The Negatives of Per-Host Service Mesh - Sidecar Model as an Ideal Solution for Robust Security
CNCF [Cloud Native Computing Foundation] via YouTube
Overview
Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore the security implications of per-host service mesh versus sidecar model in this 18-minute conference talk by Chad Crowell at CNCF. Discover why eliminating sidecar proxies in favor of per-host proxies can be detrimental to service mesh security. Learn about the advantages of sidecar proxies, including their role in providing reliable and scalable services with necessary security constraints. Examine the footprint of proxies at low traffic levels, existing Kubernetes mechanisms, blast radius considerations, and the importance of controlled security boundaries. Understand the complexities and unpredictability introduced by per-host proxies, including increased attack vectors and a more complex security landscape.
Syllabus
The Negatives to a Per-Host Service Mesh, the Sidecar Model Being a More Ideal Solut... Chad Crowell
Taught by
CNCF [Cloud Native Computing Foundation]