Cloud Security Podcast
How Confluent Migrated Kubernetes Networking Across AWS, Azure & GCP
Ever tried solving DNS security across a multi-cloud, multi-cluster Kubernetes setup? In this episode recorded live at KubeCon, Ashish chats with Nimisha Mehta and Alvaro Aleman from Confluent's Kubernetes Platform Team.
Together, they break down the complex journey of migrating to Cilium from default CNI plugins across Azure AKS, AWS EKS, and Google GKE. You’ll hear:
- How Confluent manages Kubernetes clusters across cloud providers.
- Real-world issues encountered during DNS security migration.
- Deep dives into cloud-specific quirks with Azure’s overlay mode, GKE’s Cilium integration, and AWS’s IP routing limitations.
- Race conditions, IP tables, reverse path filters, and practical workarounds.
- Lessons they’d share for any platform team planning a similar move.
Guest Socials: Alvaro's Linkedin + Nimisha's Linkedin
Podcast Twitter - @CloudSecPod
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
If you are interested in AI Cybersecurity, you can check out our sister podcast - AI Cybersecurity Podcast
Questions asked:
(00:00) Introduction
(01:55) A bit about Alvaro
(02:41) A bit about Nimisha
(03:11) About their Kubecon NA talk
(03:51) The Cilium use case
(05:16) Using Kubernetes Native tools in all 3 cloud providers
(011:41) Lessons learnt from the project
Resources spoken about during the interview
Confluent's Multi-Cloud Journey to Cilium: Pitfalls and Lessons Lea... Nimisha Mehta & Alvaro Aleman
- Broadcast on:
- 02 Apr 2025
Ever tried solving DNS security across a multi-cloud, multi-cluster Kubernetes setup? In this episode recorded live at KubeCon, Ashish chats with Nimisha Mehta and Alvaro Aleman from Confluent's Kubernetes Platform Team.
Together, they break down the complex journey of migrating to Cilium from default CNI plugins across Azure AKS, AWS EKS, and Google GKE. You’ll hear:
- How Confluent manages Kubernetes clusters across cloud providers.
- Real-world issues encountered during DNS security migration.
- Deep dives into cloud-specific quirks with Azure’s overlay mode, GKE’s Cilium integration, and AWS’s IP routing limitations.
- Race conditions, IP tables, reverse path filters, and practical workarounds.
- Lessons they’d share for any platform team planning a similar move.
Guest Socials: Alvaro's Linkedin + Nimisha's Linkedin
Podcast Twitter - @CloudSecPod
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
If you are interested in AI Cybersecurity, you can check out our sister podcast - AI Cybersecurity Podcast
Questions asked:
(00:00) Introduction
(01:55) A bit about Alvaro
(02:41) A bit about Nimisha
(03:11) About their Kubecon NA talk
(03:51) The Cilium use case
(05:16) Using Kubernetes Native tools in all 3 cloud providers
(011:41) Lessons learnt from the project
Resources spoken about during the interview
Confluent's Multi-Cloud Journey to Cilium: Pitfalls and Lessons Lea... Nimisha Mehta & Alvaro Aleman