Mutual TLS (mTLS) is a hot topic in the Kubernetes world, especially for anyone tasked with getting “encryption in transit” for their applications. But what is it and how does it compare to alternatives such as encryption at the CNI level? In this workshop, we give you a solid understanding of what mTLS is, how it works, and how it compares to alternatives. We discuss workload identity, trust chains, and certificates, and walk you through a hands-on tutorial on how to set up, monitor, and understand mTLS between your services on a Kubernetes cluster with Linkerd.
You'll understand:
For the hands-on portions, it’s important that you arrive prepared. Please have a Kubernetes cluster ready and the Linkerd CLI version 2.12.0 or above installed on your machine—check out the first few steps of our Linkerd Getting Started Guide if you want some specific instructions on how to do this. (If you don’t want to do the hands-on portion, of course, you are welcome to just listen in. But it won’t be as fun!) Finally, please join the #workshops channel on the Linkerd Slack. We will use Slack instead of the regular Zoom chat for this workshop.
Flynn
|
Tech Evangelist
Flynn is a tech evangelist at Buoyant, where he works on spreading the good word about Linkerd — the graduated CNCF service mesh that makes the fundamental tools for software security and reliability freely available to every engineer — and about Kubernetes and cloud-native development in general. Flynn is also the original author and a maintainer of the Emissary-ingress API gateway, also a CNCF project. Flynn's career in computing spans nearly forty years and runs the gamut from bringup on bare metal to distributed applications, with a common thread of communications and security throughout. He has spoken about Linkerd, Emissary-ingress, and other cloud native technologies at several conferences, including KubeCon/CloudNativeCon, DevOps Days, and the NYC Kubernetes meetup.
Copyright © 2025 Buoyant Inc.
LinkedIn