Changes between Version 14 and Version 15 of K8sFutures2019


Ignore:
Timestamp:
02/06/19 16:48:38 (6 years ago)
Author:
darkblueb
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • K8sFutures2019

    v14 v15  
    4040* Efficiency
    4141
    42 A short description of each characteristic is given by the speaker Chris Van Tuin, a senior technologist at RedHat. In brief, scaling is not "one size fits all" endeavor and can be architected in specific systems to with these and other characteristics in mind. From a security perspective, monitoring or "visibility" can be implemented synergistically with these characteristics to meet specific security goals.
     42A short description of each characteristic is given by the speaker Chris Van Tuin, a senior technologist at RedHat_Inc. In brief, scaling is not "one size fits all" endeavor and can be architected in specific systems to with these and other characteristics in mind. From a security perspective, monitoring or "visibility" can be implemented synergistically with these characteristics to meet specific security goals.
    4343
    4444
     
    4747A spirited and deeply technical presentation was given by senior RedHat_Inc engineer Dan Walsh [1]. The featured twitter channel was **#nobigfatdaemons**.  A tour of Github / containers [2] related material included skopeo, image, podman, storage, CRI-O, conmon, and buildah. A core concept of the presentation was that containers need not be monoliths, and that building containers should be a flexible process with a choice of toolchains. There is a preference from a security perspective of making containers that can run read-only, with any storage needs specifically built with finite (traceable) bounds. Eliminating the "base-image" concept is worthwhile. A useful idea in the presentation was that the execution of containers can be for different purposes, with different security obligations for each of:  building;  run to experiment and explore; run in production.  A demonstration of alternative runtimes for containers was shown, emphasizing the Docker container definition, but flexibly reducing the privileges required for any given container to run.
    4848
    49 Many other topics and technology chains were presented during the course of the day. Without listing exhaustively, it could be said that there are numerous, relevant technology projects over the years from RedHat and others, but that evolution and market-forces are causing each to re-justify itself with respect to K8s and Docker in this presentation.  Intel Corporation was a sponsor of this event, and occasional references to Intel were uniformly positive and without critical or controversial content.
     49Many other topics and technology chains were presented during the course of the day. Without listing exhaustively, it could be said that there are numerous, relevant technology projects over the years from RedHat_Inc and others, but that evolution and market-forces are causing each to re-justify itself with respect to K8s and Docker in this presentation.  Intel Corporation was a sponsor of this event, and occasional references to Intel were uniformly positive and without critical or controversial content.
    5050
    5151Some threat-models were discussed in light of container orchestration, and specific workflow recommendations were offered, many of which look quite similar to secure network models of past years, but with containers and K8s specific details added. There is no question that container models with networked workflows, can be executed with greater resource efficiency and other desirable properties in a cloud platform execution environment. 
    5252
    53 Many participants in the audience were not English language native speakers. There is global interest in these architectures. International FOSS organizations like **OSGeo** can also benefit from a good understanding of emerging standards and practices, while at the same time supporting core FOSS values and independence, on several levels.
     53Many participants in the audience were not English language native speakers. There is global interest in these architectures. International FOSS organizations like **OSGeo** can also benefit from a good understanding of emerging standards and practices, while at the same time supporting core FOSS values and independence, on several levels. Although the companies presenting on stage have a large commercial interest in the adoption of these technology chains, in this authors opinion the presentations seemed fair and open, given the realities of this fast-moving topic.
    5454
    55 Thanks to RedHat and Intel for sponsoring this informative event.
     55Thanks to RedHat_Inc and Intel Corporation for sponsoring this informative event.
    5656
    5757