Open Policy Agent, with Tim Hinrichs and Torin Sandall

Kubernetes Podcast from Google

Episode | Podcast

Date: Tue, 28 Apr 2020 22:24:48 +0000

<p>Tim Hinrichs and Torin Sandall are the creators of Open Policy Agent (OPA), a project which allows policy to be integrated with popular cloud native software (including Kubernetes and Envoy) or anything you write yourself. <a href="">Adam and Craig</a> discuss OPA with Tim and Torin after the news of the week.</p> <p>Do you have something cool to share? Some questions? Let us know:</p> <ul> <li>web: <a href=""></a></li> <li>mail: <a href=""></a></li> <li>twitter: <a href="">@kubernetespod</a></li> </ul> <h3 id="chatter-of-the-week">Chatter of the week</h3> <ul> <li><a href="">The cupboard was bare</a></li> <li><a href="">Marmite is not a satisfactory substitute for baking yeast</a></li> <li><a href=""> 4D jigsaw puzzles</a> (or <a href=""> a picture</a>, if not for sale in your location)</li> </ul> <h3 id="news-of-the-week">News of the week</h3> <ul> <li><a href=""> Anthos for AWS is now Generally Available</a> <ul> <li><a href=""> TechCrunch coverage</a></li> </ul> </li> <li><a href="">Eurosys ‘20</a>: <ul> <li><a href="">Autopilot paper</a></li> <li><a href="">Borg: The Next Generation paper</a></li> <li><a href="">Cluster traces</a></li> </ul> </li> <li><a href=""> Cloud Foundry becomes more Kubernetes-native with cf-for-k8s</a></li> <li><a href="">Paketo Buildpacks</a> <ul> <li><a href=""> Everything you need to know about them</a></li> <li><a href=""> How they fit into the Cloud Native landscape</a></li> </ul> </li> <li><a href="!topic/kubernetes-dev/IVpiIOZ4WcM/discussion"> Changes to Kubernetes release cycles for 2020</a></li> <li><a href="">Aqua Security announces Dynamic Threat Analysis</a></li> <li><a href=""> RHEL 8.2 adds new container tools</a></li> <li><a href=""> Red Hat product life cycle changes</a></li> <li><a href=""> Flatcar Linux now supported on VSphere</a> <ul> <li><a href="">Episode 79 with Chris Kühl</a></li> </ul> </li> <li><a href=""> sKan from Alcide</a></li> <li><a href="">kubeletctl</a> from CyberArk</li> <li><a href="">xls-kubectl</a> by Daniele Polencic of Learnk8s</li> <li><a href="">Microsoft’s new reverse proxy</a> <ul> <li><a href="">YARP</a></li> </ul> </li> <li><a href=""> Running decades-old games in containers</a> by Misha Brukman</li> <li><a href=""> TorchServe and TorchElastic for Kubernetes</a> by Facebook and AWS <ul> <li><a href="">Controller code</a></li> </ul> </li> <li><a href="">Project Astra from NetApp</a> <ul> <li><a href="">Launch video</a></li> </ul> </li> <li><a href=""> Styra adds mutating webhooks to Declarative Authorization Service</a></li> <li><a href=""> Simulating clock skew</a> by PingCAP</li> </ul> <h3 id="links-from-the-interview">Links from the interview</h3> <ul> <li><a href="">Open Policy Agent</a></li> <li><a href="">Styra</a></li> <li><a href=""> Episode 42 with John Murray</a></li> <li><a href="">Plate smashing</a></li> <li><a href="">OASIS XACML</a> <ul> <li><a href=""> OPA is… “easier”</a></li> </ul> </li> <li><a href="">The origin of Open Policy Agent and Rego</a></li> <li><a href="">Founded in 2015</a>: <a href=""> first commit</a></li> <li><a href=""> Donated to the CNCF Sandbox in 2018</a> and <a href=""> moved to incubation in 2019</a></li> <li><a href="">Rego</a> configuration language</li> <li><a href=""> Running as a Go API</a></li> <li><a href="">Bundles</a></li> <li><a href=""> Admission controllers in Kubernetes</a></li> <li>Existing Kubernetes policies <ul> <li><a href=""> NetworkPolicy</a></li> <li><a href="">LimitRange</a></li> </ul> </li> <li><a href=""> OPA Gatekeeper: Policy and Governance for Kubernetes</a></li> <li><a href="">OPA and WebAssembly</a></li> <li><a href=""> Hooli examples</a></li> <li><a href="">Tim Hinrichs</a> and <a href="">Torin Sandall</a> on Twitter</li> </ul>