Overview
Explore the implementation of Kubernetes policy enforcement through a comprehensive examination of Open Policy Agent, Conftest, and GateKeeper in this 37-minute conference talk. Delve into the story of Unicorn Rentals to understand real-world applications of these tools. Learn about memory leaks, default behaviors, and effective solutions. Discover the intricacies of Open Policy Agent and Conftest, and their integration with Docker Registry and CI pipelines. Examine Kubernetes Admission Controllers, Constraint Templates, and their role in policy management. Gain insights from postmortems and walk away with a thorough understanding of Kubernetes policy implementation strategies.
Syllabus
Intro
About the Tree
Story of Unicorn Rentals
Memory leak
Default behavior
Solution
Open Policy Agent
Conftest
Docker Registry
CI Integration
Kubernetes Admission Controller
Kubernetes Constraint Template
Admission Controllers
Postmortems
Summary
Taught by
Linux Foundation