- Популярные видео
- Авто
- Видео-блоги
- ДТП, аварии
- Для маленьких
- Еда, напитки
- Животные
- Закон и право
- Знаменитости
- Игры
- Искусство
- Комедии
- Красота, мода
- Кулинария, рецепты
- Люди
- Мото
- Музыка
- Мультфильмы
- Наука, технологии
- Новости
- Образование
- Политика
- Праздники
- Приколы
- Природа
- Происшествия
- Путешествия
- Развлечения
- Ржач
- Семья
- Сериалы
- Спорт
- Стиль жизни
- ТВ передачи
- Танцы
- Технологии
- Товары
- Ужасы
- Фильмы
- Шоу-бизнес
- Юмор
How to Enforce Zero Trust and Data Sovereignty Across Kubernetes Clusters with a Sharded Trust Model
Check out Open Source k0rdent at https://k0rdent.io/
Learn more about Sovereign Cloud solutions from Mirantis at https://www.mirantis.com/gpu-platform-as-a-service/#sovereign-cloud
How do you stop a compromised Kubernetes cluster from becoming a threat to your entire infrastructure? What if it’s leaking workloads across borders you're legally required to protect?
This session from Cloud Native & Container Day 2026 breaks down a practical, open source-based architecture for implementing Zero Trust security and cloud sovereignty across Kubernetes environments using a sharded trust model. Rather than relying on a flat, inherently insecure environment, Field CTO for Mirantis, Martin Stadler, walks you through how to establish dynamic, isolated trust domains that you can enforce, audit, and revoke independently - all without any proprietary components or integrations.
You'll learn how to structure:
❶ Multi-Cluster Management: top-level policy and oversight layer
❷ Regional Trust Domains: independently governed clusters with localized boundaries
❸ Explicit federation: domains requiring opt-in communication, stopping lateral movement by default
The architecture leans on proven open source tooling: OCI for artifact management, SPIFFE/SPIRE for runtime identity and short-lived certificates, TPM for hardware-level node verification, Kyverno for policy enforcement, and an HSM-backed root of trust flowing down to regional intermediate CAs. Martin also covers how this approach satisfies strict data sovereignty requirements like keeping specific workloads contained within a given country while retaining central management visibility via open source k0rdent by Mirantis.
If you're a platform engineer, security architect, or Kubernetes administrator dealing with multi-cluster compliance, supply chain security, or data residency requirements, this presentation from Container Days in Stockholm is perfect for you.
🌐 Access the k0rdent GitHub Repos: https://github.com/k0rdent/k0rdent
🌐 Open Source k0rdent Docs: https://docs.k0rdent.io/latest/
🌐 Read Martin's blog post: https://www.linkedin.com/pulse/lessons-from-building-ai-platform-18-months-before-market-stadler-8rgbe/
🤝 Connect with the Mirantis team at one of our upcoming events. Visit our events calendar to see upcoming and past events Mirantis has attended at https://www.mirantis.com/events/
📚 For more informative resources about Mirantis, our solutions and areas of expertise, please check out our resource library: https://www.mirantis.com/resources/
#zerotrust #kubernetes #cloudnative #datasovereignty #platformengineering #k8s #kubernetessecurity #zerotrustsecurity #multicluster #opensourcesoftware
Learn more about Mirantis: https://www.mirantis.com/
Mirantis Enterprise Support: https://www.mirantis.com/support/enterprise-support-options/
Read the Mirantis Blog: https://www.mirantis.com/blog/
Cloud Native & Kubernetes Resources: https://www.mirantis.com/cloud-native-cookbook/
Mirantis Training: https://training.mirantis.com/
Questions? Contact us today: https://www.mirantis.com/contact/
CHAPTERS
0:00 - Intro
0:32 - Current state of AI Infra platforms
2:31 - Zero Trust architecture explained
9:28 - k0rdent sharded architecture explained
14:36 - Trust foundation
17:38 - End-to-end Zero Trust flow
19:55 - The identity layer: SPIRE and SPIFFE
22:23 - k0rdent Zero Trust architecture
24:41 - Outro
Видео How to Enforce Zero Trust and Data Sovereignty Across Kubernetes Clusters with a Sharded Trust Model канала Mirantis
Learn more about Sovereign Cloud solutions from Mirantis at https://www.mirantis.com/gpu-platform-as-a-service/#sovereign-cloud
How do you stop a compromised Kubernetes cluster from becoming a threat to your entire infrastructure? What if it’s leaking workloads across borders you're legally required to protect?
This session from Cloud Native & Container Day 2026 breaks down a practical, open source-based architecture for implementing Zero Trust security and cloud sovereignty across Kubernetes environments using a sharded trust model. Rather than relying on a flat, inherently insecure environment, Field CTO for Mirantis, Martin Stadler, walks you through how to establish dynamic, isolated trust domains that you can enforce, audit, and revoke independently - all without any proprietary components or integrations.
