Establishing Image Provenance and Security in Kubernetes

Take any container running in your Kubernetes cluster. What can you say about it and with what level of certainty? Do you know where it came from? Could an attacker have modified it? Is it up-to-date? Can you identify the exact revision of the code that the image was built from?

This talk will look at what guarantees Kubernetes gives you out-of-the-box, and what you can do to establish a trustworthy and reliable workflow for deploying and updating images. Topics and tooling covered will include:

* issues related to Kubernetes handling of images
* building images in a repeatable manner
* distributing images through registries
* verifying provenance with secure hashes as well as Notary/TUF


* A basic knowledge of Kubernetes and Docker.


* People starting their journey with Kubernetes/Docker should leave knowing a little more about how it handles images and will hopefully avoid some common pitfalls.

* People with more advanced knowledge should leave thinking about how they can better design their systems and make use of existing tooling to improve their processes.



ab 8.30 Uhr Registrierung und Begrüßungskaffee

9.30 Uhr Beginn


Machine Learning

  • Was ist Machine Learning?
  • Der typische ML Workflow
  • Was sind neuronale Netze?
  • Jupyter Lab mit Python
  • Eine Einführung in TensorFlow
  • Keras als High-Level API für TensorFlow

Praxisteil: Deep Learning Modelle mit Keras

  • Datengeneratoren
  • Datasets explorativ analysieren
  • Hold-Out vs. Cross Validation

11.00 - 11.15 Uhr: Kaffeepause

Praxisteil: Deep Learning Modelle mit Keras

  • Feed-Forward Netzarchitektur
  • Convolutional Neural Networks als Deep Learning Ansatz
  • Evaluation und Visualisierung des Modells

12.30 - 13.30 Uhr: Mittagspause

Pipelines mit Luigi

  • Anforderungen an produktive Modelle
  • Übersicht über Luigi und dessen Module
  • Bau eines Beispiel-Workflows

Praxisteil: Den Keras-Workflow mit Luigi implementieren

  • Anforderungen an produktive Modelle
  • Übersicht über Luigi und dessen Module
  • Bau eines Beispiel-Workflows

15.30 - 15.45 Uhr: Kaffeepause

Praxisteil: TensorFlow-Serving

  • Übersicht über TensorFlow-Serving
  • Ladestrategien konfigurieren
  • Deployment des Modells

ca. 17.00 Uhr: Ende




Adrian Mouat is Chief Scientist at Container Solutions, a cloud-native consultancy and Kubernetes Certified Service Provider. Adrian is a member of the Docker Captains program and the author of "Using Docker", published by O'Reilly Media (and translated into German by dpunkt.verlag). He is currently working on, a platform for managing and controlling the flow of container images through clusters. Adrian is a regular conference speaker and trainer. Recent speaking events include DockerCon and DockerConEU, CraftConf, TuringFest and GOTO Amsterdam.





Sie möchten über die Continuous Lifecycle
auf dem Laufenden gehalten werden?