Name: Securing Kubernetes in your cloud-native journey: Lessons learned
Start: 2020-11-11T18:00:00Z
End: 2020-11-11T18:00:56.000Z
Location: BrightTALK
Rating: 4.8

Mirantis helps organizations ship code faster utilizing public and private clouds, providing a public cloud experience on any infrastructure from the data center to the edge. With a long-standing record of delivering solutions based on open source with enterprise-grade support, Mirantis offers an as-a-service experience of Kubernetes and OpenStack to provide containerization and virtualization services. Mirantis serves many of the world’s leading enterprises, including Adobe, DocuSign, Liberty Mutual, Nationwide Insurance, Reliance Jio, S&P Global, Seagate, Société Générale, and Volkswagen. Learn more at www.mirantis.com.

Mirantis is a global company headquartered in Campbell, California.

Containers and Kubernetes provide a powerful, standards-based toolkit, rooted in open source, for delivering and running applications at the Edge and centrally managing large-scale distributed infrastructure with grace, ease, and reliability. Many now agree that Kubernetes is the future for Edge and IoT. But mapping the containers+Kubernetes technology stack to unique Edge use-cases can be challenging.

In this webinar, Mirantis Solution Architect Kevin Ng will discuss some of the major categories of Edge use-cases, enumerate their technical challenges, and describe how Mirantis and customers are building out a new generation of Kubernetes-native solutions to bring new fluency and simplicity to Edge operations. The focus will be on k0s – the CNCF-validated open source single binary Kubernetes distribution – and its growing set of Kubernetes operators: including k0smotron (centralized, declarative Kubernetes control plane fleet management), CAPI (declarative cloud and bare metal infrastructure management), as well as Autopilot, an operator enabling declarative configuration of automated, non-disruptive cluster updates.

Among the Edge scenarios discussed will be:
- Distributed retail and POS
- Manufacturing control and monitoring
- Scientific process management and monitoring
- Distributed telecommunications
- Specialized Kubernetes applications for remote field, military, and other scenarios

Kevin will detail how aspects of the k0s distro, like control plane/worker separation, encrypted/authenticated worker-to-control plane connectivity, meet Edge use-case requirements for efficiency and risk reduction. He’ll also provide a ‘deep’ demo of how all the Kubernetes-native moving parts work together, simplifying bootstrapping a secure, production-ready multi-cluster Kubernetes system with k0s and k0smotron, and managing remote workers at scale.

k0s and k0smotron at the Edge: Use-Cases

In today's fast-paced digital landscape, the ability to deploy large-scale on-prem cloud infrastructure swiftly is not just an advantage but a necessity. Just one catch: large-scale infra initiatives are easy to dream about and hard to execute. How can you ensure that your complex infrastructure deployments are both swift and successful? 

On February 1, Mirantis’ Satnam Johal and Menno de Fouw will explain how to leverage advanced virtualization, containerization, and orchestration platforms such as Kubernetes, and software-defined infrastructure to streamline and expedite deployment.

Join and learn how to…
- Design a tailored cloud blueprint and select vendors for rapid deployment 
- Combine pre-deployment planning, pre-configured hardware and software solutions, and the power of automation
- Ensure operational efficiency and scalability—while positioning yourself to respond to market changes and technological advancements

Join us to learn from our cloud infra experts’ experiences and approach.

Deploying large scale cloud on prem in weeks

Whether you’re spinning up local test clusters or orchestrating workloads at the edge, you need a way to run Kubernetes quickly and easily without overburdening your hardware. The answer? Lightweight Kubernetes distributions designed to leverage the power of K8s without all the overhead. 

k0s, k3s, and microk8s are all popular open source Kubernetes distributions with small footprints—but which is right for your use-case? In this webinar, Kevin Ng will guide you through the capabilities of each option so you can choose the tool that’s right for you.

k0s vs k3s vs microk8s: How to Choose a Lightweight Kubernetes Distro

Aging legacy applications drag down innovation with ever-growing complexity, infrequent releases, and obstacles to adopting new, potentially game-changing technologies. To stay competitive, many organizations are modernizing their applications to run on more flexible multi-cloud architecture that can be optimized for the security, latency, and operational requirements of each workload, while also greatly reducing Total Cost of Ownership. 

