Writing Kubernetes network policies with Inspektor Gadget’s Network Policy Advisor

At KubeCon EU 2016 in London, I gave a first talk about using BPF and
Kubernetes together
. I was
presenting a proof of concept to introduce various degraded network scenarios
in specific pods for testing the reliability of apps. There was not a lot of
BPF + Kubernetes talks back then. In the meantime, Kinvolk has worked on
various projects mixing Kubernetes and BPF together. The latest such project is
our own Inspektor Gadget, a
collection of “gadgets” for debugging and inspecting Kubernetes applications.

Today I would like to introduce Inspektor Gadget’s newest gadget that helps to
write proper Kubernetes network policies.

Writing Kubernetes network policies easily

Securing your Kubernetes clusters is a task that involves many aspects:
controlling what goes into your container images, writing RBAC rules for
different users and services, etc. Here I focus on one important aspect:
network policies.

At Kinvolk we regularly do security

Read More