Kubernetes is an open-source system for automating deployment, scaling, and management of containerized applications. It coordinates activities across a cluster of machines by defining basic building blocks like pods (which contain containers), replication controllers (which ensure a specified number of pods are running), and services (which define logical groups of pods). Kubernetes provides tools for running applications locally on a single node as well as managing resources in the cluster, including creating, deleting, viewing, and updating resources from configuration files.
A Comprehensive Introduction to Kubernetes. This slide deck serves as the lecture portion of a full-day Workshop covering the architecture, concepts and components of Kubernetes. For the interactive portion, please see the tutorials here:
https://github.com/mrbobbytables/k8s-intro-tutorials
A basic introductory slide set on Kubernetes: What does Kubernetes do, what does Kubernetes not do, which terms are used (Containers, Pods, Services, Replica Sets, Deployments, etc...) and how basic interaction with a Kubernetes cluster is done.
Kubernetes for Beginners: An Introductory GuideBytemark
An introduction to Kubernetes for beginners. Includes the definition, architecture, benefits and misconceptions of Kubernetes. Written in plain English, ideal for both developers and non-developers who are new to Kubernetes.
Find out more about Kubernetes at Bytemark here: https://www.bytemark.co.uk/managed-kubernetes/
A Comprehensive Introduction to Kubernetes. This slide deck serves as the lecture portion of a full-day Workshop covering the architecture, concepts and components of Kubernetes. For the interactive portion, please see the tutorials here:
https://github.com/mrbobbytables/k8s-intro-tutorials
A basic introductory slide set on Kubernetes: What does Kubernetes do, what does Kubernetes not do, which terms are used (Containers, Pods, Services, Replica Sets, Deployments, etc...) and how basic interaction with a Kubernetes cluster is done.
Kubernetes for Beginners: An Introductory GuideBytemark
An introduction to Kubernetes for beginners. Includes the definition, architecture, benefits and misconceptions of Kubernetes. Written in plain English, ideal for both developers and non-developers who are new to Kubernetes.
Find out more about Kubernetes at Bytemark here: https://www.bytemark.co.uk/managed-kubernetes/
Author: Oleg Chunikhin, www.eastbanctech.com
Kubernetes is a portable open source system for managing and orchestrating containerized cluster applications. Kubernetes solves a number of DevOps related problems out of the box in a simple and unified way – rolling updates and update rollback, canary deployment and other complicated deployment scenarios, scaling, load balancing, service discovery, logging, monitoring, persistent storage management, and much more. You will learn how in less than 30 minutes a reliable self-healing production-ready Kubernetes cluster may be deployed on AWS and used to host and operate multiple environments and applications.
Join us to learn the concepts and terminology of Kubernetes such as Nodes, Labels, Pods, Replication Controllers, Services. After taking a closer look at the Kubernetes master and the nodes, we will walk you through the process of building, deploying, and scaling microservices applications. Each attendee gets $100 credit to start using Google Container Engine. The source code is available at https://github.com/janakiramm/kubernetes-101
Traditional virtualization technologies have been used by cloud infrastructure providers for many years in providing isolated environments for hosting applications. These technologies make use of full-blown operating system images for creating virtual machines (VMs). According to this architecture, each VM needs its own guest operating system to run application processes. More recently, with the introduction of the Docker project, the Linux Container (LXC) virtualization technology became popular and attracted the attention. Unlike VMs, containers do not need a dedicated guest operating system for providing OS-level isolation, rather they can provide the same level of isolation on top of a single operating system instance.
An enterprise application may need to run a server cluster to handle high request volumes. Running an entire server cluster on Docker containers, on a single Docker host could introduce the risk of single point of failure. Google started a project called Kubernetes to solve this problem. Kubernetes provides a cluster of Docker hosts for managing Docker containers in a clustered environment. It provides an API on top of Docker API for managing docker containers on multiple Docker hosts with many more features.