Join us on Wednesday, December 13 for a webinar, “App Modernization for Cloud Mobility: Achieving Cheaper, More Flexible Multi-Cloud,” in which Mirantis Principal Cloud Solutions Architect Daniel Virassamy will detail a pragmatic approach to transforming monolithic applications for multi-cloud portability.

Attendees will learn:
- The benefits of application modernization and multi-cloud architecture for developers and operators alike
- A pragmatic approach to transforming your legacy applications for multi-cloud that reduces your risk of project delays, security risks, and unnecessary costs
- Best practices for streamlining multi-cloud operations, whether you choose public clouds, private clouds, or both

Can’t join our live broadcast? Register anyways, and we’ll send you the slides and recording.

App Modernization for Cloud Mobility: Achieving Cheaper & Flexible Multi-Cloud

How can you make a swift and cost-effective move to open cloud infrastructure? In this webinar, we’ll explore fast and secure strategies to transition VMware workloads to OpenStack clouds, so your business can enjoy substantial cost savings and gain greater flexibility and extensibility to fine-tune infrastructure for your needs.

Join Mirantis Principal Solution Architect Daniel Virassamy in our webinar to learn about:
- The advantages of OpenStack over vSphere from both business and technical perspectives
- How Mirantis architecture and engineering services design, run, and continuously finetune bespoke OpenStack clouds
- How end-to-end workload migration services help teams to prepare, plan, execute, and validate automated, CI/CD based migrations

Migrate your VMware workloads to bespoke open clouds

It’s all too easy for app modernization plans to grind to a halt as teams put out the daily fires. Whether you’re stuck in this loop or still contemplating a modernization, crafting the right modernization plan can save you months (or years) of drudgery.

In this webinar, Solution Architect Kevin Ng will show you how we use the Mirantis Application Migration and Modernization Platform (AMMP) to craft a carefully prioritized plan for rapid modernization. 

You’ll learn:

- Considerations for apps to rehost, replatform, refactor, or rewrite
- How AMMP drives tasks like containerization at scale
- How we help organizations accelerate application modernization by 600%
- How to ensure that your application modernization actually gets done, instead of being endlessly put on the backburner

App Modernization at Scale: A Plan for 600% Faster Cloud Native Transformation

In today's rapidly evolving digital landscape, edge computing has emerged as a transformative technology that brings computing resources closer to the data sources and end-users.  As a simple, CNCF-certified Kubernetes distribution, k0s offers a comprehensive solution for building and managing edge computing environments at the Edge and Far Edge.

In this webinar, Daniel Virassamy and Roman Kuzmin will show you how to unlock the potential of Edge and Far Edge clouds with k0s and explain how Kubernetes can revolutionize the way you deploy and manage applications at the edge.

Explore IT, IoT, and Telco use-cases and learn how you can  leverage support for x86 and ARM architectures, multi-CNI (Container Network Interface), and virtual machines, in addition to standard containerization.

How to Build Environments at the Edge and Far Edge with k0s

Teams working in highly regulated industries need to meet a high standard of encryption for tools across the software lifecycle, including in their container runtime. How can organizations working in the Windows container ecosystem ensure that they’re using the right tools to build, run, and orchestrate containers?

Whether you’re an old hand with highly sensitive workloads or your team is exploring new markets, we’re here to help. On November 8th, we’ll discuss how to easily achieve FIPS 140-2 validated encryption for Windows containers.

You’ll learn about:
- Why proper encryption is so important for container runtimes
- The fundamentals of FIPS 140-2 validation
- The landscape of container tools on Windows
- Using a FIPS 140-2 validated runtime on a Windows node in a Kubernetes cluster

How to achieve FIPS 140-2 validated encryption for Windows Containers

Many businesses have built their software on VMware vSphere, but it’s no longer the standard for IT innovation. To stay competitive, industry leaders are moving to open source cloud infrastructure, which offers substantial cost savings, greater flexibility, and faster time to market. Adding urgency is Broadcom’s impending acquisition of VMware, driving many IT teams to assess their risks and formulate an exit strategy.

