Exploring the ACI networking plugin for Kubernetes

Topics Covered - Time Links
- Introduction 0:44
- Kubernetes Basics 1:42
- What is Kubernetes? 4:07
- Kubernetes Objects 9:17
- Networking and CNI 14:46
- ACI + Kubernetes
- Why ACI for Kubernetes? 17:20
- Network, Application, and Security Roles 19:59
- ACI CNI components 23:20
- Application Isolation and Segmentation Options 24:54
- Demonstration 28:57
- Explore Kubernetes VMM Domain 29:53
- Standard Cluster view from APIC 31:56
- Deploying Applications in Cluster Isolation 33:40
- Load balancing and NAT for Services 37:42
- Segmentation concerns with cluster isolation 43:41
- Deploying Applications with Deployment Isolation 46:08
- Matching Application Architecture to ACI Policy 46:29
- Verification of policy segmentation 51:42
- Summary 54:44
- Webinar Resources 55:16
- Code Exchange Challenge 56:19

Episode Description:
Enterprises all over are embracing Kubernetes as the foundation for their cloud-native, microservice applications. As such, the topic network security for containerized infrastructure comes to mind. The ACI CNI Plugin for Kubernetes brings the power of Application Centric Infrastructure (granular segmentation, robust operational visibility, and unsurpassed network performance) to the Docker-container driven infrastructure of Kubernetes.

In this session, you'll have a chance to see all of this in action through a guided exploration of an ACI integrated Kubernetes cluster. We'll start by looking at how a typical application looks after being deployed to Kubernetes. See each individual container and pod show up within the ACI operational dashboards. Look at how the load balancing and traffic routing is handled within the network by ACI, just like any other application environment. With that understood, we'll enhance the policies applied to the application by segmenting applications by name spaces for better isolation between running applications. But we won't stop there, before we're done we'll have built contracts to explicitly control the flow of traffic between the tiers of the application to ensure business and security policies are applied to containerized applications running within Kubernetes.