Kubernetes: An Introduction to the Open Source Container Orchestration PlatformMichael O'Sullivan
Originally designed by Google, Kubernetes is now an open-source platform that is used for managing applications deployed as containers across multiple hosts - now hosted under the Cloud Native Computing Foundation. It provides features for automating deployment, scaling, and maintaining these applications. Hosts are organised into clusters, and applications are deployed into these clusters as containers. Kubernetes is compatible with several container engines, notably Docker. The popularity of Kubernetes continues to increase as a result of the feature-rich tooling when compared to use of a container-engine alone, and a number of Cloud-based hosted solutions are now available, such as Google Kubernetes Engine, Amazon Elastic Container Service for Kubernetes, and IBM Cloud Container Service.
This talk will provide an introduction to the Kubernetes platform, and a detailed view of the platform architecture from both the Control Plane and Worker-node perspectives. A walk-through demonstration will also be provided. Furthermore, two additional tools that support Kubernetes will be presented and demonstrated - Helm: a package manager solution which enables easy deployment of pre-built Kubernetes software using Helm Charts, and Istio: a platform in development that aims to simplify the management of micro-services deployed on the Kubernetes platform.
Speaker Bio:
Dr. Michael J. O'Sullivan is a Software Engineer working as part of the Cloud Foundation Services team for IBM Cloud Dedicated, in the IBM Cloud division in Cork. Michael has worked on both Delivery Pipeline/Deployment Automation and Performance Testing teams, which has resulted in daily exposure to customer deployments of IBM Cloud services such as the IBM Cloud Containers Service, and the IBM Cloud Logging and Metrics Services. Michael has also worked on deployment of these services to OpenStack and VMware platforms. Michael holds a PhD in Computer Science from University College Cork (2012 - 2015), where, under the supervision of Dr. Dan Grigoras, engaged in research of Mobile Cloud Computing (MCC) - specifically, studying and implementing solutions for delivering seamless user experiences of MCC applications and services. Prior to this, Michael graduated with a 1st Class Honours Degree in Computer Science from University College Cork in 2012.
** Kubernetes Certification Training: https://www.edureka.co/kubernetes-certification **
This Edureka tutorial on "Kubernetes Architecture" will give you an introduction to popular DevOps tool - Kubernetes, and will deep dive into Kubernetes Architecture and its working. The following topics are covered in this training session:
1. What is Kubernetes
2. Features of Kubernetes
3. Kubernetes Architecture and Its Components
4. Components of Master Node and Worker Node
5. ETCD
6. Network Setup Requirements
DevOps Tutorial Blog Series: https://goo.gl/P0zAfF
Kubernetes Concepts And Architecture Powerpoint Presentation SlidesSlideTeam
Get these visually appealing Kubernetes Concepts And Architecture PowerPoint Presentation Slides to discuss the process of operating containerized applications. You can display the need for containers by the company with the help of an open-source architecture PPT slideshow. The architecture of containers can be demonstrated with the help of a visually appealing PPT slideshow. The reasons for opting for Kubernetes by an organization can be explained to your teammates with the help of containers PowerPoint infographics. Highlight the roadmap for installing Kubernetes in the organization by using content-ready PPT slides. Take the assistance of visually appealing PPT templates to depict the major advantages of Kubernetes such as improving productivity, the stability of application run, and many more. After that, display 30 60 90 days plan to implement Kubernetes in the organization. Display the key components of Kubernetes with the help of a diagram using this professionally designed cluster architecture PPT layouts. Describe the functionality of each components of Kubernetes. Hence, download Kubernetes architecture PPT slides to easily and efficiently manage the clusters. https://bit.ly/34DWa7x
This presentation covers how app deployment model evolved from bare metal servers to Kubernetes World.
In addition to theoretical information, you will find free KATACODA workshops url to perform practices to understand the details of the each topics.
History and Basics of containers, LXC, Docker and Kubernetes. This presentation is given to Engineering colleage students at VIT DevFest 2018. Beginner to Intermediate level.