Join Mirantis Principal Solution Architect Daniel Virassamy in our webinar as he explains practical approaches to transitioning your VMware estate into more modern, future-proof infrastructure based on open cloud technologies. He’ll discuss:

- The advantages of open cloud infrastructure over vSphere from both business and technical perspectives
- Strategies and best practices for evolving your VMware estate into open cloud infrastructure
- How to accelerate ROI for open cloud investments, using platforms, expertise and tooling from Mirantis

How to evolve your VMware estate into future-proof, open cloud infrastructure

Delivering Kubernetes on demand sounds simple. But it gets complicated fast.
- Most solutions are pretty opinionated, and (for public clouds especially) hard or impossible for users to change.
- Managing infrastructure (e.g., VMs) under Kubernetes still needs to be done (and for multi-cluster setups, it needs to be done a lot), which is slow and tends to be failure-prone.
- Updating and lifecycle-managing multiple clusters is not a picnic -- on public clouds, okay, but on private clouds? You have 99 problems.

What if we told you none of that was necessary? That you could -- in just a few steps:
- Build a system to deliver bespoke Kubernetes clusters on demand, fast, with huge flexibility in cluster composition, and with wild freedom to explore use-cases demanding worker/control plane separation, workers that run remote from backplanes, workers that run on IoT hardware?
- Make all these K8s clusters painlessly self-updating, self-scaling on private and/or public clouds, and easy to operate
- And do all this in an entirely Kubernetes-native, declarative, infra-as-code way that leverages Kubernetes itself to keep multiple clusters healthy, secure, performant, and (as relevant) resource- and cost-optimized? 

You instantly gain speed, simplified operations, improved security, lower costs, and massive flexibility for new use cases.

In this webinar, Daniel Virassamy from Team k0s explains:
- What k0s and k0smotron are and how they work
- Real life use cases for multi-cluster Kubernetes, and how they map to a k0s/k0smotron architecture on various (or multiple) infrastructures
- Components required: k0s, k0smotron operator, k0s Autopilot, k0s CAPI operator
- How to make it yours: Incredibly-simple automation recipes for making these moving parts work together -- all of which integrate with tools you're already using

Quick Steps to Engineer a Bespoke, Multi-Cluster Kubernetes Platform

One of the most common concerns about building an on-premises, private cloud is that you’ll need to buy new hardware, driving up your CapEx. The truth is that in many cases, you can build resilient, performant clouds using your existing hardware investments, thanks to the flexibility of open source cloud infrastructure software, which can run on commodity x86 equipment. However, there are important tradeoffs you need to consider before deciding to forgo new hardware purchases.

Join a Mirantis cloud architect to learn:
- The typical adjustments needed to successfully deploy on existing hardware, even if it deviates from the cloud platform’s reference architecture
- Recent advances in CPU and storage that might be critical for your use case, depending on your data, performance and availability requirements
- How the Total Cost of Ownership (TCO) is often lower with new hardware than when retaining legacy hardware
- How to do the math and make the right decision for your organization

You're Building a Cloud. Do You Need To Buy New Hardware?

Grounding containerized apps on a fully-integrated, DISA STIG certified, Kubernetes stack can speed the process of gaining ATO, achieving FedRAMP approval, and bringing secure, performant, high-quality software and services to public sector and adjacent demanding markets. 

In this webinar, Michael Tillman, Mirantis Principal Cloud Architect for Public Sector, explains the new DISA Kubernetes STIG for Mirantis Kubernetes Engine, and its relation to current STIGs for stack components like Mirantis Container Runtime and Mirantis Secure Registry. Michael will then illustrate how this fully-integrated, STIG-certified container orchestration stack -- backed by Mirantis engineering expertise -- can help software makers and service providers deliver value faster for demanding Public Sector, FinTech, and other customers.

You will learn:
- What a DISA STIG for a Kubernetes architecture represents, and how STIGs for Kubernetes, container runtime, and other components relate to one another.
- What having a Kubernetes STIG means in terms of asserting fundamental platform characteristics and capabilities.
- How to map these fundamental capabilities to specific requirements of your use-cases involved in gaining ATO, FedRAMP approval.
- How to work with the platform provider to ensure approval, and what to expect from the process.

