Join us November 13-15, 2018 in

Berlin, Germany

CityCube
Register for $999 USD before prices increase on October 24 at 11:59pm PT (October 25 at 6:59am UTC)

Event Details


Kubernetes network-policies and Neutron security groups - two sides of the same coin?

In version 1.8 network-policies became an official part of the kubernetes-api.  Kubernetes network policy is a specification of how groups of pods are allowed to communicate with each other and other network endpoint.

Kuryr-kubernetes is an OpenStack project that enables native neutron-based networking in Kubernetes. In Kuryr we choose to apply the Kubernetes network policies in OpenStack environment by leveraging the Neutron security groups.

In this talk we will present the difficulties that we’ve encountered with the network policies translation. We will talk about the implementation of the translation to Neutron security groups compared to other Kubernetes open-source networking solutions like kubernetes-ovn or Cilium.  


What can I expect to learn?
  • Kubernetes network policies 
  • Neutron secuirty groups 
  • Integrating Kubernetes policies in OpenStack env 
  • Pros and cons in Neutron security group in comparison to alternative open source solution . 
Tuesday, May 22, 5:20pm-5:30pm
Difficulty Level: Intermediate
Red Hat Inc.
Daniel is a Senior Software Engineer at Red Hat contributing to upstream OpenStack and RDO and Kuryr's PTL for the Rocky cycle. He's passionate about networking, development, and messing around with python and deployment tools! He holds a MSc Degree in Telecommunications from Universidad Carlos III de Madrid and is a core reviewer for the interop project, as well as an active contributor to... FULL PROFILE
Huawei
Pino is cloud architect at Huawei's Tel Aviv Research Center, where he contributes to open source projects Dragonflow (SDN) and Tatu (SSH). Before joining Huawei, Pino was CTO at Midokura, where he led development of the company's open-source software-defined networking technology, MidoNet. Previously, Pino built Dynamo, a highly available data store originally intended for Amazon.com's... FULL PROFILE