Rajan Dhabalia is a Principal Software Engineer at Verizon Media working on messaging and distributed key-value storage technologies. His interests lie in building reliable, scalable distributed data processing systems. He is a PMC member of Apache Pulsar, a committer of Apache BookKeeper, a lead developer of Pulsar in Verizon Media, and spent several years developing Pulsar in Yahoo before making it open source.
Principal Software Engineer @ Verizon Media
Principal Production Engineer @ Verizon Media
Ludwig Pummer is a Principal Production Engineer at Verizon Media working on messaging and distributed key-value storage systems. He is the lead production engineer for Pulsar in Verizon Media and has supported it since prior to the inception of the current architecture. He has worked on many large scale platforms at Verizon Media, including Login and Account Registration, and is experienced in automated deployment and monitoring of large scale globally distributed systems.
Security and Multi-Tenancy with Apache Pulsar in Yahoo! (Verizon Media)
Thur Jun 17, 11:00 AM - 11:35 AM, PT
With the rise of the number of tenants and traffic in the cluster, we are always striving for a system that is both multi-tenant and secure enough to onboard applications having different use cases and those applications can access pulsar from different cloud providers or even from cross-organization for enterprise integration.
Large organizations use TLS proxy servers which act as a gateway between a local network and a large-scale network, such as the internet. Aside from traffic forwarding, proxy servers provide security by hiding the actual IP address of a server. Organizational policies often require systems to stay behind enterprise proxy/gateway servers such as HAProxy, ATS, Nginx and follow standard security regulations to protect systems against known vulnerabilities. Apache Pulsar provides various solutions for TLS proxy and Pulsar is the only messaging system that supports SNI proxy to leverage various enterprise proxy solutions.
In this talk, we will discuss security and proxy solutions for Apache Pulsar which enables users in multi-tenant environments to access Pulsar instances securely from the on-prem, public cloud, and cross-enterprise. We will also talk about different multi-tenancy dimensions of Apache Pulsar which we use in Verizon Media to serve different use cases and applications on a shared pulsar cluster.