Discussing default security measures and the importance of easy-to-use Kubernetes tools

🙌 My next course is coming soon! I've opened the waitlist for those wanting to go deep in GitHub Actions for DevOps and AI automation in 2025. I'm so thrilled to announce this course. The waitlist allows you to quickly sign up for some content updates, discounts, and more as I finish building the course.
https://courses.bretfisher.com/waitlist 🍾

Bret is joined by Matt Williams of Infra to show off their open source project Infra, which provides easy, centralized RBAC and auth to Kubernetes and more.

Infra is a new company taking on simplifying centralized infrastructure, user authentication and permissions. Their open source tool by the same name is quite easy to start with. In this episode, Matt does a great job of explaining the pain points of Kubernetes user management, certificate distribution and revocation, and more pain points that Infra is bringing simplicity to.

Streamed live on YouTube on November 10, 2022. Includes demos.

Unedited live recording of this show on YouTube (Ep #191).

★Topics★
Infra Website
Infra on GitHub
All Day DevOps free conference

Matt Williams
===========
Matt on Twitter
Matt's YouTube Channel

★Join my Community★
New live course on CI automation and gitops deployments
Best coupons for my Docker and Kubernetes courses
Chat with us and fellow students on our Discord Server DevOps Fans
Grab some merch at Bret's Loot Box

Homepage bretfisher.com

• (00:00) - DDT MAIN
• (00:04) - Intro
• (02:31) - Bret intro
• (03:30) - Main show
• (03:45) - Introducing Matt
• (04:17) - Today on the podcast
• (04:43) - Infra HQ and Company History
• (05:29) - How Infra came to be
• (08:17) - Datadog
• (10:11) - Infra and open source
• (11:36) - How Infra can help
• (12:01) - Core Infra functionality
• (13:33) - Bad idea
• (14:25) - Can't revoke certificates
• (17:48) - Painful Certificate Redistribution
• (18:48) - Why you need Infra
• (20:18) - Question
• (21:15) - Service accounts
• (21:59) - kubectl and pronunciations
• (23:34) - Question about OIDC
• (25:22) - Not just a Kubernetes tool
• (27:04) - Dealing with Keys is Hard
• (27:45) - Offboarding can be harder than Onboarding
• (30:01) - Workflow
• (30:58) - Demo intro
• (31:28) - End demo
• (31:39) - Cloud hosted and self-hosted
• (32:12) - Providers, Okta
• (33:39) - Is Infra GIOps Compatible?
• (36:30) - Quick summary of the demo for audio listeners
• (38:21) - Dumbed down roles?
• (39:45) - Question
• (40:29) - A tool to add to your toolbox
• (42:15) - Getting started and contributing
• (43:02) - Question
• (43:28) - Auditing in the future
• (44:26) - A Safe and Secure Model
• (45:29) - Wrapping up
• (47:19) - Outro

You can also support my free material by subscribing to my YouTube channel and my weekly newsletter at bret.news!

Grab the best coupons for my Docker and Kubernetes courses.
Join my cloud native DevOps community on Discord.
Grab some merch at Bret's Loot Box
Homepage bretfisher.com