A basic introduction to Kubernetes. Kubernetes is an open-source system for automating deployment, scaling, and management of containerized applications.
These slides were used during a technical session for the Cloud-Native El Salvador community. It covers the basic Kubernetes components, some installers and main Kubernetes resources. For the demo, it was used the capabilites provided by the Horizontal Pod Autoscaler.
Author: Oleg Chunikhin, www.eastbanctech.com
Kubernetes is a portable open source system for managing and orchestrating containerized cluster applications. Kubernetes solves a number of DevOps related problems out of the box in a simple and unified way – rolling updates and update rollback, canary deployment and other complicated deployment scenarios, scaling, load balancing, service discovery, logging, monitoring, persistent storage management, and much more. You will learn how in less than 30 minutes a reliable self-healing production-ready Kubernetes cluster may be deployed on AWS and used to host and operate multiple environments and applications.
Join us to learn the concepts and terminology of Kubernetes such as Nodes, Labels, Pods, Replication Controllers, Services. After taking a closer look at the Kubernetes master and the nodes, we will walk you through the process of building, deploying, and scaling microservices applications. Each attendee gets $100 credit to start using Google Container Engine. The source code is available at https://github.com/janakiramm/kubernetes-101
Traditional virtualization technologies have been used by cloud infrastructure providers for many years in providing isolated environments for hosting applications. These technologies make use of full-blown operating system images for creating virtual machines (VMs). According to this architecture, each VM needs its own guest operating system to run application processes. More recently, with the introduction of the Docker project, the Linux Container (LXC) virtualization technology became popular and attracted the attention. Unlike VMs, containers do not need a dedicated guest operating system for providing OS-level isolation, rather they can provide the same level of isolation on top of a single operating system instance.
An enterprise application may need to run a server cluster to handle high request volumes. Running an entire server cluster on Docker containers, on a single Docker host could introduce the risk of single point of failure. Google started a project called Kubernetes to solve this problem. Kubernetes provides a cluster of Docker hosts for managing Docker containers in a clustered environment. It provides an API on top of Docker API for managing docker containers on multiple Docker hosts with many more features.
Kubernetes: An Introduction to the Open Source Container Orchestration PlatformMichael O'Sullivan
Originally designed by Google, Kubernetes is now an open-source platform that is used for managing applications deployed as containers across multiple hosts - now hosted under the Cloud Native Computing Foundation. It provides features for automating deployment, scaling, and maintaining these applications. Hosts are organised into clusters, and applications are deployed into these clusters as containers. Kubernetes is compatible with several container engines, notably Docker. The popularity of Kubernetes continues to increase as a result of the feature-rich tooling when compared to use of a container-engine alone, and a number of Cloud-based hosted solutions are now available, such as Google Kubernetes Engine, Amazon Elastic Container Service for Kubernetes, and IBM Cloud Container Service.
This talk will provide an introduction to the Kubernetes platform, and a detailed view of the platform architecture from both the Control Plane and Worker-node perspectives. A walk-through demonstration will also be provided. Furthermore, two additional tools that support Kubernetes will be presented and demonstrated - Helm: a package manager solution which enables easy deployment of pre-built Kubernetes software using Helm Charts, and Istio: a platform in development that aims to simplify the management of micro-services deployed on the Kubernetes platform.
Speaker Bio:
Dr. Michael J. O'Sullivan is a Software Engineer working as part of the Cloud Foundation Services team for IBM Cloud Dedicated, in the IBM Cloud division in Cork. Michael has worked on both Delivery Pipeline/Deployment Automation and Performance Testing teams, which has resulted in daily exposure to customer deployments of IBM Cloud services such as the IBM Cloud Containers Service, and the IBM Cloud Logging and Metrics Services. Michael has also worked on deployment of these services to OpenStack and VMware platforms. Michael holds a PhD in Computer Science from University College Cork (2012 - 2015), where, under the supervision of Dr. Dan Grigoras, engaged in research of Mobile Cloud Computing (MCC) - specifically, studying and implementing solutions for delivering seamless user experiences of MCC applications and services. Prior to this, Michael graduated with a 1st Class Honours Degree in Computer Science from University College Cork in 2012.
