fix-redirects.sh: adding forced redirect

k8s/haproxy.yaml

@@ -9,7 +9,7 @@ spec:
       name: haproxy
   containers:
   - name: haproxy
-    image: haproxy:1
+    image: haproxy
     volumeMounts:
     - name: config
       mountPath: /usr/local/etc/haproxy/

k8s/ingress.yaml

@@ -1,13 +1,13 @@
 apiVersion: networking.k8s.io/v1beta1
 kind: Ingress
 metadata:
-  name: whatever
+  name: kibana
 spec:
   rules:
-  - host: whatever.A.B.C.D.nip.io
+  - host: kibana.185.145.251.54.nip.io
     http:
       paths:
       - path: /
         backend:
-          serviceName: whatever
-          servicePort: 1234
+          serviceName: kibana
+          servicePort: 5601

k8s/nginx-1-without-volume.yaml

@@ -1,8 +0,0 @@
-apiVersion: v1
-kind: Pod
-metadata:
-  name: nginx-without-volume
-spec:
-  containers:
-  - name: nginx
-    image: nginx

k8s/nginx-2-with-volume.yaml

@@ -1,13 +0,0 @@
-apiVersion: v1
-kind: Pod
-metadata:
-  name: nginx-with-volume
-spec:
-  volumes:
-  - name: www
-  containers:
-  - name: nginx
-    image: nginx
-    volumeMounts:
-    - name: www
-      mountPath: /usr/share/nginx/html/

k8s/nginx-4-with-init.yaml

@@ -1,20 +0,0 @@
-apiVersion: v1
-kind: Pod
-metadata:
-  name: nginx-with-init
-spec:
-  volumes:
-  - name: www
-  containers:
-  - name: nginx
-    image: nginx
-    volumeMounts:
-    - name: www
-      mountPath: /usr/share/nginx/html/
-  initContainers:
-  - name: git
-    image: alpine
-    command: [ "sh", "-c", "apk add --no-cache git && git clone https://github.com/octocat/Spoon-Knife /www" ]
-    volumeMounts:
-    - name: www
-      mountPath: /www/

k8s/nginx-with-volume.yaml

@@ -1,7 +1,7 @@
 apiVersion: v1
 kind: Pod
 metadata:
-  name: nginx-with-git
+  name: nginx-with-volume
 spec:
   volumes:
   - name: www

prepare-vms/Dockerfile

@@ -8,47 +8,23 @@ RUN apt-get update && apt-get install -y \
     groff \
     jq \
     less \
-    locales \
     man \
     pssh \
     python \
-    python3 \
     python-docutils \
     python-pip \
-    python3-pip \
     ssh \
-    unzip \
     wkhtmltopdf \
     xvfb \
     --no-install-recommends \
     && rm -rf /var/lib/apt/lists/*
 
-# Set the locale
-RUN sed -i -e 's/# en_GB.UTF-8 UTF-8/en_GB.UTF-8 UTF-8/' /etc/locale.gen && \
-    dpkg-reconfigure --frontend=noninteractive locales && \
-    update-locale LANG=en_GB.UTF-8
-
-ENV LANG en_GB.UTF-8
-ENV LC_ALL en_GB.UTF-8
-
-ARG TERRAFORM_VERSION=0.11.13
-RUN curl -s https://releases.hashicorp.com/terraform/${TERRAFORM_VERSION}/terraform_${TERRAFORM_VERSION}_linux_amd64.zip \
-    -o terraform_${TERRAFORM_VERSION}_linux_amd64.zip \
- && unzip terraform_${TERRAFORM_VERSION}_linux_amd64.zip \
- && mv terraform /usr/local/bin \
- && rm terraform_${TERRAFORM_VERSION}_linux_amd64.zip
-
-
-RUN pip install -U \
+RUN pip install \
     awscli \
     jinja2 \
     pdfkit \
     PyYAML \
-    termcolor \
- && pip3 install -U \
-    jinja2 \
-    pdfkit \
-    PyYAML
+    termcolor
 
 RUN mv $(which wkhtmltopdf) $(which wkhtmltopdf).real
 COPY lib/wkhtmltopdf /usr/local/bin/wkhtmltopdf

prepare-vms/docker-compose.yml

@@ -7,8 +7,6 @@ services:
         working_dir: /root/prepare-vms
         volumes:
             - $HOME/.aws/:/root/.aws/
-            - $HOME/.ssh/:/root/.ssh/
-            - $HOME/.config/openstack:/root/.config/openstack
             - $SSH_AUTH_SOCK:$SSH_AUTH_SOCK
             - $PWD/:/root/prepare-vms/
         environment:
@@ -18,4 +16,4 @@ services:
             AWS_DEFAULT_REGION: ${AWS_DEFAULT_REGION}
             AWS_INSTANCE_TYPE: ${AWS_INSTANCE_TYPE}
             USER: ${USER}
-#        entrypoint: /root/prepare-vms/workshopctl
+        entrypoint: /root/prepare-vms/workshopctl

prepare-vms/lib/commands.sh

@@ -264,18 +264,6 @@ EOF"
     sep "Done"
 }
 
-_cmd minikube "Install kind to optionnaly transform a docker machine in a small kube cluster"
-_cmd_minikube() {
-    TAG=$1
-    need_tag
-
-    pssh --timeout 200 "
-    sudo curl -L https://github.com/kubernetes/minikube/releases/download/v1.6.2/minikube-linux-amd64 -o /usr/local/bin/minikube
-    sudo chmod +x /usr/local/bin/minikube
-    sudo minikube config set vm-driver none
-    "
-}
-
 _cmd kubereset "Wipe out Kubernetes configuration on all nodes"
 _cmd_kubereset() {
     TAG=$1

prepare-vms/lib/postprep.py

@@ -106,7 +106,6 @@ system("sudo sed -i 's/PasswordAuthentication no/PasswordAuthentication yes/' /e
 system("sudo service ssh restart")
 system("sudo apt-get -q update")
 system("sudo apt-get -qy install git jq")
-system("sudo apt-get -qy install emacs-nox joe")
 
 #######################
 ### DOCKER INSTALLS ###

prepare-vms/settings/fundamentals.yaml

@@ -27,6 +27,4 @@ compose_version: 1.24.1
 machine_version: 0.15.0
 
 # Password used to connect with the "docker user"
-docker_user_password: Unicaen
-
-url: https://intro-2019-12.container.training/
+docker_user_password: training

prepare-vms/templates/cards.html

@@ -5,15 +5,15 @@
 #}
 
 {%- set url = url
-    | default("http://FIXME.container.training/") -%}
+    | default("http://velocity-2019-11.container.training/") -%}
 {%- set pagesize = pagesize
     | default(9) -%}
 {%- set lang = lang
     | default("en") -%}
 {%- set event = event
-    | default("training session") -%}
+    | default("tutorial") -%}
 {%- set backside = backside
-    | default(False) -%}
+    | default(True) -%}
 {%- set image = image
     | default("kube") -%}
 {%- set clusternumber = clusternumber
@@ -212,16 +212,17 @@ img.kube {
 			{% for x in range(pagesize) %}
 		        <div class="back">
 		        <br/>
-				<p>You got this at the workshop
-				"Getting Started With Kubernetes and Container Orchestration"
-				during QCON London (March 2019).</p>
-				<p>If you liked that workshop,
+				<p>You got this at the tutorial
+				"Deploying and Scaling Applications
+                                with Kubernetes"
+                                during Velocity Berlin (November 2019).</p>
+				<p>If you liked that tutorial,
 				I can train your team or organization
 				on Docker, container, and Kubernetes,
 				with curriculums of 1 to 5 days.
 				</p>
 				<p>Interested? Contact me at:</p>
-				<p>jerome.petazzoni@gmail.com</p>
+				<p><strong>jerome.petazzoni@gmail.com</strong></p>
 				<p>Thank you!</p>
 		        </div>
 			{% endfor %}

prepare-vms/terraform/machines.tf

@@ -1,5 +1,5 @@
 resource "openstack_compute_instance_v2" "machine" {
-  count           = "${var.count}"
+  count           = "${var.count}" 
   name            = "${format("%s-%04d", "${var.prefix}", count.index+1)}"
   image_name      = "Ubuntu 16.04.5 (Xenial Xerus)"
   flavor_name     = "${var.flavor}"

prepare-vms/terraform/provider.tf

@@ -1,13 +1,13 @@
 provider "openstack" {
-  #  user_name   = "${var.user}"
-  #  tenant_name = "${var.tenant}"
-  #  domain_name = "${var.domain}"
-  #  password    = "${var.password}"
-  #  auth_url    = "${var.auth_url}"
+  user_name   = "${var.user}"
+  tenant_name = "${var.tenant}"
+  domain_name = "${var.domain}"
+  password    = "${var.password}"
+  auth_url    = "${var.auth_url}"
 }
 
-#variable "user" {}
-#variable "tenant" {}
-#variable "domain" {}
-#variable "password" {}
-#variable "auth_url" {}
+variable "user" {}
+variable "tenant" {}
+variable "domain" {}
+variable "password" {}
+variable "auth_url" {}

slides/_redirects

@@ -1,8 +1,7 @@
 # Uncomment and/or edit one of the the following lines if necessary.
 #/ /kube-halfday.yml.html 200
 #/ /kube-fullday.yml.html 200
-#/ /kube-twodays.yml.html 200
-/ /intro-fullday.yml.html 200!
+/ /kube-twodays.yml.html 200!
 
