🛡️ def April 2024

Thanks to Marcus Noble talk at Rejekts Paris 2024 💯

slides/all.yml

@@ -1,11 +1,11 @@
 title: |
   Docker & Kubernetes
 
-chat: "[FIXME](https://FIXME.container.training/mattermost/)"
+chat: "[Mattermost](https://intra.container.training/mattermost/)"
 
 gitrepo: github.com/jpetazzo/container.training
 
-slides: https://2024-04-suadeo.container.training/
+slides: https://2024-04-intra.container.training/
 
 #slidenumberprefix: "#SomeHashTag — "
 
@@ -34,26 +34,25 @@ content:
   - containers/Cmd_And_Entrypoint.md
   - containers/Copying_Files_During_Build.md
   - containers/Exercise_Dockerfile_Basic.md
+- # DAY 2
   - containers/Dockerfile_Tips.md
   - containers/Multi_Stage_Builds.md
   - containers/Container_Networking_Basics.md
-- # DAY 2
   - containers/Local_Development_Workflow.md
   - containers/Getting_Inside.md
   - containers/Container_Network_Model.md
   - containers/Compose_For_Dev_Stacks.md
   - containers/Exercise_Composefile.md
   - containers/Exercise_Dockerfile_Advanced.md
-  - |
-    # Kubernetes
+- # DAY 3
   - shared/connecting.md
+  - shared/toc.md
   #- k8s/versions-k8s.md
   - shared/sampleapp.md
   #- shared/composescale.md
   #- shared/hastyconclusions.md
   - shared/composedown.md
   - k8s/concepts-k8s.md
-- # DAY 3
   - k8s/kubectlget.md
   - k8s/kubectl-run.md
   - k8s/kubectlexpose.md
@@ -62,12 +61,19 @@ content:
   - k8s/shippingimages.md
   #- k8s/buildshiprun-selfhosted.md
   - k8s/buildshiprun-dockerhub.md
+  - exercises/k8sfundamentals-details.md
+  #- k8s/exercise-wordsmith.md
+- # DAY 4
+  - k8s/ourapponkube.md
+  - shared/yaml.md
   - k8s/labels-annotations.md
   - k8s/kubectl-logs.md
   - k8s/logs-cli.md
-  - exercises/k8sfundamentals-details.md
-  #- k8s/exercise-wordsmith.md
-  - k8s/ourapponkube.md
+  - k8s/yamldeploy.md
+  - k8s/namespaces.md
+  - shared/declarative.md
+  - k8s/declarative.md
+  - k8s/deploymentslideshow.md
   #- k8s/setup-overview.md
   - k8s/setup-devel.md
   #- k8s/setup-managed.md
@@ -75,15 +81,10 @@ content:
   - k8s/localkubeconfig.md
   - k8s/accessinternal.md
   #- k8s/kubectlproxy.md
-  - shared/declarative.md
-  - k8s/declarative.md
-  - k8s/deploymentslideshow.md
+  - exercises/yaml-details.md
   - exercises/localcluster-details.md
-- # DAY 4
+- # DAY 5
   #- k8s/kubectlscale.md
-  - shared/yaml.md
-  - k8s/yamldeploy.md
-  - k8s/namespaces.md
   - k8s/scalingdockercoins.md
   - shared/hastyconclusions.md
   - k8s/daemonset.md
@@ -93,7 +94,6 @@ content:
   - k8s/volumes.md
   - k8s/configuration.md
   - k8s/secrets.md
-  - exercises/yaml-details.md
   - shared/thankyou.md
 - 
   - |

slides/k8s/admission.md

@@ -20,19 +20,21 @@
 
 ## Use cases
 
-Some examples ...
+- Defaulting
 
-- Stand-alone admission controllers
+  *injecting image pull secrets, sidecars, environment variables...*
 
-  *validating:* policy enforcement (e.g. quotas, naming conventions ...)
+- Policy enforcement and best practices
 
-  *mutating:* inject or provide default values (e.g. pod presets)
+  *prevent: `latest` images, deprecated APIs...*
 
-- Admission controllers part of a greater system
+  *require: PDBs, resource requests/limits, labels/annotations, local registry...*
 
-  *validating:* advanced typing for operators
+- Problem mitigation
 
-  *mutating:* inject sidecars for service meshes
+  *block nodes with vulnerable kernels, inject log4j mitigations...*
+
+- Extended validation for operators
 
 ---
 

slides/logistics-template.md

@@ -2,7 +2,9 @@
 
 - Hello! I'm Jérôme Petazzoni ([@jpetazzo@hachyderm.io], Enix SAS)
 
-- The workshop will run from FIXME
+- The training will run from 9:30 to 13:00
+
+- There will be a break around 11:00 (approximately!)
 
 - Feel free to interrupt for questions at any time