** Kubernetes Certification Training: https://www.edureka.co/kubernetes-certification **
This Edureka tutorial on "Kubernetes Architecture" will give you an introduction to popular DevOps tool - Kubernetes, and will deep dive into Kubernetes Architecture and its working. The following topics are covered in this training session:
1. What is Kubernetes
2. Features of Kubernetes
3. Kubernetes Architecture and Its Components
4. Components of Master Node and Worker Node
5. ETCD
6. Network Setup Requirements
DevOps Tutorial Blog Series: https://goo.gl/P0zAfF
Kubernetes Concepts And Architecture Powerpoint Presentation SlidesSlideTeam
Get these visually appealing Kubernetes Concepts And Architecture PowerPoint Presentation Slides to discuss the process of operating containerized applications. You can display the need for containers by the company with the help of an open-source architecture PPT slideshow. The architecture of containers can be demonstrated with the help of a visually appealing PPT slideshow. The reasons for opting for Kubernetes by an organization can be explained to your teammates with the help of containers PowerPoint infographics. Highlight the roadmap for installing Kubernetes in the organization by using content-ready PPT slides. Take the assistance of visually appealing PPT templates to depict the major advantages of Kubernetes such as improving productivity, the stability of application run, and many more. After that, display 30 60 90 days plan to implement Kubernetes in the organization. Display the key components of Kubernetes with the help of a diagram using this professionally designed cluster architecture PPT layouts. Describe the functionality of each components of Kubernetes. Hence, download Kubernetes architecture PPT slides to easily and efficiently manage the clusters. https://bit.ly/34DWa7x
This presentation covers how app deployment model evolved from bare metal servers to Kubernetes World.
In addition to theoretical information, you will find free KATACODA workshops url to perform practices to understand the details of the each topics.
History and Basics of containers, LXC, Docker and Kubernetes. This presentation is given to Engineering colleage students at VIT DevFest 2018. Beginner to Intermediate level.
A basic introduction to Kubernetes. Kubernetes is an open-source system for automating deployment, scaling, and management of containerized applications.
These slides were used during a technical session for the Cloud-Native El Salvador community. It covers the basic Kubernetes components, some installers and main Kubernetes resources. For the demo, it was used the capabilites provided by the Horizontal Pod Autoscaler.
- Introduction to Kubernetes features
- A look at Kubernetes Networking and Service Discovery
- New features in Kubernetes 1.6
- Kubernetes Installation options
To know more about our Kubernetes expertise, visit our center of excellence at: http://www.opcito.com/kubernetes/
Live Container Migration: OpenStack Summit Barcelona 2016Phil Estes
A talk presented by Phil Estes & Shaun Murakami, IBM Cloud Open Technologies, at the Barcelona OpenStack Summit on October 25, 2016. This talk covers a new feature that will be available in the Docker 1.13 engine for using the CRIU project to checkpoint and restore container processes on Linux. Phil & Shaun present details of this new capability and then demonstrate a proof-of-concept "live migration" of containers across nova compute hosts.
Overview of kubernetes and its use as a DevOps cluster management framework.
Problems with deployment via kube-up.sh and improving kubernetes on AWS via custom cloud formation template.
Kubernetes is an open-source system and is quickly becoming the new standard for automating deployment, scaling, and management of containerized applications.
In the presentation we will have a high-level overview of the most important components of Kubernetes and how they fit together. We will start with having an overview of Container and Orchestration and what Kubernetes is capable of and how it helps in automating deployment and scaling software in the cloud. Afterwards we will discuss Kubernetes objects (Pod, ReplicaSet, Deployment, Services, Namespaces) with some examples.
