribute to and use open source tools.
This keynote is sponsored by Microsoft Azure.
Slides
Tweets
.@LachlanEvenson and @bridgetkromhout take the #VelocityConf keynote stage to discuss Microsoft's journey to build #Kubernetes policy controller, Gatekeeper, in the open and explain how the tool helped inform how an enterprise offering on Azure was built.
— O'Reilly Infrastructure & Ops (@OReillyInfraOps) June 12, 2019
So @bridgetkromhout wins at outfits today. This T-shirt is also bedazzled.. #VelocityConf pic.twitter.com/l78k1SX0n9
— Smasher of DBs. First of her name. (@dbsmasher) June 12, 2019
Next at #VelocityConf is @bridgetkromhout and @LachlanEvenson pic.twitter.com/5sV3BRigOF
— Vallery Lancey (@vllry) June 12, 2019
Bridget and Lachlan telling the story of how the Azure policy controller for kube became the gatekeeper project. #VelocityConf
— Smasher of DBs. First of her name. (@dbsmasher) June 12, 2019
The Azure team was working on an internal policy controller, but realized that they were solving a “kubernetes problem” not an “azure problem”. This project is now Gatekeeper!
— Vallery Lancey (@vllry) June 12, 2019
@bridgetkromhout and @LachlanEvenson share how @Microsoft develops #opensource projects and builds products from them @MicrosoftOpen #VelocityConf pic.twitter.com/bdwVarwUMS
— Craig Peters (@peterscraig) June 12, 2019
Bridget’s favorite season is winter, and Lachi’s is not! 😂@bridgetkromhout @LachlanEvenson #VelocityConf pic.twitter.com/vXQiVBDmij
— Sasha Rosenbaum (@DivineOps) June 12, 2019
Heyo @bridgetkromhout and @LachlanEvenson "lucky" talking about building the Kubernetes Policy Controller. Now: #gatekeeper #VelocityConf https://t.co/JwUx5TFdRr pic.twitter.com/EkDwGlOZQH
— Λdrøn (@Adron) June 12, 2019
Gatekeeper - Kuberneyes Policy Controller #gatekeeper #VelocityConf #microsoft #AKS #AzureGovernance #AzurePolicy @LachlanEvenson @bridgetkromhout pic.twitter.com/CKUovQKyOk
— Shikha Jain (@be_shikha) June 12, 2019
They then took Gatekeeper and built an Azure later on top. You can create open source goodness while still having unique products at the same time! #velocityConf
— Vallery Lancey (@vllry) June 12, 2019
@bridgetkromhout and @LachlanEvenson sharing the journey of #GateKeeper #Kubernetes policy controller that came from product to #OpenSource and now back to a product #Azure Policy for #AKS #Velocityconf pic.twitter.com/ZyFnsC8wz2
— Noureen Syed (@NoureenSyed) June 12, 2019
Yay, excited to see @bridgetkromhout @LachlanEvenson rocking the keynote stage! #velocityConf Showing Gatekeeper, a neat part of OPA pic.twitter.com/XWmjjKot6L
— Liz Rice 🇪🇺 @ Aqua Splash 🇮🇱 (@lizrice) June 12, 2019
From @bridgetkromhout: "we are all on this open source journey together. don't assume you're the only one solving a specific problem! Collaborate in the open!" #VelocityConf
— Liz Fong-Jones (方禮真) (@lizthegrey) June 12, 2019
Don’t assume that your problem is unique. We create more reliable and secure software when we work in the open, together. #VelocityConf
— Vallery Lancey (@vllry) June 12, 2019
wants to head desk. @bridgetkromhout and @LachlanEvenson are presently speaking of where Microsoft engaged with the community instead of creating their own proprietary module or fork. Do you know how many times I've seen folks not do that and it end in tears? #velocityconf
— wirehead (@wirehead) June 12, 2019
We’re all in this #OpenSource journey together #Kubernetes #gatekeeper@bridgetkromhout @LachlanEvenson #VelocityConf pic.twitter.com/XRQ9x66gCp
— Sasha Rosenbaum (@DivineOps) June 12, 2019
Happy @bridgetkromhout making Gatekeeper make sense, while rocking a-grade geek tights. Uh, do they make those in ogre-size... Uhm, asking for a friend ;) nicely done! pic.twitter.com/SlBAGwPOSt
— miles ward (@milesward) June 12, 2019
We are all in this open source space together. Don’t assume you are the only person trying to solve a problem; collaborate in the open! @bridgetkromhout @LachlanEvenson #VelocityConf
— ginablaber (@ginablaber) June 12, 2019
3⃣ Then @bridgetkromhout and @LachlanEvenson spoke about @Microsoft's open source contributions and efforts getting #gatekeeper built for #k8s!https://t.co/Q4uimvin4s
— DataStax Developers (@DataStaxDevs) June 13, 2019