A Zero Trust Reference Architecture with Linkerd, cert-manager, Emissary-ingress, and Polaris
In this book, experts from the cert-manager, Emissary-ingress, Polaris, and Linkerd open source projects take a deep dive into zero trust and how these projects work together in a well-defined reference architecture. 60+ pages of deep technical content from the creators of some of the most popular open source projects.
Download now
Table of Contents
Introduction
Chapter 1: What is Zero Trust?
- Why is zero trust suddenly so important?
- What is identity?
- What is policy?
- Enforcement
- Zero trust for Kubernetes
Chapter 2: Zero Trust Reference Architecture
- The architecture of the Faces application
- Trust, TLS, and Certificates
-
Chapter 3: cert-manager Deep Dive
- Certificates for cross-cluster and Pod-to-Pod communication
- Why and how do we trust?
- How do we automate trust using cert-manager?
- Configuring cert-manager
- Automating trust using trust-manager
Chapter 4: Emissary-ingress Deep Dive
- Encryption and authentication
- Installing Emissary-ingress
- Defining our hostname and securing it
- Routing traffic to our app
- Authenticating incoming requests
Chapter 5: Linkerd Deep Dive
- Zero trust faces
- Installing Linkerd
- Meshing Emissary and Faces
- Default deny
- Adding permissions for Emissary to reach Faces
- Adding Permissions within Faces
- Locking down Emissary
- The importance of certificates and audit
-
Chapter 6: Polaris Deep Dive
- Defining the policies
- Bringing It All Together
- Zero Trust for the Enterprise