 # And this allows to do "git clone https://container.training".
 /info/refs service=git-upload-pack https://github.com/jpetazzo/container.training/info/refs?service=git-upload-pack

slides/containers/Advanced_Dockerfiles.md

@@ -27,9 +27,7 @@ In this section, we will see more Dockerfile commands.
 * When there are no changes in the instructions and files making a layer,
   the builder re-uses the cached layer, without executing the instruction for that layer.
 
-* The `FROM` instruction ~~MUST~~ be the first non-comment instruction.
-
- (Addendum: `ARG` can now be placed before a `FROM`)
+* The `FROM` instruction MUST be the first non-comment instruction.
 
 * Lines starting with `#` are treated as comments.
 

slides/containers/Container_Engines.md

@@ -104,6 +104,22 @@ like Windows, macOS, Solaris, FreeBSD ...
 
 ---
 
+## rkt
+
+* Compares to `runc`.
+
+* No daemon or API.
+
+* Strong emphasis on security (through privilege separation).
+
+* Networking has to be set up separately (e.g. through CNI plugins).
+
+* Partial image management (pull, but no push).
+
+  (Image build is handled by separate tools.)
+
+---
+
 ## CRI-O
 
 * Designed to be used with Kubernetes as a simple, basic runtime.

slides/containers/Init_systems.md

@@ -1,79 +0,0 @@
-# Init-systems and PID 1
-
-In this chapter, we will consider the role of PID 1 in the world of Docker,
-
-and how to avoid some common pitfalls due to the misuse of init-systems.
-
----
-## Don't use init-systems
-
-- It's often tempting to use init-systems (*systemd*, *supervisord*)
-
-  and use docker as a "lightweight VM"
-
-- This often a bad idea, as it make things harder to debug:
-
-  - *example 1*: if you start a container changing it's entrypoint to a shell,
-
-      how to easily start the original process ?
-
-  - *example 2*: if you run multiple process, logs are mixed to stdout
-
-  - *example 3*: you're process is dying but you're init process is not
-
-      => the container is running for nothing
-
----
-## Don't use init-systems, but ...
-
-- In UNIX, a dead child process still use a PID till it's parent read it's status
-
-- In the meantime of being read by it's parent,
-
-  those process are called `Zombie` or `defunct` process
-
-- If not being ripped off, zombie processes could crash a server (PID exhaution)
-
-- If the parent also dies before reading it's child container the zombie are attach to the PID 1 in some cases.
-
-- On a VM or real system, one of the role of the PID 1(Init-systems) is to rip zombies.
-
-  *This also apply to containers*
-
----
-## Use an init
-
-- You're application is running as PID 1 in the docker container
-
-- You're application is surely not designed to read status of random attaching child
-
-- Then everything is blowing up due to PID exhaution
-
-  => Docker now has a built-in init you can enable `docker run --init`
-
-- This is a small init-system([tini](https://github.com/krallin/tini)) that takes the role of PID 1
-
-- Only rips zombies, completly transparent otherwise
-
-  (forwards signals, exit when child exit, etc).
-
-- Orchestrators like kubernetes has no option to turn `--init` when running container,
-
-  so you might want to add explicitly to you're docker image, and use it as entrypoint
-
----
-## Use it or not ?
-
-- Sometimes it's also handy to run a full init-system like *systemd*:
-
-  - In CI when you're goal is exactly to test an init-script or a unit-file.
-
-- You might think, if it's ok for *systemd*, this is surely ok for *supervisord*
-
-  especially running multiple times the same process (then, mixed logs is not a big deal)
-
-  => I would strongly *NOT* recommand to do so.
-
-- It's often design to restart unhealthy process automatically
-
-  and thus masquerade things to the operator or to the orchestrator (whose role is identical)

slides/containers/Multi_Stage_Builds.md

@@ -311,3 +311,5 @@ virtually "free."
   (Instead of using multiple Dockerfiles, which could go out of sync)
 
 * Sometimes, we want to inspect a specific intermediary build stage.
+
+* Or, we want to describe multiple images using a single Dockerfile.

slides/electricity.md

@@ -0,0 +1,26 @@
+# End of day 1!
+
+---
+
+class: pic
+
+![Electricity map](images/electricity-map.png)
+
+---
+
+## Our VMs are low-carbon
+
+- The closest EC2 region to Berlin is eu-central-1
+
+  (Frankfurt; Germany electricity mix: wind, coal, nuclear, gas)
+
+- Instead, we deployed these VMs in eu-north-1
+
+  (Stockholm; Sweden electricity mix: hydro, nuclear, wind)
+
+- According to [Electricity Map](https://electricitymap.org/), they produce ~5x less carbon
+
+  (at least Monday morning, when the VMs were deployed)
+
+- The latency was a bit higher; let me know if you saw any difference!
+

slides/images/kubernetes_pods.drawio

@@ -1 +0,0 @@
-<mxfile host="www.draw.io" modified="2019-12-06T15:04:22.728Z" agent="Mozilla/5.0 (X11; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0" etag="zsQLtxL9GRXJF3jcROIq" version="12.3.7" type="device" pages="1"><diagram id="hOpsmMj0j3CSse8MyRSQ" name="Page-1">3VhLU9swEP41nmkPzcR2EpIjCaHtUEo6HCi9dBRb2BoUy8hyHvz6rmzJD9mBQBJgmoMjrVcr6dtvVytb7mSx/spRHF4yH1PL6fpryz2zHMcZ9Rz4k5JNLrFtd5RLAk58JSsF1+QRK2FXSVPi46SmKBijgsR1oceiCHuiJkOcs1Vd7Y7R+qwxCnBDcO0h2pTeEF+EuXTonJTyb5gEoZ7ZHqj9LZBWVjtJQuSzVUXkTi13whkTeWuxnmAq0dO45OPOt7wtFsZxJHYZ8PfXAwsvwsvLP5duOpn2bx4ufnyx1WqXiKZqx5YzoGBw7JMlNAPZDFkiQOkTGF8iDk9K5vC8T+eYYnhz3ul0Putxc66HaQkoVIwpNMRGQ8xZGvlYrrILr1chEfg6Rp58uwJWyfnFgkLPhiaiJIigzXPMlbUl5gKvtwJjF3ADUTFbYME3oKIGDJWDFEXdruqvSn/3ekoWVn2tPYsUx4LCdOkGaChPvMQrDafMmL8fbiHj5JFFAmmBhIwAz08VoILFR4GztyOaheLB0XQaaMYoTXCeNAQiEeb7YXsA0AoubeogVlBz3RbUjgaa2wAtCki0/nBA2S38elukei0Z1AAJR/6pPIug51GUJMSr4wJ755vf1c6tBLTT192ztQI47210b01EMQzalVHQKwfJTjHGh/NNLQ3TOVtNS4FykFR52j2wO5ZyDz9PIIF4gMVz0dl0d8Wd/RZvahnHFAmyrC+3zcVqhhkjkaiwqWvk/oHBknybalT1cDUN9Q1DtmEox6FhCGiBNhW1WCok2xfcM7Kr7dYOfWjkFks6F5i+nuHNGiHm0miI00TSZR0ziOiPl0SdlpP8bXOD3TzJd0sOCfBFaHHEIvxBE0a2znMiUcmUd00g7xXwPSNOHbOG2zXgTUNFJjl2wA/eIODtYQttG7eCn1isGL+3JIQDtJDxnD9B8n02yeU7XgkaxiO0wEmWLLKbEydRsON1AvKHaL8zeMBBSFPN2ndBfD+jM8cJeUTzzJSks/IO2O2Prf6ZnM4dUwTXnjHy7oMswU0YZTyb2r3LftIOE8BSJm2PyrBoSW7q2qqmtAo6VgPmicyyNRV2O1Bl92rM0XXwvkfm0AigugF2d5dgYVD0MKRslqQN3wNTYpxlTIGfP3LmhQ+vUkGJTLKZ3Ef8/gpGEZHlwE5XJsgk/zThHOmscp3mWTVoyYPDox1VB6hjP3r2t/XnKBP0F5d7hiF7aITBlux/sFgY/E+x4JhV+LvHwsn+saBLLV1P3VZrK7lxe1QWXtX6bIY5gW3Ig+pFJdUOd7KcNu8VfeaHoZNXBp9jlvlm+f7q4INu+T02Vy8/a7vTfw==</diagram></mxfile>