How to Achieve Faster ATO on Cloud Native Applications

Enterprises depend on a secure software development pipeline—from the first stage of development to production. Secure cloud native application delivery demands a secure, enterprise-ready container runtime, but building and running Windows containers on Windows Server poses unique challenges. 

How can teams using Windows Server ensure that their software supply chain is built on a steady foundation? In this webinar, we’ll explore the challenges and how to overcome them using Mirantis Container Runtime, the only enterprise container engine that runs natively on Windows and Linux, delivering FIPS 140-2 validated security. 

We’ll discuss:
- The challenges of securing the software supply chain on Windows Server
- The role of the container runtime in a secure software supply chain
- Tools to help secure container workflows on Windows Server
- How Mirantis Container Runtime provides a secure runtime for Kubernetes nodes running on Windows Server

How to Secure Your Software Supply Chain on Windows Server

Zero Trust is a revolutionary rethinking of security models that still dominate in the enterprise IT space, today. But how do you actually implement a Zero Trust architecture in real organizations? What are the technical steps? What’s the timetable? How do you teach concepts, get buy-in, and bring technology stakeholders along?

George Finney is a Zero Trust pioneer who’s actually implemented Zero Trust for some of the world’s largest and most complex technology companies and organizations. He also teaches Zero Trust at the university level, and has massive insight into how to explain principles and turn theory into practice. His most recent accomplishment: his book Project Zero Trust is a highly-readable techno-thriller (and also a basic textbook) tracing the implementation of a Zero Trust architecture at a high-tech company stricken by a recent ransomware attack.

Attendees at this webinar will learn how to do Zero Trust in the real world from a true Zero Trust implementation pioneer. Among other topics, we’ll cover:

- Review: The basic rules of Zero Trust
- Starting line: Zero Trust in your organization
- Starting from Zero - applying John Kindervaag’s Kipling Method to define protect surfaces
- The Minimum Viable Toolkit: Modern tools for protect surface implementation
- Managing Zero Trust: Event filtering and monitoring for rapid response

Speakers: 
- George Finney, CSO, Southern Methodist University and Author of Project Zero Trust
- Jason James, Director of Security, Mirantis
- John Jainschigg, Director of Open Source Initiatives, Mirantis

Zero Trust for Implementors: Insights from a Pioneer’s Playbook

Zero Trust is a model for cybersecurity that treats trust as a vulnerability – replacing ‘trusted/untrusted’ architectures with complex external attack surfaces; expensive defense-in-depth strategies; and exploitable identity-based access schemes with smaller, simpler, easier to build and manage ‘protect surfaces’ around entities. Zero Trust is the US Government’s prescribed cybersecurity model, and Zero Trust is fast becoming a dominant model for telecommunications and enterprises as well.

John Kindervaag invented Zero Trust and helped design the Federal ZTA program. In this webinar, attendees will have an opportunity to hear about Zero Trust from the originator’s perspective. They’ll learn:

- What exactly is Zero Trust?
- How does Zero Trust differ from prior models, and how does it relate to well-known concepts like “Principle of Least Privilege?”
- What are the core rules of a Zero Trust architecture?
- What components typically play in implementing Zero Trust?
- How do you enable Zero Trust and also deliver software faster? 

Speakers:
- John Kindervag, SVP Cybersecurity Strategy/Global Fellow at ON2IT
- Jason James, Director of Security at Mirantis
- John Jainschigg, Director of Open Source Initiatives at Mirantis

Building Trust in an Untrusted World: The Zero Trust Paradigm

Join us for an informative and engaging webinar featuring Lens, the world's most popular Kubernetes IDE. Designed to streamline the Kubernetes learning and development experience, Lens empowers developers and operators by simplifying complex tasks.

