Multitenancy at Cruise, with Karl Isenberg

Kubernetes Podcast from Google

Episode | Podcast

Date: Tue, 21 Jan 2020 20:51:32 +0000

<p>Self-driving cars need self-driving backend infrastructure. <a href="https://twitter.com/karlkfi">Karl Isenberg</a> is the tech lead & manager of the platform team at Cruise, a self-driving car company backed by GM and Honda. He joins <a href="https://kubernetespodcast.com/about">hosts Craig and Adam</a> to discuss two years of running multitenant Kubernetes.</p> <p>Do you have something cool to share? Some questions? Let us know:</p> <ul> <li>web: <a href="https://kubernetespodcast.com">kubernetespodcast.com</a></li> <li>mail: <a href="mailto:kubernetespodcast@google.com">kubernetespodcast@google.com</a></li> <li>twitter: <a href="https://twitter.com/kubernetespod">@kubernetespod</a></li> </ul> <h3 id="chatter-of-the-week">Chatter of the week</h3> <ul> <li><a href="https://media.defense.gov/2020/Jan/14/2002234275/-1/-1/0/CSA-WINDOWS-10-CRYPT-LIB-20190114.PDF"> Patch Critical Cryptographic Vulnerability in Microsoft Windows Clients and Servers</a> <ul> <li><a href="https://twitter.com/kennwhite/status/1217186865016602632">Interpretive meme version</a></li> </ul> </li> <li><a href="https://www.microsoft.com/en-gb/windows/windows-7-end-of-life-support-information"> Support for Windows 7 has ended</a>: <a href="https://www.telegraph.co.uk/news/2020/01/12/gchq-warns-not-use-windows-7-computers-banking-email-tuesday/"> don’t use it for internet banking</a></li> <li><a href="https://www.youtube.com/watch?v=Vadw5zGw9KE">Stefanie Stuber’s uncommon The Voice performance</a></li> </ul> <h3 id="news-of-the-week">News of the week</h3> <ul> <li><a href="https://kubernetes.io/blog/2020/01/14/kubernetes-bug-bounty-announcement/"> Kubernetes bug bounty announcement</a>, <a href="https://www.cncf.io/blog/2020/01/14/introducing-the-kubernetes-bug-bounty-program/"> funded by the CNCF</a></li> <li><a href="https://cloud.google.com/blog/products/containers-kubernetes/gke-cis-benchmarks-deliver-security-best-practices"> GKE CIS Benchmarks deliver security best practices</a></li> <li><a href="https://kyma-project.io/blog/2020/1/16/integration-testing-in-k8s/"> Octopus: how Kyma does integration testing in Kubernetes</a></li> <li><a href="https://www.elastic.co/blog/elastic-cloud-on-kubernetes-ECK-is-now-generally-available"> Elastic Cloud on Kubernetes (ECK) now GA</a></li> <li><a href="https://blog.openshift.com/introducing-red-hat-openshift-4-3-to-enhance-kubernetes-security/"> Red Hat OpenShift v4.3 now almost GA</a></li> <li><a href="https://fedoramagazine.org/fedora-coreos-out-of-preview/">Fedora CoreOS now GA</a></li> <li><a href="https://blog.christianposta.com/microservices/istio-as-an-example-of-when-not-to-do-microservices/"> Istio as an Example of When Not to Do Microservices</a> by Christian Posta</li> <li><a href="https://banzaicloud.com/blog/backyards-release-1-1/">Backyards 1.1</a> from Banzai Cloud</li> <li><a href="https://github.com/ibuildthecloud/k3c">k3c</a> from Darren Shepherd at Rancher Labs <ul> <li><a href="https://kubernetespodcast.com/episode/057-rancher-labs/">Episode 57, with Darren Shepherd</a></li> </ul> </li> <li><a href="https://medium.com/@imarunrk/continuous-gitops-the-way-to-do-devops-in-kubernetes-896b0ea1d0fb"> Continuous GitOps</a> by Arun Ramakani</li> <li><a href="https://medium.com/flant-com/announcing-werf-1-0-stable-813b664a06ae"> Werf 1.0</a> by Flant</li> <li><a href="https://cloud.google.com/blog/topics/training-certifications/new-anthos-training-a-masterclass-in-hybrid-cloud-architecture-and-management"> New Anthos training from Google Cloud</a></li> <li><a href="https://cloud.google.com/blog/topics/customers/google-cloud-helped-phoenix-labs-meet-demand-for-dauntless"> Dauntless case study</a></li> <li><a href="https://catalogicsoftware.com/blog/kubedr-disaster-recovery-for-kubernetes-clusters"> KubeDR</a> by Catalogic</li> <li><a href="https://kubernetes.io/blog/2020/01/15/kubernetes-on-mips/">Kubernetes on MIPS</a> by Inspur</li> </ul> <h3 id="links-from-the-interview">Links from the interview</h3> <ul> <li><a href="https://www.getcruise.com/">Cruise</a> <ul> <li><a href="https://medium.com/cruise/we-need-to-move-beyond-the-car-ad065eb800e3"> We Need To Move Beyond The Car</a>, by CEO Dan Ammann</li> <li><a href="https://en.wikipedia.org/wiki/Lombard_Street_(San_Francisco)">Lombard St</a></li> </ul> </li> <li><a href="https://kccncna19.sched.com/event/UaaO/kubernetes-at-cruise-two-years-of-multitenancy-karl-isenberg-cruise"> Karl’s KubeCon talk</a> <ul> <li><a href="https://static.sched.com/hosted_files/kccncna19/14/Kubernetes%20Multitenancy%20-%20Karl%20Isenberg%20-%20KubeCon%20NA%202019.pdf"> Slides</a></li> <li><a href="https://youtube.com/watch?v=m19D9vZ1QFQ">Video</a></li> </ul> </li> <li><a href="https://medium.com/cruise/open-sourcing-rbacsync-48758df685b0">Managing Kubernetes RBAC Groups</a> by Stephen Day <ul> <li><a href="https://github.com/cruise-automation/rbacsync">RBACSync on GitHub</a></li> </ul> </li> <li><a href="https://medium.com/cruise/isopod-5ad7c565d350">Open-Sourcing Isopod: An Expressive DSL Framework for Kubernetes Configuration</a> by Charles Xu and Dmitry Ilyevskiy <ul> <li><a href="https://github.com/cruise-automation/isopod">Isopod on GitHub</a></li> </ul> </li> <li>Building a container platform at Cruise: <ul> <li><a href="https://medium.com/cruise/building-a-container-platform-at-cruise-part-1-507f3d561e6f"> Part 1: Overview</a> by Karl</li> <li><a href="https://medium.com/cruise/container-platform-security-7a3057a27663"> Part 2: Security</a> by Karl and Mike Ruth</li> <li><a href="https://medium.com/cruise/container-platform-networking-kubernetes-e888a07407ab"> Part 3: Networking</a> by Karl and Buck Wallander</li> </ul> </li> <li><a href="https://medium.com/cruise">Cruise’s blog</a></li> <li><a href="https://twitter.com/karlkfi">Karl Isenberg</a> on Twitter</li> </ul>