slides/intro-fullday.yml

@@ -1,78 +0,0 @@
-title: |
-  Introduction
-  to Containers
-
-#chat: "[Slack](https://dockercommunity.slack.com/messages/C7GKACWDV)"
-chat: "[Gitter](https://gitter.im/enix/univ-caen-intro-docker)"
-
-gitrepo: github.com/jpetazzo/container.training
-
-slides: http://intro-2019-12-container.training/
-
-#slidenumberprefix: "#SomeHashTag — "
-
-exclude:
-- self-paced
-
-chapters:
-- shared/title.md
-- logistics.md
-- containers/intro.md
-- shared/about-slides.md
-- shared/toc.md
--
-  - containers/Docker_Overview.md
-  #- containers/Docker_History.md
-  - containers/Training_Environment.md
-  - containers/Installing_Docker.md
-  - containers/First_Containers.md
-  - containers/Background_Containers.md
-  - containers/Initial_Images.md
--
-  - containers/Building_Images_Interactively.md
-  - containers/Building_Images_With_Dockerfiles.md
-  - containers/Cmd_And_Entrypoint.md
-  - containers/Copying_Files_During_Build.md
-  - containers/Exercise_Dockerfile_Basic.md
--
-  - containers/Dockerfile_Tips.md
-  - containers/Multi_Stage_Builds.md
-  - containers/Publishing_To_Docker_Hub.md
-  - containers/Exercise_Dockerfile_Advanced.md
--
-  - containers/Naming_And_Inspecting.md
-  - containers/Labels.md
-  - containers/Start_And_Attach.md
-  - containers/Getting_Inside.md
-  - containers/Resource_Limits.md
-- # Day 2
-  - containers/Container_Networking_Basics.md
-  - containers/Network_Drivers.md
-  - containers/Container_Network_Model.md
-  #- containers/Connecting_Containers_With_Links.md
--
-  - containers/Local_Development_Workflow.md
-  #- containers/Windows_Containers.md
-  - containers/Working_With_Volumes.md
-  - containers/Compose_For_Dev_Stacks.md
-  - containers/Exercise_Composefile.md
--
-#  - containers/Docker_Machine.md
-  - containers/Ambassadors.md
-  - containers/Advanced_Dockerfiles.md
-  - containers/Init_systems.md
-  - containers/Application_Configuration.md
-  - containers/Logging.md
--
-  - containers/Container_Engines.md
-  - k8s/Pods_anatomy.md
-  #- containers/Ecosystem.md
-  - containers/Orchestration_Overview.md
-  - shared/thankyou.md
-  - containers/links.md
--
-  - |
-    # Appendix
-  - containers/Namespaces_Cgroups.md
-  - containers/Copy_On_Write.md
-  #- containers/Containers_From_Scratch.md

slides/intro-selfpaced.yml

@@ -1,65 +0,0 @@
-title: |
-  Introduction
-  to Containers
-
-chat: "[Slack](https://dockercommunity.slack.com/messages/C7GKACWDV)"
-#chat: "[Gitter](https://gitter.im/jpetazzo/workshop-yyyymmdd-city)"
-
-gitrepo: github.com/jpetazzo/container.training
-
-slides: http://container.training/
-
-#slidenumberprefix: "#SomeHashTag — "
-
-exclude:
-- in-person
-
-chapters:
-- shared/title.md
-# - shared/logistics.md
-- containers/intro.md
-- shared/about-slides.md
-- shared/toc.md
-- - containers/Docker_Overview.md
-  - containers/Docker_History.md
-  - containers/Training_Environment.md
-  - containers/Installing_Docker.md
-  - containers/First_Containers.md
-  - containers/Background_Containers.md
-  - containers/Start_And_Attach.md
-- - containers/Initial_Images.md
-  - containers/Building_Images_Interactively.md
-  - containers/Building_Images_With_Dockerfiles.md
-  - containers/Cmd_And_Entrypoint.md
-  - containers/Copying_Files_During_Build.md
-  - containers/Exercise_Dockerfile_Basic.md
-- - containers/Multi_Stage_Builds.md
-  - containers/Publishing_To_Docker_Hub.md
-  - containers/Dockerfile_Tips.md
-  - containers/Exercise_Dockerfile_Advanced.md
-- - containers/Naming_And_Inspecting.md
-  - containers/Labels.md
-  - containers/Getting_Inside.md
-- - containers/Container_Networking_Basics.md
-  - containers/Network_Drivers.md
-  - containers/Container_Network_Model.md
-  #- containers/Connecting_Containers_With_Links.md
-  - containers/Ambassadors.md
-- - containers/Local_Development_Workflow.md
-  - containers/Windows_Containers.md
-  - containers/Working_With_Volumes.md
-  - containers/Compose_For_Dev_Stacks.md
-  - containers/Exercise_Composefile.md
-  - containers/Docker_Machine.md
-- - containers/Advanced_Dockerfiles.md
-  - containers/Application_Configuration.md
-  - containers/Logging.md
-  - containers/Resource_Limits.md
-- - containers/Namespaces_Cgroups.md
-  - containers/Copy_On_Write.md
-  #- containers/Containers_From_Scratch.md
-- - containers/Container_Engines.md
-  - containers/Ecosystem.md
-  - containers/Orchestration_Overview.md
-  - shared/thankyou.md
-  - containers/links.md

slides/k8s/Pods_anatomy.md

@@ -1,27 +0,0 @@
-# container super-structure (Pods)
-
-A container super-structure supported by many container engine seems to emerge,
-we will see how it maps in the docker worlds
-
-
-
----
-class: pic
-
-## Pod
-
-![Pods](images/kubernetes_pods.svg)
----
-# Anatomy of a Pod
-
-- The containers inside a pod share the network namespace (`--net=container:<container_id>`)
-
-   => the one of the "pause" containers
-
-- This means that if the container "pause" is killed all other container are killed
-
-- This is the reason for this container to do nothing but being alive
-
-- Containers can contact other container port via `localhost`
-
-- Containers don't share filesystem except the volumes you want to mount on each of them

slides/k8s/concepts-k8s.md

@@ -44,37 +44,21 @@
 
 ## Other things that Kubernetes can do for us
 
-- Autoscaling
+- Basic autoscaling
 
-  (straightforward on CPU; more complex on other metrics)
+- Blue/green deployment, canary deployment
 
-- Ressource management and scheduling
+- Long running services, but also batch (one-off) jobs
 
-  (reserve CPU/RAM for containers; placement constraints)
+- Overcommit our cluster and *evict* low-priority jobs
 
-- Advanced rollout patterns
+- Run services with *stateful* data (databases etc.)
 
-  (blue/green deployment, canary deployment)
+- Fine-grained access control defining *what* can be done by *whom* on *which* resources
 
----
+- Integrating third party services (*service catalog*)
 
-## More things that Kubernetes can do for us
-
-- Batch jobs
-
-  (one-off; parallel; also cron-style periodic execution)
-
-- Fine-grained access control
-
-  (defining *what* can be done by *whom* on *which* resources)
-
-- Stateful services
-
-  (databases, message queues, etc.)
-
-- Automating complex tasks with *operators*
-
-  (e.g. database replication, failover, etc.)
+- Automating complex tasks (*operators*)
 
 ---
 
@@ -207,29 +191,11 @@ No!
 
 - By default, Kubernetes uses the Docker Engine to run containers
 
-- We can leverage other pluggable runtimes through the *Container Runtime Interface*
+- We could also use `rkt` ("Rocket") from CoreOS
 
-- <del>We could also use `rkt` ("Rocket") from CoreOS</del> (deprecated)
+- Or leverage other pluggable runtimes through the *Container Runtime Interface*
 
----
-
-class: extra-details
-
-## Some runtimes available through CRI
-
-- [containerd](https://github.com/containerd/containerd/blob/master/README.md)
-
-  - maintained by Docker, IBM, and community
-  - used by Docker Engine, microk8s, k3s, GKE; also standalone
-  - comes with its own CLI, `ctr`
-
-- [CRI-O](https://github.com/cri-o/cri-o/blob/master/README.md):
-
-  - maintained by Red Hat, SUSE, and community
-  - used by OpenShift and Kubic
-  - designed specifically as a minimal runtime for Kubernetes
-
-- [And more](https://kubernetes.io/docs/setup/production-environment/container-runtimes/)
+  (like CRI-O, or containerd)
 
 ---
 
@@ -299,48 +265,6 @@ class: pic
 
 ---
 
-## Scaling
-
-- How would we scale the pod shown on the previous slide?
-
-- **Do** create additional pods
-
-  - each pod can be on a different node
-
-  - each pod will have its own IP address
-
-- **Do not** add more NGINX containers in the pod
-
-  - all the NGINX containers would be on the same node
-
-  - they would all have the same IP address
-    <br/>(resulting in `Address alreading in use` errors)
-
----
-
-## Together or separate
-
-- Should we put e.g. a web application server and a cache together?
-  <br/>
-  ("cache" being something like e.g. Memcached or Redis)
-
-- Putting them **in the same pod** means:
-
-  - they have to be scaled together
-
-  - they can communicate very efficiently over `localhost`
-
-- Putting them **in different pods** means:
-
-  - they can be scaled separately
-
-  - they must communicate over remote IP addresses
-    <br/>(incurring more latency, lower performance)
-
-- Both scenarios can make sense, depending on our goals
-
----
-
 ## Credits
 
 - The first diagram is courtesy of Lucas Käldström, in [this presentation](https://speakerdeck.com/luxas/kubeadm-cluster-creation-internals-from-self-hosting-to-upgradability-and-ha)

slides/k8s/configuration.md

@@ -193,12 +193,7 @@
 
 - Best practice: set a memory limit, and pass it to the runtime
 
-- Note: recent versions of the JVM can do this automatically
-
-  (see [JDK-8146115](https://bugs.java.com/bugdatabase/view_bug.do?bug_id=JDK-8146115))
-  and
-  [this blog post](https://very-serio.us/2017/12/05/running-jvms-in-kubernetes/)
-  for detailed examples)
+  (see [this blog post](https://very-serio.us/2017/12/05/running-jvms-in-kubernetes/) for a detailed example)
 
