Explore a conference talk detailing ASML's implementation of a self-service, multi-tenant data platform using Kafka on Kubernetes with Istio. Learn how the company achieved tenant isolation and seamless integration with a global policy-based access control layer. Discover the use of Istio for enabling zero-configuration authentication for Kafka clients within the Kubernetes cluster, allowing authentication through Kubernetes-native tenant/namespace/serviceaccount mechanisms. Gain insights into the custom operator that reconciles tenant topic definitions and access requests with administrator resource allocations and global data sharing policies, dynamically configuring Kafka ACLs and resource quotas. Understand the challenges and solutions involved in building a secure, multi-tenant setup that enables teams to work independently on data products and applications while maintaining proper isolation and governed data sharing.
Painless Multi-Tenant Kafka on Kubernetes with Istio - ASML Case Study
Overview
Syllabus
Painless Multi-Tenant Kafka on Kubernetes with Istio at ASML - Thomas Reichel & Dominique Chanet
Taught by
Linux Foundation
Tags
Related Courses
-
Beyond the Basics: Istio and IBM Cloud Kubernetes Service
-
Istio Hands-On for Kubernetes
-
Manage Multi-tenant ML Workloads Using Istio
-
KubeSecRay - Fortifying Multi-Tenant Ray Clusters on Kubernetes
-
Organizing Your Mesh - How to Run a Multi-Tenant Service Mesh in Production
-
Creating and Managing Multi-Tenant Cluster Solutions Using Self-Service
