Sched 应用程式允许你建立你的日程表,但不能代替你的活动注册。你必须注册 2021年中国 KubeCon + CloudNativeCon + Open Source Summit - 线上峰会 才能参加会议。如果你还没有注册但想加入我们,请到活动注册页面购票注册。

请注意:此日程表自动显示为中国标准时间(UTC +8)。要想看到您选择的时区,请从右侧 「Filter by Date」上方的下拉菜单中选择。日程表可能会有变动。

December 9-10
Learn More and Register to Attend

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for KubeCon + CloudNativeCon + Open Source Summit China 2021 - Virtual to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

Please note: This schedule is automatically displayed in China Standard Time (UTC +8). To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date." The schedule is subject to change.
Back To Schedule
Thursday, December 9 • 13:15 - 13:50
Kubernetes 与基于角色的访问控制 (RBAC) 和 KubeFed 的多集群和隔离 | Kubernetes Multi-Cluster and Multi-Tenancy With RBAC and KubeFed - Hongming Wan, QingCloud

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
软隔离是一种没有严格隔离不同用户、工作负载或应用程序的隔离形式。就 Kubernetes 而言,软隔离通常由 RBAC 和命名空间隔离。当集群管理员跨多个 Kubernetes 集群实现隔离时,会遇到许多挑战,如身份验证和授权、资源配额、网络策略、安全策略等。在本次演讲中,KubeSphere 维护人员将分享他们在设计隔离体系结构方面的经验和最佳实践。如何跨多个集群管理用户和身份验证。如何管理不同集群租户的资源配额。资源隔离机制以及如何跨多个集群授权资源。

Soft multi-tenancy is a form of multi-tenancy that does not have strict isolation of the different users, workloads, or applications. In terms of Kubernetes, soft multi-tenancy is usually isolated by RBAC and namespaces. There are many challenges when cluster administrators implementing multi-tenancy across multiple Kubernetes clusters, such as authentication and authorization, resource quota, network policy, security policy, etc. In this talk, KubeSphere maintainers will share their experience and best practice in designing the multi-tenancy architecture. How to manage users and authentication across multiple clusters. How to manage resource quotas for tenants in different clusters. The resource isolation mechanism and how to authorize resources across multiple clusters.

avatar for Hongming Wan

Hongming Wan

Senior Software Engineer, QingCloud Technologies
Hongming is the core contributor of KubeSphere, he leads the KubeSphere Multi-tenancy and Security team. He focuses on open source and cloud-native security areas.

Thursday December 9, 2021 13:15 - 13:50 CST
Kubecon + CloudNativeCon 演讲厅