In this talk, Lucas will walk you through some novel ways in which edge deployments of Kubernetes can be operated and secured. The talk will guide you through the murky waters of securing the boot process on ARM (coreboot, LinuxBoot, Trusted Firmware-A), securely downloading the OS image (The Update Framework, ORAS), and how to use a TPM for Remote Attestation. The second part of the talk will touch on operating Kubernetes clusters on the edge. Lucas will walk you through what deployment alternatives exist (Cluster API, kubeadm, k3s), how to manage the clusters’ lifecycle using GitOps (Flux v2, libgitops, kspan), and some projects which help you keep data on the edge in sync with the cloud (KubeEdge, Akri). Be prepared for quite a deep dive into cloud native and open source firmware projects at their best being combined in creative ways. Finally, Lucas will tell you more about how you can in the future get hands on with these technologies through his new open source project, Racklet.
Recording: https://youtu.be/UZp9zm_YG8k
Online slides: https://docs.google.com/presentation/d/1LIUEafHDGfKcCRMLo_6pHx4YDQ5RkmG8ufNrdZnq6bM/edit#slide=id.gdef92a758a_0_70
ODSC talk page: https://odsc.com/speakers/exploring-modern-and-secure-operations-of-kubernetes-clusters-on-the-edge/