 ---
 

slides/k8s/prometheus.md

@@ -60,11 +60,9 @@
 
   (by default: every minute; can be more/less frequent)
 
-- The list of URLs to scrape (the *scrape targets*) is defined in configuration
+- If you're worried about parsing overhead: exporters can also use protobuf
 
-.footnote[Worried about the overhead of parsing a text format?
-<br/>
-Check this [comparison](https://github.com/RichiH/OpenMetrics/blob/master/markdown/protobuf_vs_text.md) of the text format with the (now deprecated) protobuf format!]
+- The list of URLs to scrape (the *scrape targets*) is defined in configuration
 
 ---
 

slides/k8s/rollout.md

@@ -14,27 +14,7 @@
 
 ## Rolling updates
 
-- With rolling updates, when a Deployment is updated, it happens progressively
-
-- The Deployment controls multiple Replica Sets
-
-- Each Replica Set is a group of identical Pods
-
-  (with the same image, arguments, parameters ...)
-
-- During the rolling update, we have at least two Replica Sets:
-
-  - the "new" set (corresponding to the "target" version)
-
-  - at least one "old" set
-
-- We can have multiple "old" sets
-
-  (if we start another update before the first one is done)
-
----
-
-## Update strategy
+- With rolling updates, when a resource is updated, it happens progressively
 
 - Two parameters determine the pace of the rollout: `maxUnavailable` and `maxSurge`
 
@@ -245,137 +225,6 @@ If you didn't deploy the Kubernetes dashboard earlier, just skip this slide.
 
 ---
 
-## Rolling back to an older version
-
-- We reverted to `v0.2`
-
-- But this version still has a performance problem
-
-- How can we get back to the previous version?
-
----
-
-## Multiple "undos"
-
-- What happens if we try `kubectl rollout undo` again?
-
-.exercise[
-
-- Try it:
-  ```bash
-  kubectl rollout undo deployment worker
-  ```
-
-- Check the web UI, the list of pods ...
-
-]
-
-🤔 That didn't work.
-
----
-
-## Multiple "undos" don't work
-
-- If we see successive versions as a stack:
-
-  - `kubectl rollout undo` doesn't "pop" the last element from the stack
-
-  - it copies the N-1th element to the top
-
-- Multiple "undos" just swap back and forth between the last two versions!
-
-.exercise[
-
-- Go back to v0.2 again:
-  ```bash
-  kubectl rollout undo deployment worker
-  ```
-
-]
-
----
-
-## In this specific scenario
-
-- Our version numbers are easy to guess
-
-- What if we had used git hashes?
-
-- What if we had changed other parameters in the Pod spec?
-
----
-
-## Listing versions
-
-- We can list successive versions of a Deployment with `kubectl rollout history`
-
-.exercise[
-
-- Look at our successive versions:
-  ```bash
-  kubectl rollout history deployment worker
-  ```
-
-]
-
-We don't see *all* revisions.
-
-We might see something like 1, 4, 5.
-
-(Depending on how many "undos" we did before.)
-
----
-
-## Explaining deployment revisions
-
-- These revisions correspond to our Replica Sets
-
-- This information is stored in the Replica Set annotations
-
-.exercise[
-
-- Check the annotations for our replica sets:
-  ```bash
-  kubectl describe replicasets -l app=worker | grep -A3
-  ```
-
-]
-
----
-
-class: extra-details
-
-## What about the missing revisions?
-
-- The missing revisions are stored in another annotation:
-
-  `deployment.kubernetes.io/revision-history`
-
-- These are not shown in `kubectl rollout history`
-
-- We could easily reconstruct the full list with a script
-
-  (if we wanted to!)
-
----
-
-## Rolling back to an older version
-
-- `kubectl rollout undo` can work with a revision number
-
-.exercise[
-
-- Roll back to the "known good" deployment version:
-  ```bash
-  kubectl rollout undo deployment worker --to-revision=1
-  ```
-
-- Check the web UI or the list of pods
-
-]
-
----
-
 class: extra-details
 
 ## Changing rollout parameters

slides/k8s/setup-k8s.md

@@ -61,8 +61,7 @@
 
 - [minikube](https://kubernetes.io/docs/setup/minikube/),
   [kubespawn](https://github.com/kinvolk/kube-spawn),
-  [Docker Desktop](https://docs.docker.com/docker-for-mac/kubernetes/),
-  [kind](https://kind.sigs.k8s.io):
+  [Docker Desktop](https://docs.docker.com/docker-for-mac/kubernetes/):
   for local development
 
 - [kubicorn](https://github.com/kubicorn/kubicorn),

slides/k8s/volumes.md

@@ -66,87 +66,7 @@ class: extra-details
 
 ---
 
-## Adding a volume to a Pod
-
-- We will start with the simplest Pod manifest we can find
-
-- We will add a volume to that Pod manifest
-
-- We will mount that volume in a container in the Pod
-
-- By default, this volume will be an `emptyDir`
-
-  (an empty directory)
-
-- It will "shadow" the directory where it's mounted
-
----
-
-## Our basic Pod
-
-```yaml
-apiVersion: v1
-kind: Pod
-metadata:
-  name: nginx-without-volume
-spec:
-  containers:
-  - name: nginx
-    image: nginx
-```
-
-This is a MVP! (Minimum Viable Pod😉)
-
-It runs a single NGINX container.
-
----
-
-## Trying the basic pod
-
-.exercise[
-
-- Create the Pod:
-  ```bash
-  kubectl create -f ~/container.training/k8s/nginx-1-without-volume.yaml
-  ```
-
-- Get its IP address:
-  ```bash
-  IPADDR=$(kubectl get pod nginx-without-volume -o jsonpath={.status.podIP})
-  ```
-
-- Send a request with curl:
-  ```bash
-  curl $IPADDR
-  ```
-
-]
-
-(We should see the "Welcome to NGINX" page.)
-
----
-
-## Adding a volume
-
-- We need to add the volume in two places:
-
-  - at the Pod level (to declare the volume)
-
-  - at the container level (to mount the volume)
-
-- We will declare a volume named `www`
-
-- No type is specified, so it will default to `emptyDir`
-
-  (as the name implies, it will be initialized as an empty directory at pod creation)
-
-- In that pod, there is also a container named `nginx`
-
-- That container mounts the volume `www` to path `/usr/share/nginx/html/`
-
----
-
-## The Pod with a volume
+## A simple volume example
 
 ```yaml
 apiVersion: v1
@@ -166,57 +86,30 @@ spec:
 
 ---
 
-## Trying the Pod with a volume
+## A simple volume example, explained
 
-.exercise[
+- We define a standalone `Pod` named `nginx-with-volume`
 
-- Create the Pod:
-  ```bash
-  kubectl create -f ~/container.training/k8s/nginx-2-with-volume.yaml
-  ```
+- In that pod, there is a volume named `www`
 
-- Get its IP address:
-  ```bash
-  IPADDR=$(kubectl get pod nginx-with-volume -o jsonpath={.status.podIP})
-  ```
+- No type is specified, so it will default to `emptyDir`
 
-- Send a request with curl:
-  ```bash
-  curl $IPADDR
-  ```
+  (as the name implies, it will be initialized as an empty directory at pod creation)
 
-]
+- In that pod, there is also a container named `nginx`
 
-(We should now see a "403 Forbidden" error page.)
+- That container mounts the volume `www` to path `/usr/share/nginx/html/`
 
 ---
 
-## Populating the volume with another container
-
-- Let's add another container to the Pod
-
-- Let's mount the volume in *both* containers
-
-- That container will populate the volume with static files
-
-- NGINX will then serve these static files
-
-- To populate the volume, we will clone the Spoon-Knife repository
-
-  - this repository is https://github.com/octocat/Spoon-Knife
-
-  - it's very popular (more than 100K stars!)
-
----
-
-## Sharing a volume between two containers
+## A volume shared between two containers
 
 .small[
 ```yaml
 apiVersion: v1
 kind: Pod
 metadata:
-  name: nginx-with-git
+  name: nginx-with-volume
 spec:
   volumes:
   - name: www
@@ -254,72 +147,30 @@ spec:
 
 ---
 
-## Trying the shared volume
+## Sharing a volume, in action
 
-- This one will be time-sensitive!
-
-- We need to catch the Pod IP address *as soon as it's created*
-
-- Then send a request to it *as fast as possible*
+- Let's try it!
 
 .exercise[
 
-- Watch the pods (so that we can catch the Pod IP address)
+- Create the pod by applying the YAML file:
   ```bash
-  kubectl get pods -o wide --watch
+  kubectl apply -f ~/container.training/k8s/nginx-with-volume.yaml
   ```
 
-]
-
----
-
-## Shared volume in action
-
-.exercise[
-
-- Create the pod:
+- Check the IP address that was allocated to our pod:
   ```bash
-  kubectl create -f ~/container.training/k8s/nginx-3-with-git.yaml
+  kubectl get pod nginx-with-volume -o wide
+  IP=$(kubectl get pod nginx-with-volume -o json | jq -r .status.podIP)
   ```
 
-- As soon as we see its IP address, access it:
-  ```bash
-  curl $IP
-  ```
-
-- A few seconds later, the state of the pod will change; access it again:
+- Access the web server:
   ```bash
   curl $IP
   ```
 
 ]
 
-The first time, we should see "403 Forbidden".
-
-The second time, we should see the HTML file from the Spoon-Knife repository.
-
----
-
-## Explanations
-
-- Both containers are started at the same time
-
-- NGINX starts very quickly
-
-  (it can serve requests immediately)
-
-- But at this point, the volume is empty
-
-  (NGINX serves "403 Forbidden")
-
-- The other containers installs git and clones the repository
-
-  (this takes a bit longer)
-
-- When the other container is done, the volume holds the repository
-
-  (NGINX serves the HTML file)
-
 ---
 
 ## The devil is in the details
@@ -332,100 +183,13 @@ The second time, we should see the HTML file from the Spoon-Knife repository.
 
