Tuesday, 5th September at CodeNode, London

This meetup is run by Cloud Native. Starts at 6:30 PM.

Do you want to stay up to date with all that's happening with Cloud Native? Don't miss this month's Cloud Native London, the CNCF approved meetup!

Cloud Native London September

Join us for three talks from Bryan Boreham (Weaveworks), Nic Jackson (Hashicorp), and Alex Ellis (ADP, Docker Captain).

Full agenda coming soon!

CNI, the Container Network Interface

CNI, the Container Network Interface, is a CNCF project that provides a standardised API to talk to container networks. Today there are over 30 different CNI plugins available, and container runtimes which support CNI include Kubernetes, Rkt, Mesos, OpenShift and Cloud Foundry.

This talk will run through the basics of how CNI operates, catch up on recent developments such as ipv6, port mapping and plugin chaining, and look ahead at future plans.

Bryan Boreham

Bryan is Director of Engineering at Weaveworks, whose mission is to make developers successful with containers and cloud-native computing. Previously, Bryan has spent many years designing, building and debugging large distributed systems for banks and software companies.

Can I haz non-privileged containers?

In this talk, we will look at the problems associated with running Docker containers with privileged status and some solutions to how you can harden your Docker-based security. Check it out!

To understand the problem, we will take a quick look at how user and group isolation works in Unix and how this translates into a container. We will also look at how user namespaces work in Docker and how simple it is to build a non-root Docker container. In addition to all of this, we will look at some simple tools which can automatically detect these problems and notify you if they occur.

Takeaways:

  • How users and groups work in Unix

  • Security problems with running container processes as root

  • Understanding of container namespaces and user mappings

  • How to build a non-Root container

  • Edge cases where Root containers may be required

Nic Jackson

Nic Jackson is a software engineering evangelist working for notonthehighstreet.com, with over 20 years experience in software development and leading software development teams. A huge believer that the rise of Docker and container solutions is a positive transformation for the way we develop, deploy and maintain software.

FaaS and Furious - 0 to Serverless in 60 seconds, anywhere

OpenFaaS or Functions as a Service is a Cloud Native framework for building serverless functions (as popularised by AWS Lambda) with containers. Check out this talk by Alex Ellis to learn more!

The OpenFaaS framework lets you package any process as a serverless function for either Linux or Windows - just bring your own Kubernetes or Docker cluster. Avoid vendor lock-in by running it in your own datacenter or the cloud with your existing certified clusters and ecosystem. The project focuses on ease of use through its UI which can be used to test and monitor functions in tandem with tight Prometheus integration that allows the cluster to auto-scale for demand.

You can deploy OpenFaaS in 60 seconds on Kubernetes or Swarm and thanks to concise code templates all you need to write is a handler in your favourite programming language - let your cluster do the heavy lifting. OpenFaaS was recently trending as the top Golang project on GitHub and has over 4k stars. Come and find out how and why people are leveraging an event-driven architecture along with some cool interactive demos.

Alex Ellis

Alex is a Docker Captain and Principal Developer @ ADP where he has years of experience in the enterprise supporting payroll and HCM for up to 500k clients. He's a polyglot, blogger, published writer and mentor in the Docker and Raspberry Pi community.

Thanks to our sponsors

Attending Members

Overview

Do you want to stay up to date with all that's happening with Cloud Native? Don't miss this month's Cloud Native London, the CNCF approved meetup!

Cloud Native London September

Join us for three talks from Bryan Boreham (Weaveworks), Nic Jackson (Hashicorp), and Alex Ellis (ADP, Docker Captain).

Full agenda coming soon!

CNI, the Container Network Interface

CNI, the Container Network Interface, is a CNCF project that provides a standardised API to talk to container networks. Today there are over 30 different CNI plugins available, and container runtimes which support CNI include Kubernetes, Rkt, Mesos, OpenShift and Cloud Foundry.

This talk will run through the basics of how CNI operates, catch up on recent developments such as ipv6, port mapping and plugin chaining, and look ahead at future plans.

Bryan Boreham

Bryan is Director of Engineering at Weaveworks, whose mission is to make developers successful with containers and cloud-native computing. Previously, Bryan has spent many years designing, building and debugging large distributed systems for banks and software companies.

Can I haz non-privileged containers?

In this talk, we will look at the problems associated with running Docker containers with privileged status and some solutions to how you can harden your Docker-based security. Check it out!

To understand the problem, we will take a quick look at how user and group isolation works in Unix and how this translates into a container. We will also look at how user namespaces work in Docker and how simple it is to build a non-root Docker container. In addition to all of this, we will look at some simple tools which can automatically detect these problems and notify you if they occur.

Takeaways:

  • How users and groups work in Unix

  • Security problems with running container processes as root

  • Understanding of container namespaces and user mappings

  • How to build a non-Root container

  • Edge cases where Root containers may be required

Nic Jackson

Nic Jackson is a software engineering evangelist working for notonthehighstreet.com, with over 20 years experience in software development and leading software development teams. A huge believer that the rise of Docker and container solutions is a positive transformation for the way we develop, deploy and maintain software.

FaaS and Furious - 0 to Serverless in 60 seconds, anywhere

OpenFaaS or Functions as a Service is a Cloud Native framework for building serverless functions (as popularised by AWS Lambda) with containers. Check out this talk by Alex Ellis to learn more!

The OpenFaaS framework lets you package any process as a serverless function for either Linux or Windows - just bring your own Kubernetes or Docker cluster. Avoid vendor lock-in by running it in your own datacenter or the cloud with your existing certified clusters and ecosystem. The project focuses on ease of use through its UI which can be used to test and monitor functions in tandem with tight Prometheus integration that allows the cluster to auto-scale for demand.

You can deploy OpenFaaS in 60 seconds on Kubernetes or Swarm and thanks to concise code templates all you need to write is a handler in your favourite programming language - let your cluster do the heavy lifting. OpenFaaS was recently trending as the top Golang project on GitHub and has over 4k stars. Come and find out how and why people are leveraging an event-driven architecture along with some cool interactive demos.

Alex Ellis

Alex is a Docker Captain and Principal Developer @ ADP where he has years of experience in the enterprise supporting payroll and HCM for up to 500k clients. He's a polyglot, blogger, published writer and mentor in the Docker and Raspberry Pi community.

Thanks to our sponsors

Who's coming?

Attending Members