July 2019
Intermediate to advanced
502 pages
14h
English
Content preview from Hands-On Microservices with Kubernetes
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
Authenticating microservices
Service accounts and RBAC are a good solution to manage identity and access for Kubernetes objects. However, in a microservice architecture, there will be a lot of communication between microservices. This communication happens inside the cluster and may be considered less prone to attacks. But the defense in depth principle guides us to encrypt, authenticate, and manage this communication as well. There are several approaches here. The most robust approach requires your own private key infrastructure (PKI) and certificate authority (CA) that can deal with issuing, revoking, and updating certificates as service instances come and go. This is pretty complicated (if you use a cloud provider, they may provide it ...