OVERVIEW
Red Hat and Axcelinno invite you to our hands-on workshop where we will cover the comprehensive container and Kubernetes security capabilities available in Red Hat® OpenShift®. You will gain experience with:
- Host OS (Red Hat CoreOS and Red Hat Enterprise Linux®) security technologies.
- Evaluating container content and sources for vulnerabilities.
- Designing the build and CI/CD pipeline to proactively check container content and ensure content governance across the application life cycle, including image policy management and enforcement, image scanning, and image signing.
- Certificate & secrets management.
- Implementing methods to control access to containers via authentication and authorization.
- Red Hat OpenShift Container Platform security technologies, including Security Context Constraints (SCC), role-based access control (RBAC), and network security with network policies
- Logging, monitoring, and auditing.
Who will benefit?
This workshop is geared toward DevOps teams, DevSecOps teams, development team managers, product managers, and anyone interested in OpenShift and container/Kubernetes security.
Lab environment:
A lab environment will be provided to each attendee -- the environment will contain an already-running instance of OpenShift, along with pre-provisioned CodeReady Workspaces and OpenShift projects. Each student will be provided a unique login for all services used in the workshop. Students will progress through the module instructions at their own pace (with instructor help as needed).
AGENDA
8:30 AM - 9:00 AM | Registration, Breakfast (provided) and Meet and Greet
9:00 AM | Welcome and Workshop Overview
- Labs (Lunch Break with Lunch Provided)
- Lab 1: OpenShift blocks rogue containers from running as privileged user
- Lab 2: Implementing network isolation between running containers using Network Policies
- Lab 3: OpenShift Role Based Access Control
- Lab 4: Implementing DevSecOps to Build and Automate Security into the Application Using Red Hat Advanced Cluster Security
- Lab 5: Image Signing using Image Signing Operator
- Workshop wrap-up - Ends at 2:30 PM CT
Resources required:
A laptop or desktop with Chrome (preferred), Firefox, Internet Explorer/Edge 10+, or Safari 9+
Technologies used:
Red Hat OpenShift Container Platform
Red Hat Advanced Cluster Security