 - That's why we specified `restartPolicy: OnFailure`
 
----
-
-## Inconsistencies
-
 - There is a short period of time during which the website is not available
 
   (because the `git` container hasn't done its job yet)
 
-- With a bigger website, we could get inconsistent results
+- This could be avoided by using [Init Containers](https://kubernetes.io/docs/concepts/workloads/pods/init-containers/)
 
-  (where only a part of the content is ready)
-
-- In real applications, this could cause incorrect results
-
-- How can we avoid that?
-
----
-
-## Init Containers
-
-- We can define containers that should execute *before* the main ones
-
-- They will be executed in order
-
-  (instead of in parallel)
-
-- They must all succeed before the main containers are started
-
-- This is *exactly* what we need here!
-
-- Let's see one in action
-
-.footnote[See [Init Containers](https://kubernetes.io/docs/concepts/workloads/pods/init-containers/) documentation for all the details.]
-
----
-
-## Defining Init Containers
-
-.small[
-```yaml
-apiVersion: v1
-kind: Pod
-metadata:
-  name: nginx-with-init
-spec:
-  volumes:
-  - name: www
-  containers:
-  - name: nginx
-    image: nginx
-    volumeMounts:
-    - name: www
-      mountPath: /usr/share/nginx/html/
-  initContainers:
-  - name: git
-    image: alpine
-    command: [ "sh", "-c", "apk add --no-cache git && git clone https://github.com/octocat/Spoon-Knife /www" ]
-    volumeMounts:
-    - name: www
-      mountPath: /www/
-```
-]
-
----
-
-## Trying the init container
-
-- Repeat the same operation as earlier
-
-  (try to send HTTP requests as soon as the pod comes up)
-
-- This time, instead of "403 Forbidden" we get a "connection refused"
-
-- NGINX doesn't start until the git container has done its job
-
-- We never get inconsistent results
-
-  (a "half-ready" container)
-
----
-
-## Other uses of init containers
-
-- Load content
-
-- Generate configuration (or certificates)
-
-- Database migrations
-
-- Waiting for other services to be up
-
-  (to avoid flurry of connection errors in main container)
-
-- etc.
+  (we will see a live example in a few sections)
 
 ---
 

slides/k8s/whatsnext.md

@@ -136,141 +136,227 @@ And *then* it is time to look at orchestration!
 
 ---
 
-## HTTP traffic handling
+## Congratulations!
 
-- *Services* are layer 4 constructs
-
-- HTTP is a layer 7 protocol
-
-- It is handled by *ingresses* (a different resource kind)
-
-- *Ingresses* allow:
-
-  - virtual host routing
-  - session stickiness
-  - URI mapping
-  - and much more!
-
-- [This section](kube-selfpaced.yml.html#toc-exposing-http-services-with-ingress-resources) shows how to expose multiple HTTP apps using [Træfik](https://docs.traefik.io/user-guide/kubernetes/)
-
----
-
-## Logging
-
-- Logging is delegated to the container engine
-
-- Logs are exposed through the API
-
-- Logs are also accessible through local files (`/var/log/containers`)
-
-- Log shipping to a central platform is usually done through these files
-
-  (e.g. with an agent bind-mounting the log directory)
-
-- [This section](kube-selfpaced.yml.html#toc-centralized-logging) shows how to do that with [Fluentd](https://docs.fluentd.org/v0.12/articles/kubernetes-fluentd) and the EFK stack
-
----
-
-## Metrics
-
-- The kubelet embeds [cAdvisor](https://github.com/google/cadvisor), which exposes container metrics
-
-  (cAdvisor might be separated in the future for more flexibility)
-
-- It is a good idea to start with [Prometheus](https://prometheus.io/)
-
-  (even if you end up using something else)
-
-- Starting from Kubernetes 1.8, we can use the [Metrics API](https://kubernetes.io/docs/tasks/debug-application-cluster/core-metrics-pipeline/)
-
-- [Heapster](https://github.com/kubernetes/heapster) was a popular add-on
-
-  (but is being [deprecated](https://github.com/kubernetes/heapster/blob/master/docs/deprecation.md) starting with Kubernetes 1.11)
-
----
-
-## Managing the configuration of our applications
-
-- Two constructs are particularly useful: secrets and config maps
-
-- They allow to expose arbitrary information to our containers
-
-- **Avoid** storing configuration in container images
-
-  (There are some exceptions to that rule, but it's generally a Bad Idea)
-
-- **Never** store sensitive information in container images
-
-  (It's the container equivalent of the password on a post-it note on your screen)
-
-- [This section](kube-selfpaced.yml.html#toc-managing-configuration) shows how to manage app config with config maps (among others)
-
----
-
-## Managing stack deployments
-
-- The best deployment tool will vary, depending on:
-
-  - the size and complexity of your stack(s)
-  - how often you change it (i.e. add/remove components)
-  - the size and skills of your team
-
-- A few examples:
-
-  - shell scripts invoking `kubectl`
-  - YAML resources descriptions committed to a repo
-  - [Helm](https://github.com/kubernetes/helm) (~package manager)
-  - [Spinnaker](https://www.spinnaker.io/) (Netflix' CD platform)
-  - [Brigade](https://brigade.sh/) (event-driven scripting; no YAML)
-
----
-
-## Cluster federation
+- We learned a lot about Kubernetes, its internals, its advanced concepts
 
 --
 
-![Star Trek Federation](images/startrek-federation.jpg)
+- That was just the easy part
+
+- The hard challenges will revolve around *culture* and *people*
 
 --
 
-Sorry Star Trek fans, this is not the federation you're looking for!
-
---
-
-(If I add "Your cluster is in another federation" I might get a 3rd fandom wincing!)
+- ... What does that mean?
 
 ---
 
-## Cluster federation
+## Running an app involves many steps
 
-- Kubernetes master operation relies on etcd
+- Write the app
 
-- etcd uses the [Raft](https://raft.github.io/) protocol
+- Tests, QA ...
 
-- Raft recommends low latency between nodes
+- Ship *something* (more on that later)
 
-- What if our cluster spreads to multiple regions?
+- Provision resources (e.g. VMs, clusters)
 
---
+- Deploy the *something* on the resources
 
-- Break it down in local clusters
+- Manage, maintain, monitor the resources
 
-- Regroup them in a *cluster federation*
+- Manage, maintain, monitor the app
 
-- Synchronize resources across clusters
-
-- Discover resources across clusters
+- And much more
 
 ---
 
-## Developer experience
+## Who does what?
 
-*We've put this last, but it's pretty important!*
+- The old "devs vs ops" division has changed
 
-- How do you on-board a new developer?
+- In some organizations, "ops" are now called "SRE" or "platform" teams
 
-- What do they need to install to get a dev stack?
+  (and they have very different sets of skills)
 
-- How does a code change make it from dev to prod?
+- Do you know which team is responsible for each item on the list on the previous page?
 