Kube Overview and Kube Conformance Certification OpenSource101 RaleighBrad Topol
This is my Introduction to Kubernetes and Overview of the Kubernetes Conformance Certification Program talk presented at OpenSource101 Raleigh on Feb 17, 2018
An Introduction to Using PostgreSQL with Docker & KubernetesJonathan Katz
The maturation of containerization platforms has changed how people think about creating development environments and has eliminated many inefficiencies for deploying applications. These concept and technologies have made its way into the PostgreSQL ecosystem as well, and tools such as Docker and Kubernetes have enabled teams to run their own “database-as-a-service” on the infrastructure of their choosing.
In this talk, we will cover the following:
- Why containers are important and what they mean for PostgreSQL
- Setting up and managing a PostgreSQL container
- Extending your setup with a pgadmin4 container
- Container orchestration: What this means, and how to use Kubernetes to leverage database-as-a-service with PostgreSQL
- Trends in the container world and how it will affect PostgreSQL
Using PostgreSQL With Docker & Kubernetes - July 2018Jonathan Katz
The maturation of containerization platforms has changed how people think about creating development environments and has eliminated many inefficiencies for deploying applications. These concept and technologies have made its way into the PostgreSQL ecosystem as well, and tools such as Docker and Kubernetes have enabled teams to run their own “database-as-a-service” on the infrastructure of their choosing.
In this talk, we will cover the following:
- Why containers are important and what they mean for PostgreSQL
- Setting up and managing a PostgreSQL along with pgadmin4 and monitoring
- Running PostgreSQL on Kubernetes with a Demo
- Trends in the container world and how it will affect PostgreSQL
Kubernetes Introduction. The concepts you need to understand to effectively develop and run applications in a Kubernetes environment. Focusing primarily on application developers, but it also provides an overview of managing applications from the operational perspective. It’s meant for anyone interested in running and managing containerized applications on more than just a single server.
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
Search and Society: Reimagining Information Access for Radical FuturesBhaskar Mitra
The field of Information retrieval (IR) is currently undergoing a transformative shift, at least partly due to the emerging applications of generative AI to information access. In this talk, we will deliberate on the sociotechnical implications of generative AI for information access. We will argue that there is both a critical necessity and an exciting opportunity for the IR community to re-center our research agendas on societal needs while dismantling the artificial separation between the work on fairness, accountability, transparency, and ethics in IR and the rest of IR research. Instead of adopting a reactionary strategy of trying to mitigate potential social harms from emerging technologies, the community should aim to proactively set the research agenda for the kinds of systems we should build inspired by diverse explicitly stated sociotechnical imaginaries. The sociotechnical imaginaries that underpin the design and development of information access technologies needs to be explicitly articulated, and we need to develop theories of change in context of these diverse perspectives. Our guiding future imaginaries must be informed by other academic fields, such as democratic theory and critical theory, and should be co-developed with social science scholars, legal scholars, civil rights and social justice activists, and artists, among others.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
