Upload File

containerizing traditional applications microservices and cloud

  • Home
  • Documents
  • Containerizing Traditional Applications Microservices and Cloud
14
Containerizing Traditional Applications Microservices and Cloud-native Applications Managing Security

Upload: lyliem

Post on 14-Feb-2017

222 views

Category:

Documents


1 download

Report

TRANSCRIPT

Page 1: Containerizing Traditional Applications Microservices and Cloud

ContainerizingTraditionalApplications

MicroservicesandCloud-nativeApplications

ManagingSecurity

Page 2: Containerizing Traditional Applications Microservices and Cloud

ContainerizingTraditionalApplications–SFBayAreaMicroservicesMeetup-August24th2016

2

StepstoContainerizeanyApplicationü  Identifyandhandleapplicationstate

ü  Decideonhowmanycontainers

q  Selectcontainersecurityoptions

q  Selectcontainernetworkingoptions

q  Selectcontainerstorageoptions

Whatwecoveredlasttime…

http://www.nirmata.com/resources/meetups/

Page 3: Containerizing Traditional Applications Microservices and Cloud

ContainerizingTraditionalApplications–SFBayAreaMicroservicesMeetup-August24th2016

3

•  Introductions&Overview

•  LevelsofContainerSecurity

•  Twistlock

•  Demo

•  Q&A

SecurityforContainerizedApps

Page 4: Containerizing Traditional Applications Microservices and Cloud

ContainerizingTraditionalApplications–SFBayAreaMicroservicesMeetup-August24th2016

4

ChenxiWang-ChiefStrategyOfficeratTwistlockPreviouslyVPatCipherCloudandIntel,AnalystatForresterResearch,Assoc.ProfessoratCMU-Ph.D.inComputerSciencefromUniversityofVirginia.

JimBugwadia-FounderandCEOatNirmata

Developer,architect,andleadershiprolesatCisco,TrapezeNetworks,andPanoLogic,BellLabs,Motorola.MSComputerScienceUniversityofIllinois.

RiteshPatel-FounderandProductLeadatNirmataEngineeringandbusinessleadershipatBrocade,TrapezeNetworks,NortelandMotorola.MBAfromBerkleyHaas

Page 5: Containerizing Traditional Applications Microservices and Cloud

ContainerizingTraditionalApplications–SFBayAreaMicroservicesMeetup-August24th2016

5

AboutTwistlock

•  Firstenterprisesolutionpurposebuiltforsecuringcontainers

•  Cradle-to-scalesecurityo  Protectionfromdevelopmenttoproduction

o  Portable:anycloud,anyapp,anyregistry

•  Technologypioneero  15patents,firstsecuritypartnerforAWSECS&GoogleGCE,Dockercontributor

o  Marketleader–30+livedeployments

o  DarkReading:“20CyberSecuritycompaniestowatch”.SCmagazine:“Bestemergenttechnology”.CRN:“Toptencloudsecuritystartupstowatchin2016”

Page 6: Containerizing Traditional Applications Microservices and Cloud

ContainerizingTraditionalApplications–SFBayAreaMicroservicesMeetup-August24th2016

6

nirmata

Softwareinfrastructureisbestdeliveredas-a-service

Cloud-nativeapplicationsneedcloud-nativemanagement

Applicationsshouldnotbelockedintoacloudprovider

1

2

3

•  Fortune1000aswellasstartupcustomersinproduction

•  1M+pulls;10K+managedcontainerspermonth!

• Widerangeofapps–fromEnterpriseITtoIoT!

webelieve….

deploy,operateandoptimizecontainerizedapplicationsonanycloud!

Page 7: Containerizing Traditional Applications Microservices and Cloud

ContainerizingTraditionalApplications–SFBayAreaMicroservicesMeetup-August24th2016

7

The3LevelsofContainerSecurity

1.  TheExecutionEnvironmenthosts,containerdaemon,networks,accesscontrols,…

2.  ContainerImagesimagescanning,imagesigning,imageverification

3.  TheApplicationmanagecredentials,secrets,data.Detectandrespondtoactivethreatsandintrusions

Page 8: Containerizing Traditional Applications Microservices and Cloud
Page 9: Containerizing Traditional Applications Microservices and Cloud

Demo–ManagingSecrets

Page 10: Containerizing Traditional Applications Microservices and Cloud

ContainerizingTraditionalApplications–SFBayAreaMicroservicesMeetup-August24th2016

10

DockerDaemon

VolumePluginKeywhiz-fs

NirmataAgent

ContainerContainerContainer

Admins 1. Manage Secrets 2. Manage Apps

ManagingsecretsusingKeywhiz

Page 11: Containerizing Traditional Applications Microservices and Cloud

ContainerizingTraditionalApplications–SFBayAreaMicroservicesMeetup-August24th2016

