►
From YouTube: Real-Time Data Anonymization the Serverless Way Demo
Description
Presented at KubeCon North America 2021 by Yuval Lifshitz & Huamin Chen
A
Stuff
is
going
to
be
configured
and
deployed
using
the
rook
operator.
The
serverless
function.
That's
going
to
actually
do
the
blurring
is
going
to
be
based
on
the
kda
serverless
framework,
and
the
notifications
from
saf
to
the
serverless
framework
is
going
to
go
over
a
rabbitmq
message,
bus
also
being
deployed
by
the
private
mq
operator.
A
A
So
the
rook
operator
has
couple
of
components.
The
base
rook
operators
operator
has
clds
the
common
and
the
operator
itself.
You
can
see
here
that
we're
taking
our
developer
build
yamls
because
we
have
like
the
this
is
still
working
progress.
It's
not
really
in
mainline
rook.
This
is
why
we
need
our
special
images.
A
After
we're
gonna
install
the
basic
rook
stuff,
then
we're
gonna
bring
up
the
steph
cluster
and
after
we
have
the
staff
cluster,
which
is
the
the
osds
and
all
the
back
end
for
storage.
We're
gonna
have
our
redis
gateway
our
object
front
and
be
installed.
We
also
need
a
toolbox
to
do
a
couple
of
operations.
A
A
And
after
we
have
the
osd's
and
everything
we
should
have,
the
redis
gateway,
the
red
square.
Three
is
the
object,
store
front
end,
and
this
is
what's
going
to
send
us
the
notifications
that
we
need
to
for
the
whole
thing
to
work
yeah.
So
now
we
have
the
redis
gate
we're
running
and
I
think
we
can
start
the
thing
failing
here
are
the
cfs
and
rbd.
A
Okay,
so
we
have
rook
up
and
running,
we
have
the
osd.
Is
the
ready
skate
for
everything
working
there?
Now
we
need
to
create
a
bucket.
So
let's
see
how
we
do
that,
so
we
create
a
bucket.
The
bucket
needs,
first,
a
storage
class,
and
after
we
have
the
storage
class,
we
have
the
object
bucket
claim
it's
pretty
straightforward.
It
points
to
the
storage
class.
It
tells
which
source
that
we're
using
the
storage
class
points
to
the
object
store
we're
talking
about.
A
A
A
A
A
A
A
The
cadet
consumer
also
needs
to
know
the
queue
that
it's
being
following.
The
notifications
from
and
the
queue
is,
then
we
do
the
binding
between
the
queue
and
the
routing
key
and
the
routing
key
name
demo
has
to
match
the
name
of
the
topic
that
we're
configuring
on
the
redis
gateway.
So
let's
run
that.
A
A
The
last
step
that
we're
taking
is
to
define
a
notification
notification.
It
was,
it
is
what
ties
together
the
topic
which
is
where
to
send
the
information
to
together
with
the
bucket
now
the
bucket
definition
doesn't
exist
here,
but
the
bucket
definition
or
what
ties
the
notification
to
the
bucket
is
in
the
label
that
we
described
before
in
the
object-backed
claim.
So
when
we're
going
to
create
identification,
we're
going
to
search
for
all
the
object
bucket
claims
that
has
a
label
that
match
the
notification
name
and
define
this
notification
on
these
buckets.
A
So
the
spec
notification
tells
us
what
is
the
topic
where
to
send
the
information
to
and
when
to
send
the
information.
So
what
kind
of
events
in
our
case
we're
interested
in
object,
creation
events?
We
just
want
to
run
our
our
cada
serverless
function
when
an
object
is
being
created
when
an
image
is
being
uploaded.
So
this
is
why
we
only
interested
in
object
creation
events.
A
We
can
also
see
the
topic
with
the
same
spec.
We
see
that
the
endpoint
is
configured
with
the
username
and
password
that
we
fetched
from
the
rabbitmq
instance,
and
we
can
also
see
that
the
redis
gateway
have
allocated
this
topic
with
an
aran,
which
means
that
the
topic
was
successfully
provisioned
on
the
rgw.
A
A
A
A
So,
in
order
to
fetch
that
and
write
back
back,
it
needs
to
know
all
the
credentials
now
the
credentials
we
source
them
here
from
the
outside
of
the
of
the
cluster,
so
we
can
interact
from
the
outside,
but
this
has
to
be
accessible
to
things
running
inside
the
cluster,
for
example
the
serverless
function.
So
we
have
to
add
that
as
a
as
a
secrets
file.
So
this
is
the
definition
of
the
file.