# Talk Options ## Getting Started with Kubernetes **~30-45min** If you’re working with just a few containers, managing them is not too complicated. But what if you have hundreds or thousands? Think about having to handle multiple upgrades for each container, keeping track of container and node state, available resources, and more. That’s where Kubernetes comes in. Kubernetes is an open source container management platform that helps you run containers at scale. This talk will cover Kubernetes components and show how to run applications on it. ## Beyond cluster-admin: Getting Started with Kubernetes Users and Permissions **~30-45min** We’ve all done it: working on our Kubernetes clusters with “cluster-admin” access, the infamous equivalent of “root”. It makes sense when we’re just getting started and learning about Pods, Deployments, and Services and we’re the only one accessing the clusters anyway; but soon enough, we have entire teams of devs and ops and CI/CD pipelines that require access to our precious clusters and namespaces. Are we going to YOLO and give them our admin certificate, token, or whatever else we use to authenticate? Hopefully not! In this talk, we’re going to look at how to implement users and permissions on a new Kubernetes cluster. First, we’ll review various ways to provision users, including certificates and tokens. We’ll see examples showing how to provision users in both managed and self-hosted clusters, since the strategies tend to differ significantly. Then, we’ll see how to leverage RBAC to give fine-grained permissions to these users. ## Cloud Native Security For The Rest Of Us **~45min** Your mission is to secure the vast tracts of land of the Cloud Native security landscape. Where do you even start?!? It would be preposterous to cover that whole topic in a single session, but we can at least map it out. Our plan is to break it down into three key areas and review each in turn. * Platform - securing and upgrading our control planes and nodes; isolating compute, storage, and network resources; managing privileges and secrets. * User management and permissions - various ways to authenticate and authorize user access; leveraging tools like RBAC and Namespaces, and some common “gotchas”. * Software supply chain - what that means, some actual threat models, and how to mitigate them. You will leave this session with a stronger understanding of the breadth and depth of Cloud Native security and resources to further develop your knowledge. ## Bootiful Kubernetes Operators **~50min** You know what's fun? Automating the ever livin' heck out of infrastructure! Slaying that YAML! Nobody wants to painstakingly build something then spend weeks trying to write the YAML to describe it to the infrastructure. Thankfully, Kubernetes provides composability through abstractions like operators, controllers, and custom resource definitions. These days, it's trivial to extend Kubernetes with a Spring Boot application, turn it into a GraalVM native image that runs in a Docker container, and then deploy that. Join us, and we'll learn how to extend and automate Kubernetes with Spring Boot and Spring Native-powered custom operators and eliminate that ever-so pesky YAML. # Bio Tiffany is a senior developer advocate at VMware and is focused on Kubernetes. She previously worked as a software developer and developer advocate (nerd whisperer) for containers at Amazon. She also formerly worked at Docker and Intel. Prior to that, she graduated from Georgia Tech with a degree in electrical engineering. In her free time she really likes to travel and dabble in photography. You can find her on Twitter [@tiffanyfayj](https://twitter.com/tiffanyfayj) and more places on linktr.ee/tiffanyfay.