WELCOME TO THE BUILD-A-CONTAINER WORKSHOP

Overview

The future of enterprise applications is containers!

Containers!

This is because they provide a universal and portable packaging method for workloads and are the stepping stone to a fully automated and agile environment.

Kubernetes is the leading Container orchestration engine, but it’s complex and can be hard for organisations to find talent or properly evaluate solutions. Navigating the world of Kubernetes solutions is difficult without first understanding Containers. Not just containers but running containers in an enterprise compliant manner, that is securely and efficiently. This workshop seeks to help address that.

This 3hr immersive session is a crash course introduction to containers, what you should be concerned about and steps you can take to securely containerise applications. Specifically we look at:

  1. Best practices in creating secure and containerised applications

  2. Run, manage and deploy containers

  3. Security exploits and how to address them

  4. Container provenance

  5. Hands on building a secure container

The hands-on workshop is for developers, operations, architects or anyone curious about what makes up a container and how to use them in a linux environment.

Use Cases

Whilst creating this workshop, we drew inspiration from a number of use cases (illustrated below) and the experience that there was a lot of "assumed knowledge" when a person from a traditional VM based environment tries out OpenShift or Kubernetes workshops.

Containers!
  1. Alan had an application with many dependencies which he spent hours on constantly setting up across multiple environments. Its configuration could be semi automated, but he thought containers may provide a better way.

  2. Kat’s team had to maintain and develop many VM based web servers. They knew they had problems in how to maintain code, environments and the cost of cloud.

  3. Bob worked for a government agency who were very traditional in skills, development methodology and security. The business had a new appetite and budget for more feature development. But this resulted in requests for more environments and servers in the data centre. Operations were loathing these requests with little way of chargeback for what was their cost centre. They knew containers would provide greater automation and efficient use of resources but were not sure of security implications.

  4. Melanie worked for a construction operation who were upgrading a COTS system. The new version required a container based install. The company had little understanding of containers and what it meant from a technical and enterprise security perspective.

  5. Craig’s company was running cloud based services which were starting to take off until the company was hacked. The hack resulted in 2 weeks downtime to reset and restore systems, and they were looking for a way to ensure their containerised applications were secure and had greater control over software provenance.

Red Hat Container History

Red Hat’s contributions to containers go back to the creation of those core container primitives of Linux namespaces and cGroups in the early 2000s. Containers have been a core feature of Red Hat Enterprise Linux over multiple major releases and was the foundation of Red Hat OpenShift since its initial release in 2011.

Podman!
Buildah!
RHEL 8!

Interest in container technology continues to grow, as more organizations realize the benefits they can provide for how they manage applications and infrastructure. But it’s easy to get lost in all the hype and forget what containers are really about. Ultimately, containers are a feature of Linux. Containers have been a part of the Linux operating system for more than a decade, and go back even further in UNIX. That’s why, despite the very recent introduction of Windows containers, the majority of containers we see are in fact Linux containers. That also means that if you’re deploying containers, your Linux choices matter a lot.

In Red Hat we say "Containers are Linux". If you think about it?

Container security is Linux security

Container performance is Linux performance

Container reliability is Linux reliability

Throughout this workshop, you will use Red Hat Enterprise Linux 8 (RHEL 8) Container tools including Podman and Buildah which provide secure means of building and running containers.