-- How does someone add a component to a stack?
+- Acknowledge that a lot of tasks are outsourced
+
+  (e.g. if we add "buy/rack/provision machines" in that list)
+
+---
+
+## What do we ship?
+
+- Some organizations embrace "you build it, you run it"
+
+- When "build" and "run" are owned by different teams, where's the line?
+
+- What does the "build" team ship to the "run" team?
+
+- Let's see a few options, and what they imply
+
+---
+
+## Shipping code
+
+- Team "build" ships code
+
+  (hopefully in a repository, identified by a commit hash)
+
+- Team "run" containerizes that code
+
+✔️ no extra work for developers
+
+❌ very little advantage of using containers
+
+---
+
+## Shipping container images
+
+- Team "build" ships container images
+
+  (hopefully built automatically from a source repository)
+
+- Team "run" uses theses images to create e.g. Kubernetes resources
+
+✔️ universal artefact (support all languages uniformly)
+
+✔️ easy to start a single component (good for monoliths)
+
+❌ complex applications will require a lot of extra work
+
+❌ adding/removing components in the stack also requires extra work
+
+❌ complex applications will run very differently between dev and prod
+
+---
+
+## Shipping Compose files
+
+(Or another kind of dev-centric manifest)
+
+- Team "build" ships a manifest that works on a single node
+
+  (as well as images, or ways to build them)
+
+- Team "run" adapts that manifest to work on a cluster
+
+✔️ all teams can start the stack in a reliable, deterministic manner
+
+❌ adding/removing components still requires *some* work (but less than before)
+
+❌ there will be *some* differences between dev and prod
+
+---
+
+## Shipping Kubernetes manifests
+
+- Team "build" ships ready-to-run manifests
+
+  (YAML, Helm charts, Kustomize ...)
+
+- Team "run" adjusts some parameters and monitors the application
+
+✔️ parity between dev and prod environments
+
+✔️ "run" team can focus on SLAs, SLOs, and overall quality
+
+❌ requires *a lot* of extra work (and new skills) from the "build" team
+
+❌ Kubernetes is not a very convenient development platform (at least, not yet)
+
+---
+
+## What's the right answer?
+
+- It depends on our teams
+
+  - existing skills (do they know how to do it?)
+
+  - availability (do they have the time to do it?)
+
+  - potential skills (can they learn to do it?)
+
+- It depends on our culture
+
+  - owning "run" often implies being on call
+
+  - do we reward on-call duty without encouraging hero syndrome?
+
+  - do we give people resources (time, money) to learn?
+
+---
+
+class: extra-details
+
+## Tools to develop on Kubernetes
+
+*If we decide to make Kubernetes the primary development platform, here
+are a few tools that can help us.*
+
+- Docker Desktop
+
+- Draft
+
+- Minikube
+
+- Skaffold
+
+- Tilt
+
+- ...
+
+---
+
+## Where do we run?
+
+- Managed vs. self-hosted
+
+- Cloud vs. on-premises
+
+- If cloud: public vs. private
+
+- Which vendor/distribution to pick?
+
+- Which versions/features to enable?
+
+---
+
+## Some guidelines
+
+- Start small
+
+- Outsource what we don't know
+
+- Start simple, and stay simple as long as possible
+
+  (try to stay away from complex features that we don't need)
+
+- Automate
+
+  (regularly check that we can successfully redeploy by following scripts)
+
+- Transfer knowledge
+
+  (make sure everyone is on the same page/level)
+
+- Iterate!
+
+---
+
+## Recommended sessions
+
+Dev?
+
+**The state of Kubernetes development tooling**<br/>
+by Ellen Korbes (Garden)<br/>
+13:25–14:05 Wednesday, Hall A1
+
+Ops?
+
+**Kubernetes the very hard way**<br/>
+by Laurent Bernaille (Datadog)<br/>
+11:35–12:15 Wednesday, Hall A1

slides/kadm-fullday.yml

@@ -1,45 +0,0 @@
-title: |
-  Kubernetes
-  for Admins and Ops
-
-#chat: "[Slack](https://dockercommunity.slack.com/messages/C7GKACWDV)"
-#chat: "[Gitter](https://gitter.im/jpetazzo/workshop-yyyymmdd-city)"
-chat: "In person!"
-
-gitrepo: github.com/jpetazzo/container.training
-
-slides: http://container.training/
-
-#slidenumberprefix: "#SomeHashTag — "
-
-exclude:
-- self-paced
-- static-pods-exercise
-
-chapters:
-- shared/title.md
-- logistics.md
-- k8s/intro.md
-- shared/about-slides.md
-- shared/toc.md
-- - k8s/prereqs-admin.md
-  - k8s/architecture.md
-  - k8s/dmuc.md
-- - k8s/multinode.md
-  - k8s/cni.md
-  - k8s/apilb.md
-  - k8s/control-plane-auth.md
-- - k8s/setup-managed.md
-  - k8s/setup-selfhosted.md
-  - k8s/cluster-upgrade.md
-  - k8s/staticpods.md
-  - k8s/cluster-backup.md
-  - k8s/cloud-controller-manager.md
-  - k8s/bootstrap.md  
-- - k8s/resource-limits.md
-  - k8s/metrics-server.md
-  - k8s/cluster-sizing.md
-  - k8s/horizontal-pod-autoscaler.md
-- - k8s/lastwords-admin.md
-  - k8s/links.md
-  - shared/thankyou.md

slides/kadm-twodays.yml

@@ -1,71 +0,0 @@
-title: |
-  Kubernetes
-  for administrators
-  and operators
-
-#chat: "[Slack](https://dockercommunity.slack.com/messages/C7GKACWDV)"
-#chat: "[Gitter](https://gitter.im/jpetazzo/workshop-yyyymmdd-city)"
-chat: "In person!"
-
-gitrepo: github.com/jpetazzo/container.training
-
-slides: http://container.training/
-
-#slidenumberprefix: "#SomeHashTag — "
-
-exclude:
-- self-paced
-
-chapters:
-- shared/title.md
-- logistics.md
-- k8s/intro.md
-- shared/about-slides.md
-- shared/toc.md
-# DAY 1
-- - k8s/prereqs-admin.md
-  - k8s/architecture.md
-  - k8s/deploymentslideshow.md
-  - k8s/dmuc.md
-- - k8s/multinode.md
-  - k8s/cni.md
-- - k8s/apilb.md
-  - k8s/setup-managed.md
-  - k8s/setup-selfhosted.md
-  - k8s/cluster-upgrade.md
-  - k8s/staticpods.md
-- - k8s/cluster-backup.md
-  - k8s/cloud-controller-manager.md
-  - k8s/healthchecks.md
-  - k8s/healthchecks-more.md
-# DAY 2
-- - k8s/kubercoins.md
-  - k8s/logs-cli.md
-  - k8s/logs-centralized.md
-  - k8s/authn-authz.md
-  - k8s/csr-api.md
-- - k8s/openid-connect.md
-  - k8s/control-plane-auth.md
-  ###- k8s/bootstrap.md
-  - k8s/netpol.md
-  - k8s/podsecuritypolicy.md
-- - k8s/resource-limits.md
-  - k8s/metrics-server.md
-  - k8s/cluster-sizing.md
-  - k8s/horizontal-pod-autoscaler.md
-- - k8s/prometheus.md
-  - k8s/extending-api.md
-  - k8s/operators.md
-  ###- k8s/operators-design.md
-# CONCLUSION
-- - k8s/lastwords-admin.md
-  - k8s/links.md
-  - shared/thankyou.md
-  - |
-    # (All content after this slide is bonus material)
-# EXTRA
-- - k8s/volumes.md
-  - k8s/configuration.md
-  - k8s/statefulsets.md
-  - k8s/local-persistent-volumes.md
-  - k8s/portworx.md

slides/kube-fullday.yml

@@ -1,92 +0,0 @@
-title: |
-  Deploying and Scaling Microservices
-  with Kubernetes
-
-#chat: "[Slack](https://dockercommunity.slack.com/messages/C7GKACWDV)"
-#chat: "[Gitter](https://gitter.im/jpetazzo/workshop-yyyymmdd-city)"
-chat: "In person!"
-
-gitrepo: github.com/jpetazzo/container.training
-
-slides: http://container.training/
-
-#slidenumberprefix: "#SomeHashTag — "
-
-exclude:
-- self-paced
-
-chapters:
-- shared/title.md
-- logistics.md
-- k8s/intro.md
-- shared/about-slides.md
-- shared/toc.md
--
-  - shared/prereqs.md
-  #- shared/webssh.md
-  - shared/connecting.md
-  #- k8s/versions-k8s.md
-  - shared/sampleapp.md
-  #- shared/composescale.md
-  #- shared/hastyconclusions.md
-  - shared/composedown.md
-  - k8s/concepts-k8s.md
-  - k8s/kubectlget.md
--
-  - k8s/kubectlrun.md
-  - k8s/logs-cli.md
-  - shared/declarative.md
-  - k8s/declarative.md
-  - k8s/deploymentslideshow.md
-  - k8s/kubenet.md
-  - k8s/kubectlexpose.md
-  - k8s/shippingimages.md
-  #- k8s/buildshiprun-selfhosted.md
-  - k8s/buildshiprun-dockerhub.md
-  - k8s/ourapponkube.md
--
-  - k8s/yamldeploy.md
-  - k8s/setup-k8s.md
-  #- k8s/dashboard.md
-  #- k8s/kubectlscale.md
-  - k8s/scalingdockercoins.md
-  - shared/hastyconclusions.md
-  - k8s/daemonset.md
-  #- k8s/dryrun.md
-  #- k8s/kubectlproxy.md
-  #- k8s/localkubeconfig.md
-  #- k8s/accessinternal.md
-  - k8s/rollout.md
-  #- k8s/healthchecks.md
-  #- k8s/healthchecks-more.md
-  #- k8s/record.md
--
-  - k8s/namespaces.md
-  - k8s/ingress.md
-  #- k8s/kustomize.md
-  #- k8s/helm.md
-  #- k8s/create-chart.md
-  #- k8s/netpol.md
-  #- k8s/authn-authz.md
-  #- k8s/csr-api.md
-  #- k8s/openid-connect.md
-  #- k8s/podsecuritypolicy.md
-  - k8s/volumes.md
-  #- k8s/build-with-docker.md
-  #- k8s/build-with-kaniko.md
-  - k8s/configuration.md
-  #- k8s/logs-centralized.md
-  #- k8s/prometheus.md
-  #- k8s/statefulsets.md
-  #- k8s/local-persistent-volumes.md
-  #- k8s/portworx.md
-  #- k8s/extending-api.md
-  #- k8s/operators.md
-  #- k8s/operators-design.md
-  #- k8s/staticpods.md
-  #- k8s/owners-and-dependents.md
-  #- k8s/gitworkflows.md
--
-  - k8s/whatsnext.md
-  - k8s/links.md
-  - shared/thankyou.md

