Everything You Needed to Know about Kubernetes TLS, But Were Afraid to Ask
11-16, 17:00–17:30 (UTC), The Gallery

Do you know how to inspect Kubernetes TLS when it's broken and identify what the problem is? Maybe not as well as you think -- but you're in good company: even experienced admins often don't know the basics. Let's fix that.

In this session Joe Thompson starts with a quick level-setting "TLS 101" and then dives in to examining TLS in a live Kubernetes cluster, focusing on the way cluster components use TLS and showing what various kinds of issues look like and how to use standard tools available to any admin to diagnose them. You'll also get practical general advice for managing TLS in your environment, including how (and when) to be your own certificate authority.

I'm a solutions architect for D2iQ (formerly Mesosphere). Prior to D2iQ, I worked at Capital One, CoreOS and Red Hat (among others), providing practical solutions and training in and for Kubernetes and other cloud environments. I was a speaker at KubeCon NA 2017 and 2018 and frequently present at the DC-area NoVa Kubernetes meetup. My experience in IT operations and engineering stretches from present-day cloud and virtualization back to before people "Googled" things, and my blood type is caffeine-positive.