2. Kubernetes (k8s):
is an open-source system for automating
deployment, scaling, and management of
containerized applications
3. Why would you care?
The pitch:
“Kuberentes makes it easier to organize and schedule your application across a fleet of
machines”
Specifically by:
• Horizontal scaling
• Load distribution
• Service discovery
• Health monitoring
• Deploying new versions, rollbacks
• Handling hardware failure
4. High level architecture
Master - coordinates all activities in the cluster
Nodes:
• virtual or physical machines
• actual workers
• runs processes:
• kubelet
• container runtime
5. Basic building blocks
Containers
• Define single running process*
• Eg docker container
Pods
• the way of running containers in kubernetes
• basic deployable and scaling unit
• defines one or more containers
• containers are co-located on a node
• flat network structure
Nodes:
• physical worker machines
• can run multiple pods
• pods running within single node don’t know
about each other
6. Running things locally
Minikube:
• single node cluster
• running in a VM
• supports linux, windows and macOS
• mature project
https://kubernetes.io/docs/setup/minikube/
https://kubernetes.io/docs/tasks/tools/install-minikube/
https://docs.docker.com/docker-for-windows/kubernetes/
https://docs.docker.com/docker-for-mac/kubernetes/
Docker with built-in kubernetes:
• single node cluster
• running in a VM
• windows and macOS
• drag & drop installation
• bound to specific kubernetes version
• relatively new
More options listed in https://kubernetes.io
7. Managing cluster resources
Create resource from file
• kubectl create -f resource_file.yml
Change existing (or create) resource based on file
• kubectl apply -f resource_file.yml
Delete existing resource
• kubectl delete resource_type resource_name
List resources of type
• kubectl get resource_type
Edit resource on the server
• kubectl edit resource_type resource_name
8. Debugging cluster resources
Execute command on the container
• kubectl exec [-it] pod_name process_to_run
Get container logs
• kubectl logs pod_name [-c container_name]
Forward port from a pod
• kubectl port-forward pod_name local_port:remote_port
Print detailed description of a resource
• kubectl describe resource_type resource_name
9. Defining a pod
Main definition components
• api
• resource type
• metadata
• spec
10. Grouping pods - labels
• Each pod can have multiple labels
• Labels can be changed on a live pod
• Basic mechanism to execute commands on
multiple pods
11. Pod health - liveness probe
Out of the box (before the probe)
• Pod defines a restart policy
• Crashing process can be restarted by kubelet
Process can be alive but unhealthy eg:
• deadlocked
• stuck in a loop
Liveness probe is a way of telling kubelet that a process in no longer
healthy and needs restarting
3 ways of querying:
• http
• tcp
• exec
Limitations of liveness probe
12. Replica Sets
Replication Controller
Ensures desired number of pods exist by:
• scaling up or down
• running new pods when nodes fail
Definition consists of:
• label selector
• replica count
• pod template
14. Service
Define logical groups of pods - label selectors
Types:
• ClusterIP (default)
• LoadBalancer
• NodePort
• ExternalName
Service is constant:
• IP doesn’t change (except headless)
• each service gets a dns entry
15. Pod health - readiness probe
Similar to liveness probe:
• Defined in a pod
• 3 types supported
• similar parameters
When probe fails pod is marked as not ready
Not ready pods are removed from services
16. Service - LoadBalancer
• Allows automatic provisioning of load
balancers
• Needs to be supported by cloud provider
• Exposes external IP to the cluster
18. Deployments
• Higher level resource
• Deals with updating the application
• Allows graceful rollback
• Can pause or abort a bad release
• Manages internally multiple replica sets
• Changing pod template triggers update
19. Deployments
Revision history:
• rolling back release
• switching between releases
• number of revisions can be specified
Update strategy:
• RollingUpdate
• Recreate
Detecting bad releases with minReadySeconds
Specifying update process
• MaxSurge
• MaxUnavailable
21. Passing configuration
Pod definition can embed:
• environment variables
• command line parameters
This couples pod definition with environment:
• separate definitions for prod/test
• changing configuration requires changing pod
22. ConfigMap
• Lives as a separate resource
• Supports:
• environment variables:
• individual
• entire environment
• configuration files /directories
• Live reloading of config if supported by pod
• Missing ConfigMap prevents container from starting
23. ConfigMap - basic usage
Defining and passing single
environment variable
25. Secrets
• Similar to configMap
• Stored in memory on the nodes
(includes mounting files)
• Ability to store binary data -
base64 encoded
26. Where to go from here
Managing persistent storage:
• persistent volumes
• persistent volume claims
• storage class
Advanced routing - ingress controllers
Multiple replicas with own storage - stateful sets
Even more resources - deamon sets, jobs, cronjobs
Package management - Helm
Managing Kubernetes through API
Service mesh - Istio