In this demo-rich webinar, a member of the Lens development team will provide invaluable insights, practical tips, and best practices for effectively working with multiple Kubernetes clusters. Gain a comprehensive understanding of the following key topics:

- Attain Full Situational Awareness: Unlock the power of Kubernetes by gaining complete situational awareness. Learn how to navigate and manage your clusters with ease, ensuring you have a holistic view of your environment.
- Real-Time Cluster Observability: Discover how Lens provides real-time insights into your Kubernetes clusters. Explore advanced observability features that enable you to monitor and troubleshoot your applications effectively.
- Streamline Performance Evaluation: Uncover the secrets of accessing and evaluating cluster performance effortlessly. Learn how Lens simplifies performance analysis, allowing you to optimize your clusters for optimal efficiency.
- Multi Cluster Management: Dive into the complexities of working with multiple Kubernetes clusters. Discover practical strategies and techniques for managing and orchestrating your clusters seamlessly.

Don't miss this opportunity to level up your Kubernetes expertise with Lens, the ultimate Kubernetes IDE. Register now to secure your spot and gain valuable insights from our Lens expert.

How to achieve full situational awareness of multiple Kubernetes clusters

There are many cloud types and vendors (private, public, hybrid), each with their own pros and cons. Today’s enterprises often require multiple types of clouds to achieve all their goals. But how do you accurately weigh the different types of clouds against each other to make the right decisions? Cost analysis is one way.

Mirantis has developed a tool for comparing the costs of public clouds like AWS with private OpenStack clouds. We’ll share how fully-cost-burdened analysis can reveal interesting (and counter-intuitive) facts about the total cost. 

In this webinar, you will learn:
- How to calculate fully-burdened costs for each type of cloud in detail
- What assumptions to consider
- What are the hidden costs of public cloud that you shouldn’t overlook
- How to tune these assumptions for your unique requirements

This webinar provides valuable information based on real-world customers, so you can avoid the pitfalls of many cloud cost analyses and more accurately compare the overall CapEx and OpEx costs of your cloud project as it grows over time.

Hidden Costs of Public Cloud: In-Depth Analysis of Public vs. Private Cloud TCO

With a hybrid cloud solution, you can have your cake and eat it too.

That’s what you get with an On-Prem Data Center + Public Cloud hybrid – the best of both worlds. On-Prem Data Centers are still relevant for cost efficiency, and because they help organizations meet strict security, data, and governance requirements.

Having a combo of On-Prem AND Public Cloud gives you the kind of flexibility you could only dream of when only using one or the other…

In this webinar you’ll discover:
- Why using just Public Cloud could be costing you time and money
- Important considerations for a hybrid infrastructure design
- Critical details of the benefits of a hybrid cloud
- Where, when, and why On-Prem Data Centers are still relevant in today’s modern cloud native computing
- How Mirantis experts can manage your hybrid allowing you to focus on core values

So have your cake, eat it too, and check out our webinar on how you can use a hybrid cloud to reap the benefits of a hybrid cloud.

More on the Mirantis ZeroOps approach: https://www.mirantis.com/zeroops/what-is-zeroops/
Additional resources about amazee.io's Lagoon: https://www.mirantis.com/software/lagoon/

On-Prem Data Centers + Public Cloud = A Perfect Match

From just starting your journey to running production Kubernetes deployments, each step of the journey has its own set of technical and operational challenges that you need to address. Join experts from Mirantis and Tigera who will share their experiences in running Kubernetes securely no matter where on the cloud-native journey your organization is today. 

In this session, you will learn how to better secure Kubernetes, with technologies and techniques for:

1. Getting Started: Image scanning, secure software supply chain, basic networking
2. Pre-Production: Network policy, security egress access, security gates
3. Production: Visibility, multi-cluster, compliance, continuous DevSecOps

Securing Kubernetes in your cloud-native journey: Lessons learned

IT Security

Kubernetes

Cloud Native

Mirantis

Tigera

Public Cloud

Private Cloud

Infrastructure as a Service

Containerization

Secure Access

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

The application development community features top thought leadership focusing on optimal practices in software development, SDLC methodology, mobile app development and application development platforms and tools. Join top software engineers and coders as they cover emerging trends in everything from enterprise app development to developing for mobile platforms such as Android and iOS.

Application Development

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Securing Kubernetes in your cloud-native journey: Lessons learned

Presented by

About this talk

More from this channel