slides/kube-halfday.yml

@@ -1,70 +0,0 @@
-title: |
-  Kubernetes 101
-
-
-#chat: "[Slack](https://dockercommunity.slack.com/messages/C7GKACWDV)"
-#chat: "[Gitter](https://gitter.im/jpetazzo/training-20180413-paris)"
-chat: "In person!"
-
-gitrepo: github.com/jpetazzo/container.training
-
-slides: http://container.training/
-
-#slidenumberprefix: "#SomeHashTag — "
-
-exclude:
-- self-paced
-
-chapters:
-- shared/title.md
-#- logistics.md
-# Bridget-specific; others use logistics.md
-- logistics-bridget.md
-- k8s/intro.md
-- shared/about-slides.md
-- shared/toc.md
-- - shared/prereqs.md
-  #- shared/webssh.md
-  - shared/connecting.md
-  - k8s/versions-k8s.md
-  - shared/sampleapp.md
-# Bridget doesn't go into as much depth with compose
-  #- shared/composescale.md
-  #- shared/hastyconclusions.md
-  - shared/composedown.md
-  - k8s/concepts-k8s.md
-  - shared/declarative.md
-  - k8s/declarative.md
-  - k8s/kubenet.md
-  - k8s/kubectlget.md
-  - k8s/setup-k8s.md
-- - k8s/kubectlrun.md
-  - k8s/deploymentslideshow.md
-  - k8s/kubectlexpose.md
-  - k8s/shippingimages.md
-  #- k8s/buildshiprun-selfhosted.md
-  - k8s/buildshiprun-dockerhub.md
-  - k8s/ourapponkube.md
-  #- k8s/kubectlproxy.md
-  #- k8s/localkubeconfig.md
-  #- k8s/accessinternal.md
-- - k8s/dashboard.md
-  #- k8s/kubectlscale.md
-  - k8s/scalingdockercoins.md
-  - shared/hastyconclusions.md
-  - k8s/daemonset.md
-  - k8s/rollout.md
-  #- k8s/record.md
-- - k8s/logs-cli.md
-# Bridget hasn't added EFK yet
-  #- k8s/logs-centralized.md
-  - k8s/namespaces.md
-  - k8s/helm.md
-  - k8s/create-chart.md
-  #- k8s/kustomize.md
-  #- k8s/netpol.md
-  - k8s/whatsnext.md
-#  - k8s/links.md
-# Bridget-specific
-  - k8s/links-bridget.md
-  - shared/thankyou.md

slides/kube-selfpaced.yml

@@ -1,99 +0,0 @@
-title: |
-  Deploying and Scaling Microservices
-  with Docker and Kubernetes
-
-chat: "[Slack](https://dockercommunity.slack.com/messages/C7GKACWDV)"
-#chat: "[Gitter](https://gitter.im/jpetazzo/workshop-yyyymmdd-city)"
-
-
-gitrepo: github.com/jpetazzo/container.training
-
-slides: http://container.training/
-
-#slidenumberprefix: "#SomeHashTag — "
-
-exclude:
-- in-person
-
-chapters:
-- shared/title.md
-#- logistics.md
-- k8s/intro.md
-- shared/about-slides.md
-- shared/toc.md
--
-  - shared/prereqs.md
-  #- shared/webssh.md
-  - shared/connecting.md
-  - k8s/versions-k8s.md
-  - shared/sampleapp.md
-  #- shared/composescale.md
-  #- shared/hastyconclusions.md
-  - shared/composedown.md
-  - k8s/concepts-k8s.md
-  - k8s/kubectlget.md
--
-  - k8s/kubectlrun.md
-  - k8s/logs-cli.md
-  - shared/declarative.md
-  - k8s/declarative.md
-  - k8s/deploymentslideshow.md
-  - k8s/kubenet.md
-  - k8s/kubectlexpose.md
-  - k8s/shippingimages.md
-  - k8s/buildshiprun-selfhosted.md
-  - k8s/buildshiprun-dockerhub.md
-  - k8s/ourapponkube.md
--
-  - k8s/yamldeploy.md
-  - k8s/setup-k8s.md
-  - k8s/dashboard.md
-  #- k8s/kubectlscale.md
-  - k8s/scalingdockercoins.md
-  - shared/hastyconclusions.md
-  - k8s/daemonset.md
-  - k8s/dryrun.md
-  - k8s/kubectlproxy.md
-  - k8s/localkubeconfig.md
-  - k8s/accessinternal.md
--
-  - k8s/rollout.md
-  - k8s/healthchecks.md
-  - k8s/healthchecks-more.md
-  - k8s/record.md
--
-  - k8s/namespaces.md
-  - k8s/ingress.md
-  - k8s/kustomize.md
-  - k8s/helm.md
-  - k8s/create-chart.md
--
-  - k8s/netpol.md
-  - k8s/authn-authz.md
--
-  - k8s/csr-api.md
-  - k8s/openid-connect.md
-  - k8s/podsecuritypolicy.md
--
-  - k8s/volumes.md
-  - k8s/build-with-docker.md
-  - k8s/build-with-kaniko.md
-  - k8s/configuration.md
--
-  - k8s/logs-centralized.md
-  - k8s/prometheus.md
--
-  - k8s/statefulsets.md
-  - k8s/local-persistent-volumes.md
-  - k8s/portworx.md
--
-  - k8s/extending-api.md
-  - k8s/operators.md
-  - k8s/operators-design.md
-  - k8s/staticpods.md
-  - k8s/owners-and-dependents.md
-  - k8s/gitworkflows.md
--
-  - k8s/whatsnext.md
-  - k8s/links.md
-  - shared/thankyou.md

slides/kube-twodays.yml

@@ -1,16 +1,17 @@
 title: |
-  Deploying and Scaling Microservices
+  Deploying and Scaling
+  applications
   with Kubernetes
 
 #chat: "[Slack](https://dockercommunity.slack.com/messages/C7GKACWDV)"
-#chat: "[Gitter](https://gitter.im/jpetazzo/workshop-yyyymmdd-city)"
-chat: "In person!"
+chat: "[Gitter](https://gitter.im/jpetazzo/workshop-20191104-berlin)"
+#chat: "In person!"
 
 gitrepo: github.com/jpetazzo/container.training
 
-slides: http://container.training/
+slides: http://velocity-2019-11.container.training/
 
-#slidenumberprefix: "#SomeHashTag — "
+slidenumberprefix: "#VelocityConf — "
 
 exclude:
 - self-paced
@@ -23,7 +24,7 @@ chapters:
 - shared/toc.md
 -
   - shared/prereqs.md
-  #- shared/webssh.md
+  - shared/webssh.md
   - shared/connecting.md
   #- k8s/versions-k8s.md
   - shared/sampleapp.md
@@ -61,6 +62,7 @@ chapters:
   - k8s/healthchecks.md
   #- k8s/healthchecks-more.md
   - k8s/record.md
+  - electricity.md
 -
   - k8s/namespaces.md
   - k8s/ingress.md

slides/logistics.md

@@ -1,27 +1,16 @@
 ## Intros
 
+- Hello! We are:
 
-- I am: .emoji[👨] Julien (Zempashi on GitHub) (Enix SAS)
+   - AJ ([@s0ulshake](https://twitter.com/s0ulshake))
+   - Jérôme ([@jpetazzo](https://twitter.com/jpetazzo))
+   - Sean ([@someara](https://twitter.com/someara))
 
- <!-- .dummy[
+- The workshop will run from 9am to 5pm
 
-   - .emoji[👷🏻‍♀️] AJ ([@s0ulshake](https://twitter.com/s0ulshake), Travis CI)
+- There will be a lunch break at 12:30pm
 
-   - .emoji[🚁] Alexandre ([@alexbuisine](https://twitter.com/alexbuisine), Enix SAS)
-
-   - .emoji[🐳] Jérôme ([@jpetazzo](https://twitter.com/jpetazzo), Enix SAS)
-
-   - .emoji[⛵] Jérémy ([@jeremygarrouste](twitter.com/jeremygarrouste), Inpiwee)
-
-   - .emoji[🎧] Romain ([@rdegez](https://twitter.com/rdegez), Enix SAS)
-
-] -->
-
-- The workshop will run from 9:00 to 17:00
-
-- There will be a lunch break around 12:30
-
-  (And coffee breaks!)
+  (And coffee breaks at 10:30am and 3pm)
 
 - Feel free to interrupt for questions at any time
 

slides/shared/thankyou.md

@@ -9,3 +9,25 @@ class: title, in-person
 That's all, folks! <br/> Questions?
 