11

Summary

1.  Containersecurityisanconsiderationincontainerizingatraditionalapplication

2.  Yourcontainersecuritystrategyshouldaddress:o  TheExecutionEnvironmento  ContainerImageManagemento  TheApplication

3.  Withtherighttooling,runningapplicationsincontainerscanbemoresecure!

Page 12: Containerizing Traditional Applications Microservices and Cloud

ContainerizingTraditionalApplications–SFBayAreaMicroservicesMeetup-August24th2016

12

Ifyoulikedthissession…

1.  Ratethissessionandaddareview

2.  Getafreetrialsofoursponsor’stools!

http://www.meetup.com/microservices/

try.nirmata.iohttps://www.twistlock.com/demo/

Page 13: Containerizing Traditional Applications Microservices and Cloud

ContainerizingTraditionalApplications–SFBayAreaMicroservicesMeetup-August24th2016

13

o  [email protected]  @ChenxiWango  https://www.linkedin.com/in/chenxiwang88

o  [email protected]  @JimBugwadiao  https://www.linkedin.com/in/jimbugwadia

o  [email protected]  @riteshdpo  https://www.linkedin.com/in/patelrit

Getintouch welovetohelp!

Page 14: Containerizing Traditional Applications Microservices and Cloud

ContainerizingTraditionalApplications–SFBayAreaMicroservicesMeetup-August24th2016

14

Questions

Answers

&


Microservices Practitioner Summit Jan '15 - Microservices Practitioner Summit - Framing Microservices - Richard Li

Microservices & Containers - Pneuron · Microservices & Containers The Pneuron Perspective. ... The Rise of Microservices Microservices is an architectural style for application

Microservices & Serverless - clnv.s3.amazonaws.com · Why Microservices? … and when! Applying Twelve Factors Applying Microservices Design principles Demos, demos, demos Microservices

“Containerizing” applications with Docker: Ecosystem and Tools

Containerizing PostgreSQL and Making it Cloud Native …schd.ws/hosted_files/cnd2016/8d/Containerizing PostgreSQL and... · Containerizing PostgreSQL and Making it Cloud Native Ready

Containerizing Your On-Premise Environment

Building microservices .net - Dublin Microservices UG 20160928

DEVNET-1135Thanks, Docker! The Pro’s and Con’s of Containerizing your OpenStack Services

Containerizing Your Dev Environment

Containerizing Your Development Infrastructure

Of microservices and microservices

Microservices - Was EAs zu Microservices wissen sollten

Containerizing Traditional Applications

Microservices - NYS Forum Home cb..1.pdf · Agenda Technology What are Microservices? Characteristics of Microservices Microservices and SOA Challenges Strategy Adoption –Microservices

Containerizing a REST API and Deploying to Kubernetes

The Technical Journey to Microservices - Microservices UX

Microservices and Prometheus (Microservices NYC 2016)

Containerizing the largest Dutch e-commerce site: The bol.com story

MICROSERVICES - blog.douglampe.comblog.douglampe.com/.../2019/03/Microservices-Little... · Microservices Concerns Service Registry/Discovery ... Distributed Transactions. Service

Application Performance Management - Run Digital …...Application Performance Management in a Containerized World Traditional monitoring tools don’t support distributed microservices

Red Hat Runtimes CONFIDENTIAL Designator Maximize Revenue … · SERVERLESS APPLICATIONS STATELESS, EVENT-DRIVEN MICROSERVICES HIGH PERFORMANCE TRADITIONAL MONOLITHIC STATEFUL TRANSACTIONAL

Containerizing the NASA Land Information System Framework · 2018. 10. 12. · Jossy Jacob, NASA/Goddard Containerizing the NASA Land Information System Framework. Title: 29_Vaughan

Containerizing GPU Applications with Docker for Scaling to the …€¦ · Containerizing GPU Applications with Docker for Scaling to the Cloud FUTURE OF PACKAGING APPLICATIONS SUBBU

Kolla - containerizing the cloud itself

Containerizing GPU Applications with Docker for Scaling to the Cloud

Microservices At Gilt - NYC Microservices Meetup

CloudDevelop 2014 - Containerizing Application Development

Containerizing Distributed Pipes

Containerizing legacy applications - OSCON 2016

Containerizing Network Services - Alon Harel - OpenStack Day Israel 2016

Containerizing the Cloud with Kubernetes and Docker

HyScale: Hybrid Scaling of Dockerized Microservices ...msrg.org/...HyScale:_Hybrid_Scaling_of_Dockeriz.pdf · Traditional methods for scaling can generally be categorized into vertical

What's Better than Microservices? Serverless Microservices

Open Liberty 2020 Open Liberty Runtime Guide€¦ · To learn how to containerize and run your microservices with Open Liberty, see Containerizing microservices. Open Liberty supports

Scrum Gathering Portugal 2016 - Containerizing Tests with Docker