You'll learn how to structure:
❶ Multi-Cluster Management: top-level policy and oversight layer
❷ Regional Trust Domains: independently governed clusters with localized boundaries
❸ Explicit federation: domains requiring opt-in communication, stopping lateral movement by default
The architecture leans on proven open source tooling: OCI for artifact management, SPIFFE/SPIRE for runtime identity and short-lived certificates, TPM for hardware-level node verification, Kyverno for policy enforcement, and an HSM-backed root of trust flowing down to regional intermediate CAs. Martin also covers how this approach satisfies strict data sovereignty requirements like keeping specific workloads contained within a given country while retaining central management visibility via open source k0rdent by Mirantis.
If you're a platform engineer, security architect, or Kubernetes administrator dealing with multi-cluster compliance, supply chain security, or data residency requirements, this presentation from Container Days in Stockholm is perfect for you.
🌐 Access the k0rdent GitHub Repos: https://github.com/k0rdent/k0rdent
🌐 Open Source k0rdent Docs: https://docs.k0rdent.io/latest/
🌐 Read Martin's blog post: https://www.linkedin.com/pulse/lessons-from-building-ai-platform-18-months-before-market-stadler-8rgbe/
🤝 Connect with the Mirantis team at one of our upcoming events. Visit our events calendar to see upcoming and past events Mirantis has attended at https://www.mirantis.com/events/
📚 For more informative resources about Mirantis, our solutions and areas of expertise, please check out our resource library: https://www.mirantis.com/resources/
#zerotrust #kubernetes #cloudnative #datasovereignty #platformengineering #k8s #kubernetessecurity #zerotrustsecurity #multicluster #opensourcesoftware
Learn more about Mirantis: https://www.mirantis.com/
Mirantis Enterprise Support: https://www.mirantis.com/support/enterprise-support-options/
Read the Mirantis Blog: https://www.mirantis.com/blog/
Cloud Native & Kubernetes Resources: https://www.mirantis.com/cloud-native-cookbook/
Mirantis Training: https://training.mirantis.com/
Questions? Contact us today: https://www.mirantis.com/contact/
CHAPTERS
0:00 - Intro
0:32 - Current state of AI Infra platforms
2:31 - Zero Trust architecture explained
9:28 - k0rdent sharded architecture explained
14:36 - Trust foundation
17:38 - End-to-end Zero Trust flow
19:55 - The identity layer: SPIRE and SPIFFE
22:23 - k0rdent Zero Trust architecture
24:41 - Outro
Видео How to Enforce Zero Trust and Data Sovereignty Across Kubernetes Clusters with a Sharded Trust Model канала Mirantis
zero trust kubernetes kubernetes data sovereignty cloud sovereignty kubernetes sharded trust model spiffe spire kubernetes kyverno policy enforcement kubernetes supply chain security tpm node verification kubernetes compliance multi cluster security sovereign cloud kubernetes kubernetes lateral movement hsm kubernetes regional trust domains k0rdent security spire identity kubernetes kubernetes trust boundaries kubernetes federated clusters zero trust k8s
Комментарии отсутствуют
Информация о видео
23 апреля 2026 г. 20:45:12
00:25:37
Другие видео канала
How to Build Agentic AI Workflows That Connect to Real Enterprise Systems
Cloud Native Virtualization Best Practices for the Public Sector and Highly-Regulated Industries
Does Mirantis k0rdent Support RBAC for Controlling Access to Catalog Items?
Multi-Cloud K8s Cluster Provisioning and Management with Open Source Crossplane + Mirantis OpenStack
Introducing Mirantis Kubernetes Engine 4 (MKE 4): Fully Composable, Enterprise-Ready K8s Platform
Improving App Configuration, Maintenance & Management | Alm Brand Customer Story - Docker Enterprise
Compute is the New Oil: Building the Future Infrastructure to Power AI Workloads
On Premise OpenStack Clouds: Leverage Open Source for Cost Saving, Flexible VMware Alternatives
Kubernetes on Windows support in Mirantis Kubernetes Engine 3.1
Auto-Deploy Helm Charts Across Multiple Kubernetes Clusters with k0rdent Multi-Cluster Service
Why Your Edge Kubernetes Ops Break Down After 10 Clusters - And How to Fix It
On Prem VMware Alternative Solutions from Mirantis: Cost-Effective, Open Source Infrastructure
Kubernetes Probes Explained: Start-Up, Readiness & Liveness Probes | #shorts
Open Source Lagoon by amazee.io: Automated Web App Delivery on Top of Kubernetes
Kubernetes Virtlet and Contrail -- VMs, Containers on one network -- DEMO
OpenStack on Kubernetes at Scale: Lifecycle Management, Zero-Downtime Updates, and How Not to Fail
Mirantis Training | Unleash Your Cloud Potential with Engaged Learning
Kubernetes Observability Explained: Gain Situational Awareness of Your Clusters with OpenTelemetry
Istio in the Enterprise: Security & Scaling Challenges in Mircoservices Architecture
Why FIPS 140-2 Matters: Validated Date Encryption for Building a Secure Software Supply Chain
Stop Searching Docs Manually: Mirantis OpenStack AI Assistant for Operations and Troubleshooting
