This time we will focus on security. We will explore, how applications can be run and operated on OpenShift in an autonomous and declarative way. This approach massivly reduces human error an thus makes the applications more secure and even self-healing. On top of that we will learn about the general attack surfaces for container deployments using sample attacks, and talk about the prevention of container exploits.
== Agenda ==
18:30 Snacks & Drinks
ca. 21:00 More snacks and more drinks, get-together
== Talks ==
News from OpenShift!
Lukas Höfer - Cloud Solutions Architect at Consol
Autonomous cloud operations on OpenShift with keptn
Although Kubernetes as the de-facto standard orchestration for containers highly automates platform-level operations, managing and operating the applications themselves is often still a highly manual task. Therefore, we rely heavily on runbooks or even manual pipelines. To mitigate this problem and speed up deployment of applications while at the same time decreasing manual errors, we at Dynatrace have been developing keptn, an open-source fabric for declarative, autonomous operations and application management. With keptn, we follow a GitOps approach to define and control deployment pipelines based on cloud-native standardized deployment models. Therefore, it does not only allow automating operational tasks, but in fact leverages runbook automation to provide self-healing for your applications. In this talk, we will present keptn and share best practices we learned from keptn for implementing an autonomous and declarative approach for operating and running applications on Kubernetes/OpenShift.
About the speaker:
Jürgen Etzlstorfer is a Technology Strategist at Dynatrace. He is a core contributor to the keptn open-source project and responsible for the strategy and integration of self-healing techniques and tools into the keptn framework. Getting things done by automating them drives his daily work. He is not only passionate about developing new software, but also loves to share his experience, most recently at conferences on Kubernetes based technologies and automation.
Information on keptn
Dieter Reuter will investigate how container exploits such as crypto-mining can be detected and prevented with a Kubernetes security network with istio integration. Security and DevOps teams must protect sensitive information, application containers and Kubernetes system services from attack. This session includes the attack surfaces for container deployments, sample attacks, and container exploit prevention.
About the speaker:
Dieter Reuter is a Docker Captain and a Container Security expert at NeuVector Inc.