Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

Linux Foundation

In-use Protection for Kubernetes Resources: PV, PVC, Secret, and Beyond

Linux Foundation via YouTube

Overview

Explore in-use protection mechanisms for Kubernetes resources in this 44-minute conference talk. Dive into the implementation of Role-Based Access Control (RBAC) and finalizers to prevent accidental resource deletion. Learn about the background of new features, including issues with Azure File driver volume deletion. Examine the Secret Protection proposal (KEP-2639) and understand the concept of in-use protection using liens. Watch demonstrations showcasing the behavior of in-use protection and Secret Protection when used by pods. Discover potential use cases for liens, such as allowing deletion only through parent resources. Gain valuable insights into enhancing resource management and security in Kubernetes environments.

Syllabus

Intro
1 RBAC (Role-Based Access Control)
2 Finalizer • A feature to block resource deletion to complete
1Background for New Features • An issue of failure in deleting a volume with Azure File driver found out to be a non-driver specific
2 Secret Protection (First Proposal of KEP-2639) HITACH! • Secret Protection: A feature to block deletion of Secret while it is used
2-7 In-use Protection (With Concept of Lien) • In-use Protection: A feature to block deletion request of resource while it
Demo • 1. Behavior of In-use Protection itself
3.1 Behavior of In-use Protection itself
3.2.1 Behavior of Secret Protection (Used by Pod) HITACHI
2 Q2. Any Other Use Cases for Lien? • A2. A feature to only allow deletion via parent resource

Taught by

Linux Foundation

Reviews

Start your review of In-use Protection for Kubernetes Resources: PV, PVC, Secret, and Beyond

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.