Cloud Native London September
CNI, the Container Network Interface
This talk will run through the basics of how CNI operates, catch up on recent developments such as ipv6, port mapping and plugin chaining, and look ahead at future plans.
Bryan Boreham
After first getting into programming as a kid, creating a video game called "Splat", Bryan's career has ranged from charting pie sales at a bakery to real-time pricing of billion-dollar bond trades. At Weaveworks, Bryan works on deployment and observability for containers and microservices, and is a contributor to many Cloud Native Open Source projects including Kubernetes, Weave Net and Cortex. Outside of work he is a father, a helicopter pilot, and can cook a mean risotto primavera.
FaaS and Furious - 0 to Serverless in 60 seconds, anywhere
The OpenFaaS framework lets you package any process as a serverless function for either Linux or Windows - just bring your own Kubernetes or Docker cluster. Avoid vendor lock-in by running it in your own datacenter or the cloud with your existing certified clusters and ecosystem. The project focuses on ease of use through its UI which can be used to test and monitor functions in tandem with tight Prometheus integration that allows the cluster to auto-scale for demand.
You can deploy OpenFaaS in 60 seconds on Kubernetes or Swarm and thanks to concise code templates all you need to write is a handler in your favourite programming language - let your cluster do the heavy lifting. OpenFaaS was recently trending as the top Golang project on GitHub and has over 4k stars. Come and find out how and why people are leveraging an event-driven architecture along with some cool interactive demos.
Alex Ellis
Alex is a respected expert on serverless and cloud native computing. He founded OpenFaaS, one of the most popular open-source serverless projects, where he has built the community via writing, speaking, and extensive personal engagement. As a consultant and CNCF Ambassador, he helps companies around the world build great developer experiences and navigate the cloud native landscape.
Can I haz non-privileged containers?
To understand the problem, we will take a quick look at how user and group isolation works in Unix and how this translates into a container. We will also look at how user namespaces work in Docker and how simple it is to build a non-root Docker container. In addition to all of this, we will look at some simple tools which can automatically detect these problems and notify you if they occur.
Takeaways:
How users and groups work in Unix
Security problems with running container processes as root
Understanding of container namespaces and user mappings
How to build a non-Root container
Edge cases where Root containers may be required
Michael Hausenblas
Michael is a Developer Advocate for Go, Kubernetes, and OpenShift at Red Hat where he helps appops to build and operate distributed services. His background is in large-scale data processing and container orchestration and he's experienced in advocacy and standardization at W3C and IETF. Before Red Hat, Michael worked at Mesosphere, MapR and in two research institutions in Ireland and Austria. He contributes to open source software (mainly using Go), blogs and hangs out on Twitter too much.
Nic Jackson
Nic Jackson is a developer advocate and polyglot programmer at HashiCorp. He is the author of Building Microservices in Go, which examines the best patterns and practices for building microservices with the Go programming language. In his spare time, Nic coaches and mentors at Coder Dojo, teaches at Women Who Go and GoBridge, and speaks about and evangelizes good coding practice, process, and technique.
Thank you to our sponsors and partners
Platinum
