Becoming the Admiral
Mastering Docker orchestration
Alistair Chapman
@agc93
Who am I?
Alistair Chapman
Â
agc93
Â
agc93
Information Security Engineer @ Red Hat
Microsoft MVP
Walking, talking case of impostor syndrome
The Plan
(or however much I can fit in 15 minutes)
- Monitoring container workloads
- Adapting your processes
- Securing your containers
- Building a solution
Monitoring Containers
Scale your Monitoring with your workloads
- You're not monitoring a few servers anymore!
- Get your host ↔ app balance right
- Identify your "bridging"/interface points
- Herd those cats!
Monitoring Containers
Understand your approach
Improve your response toolkit
- The same tools and processes don't apply to containers!
- Know how to make the most of Docker
- Be wary of reliance on documentation
- Prepare for each layer of the stack
Secure your Cloud
- This should be a basic requirement
- Assume everyone's out to get you
- Don't implicitly trust third-party apps
Secure your Cloud
Secure your Cloud
- Behavioural monitoring
- Standard network-based detection
- Proper user controls and RBAC
- API activity (including baselining)
- Platform access controls
Building Your Solution
Pro-Tip: It's not Docker
- The answer isn't Docker
- or Kubernetes, or OpenShift
- Containers are not a turn-key solution
- Build a stack around both sides of your infrastructure
Alistair Chapman
@agc93
(essentially everywhere)
Â
Â
https://slides.agchapman.com
https://blog.agchapman.com/