Containers & Kubernetes
Tuesday, April 27, 2021
Kubernetes is a great normalizer for clouds, but is it enough to create applications that are portable across clouds? Unfortunately not! There are two problems: First, there is a steep learning curve for Kubernetes. The developer has to worry about master nodes, worker nodes, services, ingresses, stateful sets, and many more details which are infrastructure-related and not application development. This results in developers spending more time working on infrastructure before they can start working on the application. Second, the serverless development platforms that are available in the public cloud are proprietary so the code is often tied to a particular cloud vendor. This negates the important value of running Kubernetes which enables your application to be cloud-agnostic.
This session will focus on an open-source-based serverless stack that runs on any Kubernetes environment and makes the development frictionless with infrastructure automation and a rich set of developer APIs. Attendees will also learn how to run both containers and function workloads with the same serverless stack during their serverless journey on Kubernetes.
We will also demonstrate how to deploy a serverless controller and use serverless runtimes to execute functions, covering the gap from the deployment of Docker containers to a fully-featured serverless engine.
Packaging software into containers gives your code everything needed to run with consistency from your laptop into production. But how do you run containers at scale in the cloud? In this session, learn how to run containerized Windows and .NET applications in production on AWS. We show you how to run Windows containers on Kubernetes with Amazon Elastic Kubernetes Service (Amazon EKS). We also demonstrate the benefits of running .NET Core Linux containers serverlessly with AWS Fargate. We cover core concepts and use demos to help you feel comfortable getting started with building and deploying .NET containerized applications on AWS.
Attacker's use one of three things to exploit and gain access to protected systems. The lack of (or misconfiguration) of security controls, vulnerabilities in the infrastructure and code itself or social engineering techniques to obtain information that can be used to gain access.
In this talk, we shall see, using demos, various techniques and tactics that attacker's use to gain access to Kubernetes environments and map them to the Kubernetes MITRE ATT&CK framework.
The talk will contain the journey of how an attacker moves from gathering information and obtaining initial access to planting backdoors, evading defenses, escalating privileges and eventually causing an impact on the infrastructure.
Measuring costs in Kubernetes environments is often complex. But it does not need to be. In this session, you will learn how you can achieve complete cost transparency and optimize your cloud spends, while retaining infrastructural flexibility.
We will discuss how to control and optimize in minutes the cost of your AWS EKS, Google GKE and Azure AKS applications. Instantly. You will learn about powerful -yet simple- strategies to rightsize your clusters: automated scaling up and scaling down to zero your nodes and pods, smart selection of VM shapes, and the automated use of spot instances.
A Terraform child module is great to gather code that will deploy a specific service based on your needs, for instance Azure Kubernetes Service (AKS). At the bare minimum, AKS can be a deployment of one node pool but at the other end it might be several pools, identity management, choices about versioning, much more.
This talk is based on a battle hardened module, which helps you create Kubernetes clusters that adhere to best practices and standards, while is flexible enough to break patterns when you need it. For this session we will not be looking at slides, but actual code. We will deep dive into some of the functions and expressions that Terraform has to offer, so there should be something for everyone in this talk.
Kubernetes allows a lot. After discovering its features, it’s easy to think it can magically transform your application deployment process into a painless no-event. For Hello World applications, that is the case. Unfortunately, not many of us do deploy such applications day-to-day because we need to handle state. Though it would be much easier to have stateless apps, and despite our best efforts in this direction, state is found in (at least) two places: sessions and databases.
You need to think keeping the state while stopping and starting application nodes. In this talk, I’ll demo how to update a Spring Boot app deployed on a Kubernetes cluster with a non-trivial database schema change with the help of Hazelcast, while keeping the service up during the entire update process.
This talk is the perfect opportunity for you to see where Cloud Native PostgreSQL, developed by EDB, is currently standing and how it can be integrated in your Kubernetes and OpenShift Container Platform workloads.
Cloud Native PostgreSQL is built on solid concepts and principles such as immutable infrastructure, declarative configuration and application containers, making it also ideal to use in your CI/CD pipelines as part of the applications’ E2E tests.
Join me to discover how our operators adapt to public/private/hybrid environments, how core features such as self-healing, high-availability, scalability and updates work, and – last but not least – what our DevSecOps culture and processes have produced in the area of security.
Wednesday, April 28, 2021
Microservices running in Kubernetes and containerized environments are complex and hard to monitor and troubleshoot. Join us as we discuss the growth in the adoption of Kubernetes and containers and the challenges that they have presented us all, focusing on why standard metrics and logs by themselves are leaving gaps in your observability strategy.