 ![end](images/end.jpg)
+
+---
+
+## Final words
+
+Did you like that tutorial? Then:
+
+1. Please [rate](https://conferences.oreilly.com/velocity/vl-eu/public/schedule/detail/79109) it on the O'Reilly website
+
+   (your feedback is important to the conference organizers!)
+
+2. Feel free to use, re-use, and share these slides
+
+   (they will remain online for at least a year)
+
+3. Hire me to train your team, anywhere in the world
+
+   (contact me: **jerome.petazzoni@gmail.com**)
+
+*Keep the little cards with the VM IP addresses.
+The VMs will be shut down shortly, but the URL
+of the slides and my e-mail address are on the cards.*

slides/shared/title.md

@@ -10,14 +10,12 @@ class: title, in-person
 
 @@TITLE@@<br/></br>
 
-
 .footnote[
-*Room*: Mecure<br/>
-<!--**Be kind to the WiFi!**<br/>
-<!-- *Use the 5G network.*
-*Don't use your hotspot.*<br/>
+**WiFi: OReillyCon** —
+**Password: oreillycon19**
+
 *Don't stream videos or download big files during the workshop[.](https://www.youtube.com/watch?v=h16zyxiwDLY)*<br/>
-*Thank you!*-->
+*Don't use your hotspot. Thank you!*
 
 **Slides: @@SLIDES@@**
 ]

slides/swarm-fullday.yml

@@ -1,67 +0,0 @@
-title: |
-  Container Orchestration
-  with Docker and Swarm
-
-chat: "[Slack](https://dockercommunity.slack.com/messages/C7GKACWDV)"
-#chat: "[Gitter](https://gitter.im/jpetazzo/workshop-yyyymmdd-city)"
-
-gitrepo: github.com/jpetazzo/container.training
-
-slides: http://container.training/
-
-#slidenumberprefix: "#SomeHashTag — "
-
-exclude:
-- self-paced
-- snap
-- btp-auto
-- benchmarking
-- elk-manual
-- prom-manual
-
-chapters:
-- shared/title.md
-- logistics.md
-- swarm/intro.md
-- shared/about-slides.md
-- shared/toc.md
-- - shared/prereqs.md
-  - shared/connecting.md
-  - swarm/versions.md
-  - shared/sampleapp.md
-  - shared/composescale.md
-  - shared/hastyconclusions.md
-  - shared/composedown.md
-  - swarm/swarmkit.md
-  - shared/declarative.md
-  - swarm/swarmmode.md
-  - swarm/creatingswarm.md
-  #- swarm/machine.md
-  - swarm/morenodes.md
-- - swarm/firstservice.md
-  - swarm/ourapponswarm.md
-  - swarm/hostingregistry.md
-  - swarm/testingregistry.md
-  - swarm/btp-manual.md
-  - swarm/swarmready.md
-  - swarm/stacks.md
-  - swarm/cicd.md
-  - swarm/updatingservices.md
-  - swarm/rollingupdates.md
-  - swarm/healthchecks.md
-- - swarm/operatingswarm.md
-  - swarm/netshoot.md
-  - swarm/ipsec.md
-  - swarm/swarmtools.md
-  - swarm/security.md
-  - swarm/secrets.md
-  - swarm/encryptionatrest.md
-  - swarm/leastprivilege.md
-  - swarm/apiscope.md
-- - swarm/logging.md
-  - swarm/metrics.md
-  - swarm/gui.md
-  - swarm/stateful.md
-  - swarm/extratips.md
-  - shared/thankyou.md
-  - swarm/links.md

slides/swarm-halfday.yml

@@ -1,66 +0,0 @@
-title: |
-  Container Orchestration
-  with Docker and Swarm
-
-chat: "[Slack](https://dockercommunity.slack.com/messages/C7GKACWDV)"
-#chat: "[Gitter](https://gitter.im/jpetazzo/workshop-yyyymmdd-city)"
-
-gitrepo: github.com/jpetazzo/container.training
-
-slides: http://container.training/
-
-#slidenumberprefix: "#SomeHashTag — "
-
-exclude:
-- self-paced
-- snap
-- btp-manual
-- benchmarking
-- elk-manual
-- prom-manual
-
-chapters:
-- shared/title.md
-- logistics.md
-- swarm/intro.md
-- shared/about-slides.md
-- shared/toc.md
-- - shared/prereqs.md
-  - shared/connecting.md
-  - swarm/versions.md
-  - shared/sampleapp.md
-  - shared/composescale.md
-  - shared/hastyconclusions.md
-  - shared/composedown.md
-  - swarm/swarmkit.md
-  - shared/declarative.md
-  - swarm/swarmmode.md
-  - swarm/creatingswarm.md
-  #- swarm/machine.md
-  - swarm/morenodes.md
-- - swarm/firstservice.md
-  - swarm/ourapponswarm.md
-  #- swarm/hostingregistry.md
-  #- swarm/testingregistry.md
-  #- swarm/btp-manual.md
-  #- swarm/swarmready.md
-  - swarm/stacks.md
-  - swarm/cicd.md
-  - swarm/updatingservices.md
-  #- swarm/rollingupdates.md
-  #- swarm/healthchecks.md
-- - swarm/operatingswarm.md
-  #- swarm/netshoot.md
-  #- swarm/ipsec.md
-  #- swarm/swarmtools.md
-  - swarm/security.md
-  #- swarm/secrets.md
-  #- swarm/encryptionatrest.md
-  - swarm/leastprivilege.md
-  - swarm/apiscope.md
-  - swarm/logging.md
-  - swarm/metrics.md
-  #- swarm/stateful.md
-  #- swarm/extratips.md
-  - shared/thankyou.md
-  - swarm/links.md

slides/swarm-selfpaced.yml

@@ -1,75 +0,0 @@
-title: |
-  Container Orchestration
-  with Docker and Swarm
-
-chat: "[Slack](https://dockercommunity.slack.com/messages/C7GKACWDV)"
-
-gitrepo: github.com/jpetazzo/container.training
-
-slides: http://container.training/
-
-#slidenumberprefix: "#SomeHashTag — "
-
-exclude:
-- in-person
-- btp-auto
-
-chapters:
-- shared/title.md
-#- shared/logistics.md
-- swarm/intro.md
-- shared/about-slides.md
-- shared/toc.md
-- - shared/prereqs.md
-  - shared/connecting.md
-  - swarm/versions.md
-  - |
-    name: part-1
-
-    class: title, self-paced
-
-    Part 1
-  - shared/sampleapp.md
-  - shared/composescale.md
-  - shared/hastyconclusions.md
-  - shared/composedown.md
-  - swarm/swarmkit.md
-  - shared/declarative.md
-  - swarm/swarmmode.md
-  - swarm/creatingswarm.md
-  #- swarm/machine.md
-  - swarm/morenodes.md
-- - swarm/firstservice.md
-  - swarm/ourapponswarm.md
-  - swarm/hostingregistry.md
-  - swarm/testingregistry.md
-  - swarm/btp-manual.md
-  - swarm/swarmready.md
-  - swarm/stacks.md
-  - swarm/cicd.md
-  - |
-    name: part-2
-
-    class: title, self-paced
-
-    Part 2
-- - swarm/operatingswarm.md
-  - swarm/netshoot.md
-  - swarm/swarmnbt.md
-  - swarm/ipsec.md
-  - swarm/updatingservices.md
-  - swarm/rollingupdates.md
-  - swarm/healthchecks.md
-  - swarm/nodeinfo.md
-  - swarm/swarmtools.md
-- - swarm/security.md
-  - swarm/secrets.md
-  - swarm/encryptionatrest.md
-  - swarm/leastprivilege.md
-  - swarm/apiscope.md
-  - swarm/logging.md
-  - swarm/metrics.md
-  - swarm/stateful.md
-  - swarm/extratips.md
-  - shared/thankyou.md
-  - swarm/links.md

slides/swarm-video.yml

@@ -1,74 +0,0 @@
-title: |
-  Container Orchestration
-  with Docker and Swarm
-
-chat: "[Slack](https://dockercommunity.slack.com/messages/C7GKACWDV)"
-
-gitrepo: github.com/jpetazzo/container.training
-
-slides: http://container.training/
-
-#slidenumberprefix: "#SomeHashTag — "
-
-exclude:
-- in-person
-- btp-auto
-
-chapters:
-- shared/title.md
-#- shared/logistics.md
-- swarm/intro.md
-- shared/about-slides.md
-- shared/toc.md
-- - shared/prereqs.md
-  - shared/connecting.md
-  - swarm/versions.md
-  - |
-    name: part-1
-
-    class: title, self-paced
-
-    Part 1
-  - shared/sampleapp.md
-  - shared/composescale.md
-  - shared/hastyconclusions.md
-  - shared/composedown.md
-  - swarm/swarmkit.md
-  - shared/declarative.md
-  - swarm/swarmmode.md
-  - swarm/creatingswarm.md
-  #- swarm/machine.md
-  - swarm/morenodes.md
-- - swarm/firstservice.md
-  - swarm/ourapponswarm.md
-  - swarm/hostingregistry.md
-  - swarm/testingregistry.md
-  - swarm/btp-manual.md
-  - swarm/swarmready.md
-  - swarm/stacks.md
-  - |
-    name: part-2
-
-    class: title, self-paced
-
-    Part 2
-- - swarm/operatingswarm.md
-  #- swarm/netshoot.md
-  #- swarm/swarmnbt.md
-  - swarm/ipsec.md
-  - swarm/updatingservices.md
-  - swarm/rollingupdates.md
-  #- swarm/healthchecks.md
-  - swarm/nodeinfo.md
-  - swarm/swarmtools.md
-- - swarm/security.md
-  - swarm/secrets.md
-  - swarm/encryptionatrest.md
-  - swarm/leastprivilege.md
-  - swarm/apiscope.md
-  #- swarm/logging.md
-  #- swarm/metrics.md
-  - swarm/stateful.md
-  - swarm/extratips.md
-  - shared/thankyou.md
-  - swarm/links.md